top of page
PM111-Header.png

Privacy Policy

 
 

Last Updated: 29 May 2023

 

This Privacy Policy applies to shuttlerock.com, a website and associated subdomains owned and operated by Shuttlerock Limited.

 

Shuttlerock Limited (“Shuttlerock”, “We”, “Us” or “Our”) provides this Privacy Policy to inform you of Shuttlerock’s policies and procedures regarding the collection, use, retention, disclosure and disposal of information that relates to an identified or identifiable individual (“Personal Information”) Shuttlerock receives from the following:

 

  • Users in the general public (“Public Users”) who visit and use the publicly-accessible website located at www.shuttlerock.com (“Shuttlerock Site”).

  • Users who are customers or prospective customers of Shuttlerock (“Customers”) who access and use the Shuttlerock platform (“Platform” or “Shuttlerock Platform”), whether on a trial, or paid subscription basis, to operate the Platform and/or interact with other social network sites eg Facebook, Twitter, or any other website operated by a third party (“Third Party Sites”).

  • Users in the general public who interact with the Shuttlerock Platform, via a Customer (“Customer Users”).

 

When handling Personal Information, we will comply with all privacy laws that we are legally obliged to comply with (“Applicable Privacy Laws”), including (as applicable), the New Zealand Privacy Act 2020, California Consumer Privacy Act 2018, the General Data Protection Regulation (EU) 2016/679 (EU GDPR) and/or the United Kingdom Data Protection Regulation (UK GDPR.

INFORMATION SHUTTLEROCK MAY RECEIVE FROM USERS

 

  1. Public Users: If you are a Public User, in the course of using the Shuttlerock Site, you may provide Shuttlerock with (i) personally identifiable information such as your name, phone number, picture and/or email address and other information that, if aggregated, could be used to identify you such as your age, gender, languages, city, suburb (some of which may also be inferred from your IP address and browser), and permissions (“Personal Information”); and (ii) feedback, suggestions, complaints, or other descriptions of your experiences, preferences, or interests in Shuttlerock or the Platform (“Feedback”).

  2. Customers: If you are a Customer, in the course of using the Shuttlerock Site or the Platform, you may provide Shuttlerock with (i) Personal Information in your user or account profile with Shuttlerock, such as your name, phone number, credit card or other billing information, email address, and home and/or business postal addresses; (ii) Personal Information in your user or account profile with the Third Party Site that interacts with the Shuttlerock Platform, that may include, but are not limited to, your log in credentials and profile information that you have elected to make public or provided to us; and (iii) Personal Information of your Customer Users that you have consent to collect, process, and/or store in connection with such Customer Users’ participation in an advertising, marketing, social media or another campaign (“Campaign”) using the Shuttlerock Platform or created by Shuttlerock; and (iv) Feedback.

  3. Customer Users: If you are a Customer User in the course of using the Shuttlerock Platform, Shuttlerock may receive, directly or through our Customers, Personal Information of yours that may include, but is not limited to (i) your social media profile (e.g. your Facebook profile name or handle, and its associated email address, but never your password); (ii) information posted on your social media profile such as wall posts, likes, dislikes, or items you follow, but only to the extent that you make this information publicly available, that you authorize the use of private information through a permission grant or other means provided by that Third Party Site, or that you provide this information to the Customer in response to a promotion or other marketing campaign operated by the Customer through the Shuttlerock Platform.

  4. Where information is provided to Shuttlerock by its Customers in accordance with the Customer’s relevant privacy policy, Shuttlerock processes that information solely on behalf of and under the direction of its Customers and has no direct relationship with the Customer Users whose personal data it processes. We process this Personal Information as an “agent” under the NZPA and, to the extent applicable, a “data processor” under the EU GDPR and/or UK GDPR. The data controller in this situation (for example, the Customer) will have its own privacy policy that will apply to its use of your Personal Information and We suggest you review any such privacy policy before you provide them with access to your Personal Information.

  5. Where We process Personal Information for Our own purposes related to our business, We will be an “agency” governed by the NZPA and, to the extent applicable, a “data controller” under the EU GDPR and/or the UK GDPR.

 

INFORMATION SHUTTLEROCK COLLECTS

 

In addition to the information identified above, and regardless of the type of user you are, when you visit the Shuttlerock Site or interact with the Shuttlerock Platform, Shuttlerock’s servers and our third party tracking-utility partners gather certain information automatically that your browser sends whenever you visit a website through log files. This information may include, but is not limited to, your computer’s Internet Protocol address, browser type, the web page you were visiting before you came to the Shuttlerock Site or interacted with the Shuttlerock Platform, and information you search for on the Shuttlerock Site or the Customer’s website or the Third Party Site.

