The policy sets out the different areas where user privacy is concerned and outlines the obligations & requirements of the users, the website and website owners. Furthermore, the way this website processes, stores and protects user data and information will also be detailed within this policy.
- The Website
- What information do we collect?
- What do we use this information for?
- How long will we keep your data?
- How can I control the use of my data?
- How do we protect your data?
- Hosted Services
- Organisational Measures
- Technical Measures
- Website Development and Design Services
- Technical IT Services
- 3rd Party Hosted Services
- Skies Internal Systems
- Data Collection Policy Statement
- Contact & Communication
- Email Newsletter
- External Links
- Adverts and Sponsored Links
- Social Media Platforms
- Shortened Links in Social Media
- Cookies Policy
- What Are Cookies
- Disabling Cookies
- The Cookies We Set
- Third Party Cookies
- More Information
This website and its owners take a proactive approach to user privacy and ensure the necessary steps are taken to protect the privacy of its users throughout their visiting experience. This website complies with all New Zealand national laws and requirements for user privacy.
What information do we collect?
We may collect the following personal information:
- Your IP address (in server logs)
- Your name (where it is provided to us in the contact forms on this website)
- Your email address (where it is provided to us in the contact forms on this website)
- Your phone number (where it is provided to us in the contact forms on this website)
What do we use this information for?
Your IP address may be used for diagnostic and forensic reasons on our server or for the purposes of identifying your business name when browsing the site from a corporate network location.
We will use your name and other contact details for the purposes of answering enquiries.
How long will we keep your data?
Your IP address information will be retained in server logs for 30 days and then deleted.
Email address and contact information will be retained for 7 years following completion of any contractual engagement.
Contact information collected for newsletter purposes will be retained until removal is requested by the data subject.
How can I control the use of my data?
You have a wide range of rights as regards your personal data. Under current data protection laws, you have the right to request the following:
- The right to erasure of your data (the right to be forgotten).
- The right to object (the right to have us stop using your data for a specified purpose)
- The right to amendment (the right to have incorrect data amended)
- The right to access (to be given a copy of all the data we hold on you in a portable format)
- The right to the restriction of processing (to restrict the use of your data)
- Rights related to automated processing (we do not conduct any automated processing)
If you have any questions at all about your data or Skies’s data protection, please use the following contact information:
Email: [email protected]
Post: 600 Bush Road, Wallingford, RD4, New Zealand 4284
How do we protect your data?
All our staff receive training on information security and data protection, and we take this responsibility very seriously as an organisation.
GDPR Compliance Overview
The purpose of ISO IEC 27001 is to help organisations to establish and maintain an information security management system (ISMS). An ISMS is a set of interrelated elements that organisations use to manage and control information security risks and to protect and preserve the confidentiality, integrity, and availability of information. These elements include all of the policies, procedures, processes, plans, practices, roles, responsibilities, resources, and structures that are used to manage security risks and to protect information. The scope for this accreditation covers both our hosted and on-premise data systems.
In line with the regulation, we are required to inform you of any other processors involved in the processing of your data. We have sought and have recorded assurances from other processors, where they are used; and they are as follows:
We use Google Drive for some project related information. ( https://cloud.google.com/security/gdpr)
For our hosted services we use the following processors:
- Siteground ( https://www.siteground.com/viewtos/data_processing_agreement )
- BitBucket ( https://www.atlassian.com/trust/privacy/gdpr )
Clients may choose their own hosting provider, in which case, we shall act within our power to confirm data security through this third-party.
Where we provide hosting services to our clients we act as data processors of data stored at Siteground on the behalf of our client who are data controllers under the terms of the regulation.
Data Controllers are required to seek assurances from data processors that data processing is being carried out in a manner where “reasonable technical and organisational measures” are being taken to secure the data being processed. Data Processors are required to provide this information on request. To this end, please see below the following series of statements to satisfy this requirement.
Access to the administrative portions of the hosting infrastructure are highly restricted, limited to a few people within the business.
All hosted services are protected by multiple layers of protection. Every server is protected by a hardware firewall that only passes genuine traffic destined for specific services. Access to critical services are disabled and restricted, as necessary.
Further to this, each CMS website is protected by a software-based Web Application Firewall to provide protection against common vulnerabilities etc. We also employ intrusion detection systems on the servers that are monitored for unusual behaviour.
Website files, databases and other data relating to the website, underlying content management system files, version and so on are the sole responsibility of the customer.
Skies is responsible for the security of the Operating System and firewall configurations alongside updating the WHM/CPanel software on the servers only.
