Privacy Policy

Effective date:

1. Introduction

Energrinsewipe ("we", "us", or "our") operates the website energrinsewipe.world and provides educational stress management workshops and consulting guidance from our location at 2 Plimmer Steps, Wellington Central, Wellington 6011, New Zealand. We are committed to protecting your personal data and respecting your privacy rights.

This Privacy Policy explains how we collect, use, store, share, and protect personal information when you visit our website, submit enquiries through our contact form, register for workshops, or otherwise interact with our services. It applies to all users regardless of location and is designed to comply with the General Data Protection Regulation (GDPR), the New Zealand Privacy Act 2020, and other applicable international privacy laws.

By using our website or services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the practices described herein, please refrain from using our website or providing personal data to us.

2. Data Controller Information

The data controller responsible for your personal information is:

Energrinsewipe
2 Plimmer Steps, Wellington Central
Wellington 6011, New Zealand
Phone: +64 4 471 1404
Email: assist@energrinsewipe.world

For any privacy-related enquiries, data subject requests, or concerns about how your information is handled, please contact us using the details above. We aim to respond to all privacy enquiries within 30 days.

3. Personal Data We Collect

3.1 Information You Provide Directly

When you interact with our website or services, you may voluntarily provide the following categories of personal data:

  • Contact information: Name, email address, phone number, and postal address when you submit our contact form or register for a workshop.
  • Communication content: The content of messages you send us, including questions about our programs, feedback, and correspondence history.
  • Registration details: Information provided during workshop registration, such as organisation name, dietary requirements, accessibility needs, and emergency contact details.
  • Payment information: Billing name and address. Payment card details are processed directly by our third-party payment processor and are not stored on our servers.
  • Consent records: Records of consent you provide, including GDPR consent checkboxes and cookie preferences.

3.2 Information Collected Automatically

When you visit our website, certain technical data may be collected automatically through cookies and similar technologies, including:

  • IP address (which may be anonymised)
  • Browser type and version
  • Operating system
  • Referring URL and pages visited
  • Date and time of access
  • Device type and screen resolution

For detailed information about cookies, please refer to our Cookie Policy.

3.3 Information We Do Not Collect

We do not intentionally collect sensitive personal data such as health records, medical diagnoses, financial account numbers, or government identification numbers through our website. Our workshops are educational in nature and we do not require participants to disclose medical or health information.

4. Purposes of Data Processing

We process your personal data for the following specific purposes and on the following legal bases:

4.1 Responding to Enquiries

When you submit our contact form, we use your name, email, and message content to respond to your enquiry. Legal basis: consent (provided via the GDPR checkbox) and legitimate interest in communicating with prospective clients.

4.2 Workshop Registration and Delivery

We process registration data to confirm your place, send pre-session materials, manage attendance, and provide follow-up resources. Legal basis: performance of a contract and legitimate interest in delivering our educational services.

4.3 Website Improvement and Analytics

With your consent, we use analytics cookies to understand how visitors interact with our website, identify popular content, and improve user experience. Legal basis: consent.

4.4 Marketing Communications

With your explicit consent, we may send you information about upcoming workshops, new programs, and educational content. You may withdraw consent at any time. Legal basis: consent.

4.5 Legal Compliance

We may process data to comply with legal obligations, respond to lawful requests from authorities, or protect our legal rights. Legal basis: legal obligation and legitimate interest.

4.6 Security and Fraud Prevention

We process technical data to maintain website security, prevent unauthorised access, and detect fraudulent activity. Legal basis: legitimate interest.

5. Data Retention Periods

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, unless a longer retention period is required by law. Our standard retention periods are:

  • Contact form submissions: Retained for 24 months from the date of submission, unless an ongoing business relationship exists.
  • Workshop registration records: Retained for 5 years after the date of the last attended session for record-keeping and dispute resolution purposes.
  • Payment records: Retained for 7 years in accordance with New Zealand tax and accounting requirements.
  • Marketing consent records: Retained for the duration of the marketing relationship plus 3 years after withdrawal of consent.
  • Analytics data: Aggregated and anonymised data may be retained indefinitely. Individual session data is retained for 26 months.
  • Cookie consent preferences: Stored locally on your device until you clear browser data or change preferences.

When retention periods expire, personal data is securely deleted or anonymised so that it can no longer be associated with you.

6. Data Sharing and Third Parties

We do not sell your personal data to third parties. We may share your information with the following categories of recipients, strictly for the purposes described in this policy:

  • Service providers: Hosting providers, email delivery services, payment processors, and analytics platforms that assist us in operating our website and delivering services. These providers are bound by data processing agreements and may only use your data as instructed by us.
  • Professional advisors: Lawyers, accountants, and auditors who require access to data for advisory purposes, subject to confidentiality obligations.
  • Legal authorities: Where required by law, court order, or to protect our rights, safety, or the rights of others.

When we transfer personal data outside the European Economic Area (EEA) or New Zealand, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission or adequacy decisions.

7. Security Measures

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • HTTPS encryption for all data transmitted between your browser and our website
  • Secure hosting infrastructure with regular security updates and monitoring
  • Access controls limiting employee access to personal data on a need-to-know basis
  • Regular review of data processing activities and security practices
  • Secure deletion procedures when data is no longer required
  • Staff training on data protection and privacy best practices

While we take reasonable steps to protect your data, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security but are committed to promptly addressing any identified vulnerabilities.

8. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Right of access: Request a copy of the personal data we hold about you.
  • Right to rectification: Request correction of inaccurate or incomplete data.
  • Right to erasure: Request deletion of your data where there is no compelling reason for continued processing.
  • Right to restrict processing: Request that we limit how we use your data in certain circumstances.
  • Right to data portability: Receive your data in a structured, commonly used, machine-readable format.
  • Right to object: Object to processing based on legitimate interests or for direct marketing purposes.
  • Right to withdraw consent: Withdraw consent at any time where processing is based on consent, without affecting the lawfulness of prior processing.
  • Right to lodge a complaint: File a complaint with a supervisory authority. In New Zealand, this is the Office of the Privacy Commissioner. In the EU, contact your local data protection authority.

To exercise any of these rights, contact us at assist@energrinsewipe.world. We will verify your identity before processing requests and respond within 30 days.

9. Children's Privacy

Our website and services are not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a minor, please contact us immediately and we will take steps to delete such information.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will update the effective date at the top of this page. We encourage you to review this policy periodically.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact:

Energrinsewipe
2 Plimmer Steps, Wellington Central, Wellington 6011, New Zealand
Phone: +64 4 471 1404
Email: assist@energrinsewipe.world