 

Cookies

Shuttlerock uses a number of automated tracking technologies. Technologies such as cookies, beacons, tags and scripts are used by Shuttlerock and our tracking-utility partners, affiliates, or analytics or service providers (Providers). These technologies are used in analyzing trends, administering the Shuttlerock Site, tracking users’ movements around the Shuttlerock Site and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies from Our Providers on an individual as well as aggregated basis.

We use cookies to remember users’ settings (e.g. language preference), for authentication, for storing recently visited page information and for routing user traffic. Users can control the use of cookies at the individual browser level. If you reject cookies, you may still use our website, but your ability to use some features or areas of our website may be limited and you may not receive the latest content.

The use of cookies by our Customers or Third Party Sites is not covered by our Privacy Policy. We do not have access or control over these cookies.

 

Log Files

As is true of most websites, we gather certain information automatically and store it in log files. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data. We may link this automatically-collected data to other information we collect about you.

  • Local Storage Objects (HTML 5)

We use Local Storage Objects (LSOs) such as HTML5 to store content information and preferences. Various browsers may offer their own management tools for removing HTML5 LSOs.

  • Behavioural Targeting / Re-Targeting

We may partner with a third party Provider to either display advertising on the Shuttlerock Site or to manage our advertising on other sites. Our Providers may use technologies such as cookies to gather information about your activities on the Shuttlerock Site and other sites in order to provide you with advertising based on your browsing activities and interests.


Disabling cookies

You can enable or disable cookies by modifying the settings in your browser.  You can find out how to do this and find more information on cookies at: www.allaboutcookies.org.  You can also find out how to disable Flash cookies at www.adobe.com/products/flashplayer/security. Please be aware that if you choose to disable or delete cookies in your browser, you may not be able to access or use certain functions of our website.

 

Third-party APIs

Our platform uses YouTube API Services, and data shared with us by users from a YouTube account is subject to YouTube's Terms of Service (https://www.youtube.com/t/terms) and the Google Privacy Policy (http://www.google.com/policies/privacy). In the case that a YouTube account is linked to our platform, we store your Google User ID for authentication purposes, and an encrypted token to request the IDs of videos from a YouTube channel specified by you. We store thumbnails of the videos for display purposes, but do not store the videos themselves - they are played via the official YouTube embedded player. Videos removed from YouTube are automatically removed from our system, or can be manually removed at any time. You can revoke our access to your YouTube account at any time via the Google security settings page at https://security.google.com/settings/security/permissions.  Data provided by YouTube is not shared with any external parties.

 

HOW SHUTTLEROCK USES AND DISCLOSES PERSONAL INFORMATION

 

Shuttlerock uses Personal Information obtained by the technical means or directly or indirectly as described above for the following lawful purposes:

 

For the purposes of the contract  between you and Us: (i) to create and set up your account with Shuttlerock and verify your identity; (ii) to provide the Shuttlerock Site, the Shuttlerock Platform, and related Shuttlerock services, features and content; (iii) to enable you to enjoy and easily navigate the Shuttlerock Site and Shuttlerock Platforms; (iv) to personalise your experience on the Shuttlerock Site or Shuttlerock Platforms; (v) to carry out Our obligations under our Terms of Use (available on the Shuttlerock Site); (vi) to respond to communications from you (including complaints) relating to the Shuttlerock Site, the Shuttlerock Platform and/or related Shuttlerock services, features and content; (vii) to identify you when you sign-in to your account and verify that your account is not being used by others; (viii) to bill you and to collect money that you owe Us, including authorising and processing (or procuring the processing by a third party of) credit card transactions; and (ix) to enforce compliance with our Terms of Use (available on the Shuttlerock Site) or any other agreement you have with Us.

As necessary for the purposes of a legitimate interest pursued by Us: (i) to comply with Our obligations to our third-party service providers, suppliers and resellers; (ii) to improve the Shuttlerock Site, the Shuttlerock Platform, and related Shuttlerock services, features and content; (iii) to analyse usage of Shuttlerock Site, the Shuttlerock Platform and related Shuttlerock services, features and content, or carry out research and analysis, so We can improve the Shuttlerock Site, the Shuttlerock Platform and related Shuttlerock services, features and content; (iv)  to protect and/or enforce Our legal rights and interests, including defending any claim; (v) to provide or offer software updates and product announcements; (vi) to provide users with further information and offers from Shuttlerock or third parties that a user has asked to receive or that Shuttlerock believes users may find useful or interesting, including newsletters, marketing or promotional materials and other information on services and products offered by Shuttlerock or third parties; and (vii) to comply with Our legal obligations, including any notification and reporting obligations and any access directions imposed on us by a Government agency or regulatory authority,  This will include complying with any notification and reporting obligations and any access directions imposed on us by a Government agency, and otherwise where the law requires or allows us to do so.

