Last Updated: May 13, 2026
Bot Grove is committed to ensuring compliance with the General Data Protection Regulation (GDPR), even though we are based in Australia. We recognize the importance of protecting the personal data of individuals in the European Economic Area (EEA) and have implemented measures to meet GDPR requirements.
This page explains how we comply with GDPR principles and what rights you have regarding your personal data.
We process your personal data under the following legal bases:
Under the GDPR, you have the following rights regarding your personal data:
You have the right to request access to the personal data we hold about you. We will provide you with a copy of your data in a commonly used electronic format.
You have the right to request correction of inaccurate or incomplete personal data. We will update your information promptly upon verification.
You have the right to request deletion of your personal data in certain circumstances, such as:
You have the right to request restriction of processing in certain situations, such as when you contest the accuracy of your data or object to processing.
You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit that data to another controller.
You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes. We will cease processing unless we can demonstrate compelling legitimate grounds.
Where processing is based on consent, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing before withdrawal.
You have the right to lodge a complaint with a supervisory authority in the EEA, particularly in your country of residence, workplace, or where an alleged infringement occurred.
To exercise any of your GDPR rights, please contact us at:
Email: [email protected]
Subject: GDPR Data Request
In your request, please specify which right you wish to exercise and provide sufficient information for us to verify your identity. We will respond to your request within one month, unless the request is complex, in which case we may extend the response time by an additional two months.
We will not charge a fee for processing your request unless it is manifestly unfounded, excessive, or repetitive.
We adhere to the following GDPR data protection principles:
We process personal data lawfully, fairly, and in a transparent manner. We clearly communicate how we collect and use your data.
We collect personal data for specified, explicit, and legitimate purposes and do not process it in a manner incompatible with those purposes.
We collect only the personal data that is adequate, relevant, and necessary for the purposes for which it is processed.
We take reasonable steps to ensure that personal data is accurate and kept up to date. Inaccurate data is erased or rectified without delay.
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or as required by law.
We implement appropriate technical and organizational measures to ensure security of personal data, protecting against unauthorized access, loss, or damage.
We are responsible for demonstrating compliance with GDPR principles and maintain records of our processing activities.
We are based in Australia, which means your data may be transferred outside the EEA. When we transfer personal data internationally, we ensure appropriate safeguards are in place, such as:
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, unless the breach is unlikely to result in a risk.
If the breach is likely to result in a high risk to your rights and freedoms, we will also notify you without undue delay, providing information about the nature of the breach and steps you can take to mitigate potential adverse effects.
While we are not required to appoint a Data Protection Officer (DPO) under GDPR, we have designated a privacy contact person to handle data protection matters. You can reach our privacy team at [email protected].
We do not engage in automated decision-making or profiling that produces legal effects or similarly significantly affects you. Any data analysis we conduct is for internal business purposes and does not result in automated decisions about individuals.
We do not knowingly collect or process personal data of children under 16 years of age without parental consent. If we become aware that we have collected data from a child without appropriate consent, we will delete that information promptly.
We may update this GDPR compliance page from time to time to reflect changes in our practices or legal requirements. We encourage you to review this page periodically. The "Last Updated" date at the top indicates when the most recent changes were made.
If you have questions about our GDPR compliance or wish to exercise your rights, please contact us:
Bot Grove
Email: [email protected]
Address: Level 12, 157 Walker Street, North Sydney NSW 2060, Australia