GDPR Compliance

Effective Date: June 1, 2026

Crimson Ray is committed to protecting the privacy and security of your personal information. This GDPR Compliance statement outlines how we comply with the General Data Protection Regulation for any European Union residents who interact with our services.

Legal Basis for Processing

We process personal data under the following legal bases:

• Consent: You have given clear consent for us to process your personal data for specific purposes
• Contract: Processing is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract
• Legal Obligation: Processing is necessary for us to comply with the law
• Legitimate Interests: Processing is necessary for our legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect your personal data which overrides those legitimate interests

Your Rights Under GDPR

Under GDPR, you have the following rights regarding your personal data:

• Right to Access: You have the right to request copies of your personal data
• Right to Rectification: You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete
• Right to Erasure: You have the right to request that we erase your personal data, under certain conditions
• Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data, under certain conditions
• Right to Object to Processing: You have the right to object to our processing of your personal data, under certain conditions
• Right to Data Portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions

Data Protection Officer

We have appointed a Data Protection Officer to oversee our GDPR compliance. If you have any questions about this statement or how we handle your personal data, please contact:

Data Protection Officer
Crimson Ray
Level 3, 142 Collins Street
Melbourne VIC 3000
Australia
Email: [email protected]

Data Collection and Usage

We collect and process the following types of personal data:

• Name and contact information
• Email address
• Property address and project details
• Financial information related to quotes and invoices
• Communication records

We use this data solely for the purposes of providing our renovation and interior design services, responding to inquiries, and fulfilling contractual obligations.

Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process your personal data, and whether we can achieve those purposes through other means.

Data Security

We have implemented appropriate technical and organizational security measures designed to protect the security of any personal information we process. However, please note that no electronic transmission or storage method is 100% secure, and we cannot guarantee absolute security.

International Data Transfers

As we are based in Australia, your data may be transferred to and processed in Australia. We ensure that appropriate safeguards are in place for such transfers in compliance with GDPR requirements.

Third-Party Links

Our website may include links to third-party websites. Clicking on those links may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements.

Changes to This Statement

We may update this GDPR Compliance statement from time to time. We will notify you of any changes by posting the new statement on this page with an updated effective date.

How to Exercise Your Rights

If you wish to exercise any of your GDPR rights, please contact us using the details provided above. We will respond to your request within one month. Please note that we may need to verify your identity before processing your request.

Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority if you believe that our processing of your personal data violates GDPR regulations.

Return to Home