Privacy Policy Tamaranga

Introductions

This Privacy Policy has been updated on July 1, 2022

Tamaranga Limited (hereinafter — “we”, “us”, “Company”, “Tamaranga”) is the New Zealand company registered at 32B Jefferson Street, Glendowie, Auckland, New Zealand, 1071, that provides Software to Users through a https://tamaranga.com Software as a Service (SaaS) (the “Website”).

We at Tamaranga have created a Privacy Policy that aims to help you understand what data we collect, what we use it for, and how you can exercise your rights. Reading Privacy Policy is important so we hope you will give it time and attention.

We use your data to provide and improve the Website. By using the Website, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our License agreement (public offer), accessible from https://tamaranga.com/oferta-en.html.

For us the privacy and security of our Users are of paramount importance. We are committed to protecting the data you share with us. This privacy policy explains how we process information that can be used to directly or indirectly identify an individual (“Personal Data”) collected through the use of our Website.

Also our Website does not sell your personal information to third parties. A “sale” of Personal Information under the CCPA is defined broadly to include the “selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means” the Personal Information of a User to another business or third party “for monetary or other valuable consideration.” If we decide to sell our Website (our business), we will inform you about this, so you can forbid us to transfer your personal data together with our business. If so, we will delete your data from the databases prior to a business transfer.

We adhere to the following principles in order to protect your privacy:

  • principle of purposefulness — we process personal data fairly and in a transparent manner only for the achievement of determined and lawful objectives, and they shall not be processed in a manner not conforming to the objectives of data processing;

  • principle of minimalism — we collect personal data only to the extent necessary for the achievement of determined purposes and do not keep personal data if it is no longer needed;

  • principle of restricted use — we use personal data for other purposes only with the consent of the data subject or with the permission of a competent authority;

  • principle of data quality — we update personal data, it shall be up-to-date, complete and necessary for the achievement of the purpose of data processing;

  • principle of security — security measures shall be applied in order to protect personal data from unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical and organisational measures;

  • principle of individual participation — the persons shall be notified of data collected concerning him or her, the persons shall be granted access to the data concerning him or her and the persons have the right to demand the correction of inaccurate or misleading data.

1. DATA WE COLLECT

1.1. We may collect, record and analyze information of the Users of our Website.

1.2. Where our Website is accessed purely to gain information, i.e. where you do not provide us information in any way, we only collect the personal data provided by your browser to our server. Where you want to view our Website, we collect the following data necessary for technical purposes to be able to demonstrate our Website to you and to ensure adequate access stability and security (therefore, the legal basis for is our legitimate interest):

1.2.1. IP address;

1.2.2. Enquiry date and time;

1.2.3. Time zone difference to Greenwich Mean Time (GMT);

1.2.4. Enquiry content (the exact web page accessed);

1.2.5. Access status/HTTP status code;

1.2.6. Data volume transmitted in each case;

1.2.7. Website generating the enquiry;

1.2.8. Browser;

1.2.9. OS and its interface;

1.2.10. Browser language and version.

1.3. We use this information in aggregate to assess the popularity of the web pages on our Website and how we perform in providing content to you. When combined with other information we know about you from previous visits, the data could possibly be used to identify you personally, even if you did not provide any information to us. Information collected this way is stored for no longer than one year.

1.4. Processing of Usage Data relies on our legitimate interests. It is necessary for managing and running our business efficiently and effectively, providing quality services including Website support, developing and improving products, and determining who may be interested in them.

1.5. We collect the email address and data of the User’s profile in instant messaging applications (e.g. name, nickname, phone number) only when the User wants to contact us and writes us on our email address that is available on the Website or communicates with us via instant messaging applications, that are listed on our Website. We use the collected Personal Data only to communicate with you, as you reasonably expect us to answer you.

1.6. While processing the Personal Data of our Users, we rely on your consent to the processing your Personal Data for the purpose of communicating with you. We use such Personal Data in ways you would reasonably expect and which have a minimal privacy impact. You can withdraw your consent at any time by sending us an email to contact@tamaranga.com with your withdrawal request and your Personal Data will be deleted within seventy-two (72) hours.

1.7. Processing of Personal Data for marketing purposes also relies on the consent obtained from you. We use data in ways you would reasonably expect and which have a minimal privacy impact.

1.8. Wherever possible, we aim to obtain your explicit consent to process your Personal Data, for example, by asking you to agree to use Cookies.