Website Development and Design Services
Where you have contracted Skies to design or build a website or web application for you, we are neither data controllers nor data processors with respect to the function and data collection that you provide for on your site / application.
In these circumstances the client is acting as a Data Controller and the company hosting the site is acting as a processor and the Controller should seek written assurances from the processor around the measures being taken to secure the data.
Technical IT Services
Where you have contracted Skies to consult upon, build, and deploy internal IT systems, Skies is not responsible for the way in which these systems are used and, as Data Controllers it is your responsibility to ensure that your IT systems and the organisational policies and procedures are compliant with the regulation. Skies is willing to assist with this in whatever way possible.
3rd Party Hosted Services
Where you have taken advice from Skies who have recommended and / or referred you to a 3rd party processing service, Skies act as neither processors nor controllers with respect to these data processing systems. The Data Controller should seek written assurances from the processor around the measures being taken to secure the data.
Skies Internal Systems
Access to data on our internal systems is restricted according to business need and each user has a unique password and username and all systems are logged and monitored for unusual behaviour 24×7. We employ a full suite of anti-malware systems and all updates and patches are applied and checked regularly by our internal team. Our network is protected by a controlled and monitored hardware firewall. Each computer has software firewalling enabled and controlled.
We have multiple logging and monitoring systems internally that continually monitor and record successful and unsuccessful access to data stored on our systems.
Data Collection Policy Statement
We collect data in order to provide quotes to prospective clients and to fulfil contractual requirements. This information may be retained for up to 7 years for financial recording reasons as required by regulators. Further, data may be retained for the purposes of client communication, the marketing of similar services and for regulatory or legal defence reasons until such time as these details would no longer be relevant or required. If this contractually necessary information is not provided, we will be unable to satisfactorily communicate with clients and so be unable to act effectively on any requests from such clients.
This data will be in the form of names, email addresses, telephone numbers and other contact details such as Instant Messaging account names, IP addresses and possibly other online identifiers.
We do not sell or transfer data onwards to other recipients, nor do we transfer data to third countries or international organisations that do not have an adequacy agreement.
Data subjects have the right to request objection, access, deletion, alteration, restriction of processing, withdrawal of consent, and data portability. We do not engage in profiling or automated decision making. To exercise these rights please contact us using the details provided above.
Data subjects also have a right to raise a complaint with the New Zealand supervisory.
Nothing on this statement constitutes legal advice. Specialist legal advice should be taken in relation to specific circumstances.
The contents of this site are for general information purposes only. Whilst we endeavour to ensure that the information in this statement is correct, no warranty, express or implied, is given as to its accuracy and we do not accept any liability for error or omission.
We shall not be liable for any damage (including, without limitation, damage for loss of business or loss of profits) arising in contract, tort or otherwise from the use of, or inability to use, this site or any material contained in it, or from any action or decision taken as a result of using this site or any such material.
Cookies are small files saved to the user’s computer’s hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website.
Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors.
Other cookies may be stored to your computer’s hard drive by external vendors when this website uses referral programs, sponsored links or adverts. Such cookies are used for conversion and referral tracking and typically expire after 30 days, though some may take longer. No personal information is stored, saved or collected.
Contact & Communication
Users contacting this website and/or its owners do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use, as detailed in the Data Protection Act 1998. Every effort has been made to ensure a safe and secure form to email submission process but advise users using such form to email processes that they do so at their own risk.
This website and its owners use any information submitted to provide you with further information about the products / services they offer or to assist you in answering any questions or queries you may have submitted. This includes using your details to subscribe you to any email newsletter program the website operates but only if this was made clear to you and your express permission was granted when submitting any form to email process. Or whereby you the consumer have previously purchased from or enquired about purchasing from the company a product or service that the email newsletter relates to. This is by no means an entire list of your user rights in regard to receiving email marketing material. Your details are not passed on to any third parties.
This website operates an email newsletter program, used to inform subscribers about products and services supplied by this website. Users can subscribe through an online automated process should they wish to do so but do so at their own discretion. Some subscriptions may be manually processed through prior written agreement with the user.
Subscriptions are taken in compliance with New Zealand Spam Laws detailed in the Unsolicited Electronic Messages Act 2007. All personal details relating to subscriptions are held securely and in accordance with all New Zealand legislation. No personal details are passed on to third parties nor shared with companies / people outside of the company that operates this website. Under The Privacy Act 1993 you may request a copy of personal information held about you by this website’s email newsletter program. A small fee may be payable. If you would like a copy of the information held on you, please write to the business address at the bottom of this policy.
