Privacy Policy

1. Information We Collect

1.1 Information You Provide

When you request a free brand report or purchase our services, we collect:

• Contact Information: Email address, business name, business address
• Business Information: Website URL, business type, location
• Payment Information: Processed securely by our payment processor (Stripe). We do not store credit card details.
• Communications: When you contact us via email or forms, we collect the content of your message and contact details

1.2 Information Collected Automatically

When you use our website, we automatically collect certain information:

• Technical Data: IP address, browser type, operating system, device information
• Usage Data: Pages visited, time spent on pages, referring URLs
• Cookies: Essential cookies for website functionality (see Section 8 below)

1.3 Publicly Available Information

To provide our analysis services, we collect and analyze:

• Publicly available content from your business website
• Public Google reviews and ratings
• Public business information from search engines
• Stats NZ public economic data

2. How We Use Your Information

We use your information for the following purposes:

2.1 Service Delivery

• To generate and deliver your requested brand reports and intelligence products
• To process payments and maintain transaction records
• To provide customer support and respond to inquiries
• To improve the accuracy and quality of our AI-powered analysis

2.2 Communication

• To send service-related communications (e.g., report delivery, account updates)
• To send marketing communications (only with your explicit consent)
• To notify you of changes to our services or policies

2.3 Business Operations

• To maintain and improve our website and services
• To analyze usage patterns and develop new features
• To comply with legal obligations and enforce our terms of service
• To prevent fraud, abuse, and security threats

3. Legal Basis for Processing

We process your personal information on the following legal bases:

• Consent: When you provide explicit consent (e.g., marketing communications)
• Contract Performance: To fulfill our contractual obligations when you purchase services
• Legitimate Interests: To operate, improve, and secure our business
• Legal Obligation: To comply with applicable laws and regulations

4. Information Sharing and Disclosure

4.1 Service Providers

We share information with third-party service providers who assist in delivering our services:

• AI Providers: OpenAI, Anthropic (Claude), Google AI (Gemini) - We share only publicly available website content for analysis. No personal contact information is shared.
• Payment Processor: Stripe Inc. - Processes payments securely according to PCI-DSS standards
• Email Service Provider: For transactional and service-related emails
• Hosting Provider: For website and data hosting (New Zealand-based servers)
• Data Sources: Stats NZ API, Google Places API - We access publicly available data only

4.2 We Do Not

• ❌ Sell or rent your personal information to third parties
• ❌ Share your information for third-party marketing purposes
• ❌ Use your proprietary business content to train AI models
• ❌ Disclose your information except as described in this policy

4.3 Legal Disclosure

We may disclose your information if required by law, court order, or government regulation, or if necessary to:

• Comply with legal process
• Protect our rights, property, or safety
• Protect the rights, property, or safety of our customers or the public
• Prevent fraud or illegal activity

5. Data Security

We implement appropriate technical and organizational security measures to protect your information:

• Encryption: All data transmitted via HTTPS/TLS encryption
• Secure Storage: Data stored on secure servers with access controls
• Access Controls: Limited employee access on a need-to-know basis
• Regular Security Audits: Ongoing monitoring and security assessments
• Payment Security: PCI-DSS compliant payment processing via Stripe

While we implement industry-standard security measures, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

6. Your Rights Under the NZ Privacy Act 2020

You have the following rights regarding your personal information:

7. Data Retention

We retain your personal information for the following periods:

• Free Report Requests: 90 days from report delivery
• Customer Data (Paid Services): Duration of service + 7 years (for tax and legal compliance)
• Marketing Contacts: Until you unsubscribe or request deletion
• Transaction Records: 7 years (as required by New Zealand tax law)
• Support Communications: 3 years from last contact

After these periods, information is securely deleted or anonymized unless legally required to retain longer.

8. Cookies and Tracking Technologies

Types of Cookies We Use:

• Essential Cookies: Required for website functionality (session management, form submissions)
• Analytics Cookies: Anonymous usage statistics to improve our services (you can opt-out)

We Do Not Use:

• ❌ Advertising cookies or tracking pixels
• ❌ Third-party marketing cookies
• ❌ Cross-site tracking

You can control cookies through your browser settings. Note that disabling essential cookies may affect website functionality.

9. AI Processing and Your Data

10. International Data Transfers

NZGPTS is based in New Zealand, and our primary data storage is on New Zealand servers. However, some of our service providers (including AI providers) may process data outside New Zealand.

When we transfer data internationally, we ensure appropriate safeguards are in place:

• Service providers comply with equivalent privacy protection standards
• Data processing agreements are in place
• Only necessary, non-sensitive information is transferred

11. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child without parental consent, we will take steps to delete that information promptly.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. When we make material changes, we will:

• Update the "Last Updated" date at the top of this page
• Notify active customers via email
• Post a notice on our website

Continued use of our services after changes constitutes acceptance of the updated policy.

13. Contact Us & Complaints