 

We have assessed that, when processing Personal Information based on legitimate interests, our interests are not overridden by the interests or fundamental rights and freedoms of the person to whom the Personal Information relates. However, if you are based in the European Union (including Switzerland) or the United Kingdom at the time we are processing your Personal Information, you have the right to object to the way We process your Personal Information where the processing is based on legitimate interests.

If you are a Customer User, by participating in any Campaign operated by our Customers in conjunction with the Shuttlerock Platform, you hereby acknowledge and agree that Shuttlerock will receive, use, store, process, and share your Personal Information with the relevant Customer who collects it, as necessary for Shuttlerock to (a) facilitate the Customers’ use of the Shuttlerock Platform; and (b) create aggregate reports or other marketing analyses that do not identify Customer Users personally for the relevant Customers operating Campaigns, or for Shuttlerock’s internal business and marketing analysis. You are hereby informed that it is your responsibility to review and consent to each Customers’ privacy policies and those of the applicable Third Party Site prior to participating in any Campaign. Any Personal Information you submit to a Customer or the Third Party Site from which you initiate your participation in a Campaign operated by use of the Shuttlerock Platform will be governed by the Customers’ Privacy Policy or that of the Third Party Site (and not this Privacy Policy). You understand and agree that Shuttlerock does not direct any Customers to collect any Personal Information from Customer Users, and therefore Shuttlerock assumes no liability in connection with any misuse by a Customer or Third Party Site of your Personal Information, or the failure of the Customer or Third Party Site to obtain your consent to use your Personal Information if such is legally required.

HOW SHUTTLEROCK SHARES PERSONAL INFORMATION

 

We will share your Personal Information with third parties only in the ways that are described in this Privacy Policy. We do not sell Personal Information that would identify you to third parties.

We may share Your Personal Information with (i) service providers and business partners, as described in the section below headed “Service Providers and Business Partners”; (ii) a person who can require us to supply your Personal Information (e.g. a regulatory authority or law enforcement agency); (iii) a third party to respond to due diligence requests and/or transfer Personal Information in the case of a sale, merger, consolidation, liquidation, reorganisation or acquisition of our business or in the event of bankruptcy; and (iv) any other person or entity authorised by you.


SERVICE PROVIDERS AND BUSINESS PARTNERS
 

Shuttlerock may employ third party companies and individuals to operate the Shuttlerock Site or the Shuttlerock Platform to perform site-related services (such as to maintenance services, database management, customer support, sending emails on our behalf and web analytics and site improvement) or to assist us in analyzing how the Shuttlerock Site and the Shuttlerock Platforms are used. These third parties will have access to your Personal Information only for purposes of performing these tasks on Shuttlerock’s behalf. These third parties will not retain a copy of your Personal Information. Transfers to Providers are covered by the service agreements with our Customers.

Shuttlerock may also provide Personal Information to its business partners or other entities with whom Shuttlerock has cooperative relationships so that they can send you the promotional and other information you have requested from Shuttlerock or its business partners. If you provide us with your Personal Information for these purposes and no longer want it to be used in this way you may contact us at privacy@shuttlerock.com.

Overseas Transfers

We are located in New Zealand, so your Personal Information may be transferred and/or stored there. For the purposes of the EU GDPR and the UK GDPR, New Zealand has been recognized as providing adequate protection.

We utilise the services of third party processors (or sub-processors, as applicable) in various countries (including New Zealand and the United States) who may access your Personal Information for the matters specified under the heading “Service Providers and Business Partners” above.  For example, Shuttlerock’s computer systems are currently based in the United States, so your Personal Information will be storied and processed by us in the United States.

Consequently, we may transfer Personal Information collected on the Shuttlerock Site or in relation to a Campaign through the Shuttlerock Site, a Third Party Site or related applications, to persons or entities located in these countries.  Although we will endeavour to ensure that Personal Information is treated securely and in accordance with this Privacy Policy as well as Applicable Privacy Laws, we advise that some of these countries may not have an equivalent level of data protection laws as those in New Zealand. By submitting your Personal Information to Shuttlerock, the Shuttlerock Site, in relation to a Campaign or to a related application, directly or indirectly through a Campaign, you consent to such processing of your Personal Information.

