Last Updated: 29 May 2023
Users in the general public (“Public Users”) who visit and use the publicly-accessible website located at www.shuttlerock.com (“Shuttlerock Site”).
Users who are customers or prospective customers of Shuttlerock (“Customers”) who access and use the Shuttlerock platform (“Platform” or “Shuttlerock Platform”), whether on a trial, or paid subscription basis, to operate the Platform and/or interact with other social network sites eg Facebook, Twitter, or any other website operated by a third party (“Third Party Sites”).
Users in the general public who interact with the Shuttlerock Platform, via a Customer (“Customer Users”).
When handling Personal Information, we will comply with all privacy laws that we are legally obliged to comply with (“Applicable Privacy Laws”), including (as applicable), the New Zealand Privacy Act 2020, California Consumer Privacy Act 2018, the General Data Protection Regulation (EU) 2016/679 (EU GDPR) and/or the United Kingdom Data Protection Regulation (UK GDPR.
INFORMATION SHUTTLEROCK MAY RECEIVE FROM USERS
Public Users: If you are a Public User, in the course of using the Shuttlerock Site, you may provide Shuttlerock with (i) personally identifiable information such as your name, phone number, picture and/or email address and other information that, if aggregated, could be used to identify you such as your age, gender, languages, city, suburb (some of which may also be inferred from your IP address and browser), and permissions (“Personal Information”); and (ii) feedback, suggestions, complaints, or other descriptions of your experiences, preferences, or interests in Shuttlerock or the Platform (“Feedback”).
Customers: If you are a Customer, in the course of using the Shuttlerock Site or the Platform, you may provide Shuttlerock with (i) Personal Information in your user or account profile with Shuttlerock, such as your name, phone number, credit card or other billing information, email address, and home and/or business postal addresses; (ii) Personal Information in your user or account profile with the Third Party Site that interacts with the Shuttlerock Platform, that may include, but are not limited to, your log in credentials and profile information that you have elected to make public or provided to us; and (iii) Personal Information of your Customer Users that you have consent to collect, process, and/or store in connection with such Customer Users’ participation in an advertising, marketing, social media or another campaign (“Campaign”) using the Shuttlerock Platform or created by Shuttlerock; and (iv) Feedback.
Customer Users: If you are a Customer User in the course of using the Shuttlerock Platform, Shuttlerock may receive, directly or through our Customers, Personal Information of yours that may include, but is not limited to (i) your social media profile (e.g. your Facebook profile name or handle, and its associated email address, but never your password); (ii) information posted on your social media profile such as wall posts, likes, dislikes, or items you follow, but only to the extent that you make this information publicly available, that you authorize the use of private information through a permission grant or other means provided by that Third Party Site, or that you provide this information to the Customer in response to a promotion or other marketing campaign operated by the Customer through the Shuttlerock Platform.
Where We process Personal Information for Our own purposes related to our business, We will be an “agency” governed by the NZPA and, to the extent applicable, a “data controller” under the EU GDPR and/or the UK GDPR.
INFORMATION SHUTTLEROCK COLLECTS
In addition to the information identified above, and regardless of the type of user you are, when you visit the Shuttlerock Site or interact with the Shuttlerock Platform, Shuttlerock’s servers and our third party tracking-utility partners gather certain information automatically that your browser sends whenever you visit a website through log files. This information may include, but is not limited to, your computer’s Internet Protocol address, browser type, the web page you were visiting before you came to the Shuttlerock Site or interacted with the Shuttlerock Platform, and information you search for on the Shuttlerock Site or the Customer’s website or the Third Party Site.
Shuttlerock uses a number of automated tracking technologies. Technologies such as cookies, beacons, tags and scripts are used by Shuttlerock and our tracking-utility partners, affiliates, or analytics or service providers (Providers). These technologies are used in analyzing trends, administering the Shuttlerock Site, tracking users’ movements around the Shuttlerock Site and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies from Our Providers on an individual as well as aggregated basis.
