Home / GDPR

GDPR Compliance

Information about your data protection rights under the General Data Protection Regulation.

Last Updated: 1 June 2026

1. Introduction

Although Cosmic Dusk is an Australian company, we recognise and respect the data protection rights of individuals in the European Economic Area (EEA) and the United Kingdom. This page provides additional information about how we comply with the General Data Protection Regulation (GDPR) when processing personal data of EU/EEA residents.

2. Data Controller

For the purposes of GDPR, Cosmic Dusk Pty Ltd acts as the data controller for personal data collected through our website and services.

Cosmic Dusk Pty Ltd
Level 4, 127 Creek Street
Brisbane QLD 4000
Australia
Email: [email protected]

3. Legal Basis for Processing

We process personal data on the following legal bases under Article 6 of the GDPR:

3.1 Consent

Where you have given clear consent for us to process your personal data for a specific purpose, such as receiving marketing communications or the use of non-essential cookies.

3.2 Contract Performance

Where processing is necessary to perform a contract with you or to take steps at your request before entering into a contract.

3.3 Legal Obligation

Where processing is necessary to comply with a legal obligation to which we are subject.

3.4 Legitimate Interests

Where processing is necessary for our legitimate interests or those of a third party, provided those interests are not overridden by your rights. Our legitimate interests include:

  • Operating and improving our website and services
  • Understanding how visitors use our website
  • Ensuring network and information security
  • Preventing fraud

4. Your Rights Under GDPR

If you are located in the EEA or UK, you have the following rights regarding your personal data:

4.1 Right of Access

You have the right to request a copy of the personal data we hold about you, along with information about how we process it.

4.2 Right to Rectification

You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.

4.3 Right to Erasure

You have the right to request that we delete your personal data in certain circumstances, such as when the data is no longer necessary for the purpose it was collected.

4.4 Right to Restrict Processing

You have the right to request that we restrict the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data.

4.5 Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.

4.6 Right to Object

You have the right to object to the processing of your personal data in certain circumstances, including processing based on legitimate interests or for direct marketing purposes.

4.7 Rights Related to Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing, including profiling, that produce legal or similarly significant effects. We do not currently make such automated decisions.

5. Exercising Your Rights

To exercise any of the rights described above, please contact us at [email protected]. We will respond to your request within one month, although we may extend this period for complex requests as permitted by law.

We may need to verify your identity before processing your request. If we cannot verify your identity, we may request additional information.

6. International Data Transfers

As an Australian company, if we receive personal data from the EEA or UK, that data is transferred to Australia. Australia is not considered by the European Commission to provide an adequate level of data protection. To ensure appropriate safeguards for your data, we rely on:

  • Standard Contractual Clauses approved by the European Commission
  • Your explicit consent where applicable

7. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. When determining retention periods, we consider:

  • The purpose for which we collected the data
  • Legal obligations that require us to retain data
  • Whether retention is advisable for legal claims or disputes

8. Data Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction. These measures are regularly reviewed and updated as necessary.

9. Complaints

If you believe that we have not complied with your data protection rights, you have the right to lodge a complaint with a supervisory authority. For EEA residents, this is typically the data protection authority in your country of residence. For UK residents, this is the Information Commissioner's Office (ICO).

We would, however, appreciate the opportunity to address your concerns before you approach a supervisory authority. Please contact us first at [email protected].

10. Updates

We may update this GDPR information from time to time. Any changes will be posted on this page with an updated revision date.

11. Contact

For GDPR-related enquiries, please contact:

Cosmic Dusk Pty Ltd
GDPR Enquiries
Level 4, 127 Creek Street
Brisbane QLD 4000
Australia
Email: [email protected]

We use cookies to enhance your browsing experience and analyse site traffic. By continuing, you consent to our use of cookies. Learn more