Last Updated:
Kneephpolish is committed to protecting the privacy and security of your personal information. We recognize the importance of safeguarding the data you entrust to us and have implemented comprehensive measures to ensure its protection. This Data Protection statement outlines our practices and your rights regarding the personal information we collect and process.
We adhere to fundamental data protection principles in all our operations. Personal data is processed lawfully, fairly, and transparently. We collect data only for specified, explicit, and legitimate purposes and do not process it in ways incompatible with those purposes. The data we collect is adequate, relevant, and limited to what is necessary for the purposes for which it is processed.
We maintain accurate and up-to-date records, promptly correcting or deleting inaccurate data. Personal information is retained only for as long as necessary to fulfill the purposes for which it was collected or as required by law. We implement appropriate technical and organizational measures to ensure data security and protect against unauthorized or unlawful processing, accidental loss, destruction, or damage.
We process personal data only when we have a legal basis to do so. The primary legal bases for our processing activities include performance of a contract when we need to process your data to fulfill our service obligations, compliance with legal obligations when processing is necessary to comply with applicable laws and regulations, and legitimate interests when processing is necessary for our legitimate business interests, provided these interests do not override your fundamental rights and freedoms.
In some cases, we may seek your explicit consent to process certain types of personal data. When we rely on consent, you have the right to withdraw it at any time, though this will not affect the lawfulness of processing based on consent before its withdrawal.
We collect various categories of personal information depending on your interactions with us. Contact information includes your name, email address, phone number, and postal address. We collect this information when you request our services, submit inquiries, or communicate with us.
Service-related information includes details about the services you request, appointment schedules, service history, and preferences regarding smart device configurations. Technical information encompasses IP addresses, browser types, device information, and website usage data collected through cookies and similar technologies.
Financial information such as payment details is collected when you purchase our services, though we use secure payment processors and do not store complete credit card information on our systems.
We implement multiple layers of security to protect your personal information. Technical measures include encryption of data in transit and at rest, secure socket layer technology for data transmission, firewalls and intrusion detection systems, regular security assessments and vulnerability testing, and secure backup systems with restricted access.
Organizational measures include access controls limiting data access to authorized personnel only, employee training on data protection and security practices, confidentiality agreements with staff and contractors, incident response procedures for potential data breaches, and regular reviews and updates of security policies.
Physical security measures protect our facilities and equipment where data is stored or processed, including restricted access to server rooms and secure disposal of physical documents containing personal information.
We do not sell or rent your personal information to third parties. We share data only when necessary for legitimate business purposes or legal requirements. Service providers who assist us with business operations may receive access to personal data, but only to the extent necessary to perform their functions and under strict confidentiality obligations.
Legal authorities may receive personal information when required by law, court order, or legal process, or when necessary to protect our rights, property, or safety, or that of others. In the event of a business transaction such as a merger or acquisition, personal data may be transferred to the acquiring entity, with appropriate safeguards in place.
You have several rights regarding your personal information. The right of access allows you to request copies of your personal data and information about how we process it. The right to rectification enables you to request correction of inaccurate or incomplete personal information.
The right to erasure, also known as the right to be forgotten, allows you to request deletion of your personal data in certain circumstances. The right to restrict processing enables you to request limitation of how we process your data under specific conditions.
The right to data portability allows you to request transfer of your data to another organization or directly to you in a structured, commonly used, and machine-readable format. The right to object enables you to object to processing of your personal data in certain situations.
To exercise any of these rights, please contact us using the information provided at the end of this document. We will respond to your request within one month, though this period may be extended by two additional months for complex requests.
We retain personal information only for as long as necessary to fulfill the purposes for which it was collected and to comply with legal, accounting, or reporting requirements. Retention periods vary depending on the type of data and the purpose for which it was collected.
Service records and customer information are typically retained for the duration of our business relationship and for a reasonable period thereafter to address any follow-up questions or issues. Financial records are retained in accordance with applicable tax and accounting regulations. Marketing communications data is retained until you unsubscribe or request deletion.
When personal information is no longer needed, we securely delete or anonymize it to prevent unauthorized access or use.
In the unlikely event of a data breach that poses a risk to your rights and freedoms, we will notify you and relevant authorities as required by law. Notifications will be made without undue delay and will include information about the nature of the breach, potential consequences, and measures taken to address it.
We maintain incident response procedures to quickly identify, contain, and remediate any security incidents, minimizing potential impact on your personal information.
Our services are not directed to children under the age of 18, and we do not knowingly collect personal information from children. If we become aware that we have inadvertently collected data from a child, we will take steps to delete it promptly.
We may update this Data Protection statement periodically to reflect changes in our practices or legal requirements. We will notify you of significant changes by posting the updated statement on our website and updating the effective date. We encourage you to review this statement regularly to stay informed about how we protect your data.
If you have questions about our data protection practices, wish to exercise your rights, or want to report a concern, please contact us at:
Kneephpolish
12/8 Oxley Street, North Lakes QLD 4509, Australia
Phone: 07 3077 6690
Email: helpdesk@kneephpolish.world