1.9. Users can control the use of Cookies at the individual browser level. If you reject Cookies, you may still use our Website, but your ability to use some features or areas of our Website may be limited. To learn more and for a detailed Cookie notice, Users may refer to our Cookie Section.

1.10. Personal data

1.10.1. In order to provide Services to our Users we collect its personally identifiable information.

1.10.2. When the User uses our Website by submitting an online order form on the Website, to complete the order we must process the information that the User gives us.

1.10.3. During the submission of an online order form on the Website, the User provides us with its first and last name. This information is used by us to identify our Users and provide them with services and meet other contractual obligations.

1.10.4. Also, the User provides us with the following information during filling out the form on the Website:

1.10.4.1. Name.

1.10.4.2. Email address.

1.10.4.3. Phone number.

1.10.4.4. Any question that relates to the provision of Services.

1.10.4.5. Cookies and Usage Data.

1.10.5. This information is used by us to identify the User, personalize the User, and provide you needed Services in full.

1.10.6. We may obtain Users’ Personal Data from third parties such as electronic money institutions, whose services we use.

1.10.7. We process this information on the basis there is an agreement between us and the User, we use the information before we enter into a legal agreement.

1.11. Communication Data

1.11.1. We collect any data that you share with us whether that be through email, text, social media messaging, social media posting, or any other communication that you send us. We process this data for the purposes of communicating with you, for record-keeping, and for the establishment, pursuance, or defense of legal claims. Our lawful ground for this processing is our legitimate interests which in this case are to reply to communications sent to us, to keep records and to establish, pursue or defend legal claims.

1.12. Marketing Data

1.12.1. We collect data about your preferences in receiving marketing from us and our third parties and your communication preferences. We process this data to enable you to partake in our promotions, deliver relevant Website content and advertisements to you, and to measure or understand the effectiveness of this advertising. Our lawful ground for this processing is our legitimate interests which in this case are to study how Users use our products/services, to develop them, to grow our business, and to decide our marketing strategy.

1.12.2. Processing of Personal Data for marketing purposes also relies on the consent obtained from you. This processing has appropriate safeguards and a minimal privacy impact. You can object to the processing by following the “unsubscribe” link you will find on all the email marketing messages we send you. Alternatively, you can contact us at contact@tamaranga.com.

1.12.3. If you no longer wish to receive promotional emails, you may opt out of them by replying to one of such emails or sending us an email with a request.

1.13. Additional terms of processing

1.13.1. We do not collect any sensitive data about you. Sensitive data refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. We do not collect any information about criminal convictions and offenses.

1.13.2. Where we are required to collect Personal Data by law, which you do not provide us with, we may not be able to perform the contract. If you don’t provide us with the requested data, we may have to cancel a product you have ordered but if we do, we will notify you at the time. We will only use your Personal Data for a purpose it was collected for or a reasonably compatible purpose if necessary. For more information on this please email us at contact@tamaranga.com.

1.13.3. In case we need to use your details for an unrelated new purpose we will let you know and explain the legal grounds for processing. We may process your Personal Data without your knowledge or consent where this is required or permitted by law.

1.13.4. We do not carry out automated decision-making or any type of automated profiling.

2. СOMPLIANCE WITH THE LAWS

2.1. Our Privacy Policy is in accordance with the laws of each country or legal jurisdiction in which we seek to operate. If you believe that this Policy does not comply with the law of your jurisdiction, we would like to receive feedback from you. However, ultimately, it is your choice as to whether you want to use our Website.

2.2. For Users located in the European Economic Area (EEA) privacy rights are granted and all processing of Personal Data is performed in accordance with regulations and rules following the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, known as the General Data Protection Regulation (GDPR).

2.3. For Users located in California all processing of Personal Data is performed in accordance with regulations and rules following the California Consumer Privacy Act, Cal. Civ. Code § 1798.100 et seq. (“CCPA”)

2.4. For Users located in Brazilia, all processing of Personal Data is performed in accordance with regulations and rules following the Lei Geral de Proteção de Dados (“LGPD”).

3. DATA ACCESS, DATA CORRECTION, DATA DELETION, DATA PORTABILITY AND WITHDRAWAL OF THE CONSENT

3.1. Users can review, correct, update, delete or transfer their personally identifiable information. For that, contact us directly at contact@tamaranga.com. We will acknowledge your request within seventy-two (72) hours and handle it promptly and as required by law.

