Powerprstrength
Legal Document

Privacy Policy

This policy describes how Powerprstrength collects, uses, stores, and protects personal data in accordance with the General Data Protection Regulation (GDPR), the New Zealand Privacy Act 2020, and applicable international privacy standards.

Effective date:

1. Data Controller Information

The data controller responsible for your personal information is:

Powerprstrength
260 Oteha Valley Rd, Albany, Auckland 0632, New Zealand
Email: admin@powerprstrength.world
Phone: +64 9 477 0150
Website: powerprstrength.world

As the data controller, we determine the purposes and means of processing personal data collected through our website, contact forms, consulting services, educational programs, and related communications.

2. Scope of This Policy

This Privacy Policy applies to all personal data processed by Powerprstrength in connection with:

  • Visits to our website at powerprstrength.world
  • Submissions through our contact form
  • Enrolment in educational programs and structured challenges
  • Consulting and personalised guidance sessions
  • Email correspondence and telephone communications
  • Cookie usage and analytics as described in our Cookie Policy
  • Purchase of educational products and digital resources

This policy does not apply to third-party websites linked from our pages. We encourage you to review the privacy policies of any external sites you visit.

3. Categories of Personal Data We Collect

3.1 Data You Provide Directly

When you interact with our services, you may voluntarily provide the following categories of personal data:

  • Identity data: Your full name and title
  • Contact data: Email address, telephone number, and postal address
  • Communication data: Messages, enquiries, and feedback submitted through our contact form or email
  • Consent records: Your agreement to data processing, cookie preferences, and marketing communications
  • Programme data: Information shared during consulting sessions or program enrolment relevant to tailoring educational guidance
  • Payment data: Billing details processed through secure third-party payment providers when purchasing educational products

3.2 Data Collected Automatically

When you visit our website, certain technical data may be collected automatically through cookies and similar technologies, including:

  • IP address (anonymised where analytics cookies are accepted)
  • Browser type and version
  • Operating system
  • Referring URL and pages visited on our site
  • Date and time of access
  • Device type and screen resolution

Full details of automated data collection are provided in our Cookie Policy.

4. Legal Basis for Processing

Under the GDPR, we process personal data on the following legal bases:

  • Consent (Article 6(1)(a)): When you submit our contact form, accept non-essential cookies, or opt in to marketing communications, you provide explicit consent for the specified processing activities.
  • Contractual necessity (Article 6(1)(b)): Processing required to deliver educational products, consulting services, or programs you have purchased or enrolled in.
  • Legitimate interests (Article 6(1)(f)): Processing necessary for website security, fraud prevention, service improvement, and responding to general enquiries, balanced against your privacy rights.
  • Legal obligation (Article 6(1)(c)): Processing required to comply with applicable laws, tax regulations, and regulatory requests.

5. Purposes of Data Processing

We use your personal data exclusively for the following purposes:

  • Responding to enquiries submitted through our contact form or email
  • Delivering consulting sessions, personalised guidance plans, and educational programs
  • Processing payments and managing purchase records for educational products
  • Sending service-related communications such as program updates and appointment confirmations
  • Improving our website content, user experience, and service offerings through anonymised analytics
  • Maintaining website security and preventing unauthorised access or fraudulent activity
  • Complying with legal obligations under New Zealand and international law
  • Managing cookie consent preferences as stored in your browser

We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects.

6. Data Retention Periods

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law:

  • Contact form submissions: Retained for 24 months from the date of submission, then securely deleted unless an ongoing service relationship exists.
  • Consulting and program records: Retained for 36 months following the conclusion of services to support follow-up enquiries and quality assurance.
  • Payment and transaction records: Retained for 7 years in accordance with New Zealand tax and accounting requirements.
  • Marketing consent records: Retained for the duration of consent plus 12 months after withdrawal.
  • Cookie consent preferences: Stored locally in your browser until cleared or updated.
  • Server log files: Retained for 90 days for security monitoring, then automatically purged.
  • Analytics data: Aggregated and anonymised data may be retained indefinitely for statistical purposes.

