last updated July 2018
We collect, hold and process the following categories of personal information:
Account and Marketing Data is personal information that we collect about you as described in the table below:
Customer Data which is personal information about our customers’ users that is collected or input into the Spidertracks aircraft tracking solution. Customer Data may include personnel names, address, contact details and any other information that our customers decide to capture using the Spidertracks service.
We will not collect or process Customer Data except as provided in our Terms and Conditions (available here) and/or other agreements with our customers that govern the processing of Customer Data (as applicable) and we require our customers to comply with applicable privacy and data protection laws.
The remainder of this privacy policy sets out how we will collect, use, disclose and protect Account and Marketing Data and does not apply to Customer Data.
Spider Tracks Limited (we, us, our) complies with the New Zealand Privacy Act 1993 (the NZ Privacy Act) and EU General Data Protection Regulation (GDPR). Personal information is information about an identifiable individual (a natural person).
This policy sets out how we will collect, use, disclose and protect your personal information when you access and use our website at spidertracks.com or the Spidertracks aircraft tracking solution or have other dealings with us.
If you are based in the European Union and use our website and/or services, the additional terms in the addendum to this policy (GDPR Addendum) apply to you.
This policy does not limit or exclude any of your rights under the NZ Privacy Act and other applicable laws. If you wish to seek further information on the NZ Privacy Act, see www.privacy.org.nz.
We may change this policy by uploading a revised policy onto the website. The change will apply from the date that we upload the revised policy.
This policy was last updated on 11/7/18.
We collect personal information about you from:
When you visit or use our website or services, we may collect information about you including:
We may use your personal information for one or more of the following purposes:
We may also combine information we collect (aggregate) or remove personally identifiable (anonymise) information to conduct research and statistical analysis. This privacy policy does not apply to our use of such aggregated or anonymous information.
We may also use your personal information:
We may disclose your personal information to:
A business that supports our services and products may be located outside the European Economic Area (EEA) or New Zealand. This may mean your personal information is held and processed outside the EEA or New Zealand. Please see the GDPR Addendum for further information about personal data transfers from the EEA.
We will take reasonable steps to keep your personal information safe from loss, unauthorised activity, or other misuse. We implement appropriate technical and organisational measures to ensure a level of security appropriate to risks inherent in processing personal information.
You can play an important role in keeping your personal information secure by maintaining the confidentiality of any password and accounts used in relation to our products and services. Please do not disclose your password to third parties. Please notify us immediately if there is any unauthorised use of your account or any other breach of security.
Subject to certain grounds for refusal set out in the NZ Privacy Act or other applicable law, you have the right to access your readily retrievable personal information that we hold and to request a correction to your personal information. Before you exercise this right, we will need evidence to confirm that you are the individual to whom the personal information relates.
In respect of a request for correction, if we think the correction is reasonable and we are reasonably able to change the personal information, we will make the correction. If we do not make the correction, we will take reasonable steps to note on the personal information that you requested the correction.
If you want to exercise either of the above rights, email us at compliance@spidertracks.co.nz. Your email should provide evidence of who you are and set out the details of your request (e.g. the personal information, or the correction, that you are requesting).
While we take reasonable steps to maintain secure internet connections, if you provide us with personal information over the internet, the provision of that information is at your own risk.
If you follow a link on our website to another site, the owner of that site will have its own privacy policy relating to your personal information. We suggest you review that site’s privacy policy before you provide personal information.
If you have any questions about this privacy policy, our privacy practices, or if you would like to request access to, or correction of, your personal information, you can contact us here: compliance@spidertracks.co.nz
If you are based in the European Union (EU) and use our website and/or our services, these additional terms (GDPR Addendum) form part of our privacy policy.
The General Data Protection Regulation (GDPR) regulates the collection, processing and transfer of EU individuals’ personal data (as defined in the GDPR). The personal information described in our privacy policy is personal data under the GDPR. We are committed to complying with the GDPR when dealing with personal data of our website visitors and service users based in the EU.
This GDPR Addendum was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of our collection and use of personal data. However, we are happy to provide any additional information or explanation needed. Any requests for further information should be sent to compliance@spidertracks.co.nz
For the purposes of the GDPR:
We will not process User Data except as provided in our terms and conditions (available here) and/or other agreements with our customers that govern the processing of User Data (as applicable) and we require our customers to comply with applicable privacy and data protection laws. If we receive any data subject requests relating to User Data, such as requests to access personal data, we will forward this request to the relevant customer.
The remainder of this GDPR Addendum applies to Account and Marketing Data only, and does not apply to User Data.
PROCESSING PERSONAL DATA
The Account and Marketing Data we may process is described in our privacy policy. This Account and Marketing Data may be processed for the purposes outlined in our privacy policy.
The legal basis for our processing of Account and Marketing Data is your consent orthat processing is necessary for the performance of a contract to which you are a party
Despite the above, we may process any of your personal data where such processing is necessary for compliance with applicable laws.
You do not have to provide us with your name and email address to access and use the website. However, you must provide us with your name and email addresses when using some of our services such as signing up for our newsletter or registering an account in the system. The consequence of not providing the name and email addresses is that we will not be able to provide all of our services to you.
YOUR RIGHTS
Your rights in relation to your personal data under the GDPR include:
Where personal data is processed for the purposes of direct marketing, you have the right to object to such processing, including profiling related to direct marketing.
