Hi thanks for your interest in our website. We believe in being transparent about what data we collect and how we use it. We believe that our policies and procedures are compliant with current and future NZ Privacy Laws, however, we may update our policy and this page at any time without additional notice being given. If we do update this page, we will update the “Last Update Date” date.
If you have questions (or issues with our site), you may wish to contact us
Last Updated: December 2020
Who we are
Our website address is: https://waihekebikeshop.co.nz and the publisher of this website is Waiheke Bike Shop Ltd.
Our Website Terms and Conditions are here
What personal data we collect and why we collect it
In general, you can visit our website without providing any personal information. We usually collect information when you contribute or engage in any of the following parts of our website;
Comments / Reviews
When visitors leave comments or reviews we may collect user data e.g. name, email, the visitor’s IP address and browser user agent string to help spam detection. Sometimes we ask for an image / media.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
If you have consented to us taking your photo – or if you provide us with one or more of you / your group – you are giving us permission to publish those images where we deem most appropriate, for example in our newsletter, social media feeds and / or website.
We will not publish inappropriate images and we will not publish any personally identifiable information except your first name or name of your party / group. – unless you request a credit / link if the media is your own work. Please also ensure that any embedded location data (EXIF GPS) is removed, if you do not wish this to be retained.
You can request images be not used, or taken down at any time. We will retain all editorial control and we will not be able to use any images that require any kind of license / royalty or other financial agreement.
If you contact us via the contact form on our website, or if you complete a booking or online waiver, we will collect and store the data you’ve supplied. You may also be prompted to join our newsletter and if you do so, we will also collect and store the information you’ve provided, for marketing purposes where you have elected to allow us to do so.
If you leave a comment / review on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Analytics & other diagnostics
This site utilises multiple analytics and diagnostics services to help us to improve the overall experience for all users. All information is anonymized before storage and processing begins.
This website uses Google Analytics, a web analytics service. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. Google Analytics cookies are stored based on Art. 6 (1) (f) DSGVO. The website operator has a legitimate interest in analyzing user behavior to optimize both its website and its advertising.
Objecting to the collection of data
Demographic data collection by Google Analytics
This website may use Google Analytics’ demographic features. This allows reports to be generated containing statements about the age, gender, and interests of site visitors. This data comes from interest-based advertising from Google and third-party visitor data. This collected data cannot be attributed to any specific individual person. You can disable this feature at any time by adjusting the ads settings in your Google account or you can forbid the collection of your data by Google Analytics as described in the section “Refusal of data collection”.
COPPA (Children Online Privacy Protection Act)
We do not market to children under the age of 13 years old.
CAN SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
- We collect your email address in order to:
- Send information, respond to inquiries, and/or other requests or questions
- Process orders and to send information and updates pertaining to orders.
- Send you additional information related to your product and/or service
- Market to our mailing list or continue to send emails to our clients after the original transaction has occurred.
- To be in accordance with CANSPAM, we agree to the following:
- Not use false or misleading subjects or email addresses.
- Identify the message as an advertisement in some reasonable way.
- Include the physical address of our business or site headquarters.
- Monitor third-party email marketing services for compliance, if one is used.
- Honour opt-out/unsubscribe requests quickly.
- Allow users to unsubscribe by using the link at the bottom of each email.
If at any time you would like to unsubscribe from receiving future emails, you can email us by using unsubscribe links, or advising us directly
Server log files
The website provider automatically collects and stores information that your browser automatically transmits to us in “server log files”. These are:
- Browser type and browser version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
We take our customer’s data seriously and have secured this website with SSL (Secure Sockets Layer) technology, that encrypts sensitive information transmitted between your computer and our website servers.
Any information you do provide (for example; your address, phone number, name and email address when creating an account) will never knowingly be sold or passed on by us to any third parties. We hold all data in the strictest of confidence, on a secured server. For additional security, we encrypt some sensitive information such as passwords.
In terms of any online payment system, if one exists on this site, we do not have access to, nor do we store or retain any of your Credit Card details, since all of our payments are processed off-site through a heavily encrypted payment gateway.
We take measures, including data encryption, to protect the transmission of all sensitive end-user information. We make reasonable efforts to ensure the integrity and security of our network and systems. Nevertheless, we cannot guarantee that our security measures will prevent third-party ‘hackers’ from illegally obtaining this information. We take all reasonable measures to prevent such breaches of security, but given the resourcefulness of cyber-criminals we are unable to guarantee that our security is 100% breach-proof. You assume the risk of such breaches to the extent that they occur despite our reasonable security measures
Who we share your data with
We do not knowingly share your data with any unauthorised third party.
We may share your data across our team members (and this includes our trusted third party service providers) purely to provide the product(s) and / or service(s) you have requested, or to provide the best experience for you on the site.
Members of our team may have access to the information you provide us. For example, both Administrators and Shop Managers can access:
- Order information like what was purchased, when it was purchased and where it should be sent, and;
- Customer information like your name, email address, and billing and shipping information;
- Submitted form information and comments.
Our team members have access to this information to help fulfil orders, process refunds and support you.
How long we retain your data
Data is retained indefinitely. This is so we can provide the appropriate services.
Where we send your data
If you join up to our newsletter or contact us, some of your information (e.g. name, email, location etc) will be transferred to our Newsletter Provider.
Data is typically sent / received / transmitted and stored “in the cloud” through e.g. our webhosting provider, cloud email / data providers (Google, Microsoft etc) and any other related 3rd party service provider(s) that we (or our trusted partners) have contracted with to supply services that enable us to run our business, perform our services, or deliver products and services to you that you’ve requested.. Such providers may be located in New Zealand, Australia, UK , USA – or elsewhere. In this regard, we expect and understand that such providers perform their duties securely, safely and in a manner that complies with the current and future NZ Privacy Laws.
We will keep all of your personal information secure and confidential to the best of our abilities.
- If any information we hold about you is incorrect, please contact us to request that it be updated.
- If you decide not to provide us with your personal information, we may not be able to provide products and or services to you via the website and you will need to communicate with us via other means.
- If at any time, you wish to be removed from our newsletter or public areas of our site, you may request that and we will respect your wishes.
- You also have the right to request a copy of the information we have on record for you. You may also request that data be deleted.
- If you are an existing customer, you can close your account, subject to additional terms that may apply concerning the access and processing of your data.