Growth Rocket – Privacy Policy

Effective Date: 1st June 2024

 

Contents

  1. Introduction
  2. Types of Information Collected
  3. Purpose of Data Collection
  4. How Data is Collected
  5. Internet Use
  6. Data Sharing & Disclosure
  7. Data Security
  8. Data Breach Notification
  9. User Rights
  10. International Data Transfers
  11. Children’s Privacy
  12. Updates to the Privacy Policy
  13. Complaints and Dispute Resolution
  14. Consent

 

Introduction

At Growth Rocket, safeguarding your privacy is our priority. In accordance with the New Zealand Privacy Act 2020 and the Australian Privacy Act 1988, we are committed to protecting your personal information and ensuring it is handled responsibly and securely. As a provider of data products and services, we assure you that we take privacy seriously.

This Privacy Policy outlines what information we collect, how we use it, and your rights to view, correct, or change your personal information. Our commitment to privacy is unwavering, and we strive to be transparent about our data practices. For more detailed information about our terms and conditions, please refer to our Terms and Conditions.

For more detailed information about the New Zealand Privacy Act and how it protects personal information in New Zealand, you can visit the Office of the Privacy Commissioner’s website (www.privacy.org.nz).

For more information on the Australian Privacy Act, you can visit the Office of the Australian Information Commissioner’s website (www.oaic.gov.au).

Types of Information Collected

At Growth Rocket, we collect a variety of information to provide and enhance our data products and services. The types of information we collect include:

Personal Information:

  • Contact Details: Such as your name, email address, phone number, and postal address.
  • Demographic Information: Including age and/or date of birth, gender, and occupation.
  • Preferences and Interests: Information about your preferences, interests, and behaviours.

Non-Personal Information:

  • Device Information: Such as your IP address, browser type and version, and device identifiers.
  • Usage Data: Information about your interactions with our websites and services, including pages visited, time spent on the site, and clickstream data.
  • Geolocation Data: General geographic location based on your IP address or mobile device location settings.

 

Purpose of Data Collection

At Growth Rocket, we collect personal data for various essential purposes to ensure we provide the best possible service and maintain compliance with legal obligations.

Specifically, we collect personal data to:

  • Verify Your Identity: To confirm your identity and ensure that we are interacting with the correct person.
  • Provide Services and Products: To deliver our services and products effectively to you.
  • Market Our Services and Products: To inform you about our services and products, including contacting you electronically (e.g., by text or email) and via phone calls for this purpose.
  • Improve Our Services and Products: To enhance the quality of the services and products we offer, ensuring they meet your needs and expectations.
  • Respond to Communications: To address and respond to any communications or inquiries you send to us.
  • Handle Complaints: To respond to and resolve complaints efficiently.
  • Conduct Research and Statistical Analysis: To carry out research and analysis to improve our services and understand market trends.
  • Protect and Enforce Legal Rights: To safeguard and enforce our legal rights and interests, including defending against any claims.
  • Other Authorised Purposes: To fulfil any other purposes for which you have authorised us or as permitted by the Privacy Act 2020 (NZ) and the Privacy Act 1988 (AU).

In relation to our products and services, and if legally entitled to do so, we may share your information with our clients or their clients, agents and representatives, such as advertising agencies and mail houses. This sharing is conducted to support the delivery and marketing of relevant services and products to you. Please see section 6 ‘Data Sharing & Disclosure’ below for further information.

 

How Data is Collected

At Growth Rocket, we utilise a variety of methods to collect personal and non-personal information to provide and enhance our services. The data collection methods include:

Direct Collection:

  • Web Forms: Information provided by you through our web forms, including contact forms, registration forms, and subscription forms.
  • Email Communications: Data shared with us via email communications, including inquiries and responses.
  • Account Registrations: Information collected when you create an account or register for our services.
  • Contact: Information collected during our conversations with you in person, via phone or via a video call.
  • Any other means authorised or requested by you.

