GDPR Compliance Information

Last updated: June 26, 2026

Introduction

While witty-dive is based in Australia, we recognize the importance of data protection rights for all individuals, including those covered by the European Union General Data Protection Regulation. This page outlines how we process personal data in accordance with GDPR principles for EU residents who interact with our services.

Legal Basis for Processing

We process your personal data under the following legal bases:

• Consent: When you voluntarily submit information through our inquiry forms
• Contractual necessity: To provide the consulting services you have requested
• Legitimate interests: To improve our services, maintain security, and conduct business operations
• Legal obligations: To comply with applicable laws and regulations

Your Rights Under GDPR

If you are an EU resident, you have the following rights regarding your personal data:

• Right of access: You may request confirmation of whether we process your personal data and obtain a copy of such data
• Right to rectification: You may request correction of inaccurate or incomplete personal data
• Right to erasure: You may request deletion of your personal data in certain circumstances
• Right to restriction of processing: You may request that we limit how we use your personal data
• Right to data portability: You may request to receive your personal data in a structured, commonly used format
• Right to object: You may object to processing based on legitimate interests or for direct marketing purposes
• Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time
• Right to lodge a complaint: You may file a complaint with your local data protection authority

Data Collection and Use

We collect personal data that you provide directly to us, including name, email address, and service preferences. This information is used solely to respond to your inquiries and provide requested consulting services. We do not engage in automated decision-making or profiling.

Data Sharing and International Transfers

We do not sell or share your personal data with third parties for their marketing purposes. Any international data transfers are conducted in accordance with GDPR requirements, utilizing appropriate safeguards such as Standard Contractual Clauses where necessary.

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or as required by law. When data is no longer needed, we securely delete or anonymize it.

Security Measures

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, or alteration. These measures include encryption, access controls, and regular security assessments.

Exercising Your Rights

To exercise any of your GDPR rights, please contact us at [email protected]. We will respond to your request within one month, or within two months for complex requests. We may require verification of your identity before processing certain requests.

Data Protection Officer

For questions about our data protection practices or to exercise your rights, you may contact our data protection contact at [email protected].

Updates to This Information

We may update this GDPR compliance information to reflect changes in our practices or legal requirements. Any updates will be posted on this page with a revised effective date.