Who we are
What personal data we collect and why we collect it
We may collect the following data, which includes personal data from you:
- Your full name, age/date of birth and gender;
- Your contact details: postal address including billing and delivery addresses, telephone numbers (including mobile numbers) and e-mail address;
- Purchases and orders made by you;
- Your on-line browsing activities on Notes to Self website;
- Your Notes to Self account password(s);
- Your payment details, when you make a purchase or place an order with us;
- Your communication and marketing preferences;
- Your interests, preferences, feedback and survey responses;
- Your location;
- Your correspondence and communication with Notes to Self;
- Other publicly available personal data, including any which you have shared via a public platform (such as a public Facebook page).
This list is not exhaustive and, in specific instances, we may need to collect additional data for the purposes set out in Terms of Service. Some of the above personal data is collected directly, for example when you set up an on-line account on our Website, leave comments on the Website or send an email to our customer support. Other personal data is collected indirectly, for example your browsing or shopping activity. We may also collect personal data from third parties who have your consent to pass your details to us, or from publicly available sources.
How we protect your data
Notes to Self is committed to keeping your personal data safe and secure. and to protect your data we have put in place suitable physical, electronic and managerial procedures to safeguard and secure Data collected via this Website. This website complies to all NZ national laws and requirements for user privacy.
If password access is required for certain parts of the Website, you are responsible for keeping this password confidential.
We endeavour to do our best to protect your personal data. However, transmission of information over the internet is not entirely secure and is done at your own risk. We cannot ensure the security of your data transmitted to the Website.
How we use your information
- To provide products and services that you have requested.
- To send communications and administrative emails about our products & services, and updates to your account.
- To analyse, benchmark and conduct research on user data and user interactions with our products and services.
- For our internal record keeping.
- To screen our orders for potential risk or fraud.
- To contact you to answer any queries you may have.
- When in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.
Cookies are small files saved to the User’s computers hard drive that track, save and store information about the User’s interactions and usage of the Website. This allows the Website, through its server, to provide the Users with a tailored experience within this Website.
Users are advised that if they wish to deny the use and saving of cookies from this Website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this Website and its external serving vendors.
Contact & communication
Users contacting this Website and/or its owners do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use, as detailed in the Data Protection Act 1998 and the GDPR regulations. Every effort has been made to ensure a safe and secure form to email submission process but advise Users using such form to email processes that they do so at their own risk.
This Website and its owners use any information submitted to provide you with further information about the products / services they offer or to assist you in answering any questions or queries you may have submitted. This includes using your details to subscribe you to any email newsletter programme the Website operates, but only if this was made clear to you and your express permission was granted when submitting any form to email process, or whereby you, the consumer, have previously purchased from, or enquired about purchasing from the company, a product or service that the email newsletter relates to. This is by no means an entire list of your User rights in regard to receiving email marketing material. Your details are not passed on to any third parties.
Collecting, controlling and processing data
This Website requires the visitor to opt-in to receive future information from us. We will specify the method of communication to the user via the opt in process. We do not pass information on to third party companies. A record is held regarding how consent is acquired. The processing of data for marketing purposes is compliant to the latest GDPR/PECR regulations. All data is held within a cloud-based encrypted location. This includes a compliant CRM and/or Email Marketing system. No data is held on local drives or individual computers. We delete any irrelevant or excessive personal data that is surplus to requirements for marketing purposes. We have simple procedures in place to deal with inaccuracies and complaints should they arise. When using data to market by email and post, the information provided includes our contact details.
You have the right to ask for a copy of any of your personal data held by Notes to Self Ltd. (where such data is held) as well as where or how we obtained it on payment of a small fee, which will not exceed $15.
This Website operates an email newsletter programme, used to inform subscribers about products and services supplied by this Website. Users can subscribe through an online automated process should they wish to do so but do so at their own discretion. Some subscriptions may be manually processed through prior written agreement with the User.
Subscriptions are taken in compliance with Spam Laws and GDPR regulations. All personal details relating to subscriptions are held securely and in accordance with the Data Protection Act 1998 and the subsequent EU GDPR regulations introduced in May 2018. No personal details are passed on to third parties nor shared with companies / people outside of the company that operates this Website.
Email marketing campaigns published by this Website or its owners may contain tracking facilities within the actual email. Subscriber activity is tracked and stored in a database for future analysis and evaluation. Such tracked activity may include; the opening of emails, forwarding of emails, the clicking of links within the email content, times, dates and frequency of activity.
This information is used to refine future email campaigns and supply the user with more relevant content based around their activity.
In compliance with Spam Laws and latest GDPR regulations, subscribers are given the opportunity to unsubscribe at any time through an automated system. This process is detailed at the footer of each email campaign. If an automated unsubscription system is unavailable clear instructions on how to unsubscribe will be detailed instead.
Although this Website only looks to include quality, safe and relevant external links, Users are advised to adopt a policy of caution before clicking any external web links mentioned throughout this Website. (External links are clickable text / banner / image links to other Websites.)
Notes to Self Ltd. cannot guarantee or verify the contents of any externally linked Website despite their best efforts. Users should therefore note they click on external links at their own risk and this Website and its owners cannot be held liable for any damages or implications caused by visiting any external links mentioned.
Social media platforms
Communication, engagement and actions taken through external social media platforms that this Website and its owners participate on are custom to the terms and conditions as well as the privacy policies held with each social media platform respectively.
Users are advised to use social media platforms wisely and communicate / engage upon them with due care and caution in regard to their own privacy and personal details. This Website nor its owners will ever ask for personal or sensitive information through social media platforms and encourage Users wishing to discuss sensitive details to contact them through primary communication channels such as by telephone or email.
This Website may use social sharing buttons which help share web content directly from web pages to the social media platform in question. Users are advised before using such social sharing buttons that they do so at their own discretion and note that the social media platform may track and save your request to share a web page respectively through your social media platform account.
This website and its owners through their social media platform accounts may share web links to relevant web pages. By default some social media platforms shorten lengthy urls [web addresses] (this is an example: http://bit.ly/2nxTP6i).
Users are advised to take caution and good judgement before clicking any shortened urls published on social media platforms by this Website and its owners. Despite the best efforts to ensure only genuine urls are published many social media platforms are prone to spam and hacking and therefore this Website and its owners cannot be held liable for any damages or implications caused by visiting any shortened links.
GDPR specific information
For the purposes of GDPR regulations:
- The Data Controller is Notes to Self Ltd.
- Our Lawful Basis is “Consent” for all databases and “Contract” for purposes of the processing of payments of products or services.
How to contact us
If you have any questions or concerns, please contact Notes to Self Customer Support at firstname.lastname@example.org.