As is true of most websites, we gather certain information automatically and store it in log files. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data. We may link this automatically-collected data to other information we collect about you.
Local Storage Objects (HTML 5)
We use Local Storage Objects (LSOs) such as HTML5 to store content information and preferences. Various browsers may offer their own management tools for removing HTML5 LSOs.
Behavioural Targeting / Re-Targeting
We may partner with a third party Provider to either display advertising on the Shuttlerock Site or to manage our advertising on other sites. Our Providers may use technologies such as cookies to gather information about your activities on the Shuttlerock Site and other sites in order to provide you with advertising based on your browsing activities and interests.
You can enable or disable cookies by modifying the settings in your browser. You can find out how to do this and find more information on cookies at: www.allaboutcookies.org. You can also find out how to disable Flash cookies at www.adobe.com/products/flashplayer/security. Please be aware that if you choose to disable or delete cookies in your browser, you may not be able to access or use certain functions of our website.
HOW SHUTTLEROCK USES AND DISCLOSES PERSONAL INFORMATION
Shuttlerock uses Personal Information obtained by the technical means or directly or indirectly as described above for the following lawful purposes:
As necessary for the purposes of a legitimate interest pursued by Us: (i) to comply with Our obligations to our third-party service providers, suppliers and resellers; (ii) to improve the Shuttlerock Site, the Shuttlerock Platform, and related Shuttlerock services, features and content; (iii) to analyse usage of Shuttlerock Site, the Shuttlerock Platform and related Shuttlerock services, features and content, or carry out research and analysis, so We can improve the Shuttlerock Site, the Shuttlerock Platform and related Shuttlerock services, features and content; (iv) to protect and/or enforce Our legal rights and interests, including defending any claim; (v) to provide or offer software updates and product announcements; (vi) to provide users with further information and offers from Shuttlerock or third parties that a user has asked to receive or that Shuttlerock believes users may find useful or interesting, including newsletters, marketing or promotional materials and other information on services and products offered by Shuttlerock or third parties; and (vii) to comply with Our legal obligations, including any notification and reporting obligations and any access directions imposed on us by a Government agency or regulatory authority, This will include complying with any notification and reporting obligations and any access directions imposed on us by a Government agency, and otherwise where the law requires or allows us to do so.
We have assessed that, when processing Personal Information based on legitimate interests, our interests are not overridden by the interests or fundamental rights and freedoms of the person to whom the Personal Information relates. However, if you are based in the European Union (including Switzerland) or the United Kingdom at the time we are processing your Personal Information, you have the right to object to the way We process your Personal Information where the processing is based on legitimate interests.
HOW SHUTTLEROCK SHARES PERSONAL INFORMATION
We may share Your Personal Information with (i) service providers and business partners, as described in the section below headed “Service Providers and Business Partners”; (ii) a person who can require us to supply your Personal Information (e.g. a regulatory authority or law enforcement agency); (iii) a third party to respond to due diligence requests and/or transfer Personal Information in the case of a sale, merger, consolidation, liquidation, reorganisation or acquisition of our business or in the event of bankruptcy; and (iv) any other person or entity authorised by you.
SERVICE PROVIDERS AND BUSINESS PARTNERS
Shuttlerock may employ third party companies and individuals to operate the Shuttlerock Site or the Shuttlerock Platform to perform site-related services (such as to maintenance services, database management, customer support, sending emails on our behalf and web analytics and site improvement) or to assist us in analyzing how the Shuttlerock Site and the Shuttlerock Platforms are used. These third parties will have access to your Personal Information only for purposes of performing these tasks on Shuttlerock’s behalf. These third parties will not retain a copy of your Personal Information. Transfers to Providers are covered by the service agreements with our Customers.
