Unsure of how to get started on your organisation's cyber resilient program? Contact us now

Privacy Policy

Last Updated: May 18, 2022

Cybercraft website privacy policy. We collect your personal information through this website, social media, email, and apps.

  • We use your personal information for legitimate business interests;
  • We only disclose it when necessary;
  • We only collect what we need, we delete it when we no longer need it, and we use reasonable measures to keep it secure;
  • For contact, access or to remove consent please contact us at privacy@cybercraft.net.
  • Through websites operated by us from which you are accessing this Privacy Policy
  • Through our social media pages and
  • Through HTML-formatted email messages that we send to you that link to this Privacy Policy.
  • Personal and Other Information We May Collect
  • Contact Information.
  • Candidate Applicant Information.
  • Background Information.
  • Credit or Debit Card Number.
  • Other Human Resources Information.
  • Through the Sites: We collect Personal Information through the Sites, for example, when you sign up for a newsletter, download a publication, register for an event, or request information.
  • Offline: We collect Personal Information from you offline, e.g., when you attend an event.
  • From Other Sources: We receive your Personal Information from other sources, for example:
    • publicly available databases
  • joint marketing partners when they share the information with us
  • sales channel partners
  • demand generation companies.
  • Browser and device information.
  • Application usage data.
  • Information collected through cookies, pixel tags, and other technologies.
  • Demographic information and other information provided by you.
  • Aggregated information.
  • Through your browser or device: Certain information is collected by most browsers or automatically through your device, such as your Media Access Control address, computer type, screen resolution, operating system name and version, device manufacturer and model, language, Internet browser type and version, referring URL, and the name and version of the Sites (such as the mobile application) you are using. We use this information to ensure that the Sites function properly.
  • IP Address: Your IP address is a number that is automatically assigned to the computer that you are using by your Internet Service Provider. An IP address may be identified and logged automatically in our server log files whenever a user accesses the Sites, along with the time of the visit and the pages visited. We use IP addresses for purposes such as calculating usage levels, diagnosing server problems, and administering the Sites. We may also derive your approximate location from your IP address.
  • From you: Information such as your preferred means of communication is collected when you voluntarily provide it.
  • To provide the Sites’ functionality to you, such as providing you with relevant customer service.
  • To respond to your inquiries and fulfil your requests, when you contact us via one of our online contact forms or otherwise, for example, when you send us questions, suggestions, compliments, or complaints.
  • To complete your transactions and provide you with related customer service.
  • To send administrative information to you, such as changes to our terms, conditions, and policies.
  • To send you marketing related emails, with information about our Sites, new products, and other news about our company.
  • To analyse or predict our users’ preferences in order to prepare aggregated trend reports on how our digital content is used, so we can improve our Sites.
  • To better understand you, so that we can personalise our interactions with you and provide you with information and/or offers tailored to your interests.
  • To better understand your preferences so that we can deliver content via our Sites that we believe will be relevant and interesting to you.
  • ​For data analysis, for example, to improve the efficiency of our Sites.
  • For audits, to verify that our internal processes function as intended and are compliant with legal, regulatory or contractual requirements.
  • For fraud and security monitoring purposes, for example, to detect and prevent cyberattacks or attempts to commit identity theft.
  • For developing new products and services.
  • For enhancing, improving, or modifying our current products and services.
  • For identifying usage trends, for example, understanding which parts of our Sites are of most interest to users.
  • For determining the effectiveness of our promotional campaigns, so that we can adapt our campaigns to the needs and interests of our users; and
  • For operating and expanding our business activities, for example, understanding which parts of our Sites are of most interest to our users so we can focus our energies on meeting our users’ interests.
  • To our third-party service providers, to facilitate services they provide to us, including website hosting, data analysis, information technology, payment processing, order fulfilment, customer service, email delivery, auditing, and other services.
  • To identify you to anyone to whom you send messages through the Sites.
  • To comply with applicable law, which may include laws outside your country of residence.
  • To respond to requests from public and government authorities, which may include such authorities outside your country of residence.
  • To cooperate with law enforcement to enforce our terms and conditions; and to protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or others.
  • In connection with a sale or business transaction. We have a legitimate business interest in disclosing or transferring your Personal Information to a third party in the event of any reorganisation, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business assets or stock (including in connection with any bankruptcy or similar proceedings.)
  • The length of time we have an ongoing relationship with you and provide the Sites to you (for example, for as long as you have an account with us or keep using the Sites).
  • Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); or
  • Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation, or regulatory investigations).

For more detailed information please see below.

Cybercraft values your privacy and complies with the Privacy Act 1993. This Privacy Policy describes our practices in connection with information that we collect:

Collectively, we refer to these, as the “Services”.

"Personal Information" is information that can be used to distinguish or trace an individual's identity, either alone or when combined with other information that is linked or linkable to a specific individual for example:

If you submit any Personal Information relating to other people to us or to our service providers in connection with the Sites, you represent that you have the authority to do so and to permit us to use the information in accordance with this Privacy Policy.

