1. Who we are
Ace Natural Limited, trading as No. 1 Pancake (we, us, our) owns this website with the Uniform Resource Locator (URL), https://no1pancake.co.nz.
Our head office is in Unit 6, 18 Airborne Road, Rosedale, Auckland 0632. Our business phone number is 0225341396. Our email address is firstname.lastname@example.org.
This privacy statement explains how No 1 Pancake will collect, use, disclose, store, and protect your personal information in accordance with the Privacy Act 2020 when you, the visitor/customer, use this website. Personal information is information about, or that can be used to identify, a natural person (as opposed to a legal entity).
This policy does not limit or exclude any of your rights under the Act. If you wish to seek further information on the Act, see www.privacy.org.nz or https://legislation.govt.nz/act/public/2020/0031/latest/LMS23223.html.
2. Changes to this policy
This policy was last updated on 13/11/2021.
3. 1. What personal information do we collect about you?
We will only collect the minimum amount of information necessary for lawful purposes directly linked to our functions and activities, such as to effectively deliver our products and services to you in a safe and reliable manner. A comprehensive list of what we will use your personal information for is listed under the ‘4. Use’ section of this document.
When you purchase our products through this website, we will collect the following personal information from you:
- Your first name,
- Your last name,
- Your phone number,
- Your e-mail address, and
- Your payment details.
In addition to the information listed above, should you choose to register an account with us, you may, at your discretion, also provide us with the following personal information:
- Your shipping address and
- Your billing address.
When you submit a feedback form, we collect the following personal information:
- Your first name,
- Your last name,
- Your phone number,
- Your e-mail address, and
- The date and time you submitted the feedback form.
When you leave a comment on one of our blog posts or message board, we collect the following personal information:
- Your IP address,
- Your browser details (such as Microsoft Edge),
- Your operating system (such as Mac OS), and
- Your Gravatar avatar linked to your email address.
We may also collect behavioural or interaction information related to your use of our website, such as:
- Your login information,
- Your screen display choices,
- Any pop-ups you choose to close for the day, and
- Any other user preferences set by you.
3. 2. Who do we collect your personal information from and How will we do it?
We will use fair and lawful means to collect personal information. Where possible and reasonable to do so, this is done by directly asking you.
Providing information is optional, but without certain information, you may not be able to use all the features of this website. For example, without your billing details, you may not be able to purchase our products through this website.
Where personal information is about to be collected from you, we will notify you beforehand by compulsorily making a link to this document available before you make a purchase.
3. 2. 1. Cookies and embedded content
Cookies are small blocks of data that are stored on the device used to access this website. They can be retrieved on subsequent visits to this site which will allow the site to recognise your browser and user preferences. Where you are permitted to voluntarily opt-in to save any personal information you have entered on our website, cookies are used to facilitate this service. You are free to remove or block cookies, but this may stop you from using all functions related to setting user preferences on this website.
4. 1. How do we use your personal information?
We will only use information for lawful purposes that directly relate to our functions as listed below:
- Any purpose relating to public safety (such as to provide contact tracing records to the Ministry of Health during the covid-19 pandemic), or
- Contact you about your order, feedback, or comment, or
- Facilitate your use of our website’s services such as registering an account with us, leaving comments, saving shipping and billing address details for subsequent use, purchasing our products, and submitting feedback forms, or
- Send you your receipt, or
- Verify your identity upon collection, or
- Prevent spam, or
- To conduct statistical analysis (on an anonymised basis), or
- With your permission, remember your billing details for ease of subsequent use, or
- For any other purpose authorised by you.
5. 1. When will we disclose personal information about you and Why?
We will share information about you if and only when it is necessary to carry out our core functions, such as to bill you and process your payments, for security reasons, or if required to on reasonable grounds as specified in Part 3 of the Privacy Act 2020. A more detailed explanation of the purpose of disclosure will be listed in the next section.
5. 2. Who will we share your personal information with?
- Ministry of Health, if there is a need to provide contact tracing records.
6. Security and Storage
6. 1. How do we protect your personal information?
What personal information we receive from our third-party service providers, such as in the form of notifications of new orders, we will ensure that any personal information handled by us is protected by implementing reasonable safety measures. These measures include:
- Full-disk encryption to protect data at rest,
- Filesystem-level encryption of relevant files to protect data at rest,
- SSL to protect data in transit via our website,
- Only authorising senior-level employees to handle data, and
- Storing data on a secure premises.
Please refer to the privacy policies of the third-parties listed above to find out how long they protect your personal information.
6. 2. How long do we keep your personal information for?
We keep records of transactions for up to a maximum of one month after the end of the financial year in which the transaction was made in accordance with the Tax Administration Act 1994. However, this data is void of any personal information. Personal information is only kept as is necessary to carry out the purpose for which it was collected, after which point we securely destroy it by erasing all original and backups copies of any physical or digital files. The current contact tracing record keeping requirement period is 60 days.
Please refer to the privacy policies of the third-parties listed above to find out more detailed information about their retention practices.
7. Access & Accuracy
7. 1. You are entitled to access your personal information and correct it
Subject to certain grounds for refusal set out in the Privacy Act 2020, you have the right to access your readily retrievable personal information that we hold and to request a correction to your personal information.
Before you exercise this right, we will need evidence to confirm that you are the individual to whom the personal information relates.
In respect of a request for correction, if we think the correction is reasonable and we are reasonably able to change the personal information, we will make the correction. If we do not make the correction, we will take reasonable steps to note on the personal information that you requested the correction.
If you want to exercise either of the above rights, send us an email to email@example.com titled “Information_Access_Request”, or call 0225341396, or visit us at Unit 6, 18 Airborne Road, Rosedale, Auckland 0632 during our business hours. Your email should provide evidence of who you are and set out the details of your request (e.g. the personal information, or the correction, that you are requesting).
We may charge you our reasonable costs of providing to you copies of your personal information or correcting that information.
7.2. How will we ensure your personal information is accurate?
We will remind you to check your information for accuracy each and every time you visit the checkout page.
8. Internet Use
If you provide us with personal information over the internet, the provision of that information is at your own risk.
If you post your personal information on the website’s blog or message board in the form of a comment or post, you acknowledge and agree that the information you post is publicly available.