About Privacy and Data Protection
We take security and your data extremely seriously. The information below describes our data protection policy.
TNZ Group Limited, located in Auckland, New Zealand, is a data controller and a processor of data. As we are headquartered in New Zealand, we have appointed a Data Protection Officer (DPO) for you to contact if you have any questions or concerns.
What are my rights?
Under New Zealand's Privacy Act 2020 and the EU's GDPR, you have the right to:
- request that we correct any inaccurate, incomplete or outdated data (correct your data)
- request a copy of any data we hold about you and/or provide a copy of your data to another company (export your data)
- request that we erase your data, where applicable and legally possible (erase your data)
- request that we restrict use of data, in certain circumstances (limit use of your data)
- receive a notification in the event of a breach of your privacy (if likely to cause serious harm)
These rights can be exercised by contacting our DPO.
We request that data pertaining to individuals under the age of thirteen (13) are not used in conjunction with our services.
You may opt out of receiving electronic communications at any time via the "unsubscribe" link in emails, via your dashboard login's preferences, or by contacting our DPO.
What information do you have about me?
We may store information necessary to provide the products and services you require. Information that we store in our database systems may include contact, company and address details as well as information relating to items that you have purchased from us. We do not capture and store any personal information about you without your knowledge except where your information has been passed to us by a 3rd party, such as a reseller authorised to act on your behalf to complete a purchase.
Any information provided to us is used exclusively by TNZ Group for providing you with current and future information about our products and services. This may include promotional messages around new products, services and discounts available to you. Your information will not be shared with third-parties without your consent.
Your data
Examples of information we collect include your name, email address, telephone number, IP Address, browser user-agent, language and time zone, usage, billing information (how you pay, when you paid, and your billing address) and cookies (where required).
While using our services, you may submit data in the form of messages (for example, text content for SMS, documents and images for Email and Fax, etc). This data is used only for the purposes of sending your messages and reporting. You can request this data is purged at any time by contacting our DPO.
Your Address Book contacts and third-party data
Any third-party data you provide us (your contact lists, customer's personal details, names, telephone numbers and addresses, address book contacts, plus tracking data and usage data for reporting) are collected for the purposes of providing service to you only. You are in control of this data and can correct, export or erase this data at any time by contacting our DPO. Data is not resold to third parties.
Your data from integrations
You can integrate third-party apps or accounts with the service (such as syncing your work calendar with the TNZ Calendar for automated appointment reminders). We may transfer your data to or from the third-party app or service provider solely to provide the requested services.
Any use or transfer of information from Google APIs complies with the Google API Services User Data Policy, including the Limited Use requirements.
You may cease transfer of this data by disconnecting the integration. To request data deletion, please contact our DPO.
Where is my data stored?
Data is processed and stored at our data sites in Auckland, New Zealand and Sydney, NSW, Australia.
Where required for business-continuity and redundancy, we may process and/or store some data at both sites. Where required for data sovereignty, we may process and/or store data at only one site.
We will continue to store your data for the time necessary to provide you service, and/or until you request to correct or erase it, and/or you cancel your services with us, and/or we deem the data no longer required. We will retain certain metadata for two years in compliance with Australia's Telecommunications (Interception and Access) Act 1979.
Some aspects of our business utilize sub-processors:
Entity |
Activity |
Company Location |
Data Location |
Amazon Web Services, Inc. |
Cloud Infrastructure |
United States |
Australia |
Stripe, Inc. |
Bill Payments |
United States |
United States |
HubSpot, Inc. |
CRM & Account Support |
United States |
United States |
Should you need to correct, export or erase your data, or should you require a level of data sovereignty, contact our DPO for details.
How safe is my data?
Your information is held securely with the upmost care. We do not pass any of your personal data to outside organizations and/or individuals, unless at your request (such as using a third-party API or tool).
We undergo regular testing and updating to ensure our services operate securely, with a stringent Security Policy to restrict access to data by internal employees and contractors, as well as malicious parties. The Security Policy outlines that all data is sensitive, the importance of data security, access controls and where data can be used and stored, and disciplinary measures should these policies be violated. Where we have selected third party providers (such as Stripe and Amazon Web Services), we have done so while ensuring these third parties have certifications and an equal policy to ensure your data is kept safe.
If you believe that your data is no longer secure for any reason, contact our DPO immediately.
Do you use Cookies?
Yes, our website uses cookies to provide vital functionality, such as automated website logins, storing the contents of your shopping cart or saving your information to pre-populate forms.
You can control use of cookies via your browser's preferences however some aspects of our site may not work, such as adding items to your shopping cart.
Can I access information stored by you?
Yes, you have the right to know about the information we hold about you. You also have a right to have your data corrected, exported or erased. You also have a right to cease providing us data or to import or export your data.
Please contact our DPO with any questions, concerns or data requests.
It is important that you protect your account against unauthorised access and so you should ensure that your account password is kept secure at all times.
Changes to this policy
We may amend this policy at any time. It is important you check our website regularly.
It is also important you check Stripe's policies and AWS policies for changes they may make.
Can I ask a question or lodge a complaint?
You can contact our DPO at any time with questions, requests or complaints. Our DPO can be contacted:
Via email: Data Protection Officer (DPO)
Via post: DPO, PO Box 25580, St Heliers, Auckland 1740, New Zealand
We will endeavour to address any concerns and rectify any issues as soon as possible.