If we transfer Personal Information to a third party located in a country outside:

  • the European Economic Union that the European Commission has not recognised as providing adequate protection, if required by the EU GDPR We will enter into an agreement with that third party that containing the standard contractual clauses approved by the European Commission; or

  • the United Kingdom that the United Kingdom Government has not recognised as providing adequate protection, if required by the UK GDPR We will enter into an International Data Transfer Agreement or Addendum (as appropriate) issued under section 119A of the UK Data Protection Act 2018.

OPT-OUT POLICY

 

If you are either a Public User or a Customer and decide at any time that you no longer wish to receive email or marketing communications from Shuttlerock, please follow the unsubscribe instructions provided in any of our communications.

We collect information for our Customers. If you are a Customer User and would no longer like to be contacted by a Customer that uses the Shuttlerock Platform, please contact the Customer directly.
 

PUBLICLY-AVAILABLE PERSONAL INFORMATION

 

Regardless of the type of user you are, you should be aware that Personal Information covered under this Privacy Policy does not and shall not include any information, whether it personally identifies you or not, that you have already made publicly accessible, including through a Third Party Site, or have consented to make public through your participation in a Campaign on a Third Party Site or through the Shuttlerock Site. As a user, you are deemed to consent to Our collection and use of such Personal Information as set out in this Privacy Policy.

Shuttlerock hereby notifies you that, while Shuttlerock discourages the collection and use of any sensitive personal information on the part of its Customers, Shuttlerock does not and cannot review or monitor the type of information which Customers choose to collect from Customer Users as a condition to, or in the course of, operating a Campaign in conjunction with the Shuttlerock Platform.
 

BLOG

The Shuttlerock Site offers publicly accessible blogs. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request removal of your personal information from the Shuttlerock Site or blog, contact us at privacy@shuttlerock.com. In some cases, we may not be able to remove your Personal Information. We will let you know if we are unable to remove your Personal Information and why.
 

SOCIAL MEDIA FEATURES

The Shuttlerock Site includes social media features, such as the Facebook “Like” button. These features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the feature to function properly. Social media features are either hosted by a third party or hosted directly on the Shuttlerock Site. Your interactions with these features are governed by the Privacy Policy of the company providing it.
 

SINGLE SIGN-ON

You can log in to our Customers Platforms using sign-in services such as Facebook Connect or an Open ID provider. These services will authenticate your identity and provide you with the option to share certain Personal Information with us and our Customers, such as your name and email address, to pre-populate our sign up form.
 

OUR POLICY TOWARD CHILDREN

Neither the Shuttlerock Site nor the Shuttlerock Platforms are directed to children under 13. Shuttlerock does not knowingly collect Personal Information from children under 13. If a parent or guardian becomes aware that his or her child has provided Shuttlerock with Personal Information without their consent, he or she should contact us at privacy@shuttlerock.com. If Shuttlerock becomes aware that a child under 13 has provided Shuttlerock with Personal Information, Shuttlerock will delete such information from its files, and perform any other acts necessary to comply with applicable laws or regulations.
 

ANONYMOUS AND AGGREGATE INFORMATION

Shuttlerock reserves the right to use and disclose any information that is aggregated in a format such that you are not identifiable from that information (such as statistics and survey results that do not identify you individually).


We may anonymise and aggregate Personal Information such that no person could be re-identified from the information. Once anonymised, this aggregated and anonymised data no longer constitutes Personal Information.

MARKETING COMMUNICATION

Users who opt-in to receive a mailing or other communications may opt-out from receiving such marketing communications from Shuttlerock at any time by calling Shuttlerock, following the specific instructions in the email you receive, or by notifying Shuttlerock via the following contact email address: privacy@shuttlerock.com.

 

Please note that the above will not apply to communications to Customers about the Shuttlerock Platform that is considered part of Shuttlerock’s service, in which case you will continue to receive such communications and may not opt out of receiving them unless you cancel your subscription to the Shuttlerock Platform.

 

RETENTION OF PERSONAL INFORMATION

 

If you are a Customer User, the information gathered from you will not be stored in a way that enables Shuttlerock to identify you from your data. This information will only be retained for as long as required for the purposes that it was collected for, after which it will be expunged, overwritten and/or permanently deleted from Shuttlerock’s servers in accordance with Shuttlerock’s industry-standard data retention policies and procedures.

We will retain your information as well as information we process on behalf of our Customers for as long as the Customers’ account is active or as needed to provide the Customer with services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

 

YOUR RIGHTS

 

You have the right to access your readily retrievable Personal Information that we hold about you, and to ask for it to be corrected if you think it is wrong.

