Last updated: May 11, 2026
frosty-moor is committed to protecting the privacy and personal data of all individuals in accordance with the General Data Protection Regulation (GDPR). This page outlines how we comply with GDPR requirements and your rights under the regulation.
We process personal data only when we have a legal basis to do so. The legal bases we rely on include:
As a data subject under GDPR, you have the following rights:
You have the right to request copies of your personal data. We may charge a reasonable fee if your request is clearly unfounded or excessive.
You have the right to request correction of any information you believe is inaccurate or completion of information you believe is incomplete.
You have the right to request deletion of your personal data under certain conditions, including when the data is no longer necessary for the purposes for which it was collected.
You have the right to request restriction of processing your personal data under certain circumstances, such as when you contest the accuracy of the data.
You have the right to request transfer of your personal data to another organization or directly to you in a structured, commonly used, and machine-readable format.
You have the right to object to our processing of your personal data under certain circumstances, particularly for direct marketing purposes.
You have the right not to be subject to decisions based solely on automated processing, including profiling, which produce legal effects or similarly significantly affect you.
To exercise any of your GDPR rights, please contact us at:
Email: [email protected]
Subject: GDPR Request
We will respond to your request within one month. In complex cases, we may extend this period by two additional months and will inform you of any such extension.
For questions about our data processing activities or to exercise your rights, you can contact our Data Protection Officer at [email protected].
We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify you without undue delay and, where feasible, within 72 hours of becoming aware of the breach.
When we transfer personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as:
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected and to comply with legal obligations. Retention periods vary depending on the type of data and the purpose for processing.
When we engage third-party processors, we ensure they provide sufficient guarantees to implement appropriate technical and organizational measures. All processors are bound by data processing agreements that comply with GDPR requirements.
We do not knowingly process personal data of children under the age of 16 without parental consent. If you believe we have collected data from a child without appropriate consent, please contact us immediately.
If you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with a supervisory authority, particularly in the EU member state where you reside, work, or where an alleged infringement occurred.
For Australia-based concerns, you may also contact the Office of the Australian Information Commissioner (OAIC).
We regularly review and update our GDPR compliance practices. Any changes will be reflected on this page with an updated "Last updated" date.
For any GDPR-related questions or concerns:
Email: [email protected]
Address: Level 12, 485 La Trobe Street, Melbourne VIC 3000, Australia