Start typing and hit Enter

Shopping Cart

0

Your shopping bag is empty

Go to the shop
logo
0
Close

Privacy Policy

Home Privacy Policy

Mudhugger NZ Privacy Policy

  1. Introduction
    We respect your privacy and are committed to protecting your personal information in accordance with the New Zealand Privacy Act 2020 (the “Act”) and the Information Privacy Principles (IPPs). This policy explains how we collect, use, disclose, and protect your information. It applies to our website, communications, and services.
    Effective date: 2/10/25 • Last updated: 2/10/25.

2. What Information We Collect

  • Contact details (name, email, phone, address).

  • Order and transaction details (products purchased, delivery information, payment confirmations).

  • Communication preferences (email, SMS, voice).

  • Technical and usage data (device, IP address, cookies and similar technologies, pages viewed, interactions).
    Sources: We collect information directly from you (forms, checkout, support), automatically from your device when you use our site, and from service providers supporting our services (e.g., payment confirmations, courier updates).
    Notification at collection (IPP 3): Where reasonable, we notify you at or before collection of the purposes, recipients, and your rights (e.g., at checkout, sign-up, or via this policy).

3. How We Use Your Information

  • Process and deliver orders; provide customer service and warranty support.

  • Send marketing communications (email/SMS/voice) where you have consented; you may opt out at any time (see Section 6).

  • Re-engage you with promotions and offers (with opt-out options).

  • Improve our services and website, including analytics and troubleshooting.

  • Fraud and security: prevent, detect, and investigate fraud, abuse, or security incidents.

  • Automated decision-making/profiling: We do not make decisions producing legal or similarly significant effects solely using automated processing. If this changes, we will notify you and provide your options.

  • We do not sell personal information.

4. Third-Party Processing
We use trusted third-party service providers (CRMs, payment processors, analytics platforms, email/SMS gateways, couriers, website hosting/CDN, IT/security vendors) who process personal information only on our instructions and under contracts requiring confidentiality, security, and assistance with individual rights and breach response. We conduct reasonable due diligence before onboarding processors and review them periodically.

5. Cross-Border Transfers
Your personal information may be transferred to and stored in countries outside New Zealand. We take reasonable steps to ensure recipients are subject to comparable privacy safeguards as required by IPP 12 (e.g., contractual commitments and security measures), or we obtain your express authorisation where appropriate. Typical recipients may be located in [e.g., Australia, USA, EU, UK] depending on the provider we use. You can contact us for details of current processing locations.

6. Your Rights
You have the right to access and request correction of your personal information. You may opt out of marketing at any time by clicking unsubscribe in emails, replying STOP to SMS, or contacting us.
Deletion: While the Act focuses on access and correction, we will delete or de-identify personal information when it is no longer required for lawful purposes, subject to legal/record-keeping obligations.
How to make a request: Email us at info@themudhugger.co.nz 

We may need to verify your identity and the scope of your request. We respond within 20 working days. We may refuse a request on grounds permitted by the Act (and will explain why) and may charge a reasonable cost-recovery fee for large or repetitive requests.

7. Security
We take reasonable technical, organisational, and contractual measures to protect personal information against loss, misuse, or unauthorised access. Measures include role-based access controls, least-privilege permissions, encryption in transit, secure configuration and monitoring of systems, staff training, and vendor agreements.
Retention & destruction (IPP 9): We retain personal information only as long as needed for the purposes set out in this policy (e.g., tax/warranty obligations) and then securely delete or de-identify it using approved methods.

8. Breach Notification
If a privacy breach occurs that is likely to cause serious harm, we will promptly assess and notify affected individuals and the NZ Privacy Commissioner as required by law, and take steps to mitigate any risk.

9. Complaints
If you believe your privacy rights have been breached, please contact us at info@themudhugger.co.nz  

We will investigate and respond. You may also contact the Office of the Privacy Commissioner: www.privacy.org.nz.

10. Updates
We may update this policy from time to time. If significant changes are made, we will notify you by email or SMS and provide an opt-out option before new uses of your data take effect. The updated policy will include a new effective date.

Cookies & Tracking (additional detail for Sections 2–3)
We use cookies and similar technologies for: (a) essential site functions, (b) analytics to improve performance, and (c) marketing/retargeting where consented. You can manage preferences via your browser settings and (where offered) our cookie banner. Some third-party tags may set cookies when you view our pages.