3.1.1. Right to access. Users may contact us to get confirmation as to whether or not we are processing the User’s personal data. When we process User’s personal data, we will inform Users of what categories of personal data we process regarding them, the processing purposes, the categories of recipients to whom personal data have been or will be disclosed, and the envisaged storage period or criteria to determine that period.

3.1.2. Right to withdraw consent. In case our processing is based on a consent granted by the User, the User may withdraw the consent at any time by contacting us or by using the functionalities of our Services. You can withdraw your consent at any time by replying to the email with your withdrawal and your Personal Data will be deleted in 48 hours. Withdrawing consent may lead to fewer possibilities to use our Services.

3.1.3. Right to object. In case our processing is based on our legitimate interest to run, maintain and develop our business, any User has the right to object at any time to our processing. We shall then no longer process User’s personal data unless for the provision of our Services or if we demonstrate other compelling legitimate grounds for our processing that override User’s interests, rights, and freedoms or for legal claims. Notwithstanding any consent granted beforehand for direct marketing purposes, any User has the right to prohibit us from using their personal data for direct marketing purposes, by contacting us or by using the functionalities of the Services or unsubscribe possibilities in connection with our direct marketing messages.

3.1.4. Right to restriction of the processing. Any User has the right to obtain from us restriction of processing of User’s personal data, as foreseen by applicable data protection law, e.g. to allow our verification of the accuracy of personal data after User’s contesting of accuracy or to prevent us from erasing personal data when personal data are no longer necessary for the purposes but still required for User’s legal claims or when our processing is unlawful. Restriction of processing may lead to fewer possibilities to use our Services.

3.1.5. Right to data portability. Any User has the right to receive User’s personal data from us in a structured, commonly used and machine-readable format and to independently transmit those data to a third party, in case our processing is based on User’s consent and carried out by automated means.

3.1.6. How to use these rights. To exercise any of the above-mentioned rights, Users should primarily use the functions offered by our Services. If such functions are not sufficient for exercising such rights, the User shall send us a letter or email to the address set out below under the Agreement, including the following information: name, address, phone number, email address, and a copy of a valid proof of identity. We may request additional information necessary to confirm the User’s identity. We may reject requests that are unreasonably repetitive, excessive, or manifestly unfounded.

3.2. If you are from California and dissatisfied with how we have used your personal information, you have the right to lodge a complaint with a supervisory authority if you think that we violate your rights. You could contact The California Department of Justice (Department) via their Website (https://www.oag.ca.gov/privacy/caloppa/complaint-form/privacy-notice).

3.3. If you are from Brazil, you can also file a complaint with Brazil’s National Data Protection Authority (ANPD) through its official channels.

3.4. Data Retention

3.4.1. We will retain Personal Data for as long as you use our Website or continue to communicate with our service team. Your information will be deleted if you did not communicate with the support team for more than 12 months.

3.4.2. When deciding what the correct time is to keep the data we look at its amount, nature and sensitivity, potential risk of harm from unauthorized use or disclosure, the processing purposes if these can be achieved by other means, and legal requirements.

3.4.3. For tax purposes, the law requires us to keep basic information about our Users (including contact, identity, financial, and transaction data) for 12 months after they stop being our Customers.

3.4.4. In some circumstances, we may anonymize Personal Data for research or statistical purposes in which case we may use this information indefinitely without further notice to our Users.

3.4.5. Any data collected for the purpose of analytics will be deleted in 12 months after being collected.

3.4.6. If you delete your personal data, then we will not be able to provide you with services.

4. INFORMATION SECURITY

4.1. We care to ensure the security of personal data. We follow generally accepted industry standards to protect the information submitted to us, both during transmission and once we receive it. We maintain technical, physical, and administrative security measures to provide reasonable protection for your Personal Data. When we or our contractors process Your information, we also make sure that your information is protected from unauthorized access, loss, manipulation, falsification, destruction or unauthorized disclosure. This is done through appropriate administrative, technical and physical measures.

4.2. We always use pseudonymisation as a method of securing the Personal Data.

4.3. There is no 100% secure method of transmission over the Internet or method of electronic storage. Therefore, we cannot guarantee its absolute security.

4.4. We never process any kind of sensitive data and criminal offense data as a Controller. Also, we never undertake to profile personal data.