If you are based in the European Union (including Switzerland) or the United Kingdom you also have the right, under the EU GDPR or the UK GDPR (as applicable), to: (i) in certain circumstances, have your Personal Information erased; (ii) restrict the processing of your Personal Information; (iii) move, copy or transfer your Personal Information easily for your own purposes across different services in a safe and secure way; (iv) object to processing where We rely on our legitimate interests as the lawful basis for processing; (v) where we are processing Personal Information with consent, withdraw your consent; and (vi) lodge a complaint with a data protection supervisory authority, in particular in the Member State in the European Union (or in the UK, as applicable) where you are habitually resident or where an alleged infringement of the EU GDPR or UK GDPR (as applicable) has taken place.

Please note that in certain circumstances We may refuse to respond to a rights request where We have the right to do so under the EU GDPR or UK GDPR (as applicable), for example, where a request is manifestly unfounded or excessive.

If you wish to exercise your rights under this Privacy Policy or any Applicable Privacy Laws, please contact Us at privacy@shuttlerock.com. Your email should provide evidence of who you are and set out the details of your request (e.g. the Personal Information, or the correction, that you are requesting).

Also, please note that, Shuttlerock has no direct relationship with the Customer Users whose information it processes. A Customer User who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct their query to the Customer (the data controller). If the Customer requests Shuttlerock to remove the data, we will respond to their request within 30 business days within the timeframes required by applicable laws.

 

TESTIMONIALS

 

We post Customer testimonials on the Shuttlerock Site which may contain Personal Information. We will obtain your consent, usually via email, prior to posting the testimonial to post your name along with the testimonial. If you have previously provided consent, but later want your testimonial removed, please contact us at privacy@shuttlerock.com.

 

FEEDBACK

 

By providing Shuttlerock with Feedback, you hereby grant to Shuttlerock a royalty-free, worldwide, transferable, sublicensable, irrevocable, perpetual license to use any Feedback and/or to incorporate such Feedback into the Shuttlerock Site, or Shuttlerock Platform, or any service or product developed by Shuttlerock. You acknowledge and agree that any Shuttlerock Platform, the Shuttlerock Site, or other product or service created by Shuttlerock incorporating such suggestions, enhancement requests, recommendations or other feedback shall be the sole and exclusive property of Shuttlerock and all such recommendations shall be free from any confidentiality restrictions that might otherwise be imposed upon Shuttlerock pursuant to your written or electronic agreement with Shuttlerock.


INFORMATION SECURITY

Shuttlerock takes industry-standard precautions to protect Personal Information. When you enter sensitive information (such as a login credentials) on our login forms, we encrypt the transmission of that information using secure socket layer technology (SSL).

While the safeguards implemented by Shuttlerock may help prevent or slow unauthorized access, maintain data accuracy, and facilitate the appropriate use of data, no guarantee is or can be made that your information is secure from intrusions and/or unauthorized access by third parties. If you have any questions about the security of the Shuttlerock Site or the Shuttlerock Platform, you can contact us at privacy@shuttlerock.com.
 

COMPLIANCE WITH LAWS AND LAW ENFORCEMENT

Shuttlerock cooperates with government and law enforcement officials and private parties to assist with enforcement and compliance with the law. Shuttlerock will disclose any information about you to government or law enforcement officials or private parties as Shuttlerock, in its sole discretion, believes necessary or appropriate to respond to claims and legal processes (including but not limited to legal proceedings and subpoenas), to protect the property and rights of Shuttlerock or a third party, to protect the safety of the public or any person, or to prevent or stop any activity Shuttlerock may consider to be, or to pose a risk of being, illegal, unethical, inappropriate or legally actionable.
 

CHANGES TO THIS POLICY

Shuttlerock may revise this Privacy Policy from time to time. The most current version of the policy will govern Shuttlerock’s use of Personal Information and will always be on www.shuttlerock.com. If Shuttlerock makes any material change to this policy, Shuttlerock will notify you by email (sent to the e-mail address specified in your account) or by means of a notice on the Shuttlerock Site prior to the change becoming effective. We encourage you to periodically review the Shuttlerock Site for the latest information on our privacy practices. By continuing to access or use the Shuttlerock Site or the Shuttlerock Platform after those changes become effective, you agree to be bound by the revised Privacy Policy.​

CONTACTING US

If you have any questions about our Privacy Policy, please contact us at privacy@shuttlerock.com, or by mail to:

Shuttlerock Limited: Level 1, 15 Bridge Street, Nelson, 7010 New Zealand.

bottom of page