Automated Collection:

  • Cookies and Similar Technologies: We use cookies and similar tracking technologies to collect data about your browsing behaviour, preferences, and device information. Cookies help us understand how you interact with our website, enabling us to personalise your experience and improve our services.
  • Log Files: Our servers automatically collect log information, such as your IP address, browser type, referring/exit pages, and the dates and times of your visits to our website. This data helps us analyse trends and administer the site.

Third-Party Sources:

  • Partner Websites: Information collected from our partner websites and other online platforms with which we have established data-sharing agreements.
  • Data Brokers: Privacy-compliant data acquired from trusted third-party data providers. These providers gather information from various sources and ensure that the data meets legal and privacy standards before sharing it with us.
  • Publicly Available Information: Information about you that is readily available to the public.

We employ these methods to ensure that we gather comprehensive and accurate information necessary to deliver our services, conduct research, and enhance user experience. By combining data from multiple sources, we can better understand your needs and preferences, enabling us to provide more relevant and effective services.

 

Internet Use

Cookies and Tracking Technologies

To enhance your experience on our website, Growth Rocket uses cookies and similar tracking technologies. Cookies are small data files stored on your device that help us improve website functionality and understand user behaviour.

Types of Cookies We Use:

  • Session Cookies: Temporary cookies that remain on your device until you close your browser.
  • Persistent Cookies: Cookies that stay on your device for a set period or until you delete them.
  • Third-Party Cookies: Cookies placed by third parties, such as advertising networks or analytics providers, to track your browsing activities across different websites.

Data Collected Through Internet Use

We collect various types of information through your interactions with our website, including:

  • Browsing Information: IP address, browser type, operating system, pages visited, and time spent on the site.
  • Usage Data: Clickstream data, navigation patterns, and other information on how you interact with our website.

Purposes of Data Collection

We use this data to:

  • Enhance User Experience: Improve website functionality and user experience.
  • Personalisation: Provide personalised content and advertisements based on your preferences and behaviours.
  • Analytics and Performance: Conduct website analytics, monitor performance, and understand usage trends.

User Choices and Controls

You can manage or disable cookies through your browser settings. However, disabling cookies may affect the functionality and performance of our website. To opt-out of tracking and data collection, you can use the opt-out tools provided by advertising networks and privacy preference platforms.

Third-Party Services

Our website may use third-party services that place cookies on your device. These third-party cookies help us with advertising, analytics, and other functionalities. We encourage you to review the privacy policies of these third-party services to understand how they handle your data.

Security Measures

We take data protection seriously and implement various measures to safeguard the data collected through internet use. This includes encryption, secure servers, and regular security audits. We retain internet use data only as long as necessary to fulfil the purposes outlined in this policy, after which it is securely deleted.

 

Data Sharing & Disclosure

We may share your personal data with the following entities or persons:

  • Another Company within Our Group: To support our business operations and deliver our services.
  • Business Support Services: Any business that supports our services and products, including those that host or maintain any underlying IT system or data centre that we use to provide the website or other services and products.
  • Credit Reference Agencies: For the purpose of conducting credit checks on you.
  • Other Third Parties: For the provision of anonymised statistical information to support our research and analysis.
  • Regulatory Authorities: A person or entity that can require us to supply your personal information, such as a regulatory authority.
  • Legal Requirements: Any other person authorised by the Privacy Act 2020 (NZ) or the Privacy Act 1988 (AU), or another law such as law enforcement agencies.
  • Authorised Persons: Any other person authorised by you.

Please note that some of our business support services may be located outside New Zealand and Australia. This may result in your personal information being held and processed in countries outside of New Zealand and Australia.

We ensure that any international data transfers comply with applicable data protection laws and that your information is safeguarded through appropriate measures. Please see section 10 ‘International Data Transfers’ below for further information.

 

Data Security

Ensuring the security of your information is paramount at Growth Rocket. To protect your personal information from misuse, loss, unauthorised access, modification, or unauthorised disclosure, we employ industry best practices.