If you would like to exercise any of your above rights, please contact us at compliance@spidertracks.co.nz. If you are not satisfied by the way your query is dealt with by our data protection team, you may refer your query to your local data protection supervisory authority e.g. in the United Kingdom, this is the Information Commissioner’s Office.
CHILDREN
We do not intend to collect personal data from children aged under 16. If you have reason to believe that a child under the age of 16 has provided personal data to us through our website and/or by using our services, please contact us at compliance@spidertracks.co.nz.
COOKIES
We use cookies (an alphanumeric identifier that we transfer to your computer’s hard drive so that we can recognise your browser) to monitor your use of the website. We use cookies for the following purposes:
We use Google Analytics to analyse your use of our website and to analyse the demographics (on an aggregated and anonymous basis) of users of our website or improve our website and related services. Googles serves cookies for these purposes. Information about Google’s cookies is available from: https://www.google.com.au/policies/technologies/types/. Google’s privacy policy relating to its cookies is available at https://www.google.com/policies/privacy/partners/. If you would like to customise or opt out of these settings please visit: https://tools.google.com/dlpage/gaoptout.
We also use online behavioural advertising techniques such as Google AdWords to present advertising relevant to your interests when you access the website or our services, generated from data relating to your access and use of the website or our services. Google Adwords places cookies on your browser to collect information about your past use of the website and then places ads on sites across the Internet that are more likely to be of interest to you. If you would like to customise or opt out of AdWord’s behavioural advertising, you can visit Google’s Ads Settings at https://adssettings.google.com/authenticated.
We use third-party analytics services to help understand your usage of our services. In particular, we provide a limited amount of your information (such as sign-up date and some personal information like your email address) to Intercom, Inc. (“Intercom”) and utilize Intercom to collect data for analytics purposes when you visit our website or use our product. As a data processor acting on our behalf, Intercom analyzes your use of our website and/or product and tracks our relationship by way of cookies and similar technologies so that we can improve our service to you. For more information on Intercom's use of cookies, please visit https://www.intercom.com/terms-and-policies#cookie-policy. We may also use Intercom as a medium for communications, either through email, or through messages within our product(s). As part of our service agreements, Intercom collects publicly available contact and social information related to you, such as your email address, gender, company, job title, photos, website URLs, social network handles and physical addresses, to enhance your user experience. For more information on the privacy practices of Intercom, please visit https://www.intercom.com/terms-and-policies#privacy. Intercom’s services are governed by Intercom’s terms of use which can be found at https://www.intercom.com/terms-and-policies#terms. If you would like to opt out of having this information collected by or submitted to Intercom, please contact us.
You can learn more about interest-based advertising and opt out of interest-based advertising from participating online advertising companies at the following links:
Network Advertising Initiative (NAI) – http://optout.networkadvertising.org/
Digital Advertising Alliance (DAA) – http://optout.aboutads.info/
Digital Advertising Alliance EU (EDAA) – http://www.youronlinechoices.com/
DAA AppChoices page – http://www.aboutads.info/appchoices
Please note that opting out of interest-based advertising does not mean you will no longer be served advertising. You will continue to receive generic ads.
You can control and/or delete cookies as you wish. You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit our website and attempt use our services, you may not be able to access certain parts of our website or services, and some functionalities may not work. You can find out more information about how to change your browser cookie settings at http://www.aboutcookies.org.uk.
INTERNATIONAL TRANSFER OF DATA
The Account and Marketing Data we collect through our website and/or the provision of services may be transferred to, and stored in, a country operating outside the European Economic Area (EEA). Under the GDPR, the transfer of personal data to a country outside the EEA may take place where the European Commission has decided that the country ensures an adequate level of protection. In the absence of an adequacy decision, we may transfer personal data provided appropriate safeguards are in place.
Some of the Account and Marketing Data we collect is processed in New Zealand (where our operations are located). New Zealand is recognised by the European Commission as a country that ensures an adequate level of data protection and we rely on this decision in transferring personal data to New Zealand.
Some of the Account and Marketing Data we collect is processed by third party data processors in other countries, including United States, Canada and Australia. Where Account and Marketing Data is transferred outside the EEA, it will only be transferred where the transfer complies with the GDPR (e.g. to organisations in the United States under the EU-U.S. Privacy Shield framework or by entering into the European Commission’s Standard Contractual Clauses). For further information, please contact us using the details set out in set out in our privacy policy.
DATA RETENTION POLICY
Account and Marketing Data that we collect and process will not be kept longer than necessary for the purposes for which it is collected, or for the duration required for compliance with applicable law, whichever is longer.
CONTACTING US
You can contact us as set out in our privacy policy.
For Data Subjects in the EU:
We appointed GDPR-Rep.eu as representative according to Art 27 GDPR. If you want to make use of your GDPR data privacy rights, please visit: https://gdpr-rep.eu/q/18309548
Contact GDPR-Rep.eu
GDPR-Rep.euiuro | Dr. Andreas MätzlerAttorney at Lawc/o SpidertracksSchellinggasse 3/101010 Vienna, AustriaEmail: office@gdpr-rep.euWebsite: https://www.gdpr-rep.eu
Please add the following subject to all correspondence:
GDPR-REP ID: 18309548