Privacy Policy

Last updated:

1. Introduction

Pholnaxxkhun ("we", "our", or "us") is committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website pholnaxxkhun.world or make a purchase from us.

We comply with the New Zealand Privacy Act 2020, which sets out Information Privacy Principles governing how agencies must handle personal information. Where the EU General Data Protection Regulation (GDPR) applies to you, we also address those requirements below. By using our website, you acknowledge this policy; separate consent applies where the law or our forms require it (for example, marketing or non-essential cookies).

2. Data Controller Information

The data controller responsible for your personal data is:

  • Company Name: Pholnaxxkhun
  • Address: 12 Hunter Street, Karamea 7893, New Zealand
  • Email: assist@pholnaxxkhun.world

3. Information We Collect

3.1 Information You Provide

We collect information that you voluntarily provide when you:

  • Place an order through our website
  • Contact us via email or through our contact form
  • Subscribe to our newsletter (if applicable)
  • Interact with our customer support

This information may include:

  • Full name
  • Email address
  • Phone number (optional)
  • Shipping and billing address
  • Payment information (processed securely by third-party payment processors)
  • Any messages or communications you send us

3.2 Automatically Collected Information

When you visit our website, we may automatically collect certain information, including:

  • IP address
  • Browser type and version
  • Operating system
  • Pages visited and time spent on pages
  • Referring website
  • Device information

4. Legal Basis for Processing

4.1 New Zealand (Privacy Act 2020)

We collect and use personal information only for lawful purposes connected to our functions, and in ways that are fair and not unreasonably intrusive. We generally rely on:

  • Performance of a transaction or contract: Processing orders, delivery, payments, and support
  • Your authorisation or consent: Where required (for example, optional marketing or non-essential tracking), you may withdraw consent at any time
  • Legal obligations: Tax, accounting, and regulatory requirements
  • Other grounds permitted by the Privacy Act 2020: Such as protecting your vital interests or our legitimate activities, where allowed

4.2 European Union / EEA (GDPR)

Where GDPR applies, we may rely on:

  • Contract Performance: Processing necessary to fulfill your order and provide our services
  • Consent: Where you have given explicit consent for specific processing activities
  • Legitimate Interests: For purposes such as improving our services, fraud prevention, and marketing (where applicable)
  • Legal Obligation: When required by law or regulatory requirements

5. How We Use Your Information

We use the collected information for the following purposes:

  • Processing and fulfilling your orders
  • Communicating with you about your orders and inquiries
  • Providing customer support
  • Improving our website and services
  • Complying with legal obligations
  • Preventing fraud and maintaining security
  • Sending marketing communications (only with your consent)

6. Data Sharing and Disclosure

We may share your personal data with:

  • Service Providers: Third-party companies that help us operate our business (payment processors, shipping carriers, hosting providers)
  • Legal Requirements: When required by law, court order, or governmental authority
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

We do not sell your personal data to third parties for marketing purposes.

7. International Data Transfers

We primarily store and process personal information in connection with our operations in New Zealand. If we use service providers outside New Zealand (for example, payment or cloud hosting), we take steps that are reasonable in the circumstances to ensure appropriate protections, such as contractual safeguards where required by the Privacy Act 2020 or GDPR.

Where GDPR applies and data is transferred to countries without an adequacy decision, we may rely on mechanisms such as Standard Contractual Clauses approved by the European Commission.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

  • Order and transaction data: 7 years (for tax and legal compliance)
  • Customer support communications: 3 years after last interaction
  • Marketing preferences: Until you withdraw consent
  • Website analytics data: 26 months

9. Your Rights

9.1 New Zealand

Under the Privacy Act 2020, you generally have the right to:

  • Access: Request confirmation whether we hold personal information about you, and request access to that information
  • Correction: Request correction of personal information if you believe it is inaccurate
  • Complaints: Complain to us, and if not satisfied, to the Office of the Privacy Commissioner (see below)

There are limited exceptions under the Act (for example, certain commercially sensitive or legally privileged information). We will explain if an exception applies.

9.2 European Union / EEA (GDPR)

Where GDPR applies, you may also have the following rights:

  • Right of Access, Rectification, Erasure, Restriction, Data Portability, Object, Withdraw Consent: As described in applicable EU law

To exercise any rights, contact us at assist@pholnaxxkhun.world. We aim to respond within 20 working days for NZ requests where practicable, and within 30 days for GDPR requests where applicable.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

  • SSL/TLS encryption for data transmission
  • Secure storage with access controls
  • Regular security assessments
  • Employee training on data protection

While we strive to protect your data, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

11. Cookies

We use cookies and similar technologies on our website. For detailed information about the cookies we use and how to manage them, please see our Cookie Policy.

12. Children's Privacy

Our website is not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on our website with a new "Last updated" date. We encourage you to review this policy periodically.

14. Privacy Breaches (New Zealand)

If we become aware of a notifiable privacy breach (serious harm to affected individuals is likely), we will comply with the Privacy Act 2020 requirements, which may include notifying the Office of the Privacy Commissioner and affected individuals where required.

15. Complaints

If you have concerns about how we handle your personal information, please contact us first so we can try to resolve the matter. You may also complain to:

  • New Zealand: Office of the Privacy Commissioner — privacy.org.nz (including guidance on making a complaint)
  • EU/EEA: Your local Data Protection Authority, where GDPR applies

16. Unsolicited Electronic Messages (New Zealand)

If we send commercial electronic messages (for example, email marketing), we will comply with the Unsolicited Electronic Messages Act 2007, including identifying the sender, providing accurate contact information, and including a functional unsubscribe where required.

17. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

  • Email: assist@pholnaxxkhun.world
  • Address: 12 Hunter Street, Karamea 7893, New Zealand