These include:

  • Endpoint-Secured Servers: Our servers are protected with advanced endpoint security measures to prevent unauthorised access and ensure data integrity.
  • Multi-Factor Authentication: We use multi-factor authentication to add an extra layer of security, ensuring that only authorised personnel can access sensitive information.
  • Encryption: All personal data is encrypted both in transit and at rest to protect it from unauthorised access and cyber threats.
  • Strict Access Controls: Access to personal information is restricted to authorised personnel only, and we regularly review and update our access control policies.

We take reasonable steps to ensure that our data assets are primarily stored on New Zealand and Australian-located servers. However, the service providers we engage may use international data centres and disaster recovery sites to ensure continuity and resilience of our services.

While we strive to ensure the highest level of security, absolute security cannot be guaranteed. Please be aware that the internet is not a secure environment and if you send us any information via the internet, you send it at your own risk.  In the event of a data security breach involving your personal information that qualifies as an “eligible data breach” under the Privacy Act 1988 (AU) or a “notifiable privacy breach” under the Privacy Act 2020 (NZ), we will promptly notify you and the relevant authorities as required by law.

Our commitment to transparency means that we will keep you informed about the nature of the breach, the data affected, and the steps we are taking to mitigate the impact.

 

Data Breach Notification

At Growth Rocket, we take the security of your personal information very seriously. Despite our best efforts to safeguard your data, we recognise that data breaches can occur. In the unfortunate event of a data breach involving your personal information, we are committed to responding swiftly and effectively.

Immediate Actions

  • Detection and Containment: Upon discovering a potential data breach, we will immediately work to contain and mitigate the impact. This involves isolating affected systems, securing our network, and preventing further unauthorised access.
  • Assessment: We will promptly assess the nature and scope of the breach to understand the potential risks and impacts on your personal information.

Notification Process

  • Affected Individuals: If your personal information is compromised in a data breach that meets the criteria of an “notifiable eligible data breach” under the Privacy Act 2020 (NZ) and/or an “eligible data breach” under the Privacy Act 1988 (AU), we will notify you as soon as possible. This notification will include:
    • A description of the data breach and the information involved.
    • Steps we have taken or will take to address the breach.
    • Recommendations on actions you can take to protect yourself from potential harm.
    • Confirmation that the relevant Commissioner has been notified (see below).
    • Information about your right to make a complaint to the relevant Commissioner.
    • Our contact details for further inquiries.
  • Regulatory Authorities: In compliance with the Privacy Act 2020 (NZ) and the Privacy Act 1988 (AU), we will also notify the Office of the Privacy Commissioner (NZ) and the Office of the Australian Information Commissioner, respectively, as well as any other relevant authorities as required by law.

Preventive Measures

  • Review and Improvement: Following a data breach, we will review our security measures and incident response protocols to identify areas for improvement and implement necessary changes to prevent future breaches.
  • Training and Awareness: We will continue to educate and train our staff on data protection practices and breach response procedures to enhance our overall security posture.

Your trust is paramount to us, and we are dedicated to maintaining the highest standards of data security. If you have any concerns or questions regarding our data breach procedures, please contact us at privacy@growthrocket.co.nz.

 

User Rights

Under the Privacy Act 2020 (NZ) and the Privacy Act 1988 (AU), you have the following rights regarding your personal information:

  • Access: You can request access to your personal information that we hold.
  • Opt-Out: You can opt-out of us sharing your personal information with third parties.
  • Correction: You can correct any inaccuracies in your personal information.
  • Deletion: You can request the deletion of your personal information.

To exercise any of these rights, please contact us using the details provided below.

Accessing Your Information

You have the right to request access to your personal information that we hold. To do so, please email us at privacy@growthrocket.co.nz. We will require you to adequately identify yourself when requesting a copy of your personal information.

We will process your request within a reasonable timeframe, usually within 30 days. In some cases, we may need more time depending on the nature and complexity of the request. There is no fee for requesting access to your personal information; however, we may charge a reasonable fee to cover the costs of processing your request. If a fee applies, we will inform you before proceeding.

If we cannot grant you access to your personal information, we will provide you with a written explanation of the reasons for the refusal (unless it is unreasonable to do so) and inform you of the mechanisms available to complain about the refusal.

