Privacy Policy

Last updated: 4 June 2026

This Privacy Policy explains how Plantppwipe ("we", "us", "our") collects, uses, stores, and discloses personal information when you use plantppwipe.world and the Active Day digital wellness platform. We comply with the Privacy Act 2020 (New Zealand) and the Information Privacy Principles (IPPs).

1. Agency and contact

Agency: Plantppwipe
Address: 52 Cleveland Street, Brooklyn, Wellington 6021, New Zealand
Email: clients@plantppwipe.world
Phone: +64 4 939 8071
Privacy enquiries: use the email above with subject line "Privacy request"

2. Personal information we collect

• Identity and contact: name, email, phone, billing address when you enquire, register, or purchase
• Account and service data: lane settings, schedules, preferences, support tickets
• Technical data: IP address, browser type, device identifiers, cookies (see Cookies Policy)
• Usage data: pages visited, feature interactions, approximate region
• Communications: content of messages you send via forms or email
• Payment metadata: transaction references from payment processors (we do not store full card numbers)

3. How we collect information

We collect information directly from you, automatically through the website and platform, from cookies where permitted, and from service providers acting on our instructions.

4. Purposes of collection and use

• Provide, maintain, and improve Active Day
• Respond to enquiries and deliver booked services
• Process payments and issue tax invoices (including GST)
• Send service messages and, with consent, marketing under the Unsolicited Electronic Messages Act 2007
• Secure our systems and prevent fraud
• Comply with legal obligations and respond to regulators

We only use information for purposes that are lawful and connected with those above, or with your consent.

5. Disclosure to third parties

We may disclose information to hosting providers, email services, analytics vendors (with consent), payment processors, and professional advisers under confidentiality obligations. We do not sell personal information. Where data is processed offshore, we take reasonable steps to ensure comparable safeguards.

6. Retention

• Contact form records: up to 24 months after resolution
• Account data: subscription term plus 12 months
• Analytics logs: up to 14 months
• Financial records: 7 years as required for tax law

7. Security

We use TLS encryption, access controls, staff confidentiality obligations, and periodic reviews. No online system is perfectly secure—please report suspected breaches promptly.

8. Your rights under the Privacy Act 2020

You may request access to and correction of personal information we hold about you. We will respond within 20 working days unless an extension applies under the Act. You may also complain to the Office of the Privacy Commissioner: www.privacy.org.nz

9. Children and young people

Services are not directed at children under 16 without guardian involvement. Household features must be configured by a parent or guardian.

10. Overseas users and GDPR

Where EU GDPR also applies, you may have additional rights including erasure, restriction, portability, and objection. Contact us to exercise those rights.

11. Notifiable privacy breaches

If a privacy breach causes serious harm, we will notify affected individuals and the Privacy Commissioner as required by the Privacy Act 2020.

12. Changes

We may update this policy. Material changes will be posted here with a new date. Continued use after changes constitutes acceptance where permitted by law.