Shuttlerock may also provide Personal Information to its business partners or other entities with whom Shuttlerock has cooperative relationships so that they can send you the promotional and other information you have requested from Shuttlerock or its business partners. If you provide us with your Personal Information for these purposes and no longer want it to be used in this way you may contact us at firstname.lastname@example.org.
We are located in New Zealand, so your Personal Information may be transferred and/or stored there. For the purposes of the EU GDPR and the UK GDPR, New Zealand has been recognized as providing adequate protection.
We utilise the services of third party processors (or sub-processors, as applicable) in various countries (including New Zealand and the United States) who may access your Personal Information for the matters specified under the heading “Service Providers and Business Partners” above. For example, Shuttlerock’s computer systems are currently based in the United States, so your Personal Information will be storied and processed by us in the United States.
If we transfer Personal Information to a third party located in a country outside:
the European Economic Union that the European Commission has not recognised as providing adequate protection, if required by the EU GDPR We will enter into an agreement with that third party that containing the standard contractual clauses approved by the European Commission; or
the United Kingdom that the United Kingdom Government has not recognised as providing adequate protection, if required by the UK GDPR We will enter into an International Data Transfer Agreement or Addendum (as appropriate) issued under section 119A of the UK Data Protection Act 2018.
If you are either a Public User or a Customer and decide at any time that you no longer wish to receive email or marketing communications from Shuttlerock, please follow the unsubscribe instructions provided in any of our communications.
We collect information for our Customers. If you are a Customer User and would no longer like to be contacted by a Customer that uses the Shuttlerock Platform, please contact the Customer directly.
PUBLICLY-AVAILABLE PERSONAL INFORMATION
Shuttlerock hereby notifies you that, while Shuttlerock discourages the collection and use of any sensitive personal information on the part of its Customers, Shuttlerock does not and cannot review or monitor the type of information which Customers choose to collect from Customer Users as a condition to, or in the course of, operating a Campaign in conjunction with the Shuttlerock Platform.
The Shuttlerock Site offers publicly accessible blogs. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request removal of your personal information from the Shuttlerock Site or blog, contact us at email@example.com. In some cases, we may not be able to remove your Personal Information. We will let you know if we are unable to remove your Personal Information and why.
SOCIAL MEDIA FEATURES
You can log in to our Customers Platforms using sign-in services such as Facebook Connect or an Open ID provider. These services will authenticate your identity and provide you with the option to share certain Personal Information with us and our Customers, such as your name and email address, to pre-populate our sign up form.
OUR POLICY TOWARD CHILDREN
Neither the Shuttlerock Site nor the Shuttlerock Platforms are directed to children under 13. Shuttlerock does not knowingly collect Personal Information from children under 13. If a parent or guardian becomes aware that his or her child has provided Shuttlerock with Personal Information without their consent, he or she should contact us at firstname.lastname@example.org. If Shuttlerock becomes aware that a child under 13 has provided Shuttlerock with Personal Information, Shuttlerock will delete such information from its files, and perform any other acts necessary to comply with applicable laws or regulations.
ANONYMOUS AND AGGREGATE INFORMATION
Shuttlerock reserves the right to use and disclose any information that is aggregated in a format such that you are not identifiable from that information (such as statistics and survey results that do not identify you individually).
We may anonymise and aggregate Personal Information such that no person could be re-identified from the information. Once anonymised, this aggregated and anonymised data no longer constitutes Personal Information.
Users who opt-in to receive a mailing or other communications may opt-out from receiving such marketing communications from Shuttlerock at any time by calling Shuttlerock, following the specific instructions in the email you receive, or by notifying Shuttlerock via the following contact email address: email@example.com.
Please note that the above will not apply to communications to Customers about the Shuttlerock Platform that is considered part of Shuttlerock’s service, in which case you will continue to receive such communications and may not opt out of receiving them unless you cancel your subscription to the Shuttlerock Platform.