5. SERVICE PROVIDERS

5.1. We may employ third-party companies and individuals to facilitate our Service (‘Service Providers’), to provide the Service on our behalf, to perform Service-related services or assist us in analyzing how our Website is used.

5.2. These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

5.3. All data transfers are performed in accordance with the highest security regulations.

Hosting

5.4. All data processed by us is stored exclusively in secure hosting facilities provided by Digital ocean (https://www.digitalocean.com) and located in the Netherlands and Germany. DigitalOcean’s infrastructure is secured through a defense-in-depth layered approach.

Analytics

5.5. We use Google Analytics for tracking and reporting web traffic. Google uses the data collected to track and monitor the use of our Website. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network. You can opt out of having made your activity on the Website available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics about visits activity. For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en. Your data will be stored in Google’s network of data centers. Google maintains a number of geographically distributed data centers.

5.6. We use Facebook pixel to monitor and analyze web traffic. Facebook pixel is a web analysis service provided by Facebook Ireland Ltd (“Facebook”). Facebook utilizes the Data collected to track and examine the use of our Website, prepare reports on its activities and share them with other Facebook services. Facebook may use the Personal Data collected to contextualize and personalize the ads of its own advertising network. Personal Data collected: Cookies and Usage Data. Place of processing: the Republic of Ireland — Privacy PolicyOpt Out.

Additional providers

5.7. We use Dashly (https://dashly.io) for prompt and efficient communication with our Users.
5.8. We use Tilda (https://tilda.cc) for prompt and efficient communication with our Users.

5.9. For a complete list of contractors — contact us.

6. PERMITTED DISCLOSURE

6.1. We may have to share your Personal Data with the parties set out below:

6.1.1. Service Providers who provide IT and system administration services.

6.1.2. Professional advisers including lawyers, bankers, auditors and insurers.

6.1.3. Government bodies that require us to report processing activities.

6.1.4. Third parties to whom we transfer or merge parts of our business or our assets.

6.2. We require all third parties to whom we transfer your data to respect the security of your personal data and to treat it in accordance with the law. We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions.

7. COOKIES

7.1. We use a browser feature known as a “cookie”, which assigns a unique identification to your computer. Cookies are data files that can hold small amounts of information and are stored on your device (computer, smartphone etc) when you first visit a Website. Information collected from cookies is used by us to evaluate the effectiveness of our Website, analyse trends, and administer the Website.

7.2. The information collected from cookies allows us to determine such things as which parts of our Website are most visited and difficulties our users may experience in accessing our Website. With this knowledge, we can improve the quality of your experience on the Website by recognising and delivering more of the most desired features and information, as well as by resolving access difficulties.

7.3. We also use cookies and/or a technology known as web bugs or clear gifs, which are typically stored in emails to help us confirm your receipt of, and response to, our emails and to provide you with a more personalised experience when using our Website.

7.4. We use a third-party service provider(s), to assist us in better understanding the use of our Website. Our service provider(s) will place cookies on the hard drive of your computer and will receive information that we select that will educate us on such things as how users navigate around our Website, what products are browsed, and general Transaction information. Our service provider(s) analyses this information and provides us with aggregate reports.

7.5. The information and analysis provided by our service provider(s) will be used to assist us in better understanding our users’ interests in our Website and how to better serve those interests. The information collected by our service provider(s) may be linked to and combined with information that we collect about you while you are using the Website. Our service provider(s) is/are contractually restricted from using information they receive from our Website other than to assist us.

7.6. We use cookies when you visit our Website, but you can control these through your browser settings. You may control the cookies through the browser settings. Find out how to manage cookies on browsers:

7.6.1. Google Chrome

7.6.2. Mozilla Firefox

7.6.3. Microsoft Internet Explorer

7.6.4. Opera

7.6.5 Apple Safari

8. APPLICATION OF THIS PRIVACY POLICY

8.1. This Privacy Policy is applicable to our Website. Our Website contains links to other Websites. Once redirected to another Website, this Policy is no longer applicable.

9. CHANGES AND UPDATES TO OUR PRIVACY POLICY

9.1. From time to time, we may update this Privacy Policy. We will notify you about material changes by either sending an email message to the email address you most recently provided to us or by prominently posting a notice on our Service. We encourage you to periodically check back and review this Policy so that you always will know what information we collect, how we use it, and with whom we share it.

10. CONTACT US!

10.1. If you have any questions, the practices of this Website, or your dealings with this Website, please contact us at contact@tamaranga.com.