When retention periods expire, data is securely deleted or irreversibly anonymised.

7. Data Sharing and Third Parties

We do not sell, rent, or trade your personal data. We may share data with the following categories of recipients only when necessary:

  • Service providers: Hosting providers, email delivery services, payment processors, and analytics platforms that process data on our behalf under strict data processing agreements.
  • Professional advisers: Legal, accounting, or auditing professionals bound by confidentiality obligations.
  • Regulatory authorities: When required by law, court order, or governmental request.

All third-party processors are required to implement appropriate technical and organisational security measures and process data only according to our documented instructions.

8. International Data Transfers

Some of our service providers may be located outside New Zealand and the European Economic Area. Where personal data is transferred internationally, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses approved by the European Commission
  • Transfers to countries with adequacy decisions recognised by the European Commission
  • Binding corporate rules or equivalent protections where applicable

You may request details of the specific safeguards applied to your data by contacting us at admin@powerprstrength.world.

9. Security Measures

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • HTTPS encryption for all data transmitted between your browser and our servers
  • Secure hosting infrastructure with regular security updates and monitoring
  • Access controls limiting personal data access to authorised personnel only
  • Regular review of data processing activities and security practices
  • Encrypted storage for sensitive data where technically feasible
  • Employee training on data protection responsibilities and incident response
  • Secure deletion procedures when data retention periods expire

While we take reasonable precautions, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security but commit to notifying affected individuals and relevant authorities of any data breach within 72 hours where required by law.

10. Your Rights Under GDPR

If you are located in the European Economic Area, you have the following rights regarding your personal data:

  • Right of access: Request a copy of the personal data we hold about you.
  • Right to rectification: Request correction of inaccurate or incomplete personal data.
  • Right to erasure: Request deletion of your personal data where there is no compelling reason for continued processing.
  • Right to restrict processing: Request limitation of processing under certain circumstances.
  • Right to data portability: Receive your data in a structured, commonly used, machine-readable format.
  • Right to object: Object to processing based on legitimate interests or for direct marketing purposes.
  • Right to withdraw consent: Withdraw consent at any time where processing is based on consent, without affecting the lawfulness of prior processing.
  • Right to lodge a complaint: File a complaint with your local data protection supervisory authority.

11. Your Rights Under New Zealand Law

Under the Privacy Act 2020, individuals in New Zealand have the right to:

  • Request access to personal information we hold about them
  • Request correction of personal information that is incorrect, out of date, incomplete, irrelevant, or misleading
  • Make a complaint to the Office of the Privacy Commissioner if they believe we have interfered with their privacy

We will respond to all access and correction requests within 20 working days as required by New Zealand law.

12. Children's Privacy

Our website and services are intended for adults aged 18 and over. We do not knowingly collect personal data from individuals under 18 years of age. If we become aware that we have collected data from a minor, we will take steps to delete that information promptly. Parents or guardians who believe their child has provided personal data to us should contact us immediately.

13. How to Exercise Your Rights

To exercise any of the rights described above, please contact us using the details below. We may need to verify your identity before processing your request. We will respond within 30 days for GDPR requests and 20 working days for New Zealand Privacy Act requests.

Email: admin@powerprstrength.world
Post: Powerprstrength, 260 Oteha Valley Rd, Albany, Auckland 0632, New Zealand
Phone: +64 9 477 0150

14. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or business operations. Material changes will be communicated by updating the effective date at the top of this page. We encourage you to review this policy regularly. Continued use of our website after changes constitutes acceptance of the updated policy.

15. Contact and Data Protection Enquiries

For any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact our data protection contact:

Powerprstrength — Data Protection
260 Oteha Valley Rd, Albany, Auckland 0632, New Zealand
Email: admin@powerprstrength.world
Phone: +64 9 477 0150