Opting Out

If you do not wish for us to provide your information to our clients or any other parties, please let us know, and we will take all reasonable steps to action your request at the earliest possible opportunity. You can opt-out by emailing us at privacy@growthrocket.co.nz.

We maintain a suppression database to record opt-out requests, ensuring that you are not contacted in the future by our clients, even if your personal information is provided to us again.

Please note that this process will not prevent other companies from contacting you. To reduce the volume of marketing materials you receive, and you are based in New Zealand, you can register on the NZ Marketing Association’s Do Not Mail Register List at https://marketing.org.nz/do-not-call-do-not-mail. If you are based in Australia, you can register on the ADMA’s Do Not Mail Register at https://www.adma.com.au/do-not-mail.

Correcting Your Personal Information

We strive to ensure that all information we hold about you is accurate, complete, and up to date. If you believe that any personal information we hold about you is incorrect or out-of-date, you may request corrections. We will address your request within a reasonable timeframe.

To update or correct any personal information we hold about you, please email us at privacy@growthrocket.co.nz. We may need to verify your identity to process your request for updating or correcting your personal information.

Deleting Your Personal Information

In accordance with the Privacy Act 2020 (NZ) and the Privacy Act 1988 (AU), you have the right to request the deletion of your personal information. We will aim to fulfil your request within a reasonable period, usually within 30 days. Verification of your identity may be required to process your deletion request.

To request the deletion of your personal information, please email us at  privacy@growthrocket.co.nz. We will take all necessary steps to ensure that your personal information is deleted from our systems, except where retention is required by law or for legitimate business purposes.

 

International Data Transfers

At Growth Rocket, we recognise that the transfer of personal data across borders requires careful management to ensure the protection of your information. While we strive to store our data primarily on New Zealand and Australian-located servers, there are instances where your personal data may be transferred to and processed in countries other than your own.

This section outlines our approach to international data transfers and the safeguards we have in place to protect your data.

Data Transfer Scenarios

  • Service Providers: We engage with service providers and business partners who may operate international data centres or disaster recovery sites to ensure the continuity and resilience of our services.
  • Business Support Services: Certain business support services, such as IT infrastructure, cloud services, and data analytics, may involve the transfer of personal data to countries outside of New Zealand and Australia.

Safeguards for International Transfers

To ensure that your personal data is protected when transferred internationally, we implement the following safeguards:

  • Legal Compliance: We ensure that all international data transfers comply with the applicable data protection laws and regulations, including the New Zealand Privacy Act 2020 and the Australian Privacy Act 1988.
  • Adequacy Decisions: Where applicable, we transfer personal data to countries that have been recognised by the relevant authorities as providing an adequate level of data protection.
  • Technical and Organisational Measures: We implement robust technical and organisational measures, such as encryption, access controls, and regular security audits, to protect your personal data during international transfers.

Your Rights and Choices

You have the right to know where your personal data is being transferred and to understand the safeguards in place to protect it. If you have any questions or concerns about the international transfer of your personal data, or if you wish to exercise your rights under the Privacy Act 2020 (NZ) and the Privacy Act 1988 (AU), please contact us at privacy@growthrocket.co.nz.

We are committed to ensuring the security and privacy of your personal data, regardless of where it is processed. Your trust is important to us, and we continuously strive to maintain the highest standards of data protection across all our operations.

 

Children’s Privacy

At Growth Rocket, we are committed to protecting the privacy of children. Our services are not directed to children under the age of 18, and we do not knowingly collect personal information from children under 18.

Collection of Children’s Information

If we become aware that we have inadvertently collected personal information from a child under the age of 18 without verifiable parental consent, we will take steps to delete the information as soon as possible.

Parental Rights

If you are a parent or guardian and believe that your child under the age of 18 has provided us with personal information without your consent, please contact us at privacy@growthrocket.co.nz. We will take appropriate steps to remove the information and ensure that it is not used for any purpose.

Educational Materials

For educational purposes, if our services or content may appeal to children under 18, we ensure that these materials are suitable for children and do not involve the collection of personal information. We encourage parents and guardians to monitor their children’s online activities and help them understand safe and responsible online practices.

