Privacy Policy

Your privacy is important to us. This policy explains how we handle your personal information.

Last Updated:

1. Introduction

Growrefinedyn ("we," "our," or "us") is committed to protecting your privacy in accordance with New Zealand law. This Privacy Policy explains how we collect, use, disclose, store, and safeguard your personal information when you visit our website growrefinedyn.ddd.

We are governed primarily by the Privacy Act 2020 (New Zealand) and the Information Privacy Principles (IPPs). Where applicable, we also respect rights under the General Data Protection Regulation (GDPR) for visitors from the European Economic Area.

Please read this policy carefully. If you do not agree with it, please do not use the site or submit personal information through our contact form.

2. Who We Are (Agency Information)

The organisation responsible for your personal information under the Privacy Act 2020 is:

  • Company Name: Growrefinedyn
  • Address: 57 Arawa Street, Ohakune 4625, New Zealand
  • Phone: +64 21 558 180
  • Email: reachus@growrefinedyn.world

3. Information We Collect

3.1 Information You Provide Directly

We collect personal information that you voluntarily provide when you:

  • Fill out our contact form (name, email address, message content)
  • Explore our movement missions and educational content on the website
  • Communicate with us directly by phone or email

We only collect information that is reasonably necessary for the purposes described in this policy (IPP 1).

3.2 Information Collected Automatically

When you visit our website, we or our service providers may automatically collect technical information, including:

  • IP address and browser type
  • Device information and operating system
  • Pages visited and approximate time on pages
  • Referring website addresses
  • Cookie and local storage data (see our Cookie Policy)

4. Purposes of Collection and Use

We collect and use personal information only for lawful purposes connected with our operations, including:

  • Responding to enquiries and providing community information
  • Operating and improving our website and user experience
  • Managing cookie consent preferences you select
  • Analysing website usage where you have consented to analytics cookies
  • Protecting against fraudulent, abusive, or unauthorised activity
  • Complying with legal and regulatory obligations in New Zealand

We will not use your information for an unrelated purpose unless permitted or required by law (IPP 10 and IPP 11).

5. How We Use Your Information

In practice, we use the information we collect to:

  • Respond to your inquiries and provide customer support
  • Share information you request about movement challenges and community resources
  • Improve our website and user experience
  • Analyse website usage and trends only where you have consented
  • Protect against fraudulent or unauthorized activity
  • Comply with legal obligations in New Zealand

6. Analytics, Marketing, and Cookies

Non-essential cookies (analytics and marketing) are not placed on your device unless you accept them through our cookie banner. Essential cookies and local storage are used to remember your consent choices. Details are in our Cookie Policy.

7. Disclosure of Personal Information

We do not sell or rent your personal information. We may disclose information only where permitted under the Privacy Act 2020, including:

  • Service providers: Trusted providers who help us host, maintain, or support the website (under confidentiality and security obligations)
  • Legal requirements: Where required by New Zealand law, court order, or regulatory authority
  • Protection: Where reasonably necessary to protect rights, safety, or property
  • Business transfers: In connection with a merger, acquisition, or sale of assets, with continued protection of your information

Before disclosing personal information to another organisation, we take reasonable steps to ensure they protect it in line with the IPPs (IPP 11).

8. Overseas Disclosure

Some service providers (for example, content delivery networks or font providers) may process technical data outside New Zealand. Where we disclose personal information overseas, we take reasonable steps to ensure the recipient protects it in a manner comparable to the Privacy Act 2020 (IPP 12), or we rely on an authorised exception under the Act.

9. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

  • Contact form submissions: up to 2 years from the date of submission, unless a longer period is required by law
  • Cookie consent records: 1 year (or until you clear browser storage)
  • Analytics data (if consented): up to 26 months, in line with provider settings

After the retention period, we securely delete or anonymise information where it is no longer needed.

10. Your Rights Under New Zealand Law

Under the Privacy Act 2020, you have the right to:

  • Access: Request access to personal information we hold about you (IPP 6)
  • Correction: Request correction of inaccurate, incomplete, or misleading information (IPP 7)
  • Withdraw consent: Where processing is based on consent, withdraw it at any time
  • Complain: Lodge a complaint with the Office of the Privacy Commissioner if you believe we have interfered with your privacy

To exercise access or correction rights, contact us using the details in Section 17. We will respond within a reasonable time and in accordance with the Privacy Act 2020.

11. Rights for European Visitors (GDPR)

If you are in the European Economic Area, you may also have rights to erasure, restriction, data portability, and objection where GDPR applies. Contact us to exercise these rights.

12. Direct Marketing

We do not send commercial electronic messages without your consent, in accordance with the Unsolicited Electronic Messages Act 2007. If we contact you by email in the future, you will be able to unsubscribe using a clear opt-out mechanism.

13. Notifiable Privacy Breaches

If a privacy breach is likely to cause serious harm, we will assess the breach and, where required, notify the Office of the Privacy Commissioner and affected individuals under the Privacy Act 2020.

14. Data Security

We implement reasonable technical and organisational safeguards to protect personal information (IPP 5), including:

  • SSL/TLS encryption for data transmission where supported
  • Secure hosting and access controls
  • Limiting access to personal information to those who need it
  • Procedures to assess and respond to suspected privacy breaches

15. Children's Privacy

Our website is not directed at children under 16. We do not knowingly collect personal information from children under 16 without parental consent. If you believe a child has provided us with personal information, please contact us so we can delete it.

16. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be posted on this page with an updated "Last Updated" date. We encourage you to review this policy periodically.

17. Contact Us

If you have questions, wish to access or correct your information, or have a privacy concern, please contact us:

  • Address: 57 Arawa Street, Ohakune 4625, New Zealand
  • Phone: +64 21 558 180
  • Email: reachus@growrefinedyn.world

You may also contact the Office of the Privacy Commissioner at www.privacy.org.nz or 0800 803 909 (New Zealand).