Last Updated: May 19, 2026
While Whispered Stream is an Australian-based company, we recognize that we may process personal data of individuals located in the European Economic Area (EEA). We are committed to complying with the General Data Protection Regulation (GDPR) when handling such data.
We process personal data under the following legal bases:
If you are a resident of the EEA, you have the following rights regarding your personal data:
You have the right to request confirmation of whether we process your personal data and to access that data along with specific information about the processing.
You can request that we correct inaccurate personal data or complete incomplete data concerning you.
Under certain circumstances, you can request that we delete your personal data, including:
You can request that we restrict processing of your personal data in certain situations, such as when you contest the accuracy of the data or object to processing.
Where processing is based on consent or contract and carried out by automated means, you have the right to receive your personal data in a structured, commonly used, and machine-readable format.
You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes.
Where processing is based on consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
You have the right to lodge a complaint with a supervisory authority in your country of residence, place of work, or where an alleged infringement occurred.
For questions regarding GDPR compliance or to exercise your rights, please contact:
Email: [email protected]
Subject Line: GDPR Request - [Your Name]
We will respond to your request within 30 days of receipt.
As an Australian company, your personal data may be transferred to and processed in Australia. While Australia is not covered by an adequacy decision from the European Commission, we ensure appropriate safeguards are in place to protect your data in accordance with GDPR requirements.
We implement appropriate technical and organizational security measures to protect your personal data, including:
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including any legal, accounting, or reporting requirements. Retention periods vary depending on the type of data and the purpose of processing.
We do not engage in automated decision-making, including profiling, that produces legal effects or similarly significantly affects individuals.
When we engage third-party service providers to process personal data on our behalf, we ensure they provide appropriate guarantees regarding data security and GDPR compliance through contractual agreements.
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach. If the breach poses a high risk, we will also notify affected individuals without undue delay.
We may update this GDPR Compliance Statement periodically to reflect changes in our practices or legal requirements. We encourage you to review this page regularly for updates.
For any questions or concerns about our GDPR compliance or data protection practices:
Whispered Stream
Level 3, 247 Collins Street
Melbourne VIC 3000
Australia
Email: [email protected]