Privacy Policy

Last Updated:

1. Introduction

Welcome to Ligamentseaeco. We are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at ligamentseaeco.ddd.

This policy is designed to meet our obligations under the New Zealand Privacy Act 2020 (including the Information Privacy Principles), and, where applicable, the EU/UK General Data Protection Regulation (GDPR) and other privacy laws.

Under the Privacy Act 2020, we qualify as an agency that holds personal information about individuals. We take reasonable steps to keep that information protected and used only as described here.

2. Data Controller Information

The agency (and, where GDPR applies, the data controller) responsible for your personal data is:

Ligamentseaeco
386 Trafalgar Street South
Nelson 7010, New Zealand
Phone: +64 27 359 8507
Email: reach@ligamentseaeco.world

3. Information We Collect

3.1 Personal Data You Provide

We collect personal data that you voluntarily provide when you:

  • Complete our contact form (name, email address, message content)
  • Subscribe to communications (if applicable)
  • Interact with our website in other ways

3.2 Automatically Collected Information

When you visit our website, we may automatically collect certain information, including:

  • IP address and approximate location
  • Browser type and version
  • Operating system
  • Pages visited and time spent on pages
  • Referring website addresses
  • Device information

4. Legal Basis for Processing

New Zealand (Privacy Act 2020): We collect and use personal information only for lawful purposes connected with our functions or activities, and we believe on reasonable grounds that the information is necessary for those purposes. Where consent is required (for example, when you agree to us processing your contact form details), we rely on your consent. We also comply with the Information Privacy Principles regarding collection limits, use, disclosure, security, and accuracy.

Where GDPR applies: We may rely on the following legal grounds:

  • Consent: When you have given explicit consent for specific purposes (for example, submitting the contact form)
  • Legitimate interests: For operating and securing the website and understanding aggregate use patterns, where we balance our interests against your rights (and where we introduce optional analytics in line with our Cookie Policy, only after your consent)
  • Legal obligation: When necessary to comply with applicable laws

5. Purpose of Data Processing

We use the collected information for the following purposes:

  • To respond to your inquiries and communications
  • To improve and optimize our website and content
  • To analyze website usage and user behavior
  • To ensure website security and prevent fraud
  • To comply with legal obligations

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

  • Contact form submissions: Up to 2 years after last communication, unless a longer period is required for legal or dispute-resolution reasons
  • Optional analytics data: If we use analytics tools that collect personal information, we configure retention in line with our Cookie Policy and provider settings (often up to a maximum of 26 months for certain analytics products)
  • Cookie and preference records stored on your device: As described in our Cookie Policy (for example, consent choices in local storage, typically up to 12 months unless you clear your browser data)

After the retention period expires, we securely delete or anonymize your data.

7. Data Sharing and Third Parties

We do not sell your personal information. We may share it with:

  • Service providers: Hosting, email delivery, security, or other technical partners who help us run the website, and analytics providers if we enable them in line with our Cookie Policy
  • Legal requirements: When required by law, court order, or competent authority

Where we engage processors or sub-processors, we take reasonable steps to ensure they use personal information only for agreed purposes and with appropriate safeguards.

8. International Data Transfers

Your information may be processed in or accessed from countries outside New Zealand (for example, where our hosting, email, or future analytics providers store data overseas). Where we disclose personal information to foreign persons or entities, we comply with the Privacy Act 2020 requirements for cross-border disclosures, including reasonable steps to ensure the recipient is subject to comparable safeguards, or we obtain your authorisation where required. Where GDPR applies, we use appropriate safeguards such as standard contractual clauses where relevant.

9. Your Rights

New Zealand: Under the Privacy Act 2020, you generally have the right to:

  • Access: Ask whether we hold personal information about you and request access to it
  • Correction: Ask us to correct your personal information if you think it is inaccurate
  • Complaints: Complain to us if you think we have breached the Privacy Act. If we do not resolve your complaint, you may complain to the Office of the Privacy Commissioner (see below)

Other rights (such as asking us to delete or restrict use of certain information) may apply in specific circumstances. Contact us and we will respond in line with our legal obligations.

Where GDPR applies, you may also have the following rights:

  • Right to access: Request a copy of your personal data
  • Right to rectification: Request correction of inaccurate data
  • Right to erasure: Request deletion of your personal data
  • Right to restrict processing: Request limitation of processing in certain cases
  • Right to data portability: Receive your data in a structured, commonly used format where applicable
  • Right to object: Object to certain types of processing
  • Right to withdraw consent: Withdraw consent where processing is based on consent

To exercise any of these rights, please contact us using the information in this policy. We may need to verify your identity before responding.

10. Notifiable privacy breaches (New Zealand)

If we become aware of a privacy breach that is likely to cause you serious harm, we will comply with the Privacy Act 2020 requirements for notifiable privacy breaches, which may include notifying the Office of the Privacy Commissioner and affected individuals where required.

11. Security Measures

We implement appropriate technical and organizational security measures to protect your personal data, including:

  • HTTPS encryption for all data transmissions
  • Regular security assessments
  • Access controls and authentication
  • Secure data storage practices

12. Cookies

Our website uses cookies and similar technologies. For detailed information about our cookie practices, please refer to our Cookie Policy.

13. Children's Privacy

Our website is not intended for children under 16 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us immediately.

14. Changes to This Policy

We may update this Privacy Policy periodically. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy regularly.

15. Complaints

If you have concerns about how we handle your personal information, please contact us first so we can try to resolve the matter. You may also make a complaint to the Office of the Privacy Commissioner (New Zealand): privacy.org.nz. If you are in the European Economic Area, you may contact your local data protection authority.

16. Contact Us

For questions about this Privacy Policy or our data practices, please contact us:

Email: reach@ligamentseaeco.world
Phone: +64 27 359 8507
Address: 386 Trafalgar Street South, Nelson 7010, New Zealand