Last updated: May 29, 2026
While shrewd-networth primarily operates in Australia, we recognize the importance of the European Union's General Data Protection Regulation (GDPR) and apply its principles to all data we collect, regardless of geographic location. This page outlines how we comply with GDPR requirements and protect the rights of individuals whose data we process.
We process personal data under the following legal bases:
If you are an EU resident or your data is subject to GDPR, you have the following rights:
You have the right to request copies of your personal data. We may charge a reasonable fee for administrative costs if requests are manifestly unfounded or excessive.
You have the right to request correction of any information you believe is inaccurate or incomplete.
You have the right to request deletion of your personal data under certain conditions, such as when the data is no longer necessary for the purposes it was collected.
You have the right to request restriction of processing your personal data under certain conditions, such as when you contest the accuracy of the data.
You have the right to request transfer of your data to another organization or directly to you in a structured, commonly used, machine-readable format.
You have the right to object to our processing of your personal data under certain conditions, particularly for direct marketing purposes.
You have the right not to be subject to decisions based solely on automated processing, including profiling, which produces legal or similarly significant effects.
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements. When data is no longer needed, we securely delete or anonymize it.
As an Australian-based company, data may be stored and processed in Australia. If we transfer data to countries outside the EU, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or other approved mechanisms.
We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:
In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, where feasible. We will also notify affected individuals without undue delay if the breach is likely to result in a high risk to their rights.
To exercise any of your GDPR rights, please contact us at:
Email: [email protected]
Subject line: GDPR Request
We will respond to your request within one month. If your request is complex or we receive multiple requests, we may extend this period by two additional months, and we will inform you of the extension and reasons.
If you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with a supervisory authority in the EU member state where you live, work, or where the alleged infringement occurred.
For questions about GDPR compliance or our data protection practices:
Email: [email protected]
Address: Unit 7, 142 Garden Grove Circuit, Melbourne VIC 3000, Australia