Back to top
- In these terms and conditions of trade the following words shall have the meanings specified:
Auntsfield Estate Limited, NZBN 9429039281500.
- Privacy Act
the Privacy Act 2020.
the Website together with the Social Media Pages.
- Social Media Pages
any of Auntsfield’s social media pages, including Facebook, Instagram, LinkedIn, Youtube, Twitter and Snapchat or similar.
Auntsfield’s website at www.auntsfield.co.nz.
- Auntsfield agrees to notify you of:
- the organisation collecting information from you and with whom the information may be shared;
- what information is collected from you and how it is used;
- what choices are available to you regarding collection, use and distribution of the information;
- the kind of security procedures that are in place to protect the loss, misuse or alteration of information under Auntsfield’s control; and
- how you can correct any inaccuracies in the information.
- Collecting information
- Collection. Auntsfield is the sole entity which holds the information collected from you on the Site. Auntsfield will not sell, share, or rent this information to others in ways different from what is disclosed in this statement. Auntsfield may disclose or share your information with third parties in the following circumstances:
- With your consent. Auntsfield may share your information with third parties when you have provided your consent or requested us to do so.
- Third party service providers. Auntsfield may share your information with companies who provide us services (such as information processing and website hosting) so that we can administer the Site.
- Legal purposes. Where it is legally required by a third party or law enforcement authority in any jurisdiction (in which case Auntsfield will generally require a production order or similar court order unless necessary to prevent or lessen a serious threat to public health or public safety or the life or health of you or someone else) and including the reporting of data breaches to affected individual(s) and the Privacy Commissioner where required by the Privacy Act.
- To protect a Site. Where it is needed to detect, prevent or address fraud, security or technical issues concerning a Site.
- Business sale. In the event Auntsfield sells its business we may disclose your information to the prospective buyer. If substantially all of Auntsfield’s assets are acquired by a third party, your information will be one of the transferred assets.
- Aggregated or de-identified information. We may disclose or use aggregated or de-identified information for any purpose. For example, Auntsfield may share aggregated or de-identified information with business prospects or partners.
- Information. Auntsfield collects information from our users at several different points on the Site, including information that you provide to us on a Site or when you sign up to Auntsfield’s newsletter. Auntsfield will not collect identifying information from users if it is not necessary.
- Registration. No registration is required in order to use the Website, however you will be asked to confirm that you are 18 years of age or over before accessing the Website.
- Website orders. If you make purchase orders through the Website you must register with a valid email address and youmust provide contact information (like name and delivery address) and financial information (credit or debit card number, expiration date, billing address, and billing phone number). If Auntsfield has trouble processing an order, this contact information is used to get in touch with you. This information is taken in a secure area, is encrypted for our customers’ protection, and is not sold or shared with anyone else under any circumstances.
- Log Files. Auntsfield uses IP addresses to analyse trends, administer the Website, track user’s movement, and gather broad demographic information for aggregate use. IP addresses are not linked to personally identifiable information.
- Promotional emails. If a user wishes to subscribe to Auntsfield’s newsletter, Auntsfield will ask for contact information such as name and email address. Every email that Auntsfield sends provides you with the opportunity to unsubscribe from the newsletter.
- Information about minors. Our services do not address, and we do not knowingly collect information from, people under the age of 18.
- Personal information. If you do not wish to provide us with personal information, we will be unable to properly provide our services to you.
- Retention. We retain your information for as long as it is needed to be able to provide our services to you.
- Security Procedures
- Security of data. We have taken and will take steps to ensure personal information we hold about you is protected from risk such as loss, unauthorised access, or use, destruction, modification or disclosure. No data transmission over the internet is totally secure. As a result any personal information you send to us over the Internet (including via email) is sent at your own risk.
- Sensitive information. When the order form asks users to enter sensitive information (such as a credit card number), that information is encrypted and is protected with an SSL certificate provided by Let’s Encrypt. Credit Card details are protected by the secure Hosted Payment Page provided by Windcave.
While on a secure page such as Auntsfield’s payment page, the lock icon on the bottom of Web browsers such as Chrome, Firefox, Safari and Microsoft Edge becomes locked, as opposed to unlocked, or open, when you are just ‘surfing’.
- Access to information. While Auntsfield uses DPI encryption to protect sensitive information online, it also does everything in its power to protect user-information offline.
While Auntsfield uses SSL encryption to protect sensitive information online, it also does everything in its power to protect user-information offline.
All of Auntsfield’s users’ information, like the sensitive information mentioned above, is restricted in Auntsfield’s offices. Only employees who need the information to perform a specific job (for example, a customer service representative) are granted access to personally identifiable information. If one of these people leaves their workstation, they are required to lock their station until they return. In addition, all employees are kept up to date on our security and privacy practices. Finally, the servers that we store personally identifiable information on are kept in a locked and secure environment.
- Cross border disclosure. Should Auntsfield begin to disclose any personal information to organisations or people outside of New Zealand, you agree to that disclosure and acknowledge that Auntsfield shall ensure that any it shall ensure that any personal information disclosed is adequately protected.
- Questions. If you have any questions about the security at Auntsfield’s Website, email firstname.lastname@example.org
- Privacy breaches
- What is a privacy breach? A privacy breach occurs where there is an unauthorised or accidental access to, or disclosure, alteration, loss, or destruction of, personal information held by us or an action that prevents us from accessing personal information on either a temporary or permanent basis.
- Notifiable privacy breach. If we learn of a privacy breach involving personal information we hold, we will assess whether the privacy breach is likely to cause serious harm to an affected individual or individuals. If our assessment finds that the privacy breach has caused serious harm to an affected individual or individuals, or is likely to do so, we will notify the individual or individuals and the Privacy Commissioner within the timeframes prescribed by the Privacy Act.
- Correction of Information. Subject to certain grounds for refusal set out in the Privacy Act, you have the right to request confirmation from us that Auntsfield holds information about you, and a copy of such information. You are also entitled to request the correction of the information Auntsfield holds about you.
- . If you would like to exercise either of these rights, please contact Auntsfield at the contact details on the Website. Your request should provide evidence of who you are and the details of your request (e.g. the information, or the correction, that you are requesting).