RETENTION OF PERSONAL INFORMATION
If you are a Customer User, the information gathered from you will not be stored in a way that enables Shuttlerock to identify you from your data. This information will only be retained for as long as required for the purposes that it was collected for, after which it will be expunged, overwritten and/or permanently deleted from Shuttlerock’s servers in accordance with Shuttlerock’s industry-standard data retention policies and procedures.
We will retain your information as well as information we process on behalf of our Customers for as long as the Customers’ account is active or as needed to provide the Customer with services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
You have the right to access your readily retrievable Personal Information that we hold about you, and to ask for it to be corrected if you think it is wrong.
If you are based in the European Union (including Switzerland) or the United Kingdom you also have the right, under the EU GDPR or the UK GDPR (as applicable), to: (i) in certain circumstances, have your Personal Information erased; (ii) restrict the processing of your Personal Information; (iii) move, copy or transfer your Personal Information easily for your own purposes across different services in a safe and secure way; (iv) object to processing where We rely on our legitimate interests as the lawful basis for processing; (v) where we are processing Personal Information with consent, withdraw your consent; and (vi) lodge a complaint with a data protection supervisory authority, in particular in the Member State in the European Union (or in the UK, as applicable) where you are habitually resident or where an alleged infringement of the EU GDPR or UK GDPR (as applicable) has taken place.
Please note that in certain circumstances We may refuse to respond to a rights request where We have the right to do so under the EU GDPR or UK GDPR (as applicable), for example, where a request is manifestly unfounded or excessive.
Also, please note that, Shuttlerock has no direct relationship with the Customer Users whose information it processes. A Customer User who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct their query to the Customer (the data controller). If the Customer requests Shuttlerock to remove the data, we will respond to their request within 30 business days within the timeframes required by applicable laws.
We post Customer testimonials on the Shuttlerock Site which may contain Personal Information. We will obtain your consent, usually via email, prior to posting the testimonial to post your name along with the testimonial. If you have previously provided consent, but later want your testimonial removed, please contact us at firstname.lastname@example.org.
By providing Shuttlerock with Feedback, you hereby grant to Shuttlerock a royalty-free, worldwide, transferable, sublicensable, irrevocable, perpetual license to use any Feedback and/or to incorporate such Feedback into the Shuttlerock Site, or Shuttlerock Platform, or any service or product developed by Shuttlerock. You acknowledge and agree that any Shuttlerock Platform, the Shuttlerock Site, or other product or service created by Shuttlerock incorporating such suggestions, enhancement requests, recommendations or other feedback shall be the sole and exclusive property of Shuttlerock and all such recommendations shall be free from any confidentiality restrictions that might otherwise be imposed upon Shuttlerock pursuant to your written or electronic agreement with Shuttlerock.
Shuttlerock takes industry-standard precautions to protect Personal Information. When you enter sensitive information (such as a login credentials) on our login forms, we encrypt the transmission of that information using secure socket layer technology (SSL).
While the safeguards implemented by Shuttlerock may help prevent or slow unauthorized access, maintain data accuracy, and facilitate the appropriate use of data, no guarantee is or can be made that your information is secure from intrusions and/or unauthorized access by third parties. If you have any questions about the security of the Shuttlerock Site or the Shuttlerock Platform, you can contact us at email@example.com.
COMPLIANCE WITH LAWS AND LAW ENFORCEMENT
Shuttlerock cooperates with government and law enforcement officials and private parties to assist with enforcement and compliance with the law. Shuttlerock will disclose any information about you to government or law enforcement officials or private parties as Shuttlerock, in its sole discretion, believes necessary or appropriate to respond to claims and legal processes (including but not limited to legal proceedings and subpoenas), to protect the property and rights of Shuttlerock or a third party, to protect the safety of the public or any person, or to prevent or stop any activity Shuttlerock may consider to be, or to pose a risk of being, illegal, unethical, inappropriate or legally actionable.
CHANGES TO THIS POLICY
Shuttlerock Limited: Level 1, 15 Bridge Street, Nelson, 7010 New Zealand.