Collection of Personal Information

We and our service providers collect Personal Information in a variety of ways, including:

We need to collect Personal Information in order to provide the requested services to you. If you do not provide the information requested, we may not be able to provide the services. If you disclose any Personal Information relating to other people to us or to our service providers in connection with the Sites, you represent that you have the authority to do so and to permit us to use the information in accordance with this Privacy Policy.

“Other Information” is any information that does not reveal your specific identity or does not directly relate to an identifiable individual, such as:

If we are required to treat Other Information as Personal Information under applicable law, then we may use it for the purposes for which we use and disclose Personal Information as detailed in this Privacy Policy.

How We May Collect Other Information

We and our third-party service providers may collect Other Information in a variety of ways, including:

2. How We May Use Personal and Other Information

We may use Personal Information for legitimate business purposes including:

Providing the functionality of the Sites and fulfilling your requests.

We will engage in these activities to manage our contractual relationship with you and/or to comply with a legal obligation.

Providing you with our newsletter and/or other marketing materials and facilitating social sharing.

We will engage in this activity because we have a legitimate interest or with your consent (where required).

Analysis of Personal Information for business reporting and providing personalised services.

We will provide personalised services either with your consent or because we have a legitimate interest.

Aggregating and/or anonymising Personal Information.

We may aggregate and/or anonymize Personal Information so that it will no longer be considered Personal Information. We do so to generate other data for our use, which we may use and disclose for any business purpose.

Accomplishing our business purposes.

3. How Personal Information May Be Disclosed

Your Personal Information may be disclosed:

Other Uses and Disclosures

We also use and disclose your Personal Information as we believe to be necessary or appropriate, especially when we have a legal obligation or legitimate interest to do so:

How We May Use and Disclose Other Information

We may use and disclose Other Information for any business purpose, except where we are required to do otherwise under applicable law. If we combine Other Information with Personal Information, we will treat the combined information as Personal Information as long as it is combined.

4. Third-Party Sites

This Privacy Policy does not address, and we are not responsible for, the privacy or other practices of any third parties, including any third party operating any site or service to which the Sites link. The inclusion of a link on the Sites does not imply endorsement of the linked site or service by us or by our affiliates. In addition, we are not responsible for the information practices of other organizations, social media sites, web browsers or software.

5. Security

We seek to use reasonable organizational, technical, and administrative measures to protect Personal Information within our organization. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the “Contacting Us” section below.

6. Choices and Access

Your choices regarding our use of your Personal Information

If you no longer want to receive marketing-related emails from us on a going-forward basis, you may opt out by following the instructions contained in each email. We will try to comply with your request as soon as reasonably practicable. Please note that, if you opt out, we may still send you important administrative messages, from which you cannot opt out.

How you can access, change, or suppress your Personal Information

If you would like to review, correct, update, suppress, restrict or delete Personal Information that you have previously provided to us, or if you would like to request to receive an electronic copy of your Personal Information for purposes of transmitting it to another company (to the extent this right to data portability is provided to you by applicable law), you may contact us at privacy@cybercraft.net. We will respond to your request consistent with applicable law.

In your request, please make clear what Personal Information you would like to have changed, whether you would like to have your Personal Information suppressed from our database or otherwise let us know what limitations you would like to put on our use of your Personal Information. For your protection, we may only implement requests with respect to the Personal Information associated with the email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable.

Please note that we may need to retain certain information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting a change or deletion. There may also be residual information that will remain within our databases and other records, which will not be removed.

7. Retention Period

We will retain your Personal Information for the period necessary to fulfil the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law.

The criteria used to determine our retention periods include:

8. Use of the Site by Minors

The Sites are not directed to individuals under the age of eighteen (18), and we do not knowingly collect Personal Information from such children.

9. Sensitive Information

We ask that you not send us, and you not disclose, any sensitive Personal Information (e.g., IRD numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, trade union membership or criminal background) on or through the Sites or otherwise to us.

10. Jurisdiction and Cross-Border Transfer

The Sites are controlled and operated by us from New Zealand and are not intended to subject us to the laws or jurisdiction of any state, country, or territory other than that of New Zealand. Your Personal Information may be stored and processed in any country where we have facilities or in which we engage service providers, and by using the Sites you understand that your information will be transferred to countries outside of your country of residence, which may have data protection rules that are different from those of your country. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your Personal Information.

11. Updates to this Privacy Policy

We may change this Privacy Policy. The “Last Updated” legend at the top of this page indicates when this Privacy Policy was last revised. Any changes will become effective when we post the revised Privacy Policy on the Sites. Your use of the Sites following these changes means that you accept the revised Privacy Policy.

12. Contacting Us

Cybercraft is located at AIG Building, Plaza Level, 41 Shortland Street, Auckland, New Zealand, is the company responsible for the collection, use and disclosure of your Personal Information under this Privacy Policy.

If you have any questions about this Privacy Policy, please contact us at privacy@cybercraft.net. Because email communications are not always secure, please do not include sensitive information in your emails to us.

Copyright 2020 Cybercraft All Rights Reserved.