Third-Party Services

We do not allow third-party services on our websites that are directed to children under 18 to collect personal information without appropriate parental consent. We take measures to ensure that third-party services comply with this policy and the relevant laws and regulations.

 

Updates to the Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, and other factors. We are committed to keeping you informed about how we handle your personal information.

Notification of Changes

We will notify you of significant changes to this Privacy Policy by:
Posting a notice on our website prominently.

Effective Date

Each version of this Privacy Policy will have an effective date. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

Continued Use of Our Services

Your continued use of our services after any changes to this Privacy Policy constitutes your acceptance of the updated terms. If you do not agree with the changes, you should discontinue using our services and contact us to address any concerns.

Access to Previous Versions

For transparency, previous versions of this Privacy Policy will be available upon request. You can contact us at privacy@growthrocket.co.nz to obtain copies of earlier versions.

Feedback and Inquiries

We value your feedback and are committed to addressing any questions or concerns you may have about this Privacy Policy. If you have any inquiries or feedback, please contact us at  privacy@growthrocket.co.nz.

 

Complaints and Dispute Resolution

At Growth Rocket, we take your privacy concerns seriously and are committed to resolving any complaints regarding our use, handling, or disclosure of your personal information.

Submitting a Complaint

If you have a complaint about our practices concerning your personal information, please contact us in writing at privacy@growthrocket.co.nz. Include as much detail as possible about your complaint, including specific incidents, dates, and any relevant documentation.

Our Response

Upon receipt of your complaint, we will:

  • Acknowledge your complaint promptly.
  • Conduct a thorough investigation into the matter.
  • Provide a written response to you within a reasonable period, outlining the findings of our investigation and any actions we will take to address your concerns.

Escalation

If you are dissatisfied with our response, you have the right to escalate your complaint to the Office of the Privacy Commissioner (NZ) or the Office of the Australian Information Commissioner (AU).

These offices provide mechanisms for resolving complaints about alleged breaches of the Privacy Act 2020 (NZ) and the Privacy Act 1988 (AU). You can contact the Privacy Commissioner and find more information on how to make a complaint at:

  1. New Zealand: https://www.privacy.org.nz/your-rights/making-a-complaint-to-the-privacy-commissioner/; and
  2. Australia: https://www.oaic.gov.au/privacy/privacy-complaints.

We value your feedback and are committed to ensuring your concerns are addressed promptly and effectively. Your trust is important to us, and we strive to maintain the highest standards in our privacy practices.

 

Consent

At Growth Rocket, we prioritise your privacy and ensure that we have obtained your consent when required by law to collect, use, or disclose your personal information. We take reasonable steps to ensure that such consent is clear, informed, and freely given.

Providing Consent

You may have provided your consent to a third party to share your personal information with us. When we receive information about you from third parties, we take steps to verify that it has been collected in compliance with the Privacy Act 2020 (NZ) and the Privacy Act 1988 (AU). This includes confirming that the third party is entitled to provide the information to us and that you have given appropriate consent as required by law.

Your Agreement

By using our website or providing us with your personal information, you agree to the terms of this Privacy Policy and our Terms and Conditions. Your continued use of our services constitutes your consent to our collection, use, and disclosure of your personal information as described herein.

Withdrawing Consent

You have the right to withdraw your consent at any time. If you choose to withdraw your consent, you may do so by following our Opt-Out process outlined above. This can be done by contacting us at privacy@growthrocket.co.nz or by completing the opt-out form available on our website.

Upon receiving your withdrawal of consent, we will take all reasonable steps to cease further use or disclosure of your personal information, except where continued use or disclosure is required by law or for legitimate business purposes.

We are committed to ensuring that your rights are respected and that you have control over your personal information. If you have any questions or concerns about your consent, please contact us using the details provided in this Privacy Policy.

 

Contacting Us

To submit a request or otherwise contact us in connection with this Privacy Policy, please contact us by email (privacy@growthrocket.co.nz) for the attention of our privacy officer.

Our address is 119 Wellesley Street West, Auckland CBD, Auckland 1010.