Privacy Policy

How Wildernesswrstre collects, uses, and protects your personal information.

Last updated:

1. Introduction

This Privacy Policy explains how Wildernesswrstre ("we", "us", or "our") processes personal data when you visit our website at wildernesswrstre.world (the "Website") or interact with our services. We are committed to protecting your privacy and handling your data in accordance with the General Data Protection Regulation (GDPR), the New Zealand Privacy Act 2020, and other applicable international data protection laws.

By using the Website, you acknowledge that you have read and understood this Privacy Policy. Where we rely on your consent for specific processing activities, you may withdraw that consent at any time without affecting the lawfulness of processing carried out before withdrawal.

2. Data Controller

The data controller responsible for your personal data is:

Wildernesswrstre
Central Mall, Queen Street
Upper Hutt Central, Wellington 5018
New Zealand
Email: hello@wildernesswrstre.world
Phone: +64 4 527 7402

For any privacy-related enquiries, including requests to exercise your rights, please contact us using the details above. We will respond within the timeframes required by applicable law, typically within 30 days for GDPR requests.

3. Personal Data We Collect

We may collect and process the following categories of personal data depending on how you interact with the Website:

3.1 Information You Provide Directly

  • Contact form submissions: name, email address, message content, and GDPR consent confirmation
  • Consulting or programme enquiries: details you choose to share about your interest in walking club guidance or educational products
  • Refund requests: purchase details, transaction references, and correspondence related to eligible products
  • Cookie preference selections stored through our consent mechanism

3.2 Information Collected Automatically

  • Device and browser information: IP address, browser type, operating system, and device identifiers
  • Usage data: pages visited, time spent on pages, referral sources, and interaction patterns
  • Technical logs: server timestamps, error reports, and security event records
  • Cookie and similar technology data as described in our Cookie Policy

3.3 Information We Do Not Collect

We do not intentionally collect special categories of personal data (such as health records or biometric data) through the Website. Please do not include sensitive personal information in contact form messages unless it is necessary for your enquiry, and be aware that such information will be processed only to respond to your request.

4. Purposes and Legal Bases for Processing

We process personal data only where a lawful basis applies under GDPR Article 6. The table below summarises our primary processing activities:

  • Responding to enquiries: To read, assess, and reply to messages submitted through our contact form. Legal basis: consent (when you tick the GDPR checkbox) and legitimate interests in operating our informational service.
  • Website operation: To deliver pages, maintain security, and ensure proper functionality. Legal basis: legitimate interests and, where applicable, contractual necessity for paid services.
  • Analytics: To understand aggregate visitor behaviour and improve content quality. Legal basis: consent, collected only when you accept analytics cookies.
  • Marketing measurement: To evaluate advertising relevance and campaign performance. Legal basis: consent, collected only when you accept marketing cookies.
  • Legal compliance: To comply with legal obligations, respond to lawful requests from authorities, and enforce our Terms of Use.
  • Transaction processing: To fulfil orders for consulting sessions or educational products and manage refund requests under our Refund Policy. Legal basis: contract performance.

5. Data Retention Periods

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, unless a longer retention period is required or permitted by law:

  • Contact form submissions: Retained for up to 24 months from the date of your last correspondence, then securely deleted or anonymised.
  • Consulting and product records: Retained for up to 7 years from the date of transaction to meet tax, accounting, and legal requirements in New Zealand.
  • Cookie consent records: Retained for up to 12 months, after which we may request renewed consent.
  • Server and security logs: Retained for up to 90 days unless required for incident investigation.
  • Analytics data: Retained in aggregated form according to our analytics provider's settings, typically 14 to 26 months, and only when you have provided consent.

When retention periods expire, we delete or irreversibly anonymise personal data using secure deletion methods.

6. Data Sharing and Recipients

We do not sell your personal data. We may share data with the following categories of recipients where necessary:

  • Hosting and infrastructure providers: Companies that store and deliver Website content on our behalf, bound by data processing agreements.
  • Email and communication services: Providers that facilitate delivery of responses to your enquiries.
  • Analytics providers: Only when you consent to analytics cookies, and typically in pseudonymised or aggregated form.
  • Payment processors: For paid consulting or educational products, limited to transaction-related data necessary to process payments.
  • Professional advisers: Legal, accounting, or technical consultants bound by confidentiality obligations.
  • Public authorities: Where required by applicable law, court order, or regulatory request.

Where data is transferred outside the European Economic Area (EEA) or New Zealand, we implement appropriate safeguards such as Standard Contractual Clauses, adequacy decisions, or equivalent mechanisms recognised under applicable law.

7. Security Measures

We implement technical and organisational measures designed to protect personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • HTTPS encryption for all data transmitted between your browser and our servers
  • Access controls limiting personal data access to authorised personnel with a legitimate need
  • Regular review of security practices and software updates
  • Secure storage of contact form submissions with restricted administrative access
  • Incident response procedures to detect, report, and investigate suspected data breaches
  • Staff awareness of data protection obligations and confidentiality requirements

While we take reasonable steps to protect your data, no method of transmission over the Internet or electronic storage is completely secure. We encourage you to use strong passwords for any accounts associated with our services and to contact us promptly if you suspect unauthorised access to your information.

8. Your Rights

Depending on your location and applicable law, you may have the following rights regarding your personal data:

  • Right of access: Request a copy of the personal data we hold about you.
  • Right to rectification: Request correction of inaccurate or incomplete data.
  • Right to erasure: Request deletion of your data where there is no compelling reason for continued processing.
  • Right to restrict processing: Request that we limit how we use your data in certain circumstances.
  • Right to data portability: Receive your data in a structured, commonly used, machine-readable format where processing is based on consent or contract and carried out by automated means.
  • Right to object: Object to processing based on legitimate interests, including profiling and direct marketing.
  • Right to withdraw consent: Withdraw consent at any time where processing is consent-based, without affecting prior lawful processing.
  • Right to lodge a complaint: Contact your local data protection authority. In New Zealand, you may contact the Office of the Privacy Commissioner.

To exercise any of these rights, email us at hello@wildernesswrstre.world with sufficient information to verify your identity. We may request additional details to confirm your identity before fulfilling a request.

9. Children's Privacy

The Website is intended for a general audience and is not directed at children under 16 years of age. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us and we will take steps to delete such information promptly.

10. Third-Party Links

The Website may contain links to external resources. We are not responsible for the privacy practices of third-party websites. We encourage you to review the privacy policies of any external sites you visit through links on our pages.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. The "Last updated" date at the top of this page indicates when the policy was most recently revised. Material changes will be communicated through a notice on the Website where appropriate. Continued use of the Website after changes take effect constitutes acknowledgment of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact:

Wildernesswrstre
Central Mall, Queen Street, Upper Hutt Central, Wellington 5018, New Zealand
Email: hello@wildernesswrstre.world
Phone: +64 4 527 7402