Privacy Policy

Last updated:

1. Introduction

Gluzarinchonthit ("we", "us", or "our") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our website at https://gluzarinchonthit.world (the "Website") or interact with our services.

This policy is designed to comply with the General Data Protection Regulation (EU) 2016/679 ("GDPR"), the New Zealand Privacy Act 2020, and other applicable data protection legislation.

2. Data Controller

The data controller responsible for your personal data is:

  • Company Name: Gluzarinchonthit
  • Address: 100 Lambton Quay, Wellington 6011, New Zealand
  • Email: online@gluzarinchonthit.world
  • Website: https://gluzarinchonthit.world

3. Personal Data We Collect

We may collect and process the following categories of personal data:

3.1 Data You Provide Directly

  • Contact and order information: Full name, email address, phone number (if provided), and message content submitted through our order form.
  • Consent records: Records of any consents you have given, including the date, time, and method of consent.

3.2 Data Collected Automatically

  • Technical data: IP address, browser type and version, operating system, device type, screen resolution, and language preferences.
  • Usage data: Pages visited, time spent on pages, referral source, click patterns, and navigation paths.
  • Cookie data: Information collected through cookies and similar technologies as described in our Cookie Policy.

4. Legal Basis for Processing

We process your personal data based on the following legal grounds under the GDPR:

Purpose Legal Basis
Processing your order and responding to enquiries Performance of a contract (Article 6(1)(b) GDPR)
Sending order confirmations and service updates Performance of a contract (Article 6(1)(b) GDPR)
Ensuring website security and preventing fraud Legitimate interests (Article 6(1)(f) GDPR)
Website analytics and improvement Consent (Article 6(1)(a) GDPR)
Marketing communications Consent (Article 6(1)(a) GDPR)
Compliance with legal obligations Legal obligation (Article 6(1)(c) GDPR)

5. How We Use Your Data

We use your personal data for the following purposes:

  • To process and fulfil your orders for CoreComfort Flow.
  • To communicate with you regarding your order, including confirmations, updates, and support.
  • To respond to your enquiries and provide customer service.
  • To improve our Website, products, and services through aggregate analytics.
  • To comply with applicable laws and regulations.
  • To protect our Website against fraud, abuse, and unauthorised access.

6. Data Sharing and Third Parties

We do not sell, trade, or rent your personal data to third parties. We may share your data with:

  • Service providers: Trusted third parties who assist us in operating our Website, processing orders, and delivering services (e.g., hosting providers, payment processors, delivery services). These providers are contractually bound to process your data only on our behalf and in accordance with our instructions.
  • Legal authorities: Where required by law, court order, or regulation, or to protect our rights, property, or safety.
  • Professional advisors: Including lawyers, accountants, and auditors where necessary.

7. International Data Transfers

Your data may be transferred to and processed in countries outside of your jurisdiction, including countries outside the European Economic Area (EEA) and New Zealand. Where such transfers occur, we ensure that appropriate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission.
  • Adequacy decisions by the European Commission or the New Zealand Privacy Commissioner.
  • Other legally recognised transfer mechanisms.

8. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, unless a longer retention period is required by law. Specifically:

  • Order data: Retained for up to 7 years from the date of the transaction for tax and accounting purposes.
  • Enquiry data: Retained for up to 2 years from the date of your last communication.
  • Cookie consent records: Retained for up to 12 months from the date consent was given.
  • Website analytics data: Retained in aggregate form for up to 26 months.

After the applicable retention period, your personal data will be securely deleted or anonymised.

9. Your Rights

Under the GDPR and the New Zealand Privacy Act 2020, you have the following rights regarding your personal data:

  • Right of Access: You have the right to request a copy of the personal data we hold about you.
  • Right to Rectification: You have the right to request correction of inaccurate or incomplete personal data.
  • Right to Erasure: You have the right to request deletion of your personal data, subject to certain legal exceptions.
  • Right to Restriction: You have the right to request that we restrict the processing of your personal data in certain circumstances.
  • Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format.
  • Right to Object: You have the right to object to the processing of your personal data based on legitimate interests or for direct marketing purposes.
  • Right to Withdraw Consent: Where processing is based on consent, you may withdraw your consent at any time without affecting the lawfulness of processing carried out before withdrawal.
  • Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority, including the Office of the Privacy Commissioner of New Zealand or a relevant EU/EEA data protection authority.

To exercise any of these rights, please contact us at online@gluzarinchonthit.world. We will respond to your request within 30 days.

10. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit using TLS/SSL protocols (HTTPS).
  • Secure storage of personal data with access controls and authentication.
  • Regular review and update of security practices.
  • Staff training on data protection and security awareness.
  • Use of firewalls, intrusion detection, and monitoring systems.

While we take all reasonable steps to protect your data, no method of transmission over the Internet or electronic storage is completely secure, and we cannot guarantee absolute security.

11. Children's Privacy

Our Website and products are not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without verification of parental consent, we will take steps to delete that information promptly.

12. Links to Third-Party Websites

Our Website may contain links to third-party websites. We are not responsible for the privacy practices or content of those websites. We encourage you to read the privacy policies of any third-party websites you visit.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or other factors. Any changes will be posted on this page with an updated "Last updated" date. We encourage you to review this policy periodically.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us:

  • Company: Gluzarinchonthit
  • Address: 100 Lambton Quay, Wellington 6011, New Zealand
  • Email: online@gluzarinchonthit.world

You may also contact the Office of the Privacy Commissioner of New Zealand at www.privacy.org.nz if you wish to raise a concern about how we handle your personal data.