Privacy Policy
Last updated: 19 May 2026
This Privacy Policy explains how Growmmremove.world (“we”, “us”, “our”) collects, uses, holds, and discloses personal information when you visit growmmremove.world or contact us. We are governed by the Privacy Act 2020 (New Zealand). Where the EU General Data Protection Regulation (GDPR) applies to you, we also address those requirements below.
1. Who we are (agency)
Legal / trading name: Growmmremove.world
Physical address: 1301 Ranolf Street, Rotorua 3010, New Zealand
Email: reachus@growmmremove.world
Phone: +64 21 033 1217
For privacy enquiries, access requests, or complaints, contact us using the details above. We will respond within a reasonable period and, for requests under the Privacy Act 2020, generally within 20 working days unless an extension applies under the Act.
2. Scope
This policy applies to personal information collected through this website, email, phone, and related online services. It does not cover third-party websites linked from our pages; those sites have their own policies.
3. What is personal information?
Under the Privacy Act 2020, personal information means information about an identifiable individual. It can include your name, email address, IP address, device identifiers, and messages you send us. Some cookie data may be personal information; see our Cookie Policy.
4. Information we collect
- Contact form: name, email address, message content, and confirmation that you consented to processing (timestamp).
- Communications: information you provide by email or phone when you contact us.
- Technical and usage data: IP address, browser type and version, operating system, device type, pages viewed, time on page, referring URL, and general location derived from IP (e.g. city/region).
- Cookie and similar technologies: as set out in our Cookie Policy, including consent preferences stored in your browser (localStorage).
We do not intentionally collect health records or clinical data. Our site provides general lifestyle information only. Please do not send sensitive health information via the contact form unless you choose to; if you do, you consent to us handling it only to respond to your enquiry.
5. How we collect information
- Directly from you when you submit the contact form, email us, or call.
- Automatically when you use the website (server logs, essential cookies, and optional analytics/marketing technologies if you consent).
Where reasonable, we collect personal information directly from you (Information Privacy Principle 3). If we collect it from another source, we will take reasonable steps to ensure you are aware of the collection as required by the Act.
6. Purposes of collection and use
We collect and use personal information only for lawful purposes connected with our functions. Purposes include:
- responding to enquiries and providing requested information about our content or events;
- operating, maintaining, and securing the website;
- understanding aggregated website use (only where you consent to analytics cookies);
- complying with legal obligations and defending legal claims;
- improving content and user experience in a privacy-respecting way.
GDPR lawful bases (where applicable): consent (contact form, optional cookies); legitimate interests (security, fraud prevention, basic site operation); legal obligation where required.
7. Disclosure to third parties
We do not sell your personal information. We may disclose information to:
- Service providers (processors) such as website hosting, email delivery, and analytics providers (only if you consent to analytics), under contracts requiring them to protect information and use it only for our instructions;
- Professional advisers (e.g. lawyers) when necessary, subject to confidentiality;
- Regulators or law enforcement when required or authorised by New Zealand law.
8. Disclosure outside New Zealand
Some service providers may store or process data in countries other than New Zealand (for example, the United States or European Union). Before disclosing personal information overseas, we comply with Information Privacy Principle 12 by ensuring the recipient is subject to comparable safeguards, binding contractual clauses, or your authorisation, as permitted by the Privacy Act 2020.
9. Retention
- Contact form and email enquiries: up to 24 months after the last correspondence, unless a longer period is required for legal or dispute resolution purposes.
- Server logs: typically up to 12 months.
- Cookie consent records: up to 12 months, or as stored in your browser until cleared.
We delete or anonymise personal information when it is no longer needed for the purpose for which it was collected (IPP 9), subject to legal retention requirements.
10. Security
We take reasonable safeguards under IPP 5 to protect personal information from loss, unauthorised access, use, or disclosure. Measures include HTTPS encryption, access controls, and limiting staff access to personal information on a need-to-know basis. No online transmission is completely secure; you provide information at your own risk to the extent permitted by law.
11. Accuracy
We take reasonable steps to ensure personal information is accurate, up to date, complete, relevant, and not misleading before use (IPP 8). Please notify us if your details change.
12. Your rights (New Zealand)
Under the Privacy Act 2020 you may:
- request access to personal information we hold about you (IPP 6);
- request correction of information (IPP 7);
- complain to us if you believe we have interfered with your privacy.
To make a request, email us with enough detail to identify you and the information concerned. We may need to verify your identity. If we refuse a request, we will explain our reasons where the Act allows.
13. Your rights (GDPR — where applicable)
If GDPR applies, you may have rights to access, rectification, erasure, restriction of processing, data portability, objection, and to withdraw consent. You may lodge a complaint with your EU/EEA supervisory authority. Our lead contact for GDPR enquiries is the email address above.
14. Notifiable privacy breaches
If a privacy breach has caused or is likely to cause serious harm, we will comply with the Privacy Act 2020 notification requirements, including notifying the Office of the Privacy Commissioner and affected individuals where required.
15. Marketing, advertising, and electronic messages
We do not send commercial electronic messages without your consent. If we ever offer a newsletter, you may unsubscribe at any time. Our practices align with the Unsolicited Electronic Messages Act 2007 (New Zealand) where applicable.
Where we use online advertising (including Google Ads), ad partners may process limited technical data as described in our Cookie Policy. We do not use advertising that makes misleading health or guaranteed outcome claims.
16. Children
This website is not directed at children under 16. We do not knowingly collect personal information from children. If you believe a child has provided information to us, contact us and we will take steps to delete it.
17. Complaints
Please contact us first so we can try to resolve your concern. If you are not satisfied, you may complain to:
Office of the Privacy Commissioner (New Zealand)
Website: privacy.org.nz
Phone: 0800 803 909
18. Changes to this policy
We may update this Privacy Policy from time to time. The “Last updated” date will change. Material changes will be indicated on this page. Continued use of the site after changes constitutes acceptance where permitted by law.