INTRODUCTION

 
Sandalwood Design is committed to complying with the New Zealand Privacy Act 1993 and subsequent changes to New Zealand Privacy Laws. 

Sandalwood Design’s Privacy Policy applies to anyone who visits the Sandalwood Design’s Website, Instagram page or Facebook page. 

Definitions: 

Personal Information” means Personal Information collected by Sandalwood Design for the Purposes.  

 

WHAT SANDALWOOD DESIGN COLLECTS 

Sandalwood Design may collect from you, your and other person’s Personal Information. 

The Personal Information may include: 

Name 
Phone number 
Email address 

You must only supply Sandalwood Design third party Personal information if you have that third party’s express permission. 

 

HOW SANDALWOOD DESIGN COLLECTS YOUR PERSONAL INFORMATION 

Sandalwood Design collects your Personal Information only when needed and for lawful purposes connected with Sandalwood Design business. 

You authorise the collection of your Personal Information from Sandalwood Design when you: 

(a) Access the Sandalwood Design Website, Instagram page and Facebook page on your computer, mobile, tablet or any other electronic device; 

b) Create a user account with Sandalwood Design; 

(c) Communicate with Sandalwood Design; 

(d) Supply Personal Information to Sandalwood Design. 

 

HOW LONG SANDALWOOD DESIGN WILL HOLD YOUR PERSONAL INFORMATION 

Sandalwood Design will hold your Personal Information for only as long as you authorise or is required to meet these Purposes. 

 

HOW SANDALWOOD DESIGN WILL USE YOUR PERSONAL INFORMATION 

You authorise Sandalwood Design to use your Personal Information (and where necessary), to disclose your Personal Information to Third Parties for the following Purposes only: 

(a) First Purpose: establishing and administering your account within Sandalwood Design ( if applicable) 

(b) Second Purpose: communicating with you in respect to the First Purpose. 

(c) Third Purpose: Complying with legal obligations. 

(d) Fourth purpose: performing any contract with you. 

 

HOW SANDALWOOD DESIGN KEEPS YOUR PERSONAL INFORMATION SECURE 

Sandalwood Design will follow industry standards on information security management and apply great care to protect Your Personal Information from unauthorised access, use, modification, disclosure, and loss.  

Request access to Your Personal Information: 

You have the right to request access to any Personal Information that Sandalwood Design holds about you. If Sandalwood Design cannot give you access to the Personal Information that you have requested, then Sandalwood Design will let you know the legal reasons for not disclosing Your Personal Information. If you are not happy with the legal reasons provided, then you have the right to complain to the New Zealand Privacy Commissioner: www.privacy.org.nz/your-rights/how-to-complain/. 

Correction of Your Personal Information: 

You may request we correct any Personal Information we hold at any time by emailing the Privacy Officer. 

Deletion of Your Personal Information 

You have the right to request that Sandalwood Design delete Your Personal Information at any time. 

Data portability: 

You have the right to request that Sandalwood Design transfer your Personal Information from one electronic processing system to another electronic processing system. 

MINORS: 

Sandalwood Design does not knowingly collect Personal Information from Minors. If a caregiver is concerned about a Minor in their case supplying Personal information without their consent, they should contact the Sandalwood Design Privacy officer in the first instance. 

 

PRIVACY COMPLAINTS

If You think that Your privacy rights have been breached, You can make a written complaint to our Privacy Officer at Sandalwood sales@sandalwooddesign.co.nz, or otherwise contact the NZ Privacy Commissioner at https://www.privacy.org.nz/your-rights/making-a-complaint/complaintform/. 

 

NOTIFIABLE PRIVACY BREACHES 

When assessing whether a privacy breach is likely to cause serious harm and thus whether we must notify You and the Privacy Commissioner of the breach we will consider the following: 

(a) any action taken by us to reduce the risk of harm following the breach. 

(b) whether the personal information is sensitive in nature’ 

(c) the nature of the harm that may be caused to You. 

(d) the person or body that has obtained or may obtain personal information as a result of the breach (if known). 

(e) whether the personal information is protected by a security measure: 

(f) any other relevant matters. 

If we assess there has been a notifiable privacy breach, we will notify You and the Privacy Commissioner as soon as practicable after becoming aware of the said breach, unless permitted by law not to or permitted by law to delay the notification. If it is not reasonably practicable to notify you in person, and we are not exempt from notifying, we may instead give public notice of the privacy breach. 

If the reasons for not notifying or delaying notification have changed to the extent we are no longer permitted not to notify and there is still a risk the breach will cause You serious harm, then will immediately notify You of the breach, or give public notice if individual notification is not reasonably practicable.