DigiVal Consulting (ABN: 33 831 507 649), represented by Valentin Griesemann, is committed to protecting the privacy of visitors to digival-consulting.com and its clients.
This policy describes how we collect, use, store and protect your personal data in accordance with the General Data Protection Regulation (GDPR — EU 2016/679) and the Australian Privacy Act 1988 (including the Australian Privacy Principles — APPs).
We collect the following categories of personal data:
| Category | Data | Source |
|---|---|---|
| Identity | Name, surname, company | Contact form |
| Contact | Email, phone number | Forms, correspondence |
| Browsing | Pages visited, duration, device | Google Analytics (GA4) |
| Technical | IP address, browser, OS | Server / GA4 |
| Billing | Address, ABN/company number | Order process |
| Payment | Card details | Stripe (never stored by us) |
Your data is processed for the following purposes:
- Contract performance — order management, invoicing, service delivery
- Communication — responding to enquiries via form or email
- Analytics — improving our website and services (anonymised statistics)
- Legal obligations — accounting, taxation, statutory archiving
- Marketing — only with your prior explicit consent
| Purpose | Legal Basis (GDPR Art. 6) |
|---|---|
| Contract performance | Art. 6(1)(b) — contractual necessity |
| Legal obligations | Art. 6(1)(c) — legal obligation |
| Analytics / improvement | Art. 6(1)(a) — consent (cookies) |
| Marketing | Art. 6(1)(a) — consent |
| Legitimate interest | Art. 6(1)(f) — security, fraud prevention |
Our website uses the following cookies:
| Cookie | Type | Purpose | Duration |
|---|---|---|---|
| digival_consent | Essential | Remember your cookie choice | 425 days |
| _ga / _ga_* | Analytics | Google Analytics 4 | 2 years |
Analytics cookies (GA4, property ID G-STCWTHS9RV) are only set after your explicit consent. You may change your preferences at any time via the cookie banner or your browser settings.
Your data is never sold. It may be shared with the following processors:
| Processor | Purpose | Location |
|---|---|---|
| Supabase Inc. | Database hosting, authentication | Australia (ap-southeast-2) |
| Stripe Inc. | Payment processing | USA (DPF certified) |
| Google LLC | Analytics (GA4) | USA (DPF certified) |
| Framer B.V. | Website hosting | Netherlands (EU) |
| Make (Celonis) | Workflow automation | EU |
Certain data is transferred to the United States (Stripe, Google). These transfers are safeguarded by:
- The EU–US Data Privacy Framework (DPF) for EU to US transfers
- Standard Contractual Clauses (SCCs) where applicable
- The Australian Privacy Act (APP 8) framework for transfers from Australia
| Data type | Retention period |
|---|---|
| Client data (contract) | Duration of contract + 5 years |
| Billing data | 10 years (statutory requirement) |
| Prospecting data | 3 years after last contact |
| Browsing data | 14 months (GA4) |
| Cookie consent | 425 days |
Under the GDPR and the Australian Privacy Act, you have the following rights:
- Access — obtain a copy of your data
- Rectification — correct inaccurate data
- Erasure — request deletion of your data ("right to be forgotten")
- Portability — receive your data in a structured format (GDPR)
- Objection — object to processing on legitimate grounds
- Restriction — request processing be restricted
- Withdraw consent — at any time, without affecting the lawfulness of prior processing
To exercise these rights: valentin@digival-consulting.com
Response time: 30 days (GDPR) / 30 days (APP 12).
If you are not satisfied, you may lodge a complaint with:
- CNIL (France / EU) — cnil.fr
- OAIC (Australia) — oaic.gov.au
We implement the following technical and organisational measures:
- HTTPS/TLS encryption across the entire website
- Row Level Security (RLS) on Supabase
- Secure authentication (tokens; no plaintext passwords)
- Secrets stored in secure environment variables
- Least-privilege access controls
Our services are designed for business professionals. We do not intentionally collect personal data from individuals under the age of 16.
We reserve the right to update this policy at any time. In the event of a material change, we will notify you by email or via a notice on the website.
The date of the last update is shown at the top of this page.
For any questions regarding the protection of your data:
- Data controller: Valentin Griesemann
- Email: valentin@digival-consulting.com
- Address: Sydney, NSW, Australia
No sections match your search.
Have a question about your privacy?
Ask my AI assistant