Email marketing campaigns published by this website or its owners may contain tracking facilities within the actual email. Subscriber activity is tracked and stored in a database for future analysis and evaluation. Such tracked activity may include; the opening of emails, forwarding of emails, the clicking of links within the email content, times, dates and frequency of activity [this is by no far a comprehensive list].
This information is used to refine future email campaigns and supply the user with more relevant content based around their activity.
In compliance with New Zealand Spam Laws and Unsolicited Electronic Messages Act 2007, subscribers are given the opportunity to un-subscribe at any time through an automated system. This process is detailed at the footer of each email campaign. If an automated un-subscription system is unavailable clear instructions on how to un-subscribe will by detailed instead.
Although this website only looks to include quality, safe and relevant external links, users are advised adopt a policy of caution before clicking any external web links mentioned throughout this website.
The owners of this website cannot guarantee or verify the contents of any externally linked website despite their best efforts. Users should therefore note they click on external links at their own risk and this website and its owners cannot be held liable for any damages or implications caused by visiting any external links mentioned.
Adverts and Sponsored Links
This website may contain sponsored links and adverts. These will typically be served through our advertising partners, to whom may have detailed privacy policies relating directly to the adverts they serve.
Social Media Platforms
Communication, engagement and actions taken through external social media platforms that this website and its owners participate on are custom to the terms and conditions as well as the privacy policies held with each social media platform respectively.
Users are advised to use social media platforms wisely and communicate / engage upon them with due care and caution in regard to their own privacy and personal details. This website nor its owners will ever ask for personal or sensitive information through social media platforms and encourage users wishing to discuss sensitive details to contact them through primary communication channels such as by telephone or email.
This website may use social sharing buttons which help share web content directly from web pages to the social media platform in question. Users are advised before using such social sharing buttons that they do so at their own discretion and note that the social media platform may track and save your request to share a web page respectively through your social media platform account.
Shortened Links in Social Media
This website and its owners through their social media platform accounts may share web links to relevant web pages. By default some social media platforms shorten lengthy urls [web addresses] (this is an example: http://bit.ly/zyVUBo).
Users are advised to take caution and good judgement before clicking any shortened urls published on social media platforms by this website and its owners. Despite the best efforts to ensure only genuine urls are published many social media platforms are prone to spam and hacking and therefore this website and its owners cannot be held liable for any damages or implications caused by visiting any shortened links.
What Are Cookies
You can prevent the setting of cookies by adjusting the settings on your browser (see your browser Help for how to do this). Be aware that disabling cookies will affect the functionality of this and many other websites that you visit. Disabling cookies will usually result in also disabling certain functionality and features of the site. Therefore it is recommended that you do not disable cookies.
The Cookies We Set
This site offers newsletter or email subscription services and cookies may be used to remember if you are already registered and whether to show certain notifications which might only be valid to subscribed/unsubscribed users.
When you submit data to through a form such as those found on contact pages or comment forms cookies may be set to remember your user details for future correspondence.
Third Party Cookies
This site uses Google Analytics which is one of the most widespread and trusted analytics solution on the web for helping us to understand how you use the site and ways that we can improve your experience. These cookies may track things such as how long you spend on the site and the pages that you visit so we can continue to produce engaging content.
For more information on Google Analytics cookies, see the official Google Analytics page.
Third party analytics are used to track and measure usage of this site so that we can continue to produce engaging content. These cookies may track things such as how long you spend on the site or pages you visit which helps us to understand how we can improve the site for you.
From time to time we test new features and make subtle changes to the way that the site is delivered. When we are still testing new features these cookies may be used to ensure that you receive a consistent experience whilst on the site whilst ensuring we understand which optimisations our users appreciate the most.
In some cases, we may provide you with custom content based on what you tell us about yourself either directly or indirectly by linking a social media account. These types of cookies simply allow us to provide you with content that we feel may be of interest to you.
We also use social media buttons and/or plugins on this site that allow you to connect with your social network in various ways. For these to work the following social media sites including; Facebook, Twitter, LinkedIn, Google Plus, Pinterest, will set cookies through our site which may be used to enhance your profile on their site or contribute to the data they hold for various purposes outlined in their respective privacy policies.
Hopefully that has clarified things for you and as was previously mentioned if there is something that you aren’t sure whether you need or not it’s usually safer to leave cookies enabled in case it does interact with one of the features you use on our site. However, if you are still looking for more information you can contact us through one of our preferred contact methods.
Email: [email protected]