Cleansesweeppure

Privacy Policy

How Cleansesweeppure collects, uses, and protects your personal information.

1. Introduction and Data Controller

This Privacy Policy describes how Cleansesweeppure ("we", "us", or "our") collects, processes, stores, and protects personal data when you visit our website at cleansesweeppure.world, use our contact forms, engage with our coaching services, or otherwise interact with our organisation. We are committed to complying with the General Data Protection Regulation (GDPR) for visitors and clients within the European Economic Area, the UK GDPR for visitors within the United Kingdom, and the Privacy Act 2020 of New Zealand for all individuals whose data we process.

The data controller responsible for your personal information is:

Cleansesweeppure
Shop 8, 239 Queen St
Auckland 1010
New Zealand
Email: admin@cleansesweeppure.world
Phone: +64 9 969 1800

For any privacy-related enquiries, data subject requests, or concerns about how your information is handled, please contact us using the details above. We aim to respond to all privacy enquiries within thirty calendar days.

2. Scope of This Policy

This policy applies to all personal data collected through our website, email communications, telephone conversations, in-person coaching sessions at our Auckland office, video coaching sessions, programme enrolments, and any other channel through which you interact with Cleansesweeppure. It does not apply to third-party websites linked from our pages, and we encourage you to review the privacy policies of any external sites you visit.

Our services consist of work-life balance coaching, consulting, guidance, and educational programmes. We do not provide medical, psychological, legal, or financial services. Personal data collected in connection with our services is processed solely for administrative, communication, and service delivery purposes.

3. Categories of Personal Data We Collect

3.1 Data You Provide Directly

When you complete our contact form, enrol in a programme, or communicate with us by email or telephone, we may collect the following categories of personal data:

  • Identity data: your full name, title, and preferred form of address
  • Contact data: email address, telephone number, and postal address
  • Communication data: the content of messages, enquiries, and correspondence you send to us
  • Consent records: timestamps and details of consents you provide, including GDPR consent for data processing and cookie preferences
  • Programme data: information you share during coaching sessions that you voluntarily provide for the purpose of personalised planning
  • Payment data: billing name, address, and transaction references when you purchase programmes or coaching sessions (payment card details are processed by our payment provider and are not stored on our servers)

3.2 Data Collected Automatically

When you visit our website, certain technical data may be collected automatically through cookies and similar technologies, subject to your cookie preferences:

  • Device data: browser type and version, operating system, device type, and screen resolution
  • Usage data: pages visited, time spent on pages, referral source, and navigation paths
  • Network data: IP address (which may be anonymised), approximate geographic location derived from IP, and internet service provider
  • Cookie identifiers: unique identifiers stored in cookies as described in our Cookie Policy

3.3 Data We Do Not Collect

We do not intentionally collect special categories of personal data as defined under GDPR Article 9, including data revealing racial or ethnic origin, political opinions, religious beliefs, trade union membership, genetic data, biometric data, health data, or data concerning sex life or sexual orientation. If you voluntarily share such information during coaching conversations, it is treated with heightened confidentiality and is not used for any purpose beyond the immediate coaching context.

4. Legal Bases for Processing

Under the GDPR, we process personal data only where we have a valid legal basis. The bases we rely upon include:

  • Consent (Article 6(1)(a)): When you submit our contact form, accept cookies, or opt in to marketing communications, we process your data based on your freely given, specific, informed, and unambiguous consent. You may withdraw consent at any time without affecting the lawfulness of processing prior to withdrawal.
  • Contractual necessity (Article 6(1)(b)): When you enrol in a coaching programme or purchase educational products, we process data necessary to perform our contract with you, including scheduling sessions, delivering materials, and processing payments.
  • Legitimate interests (Article 6(1)(f)): We process certain data based on our legitimate interests in operating and improving our website, ensuring network security, preventing fraud, and maintaining business records, provided these interests are not overridden by your rights and freedoms.
  • Legal obligation (Article 6(1)(c)): We may process and retain data where required by applicable law, including tax record-keeping obligations under New Zealand legislation and responses to lawful requests from public authorities.

5. Purposes of Data Processing

We use your personal data for the following specific purposes:

  • Responding to enquiries submitted through our contact form, email, or telephone
  • Scheduling, conducting, and following up on coaching sessions and programme participation
  • Delivering educational materials, resource libraries, and programme content
  • Processing payments and issuing invoices or receipts for purchased services
  • Maintaining internal records of client interactions and coaching progress notes
  • Improving our website functionality, content, and user experience through anonymised analytics
  • Sending service-related communications such as appointment reminders and programme updates
  • Complying with legal, regulatory, and contractual obligations
  • Protecting the security and integrity of our website and information systems

We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects.

6. Data Retention Periods

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, unless a longer retention period is required by law. Our standard retention periods are:

  • Contact form submissions without follow-up: twelve months from the date of submission, after which data is securely deleted
  • Active coaching clients: duration of the coaching relationship plus three years for reference and dispute resolution
  • Programme participants: duration of programme participation plus two years for alumni resource access and support
  • Payment and financial records: seven years in accordance with New Zealand tax and accounting requirements
  • Cookie consent preferences: twelve months, after which the cookie banner is displayed again
  • Website analytics data: twenty-six months in anonymised or pseudonymised form
  • Marketing consent records: until consent is withdrawn, plus three years for compliance documentation

When retention periods expire, data is securely deleted or irreversibly anonymised. Backup copies may persist for up to ninety days in encrypted backup systems before automatic purging.

7. Data Sharing and Third Parties

We do not sell, rent, or trade your personal data to third parties. We may share data with the following categories of recipients only where necessary and under appropriate safeguards:

  • Service providers: hosting providers, email delivery services, payment processors, and analytics platforms that process data on our behalf under written data processing agreements
  • Professional advisers: lawyers, accountants, or auditors where disclosure is necessary for legal compliance or business operations
  • Public authorities: government bodies or law enforcement when required by applicable law or a valid legal process

Where data is transferred outside the European Economic Area or the United Kingdom, we ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission, adequacy decisions, or binding corporate rules as applicable.

8. Security Measures

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, destruction, and accidental loss. These measures include:

  • HTTPS encryption for all data transmitted between your browser and our website
  • Encrypted storage for sensitive data at rest on our servers and backup systems
  • Access controls limiting personal data access to authorised personnel on a need-to-know basis
  • Regular security assessments and software updates for our website and internal systems
  • Secure password policies and multi-factor authentication for administrative accounts
  • Staff training on data protection principles and confidentiality obligations
  • Incident response procedures for detecting, reporting, and mitigating data breaches

While we take reasonable steps to protect your data, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security but commit to notifying affected individuals and relevant supervisory authorities of data breaches within seventy-two hours where required by law.

9. Your Rights Under GDPR and Applicable Law

Depending on your location, you may have the following rights regarding your personal data:

  • Right of access: Request a copy of the personal data we hold about you
  • Right to rectification: Request correction of inaccurate or incomplete personal data
  • Right to erasure: Request deletion of your personal data where there is no compelling reason for continued processing
  • Right to restriction: Request that we limit processing of your data in certain circumstances
  • Right to data portability: Receive your data in a structured, commonly used, machine-readable format
  • Right to object: Object to processing based on legitimate interests or for direct marketing purposes
  • Right to withdraw consent: Withdraw consent at any time where processing is based on consent
  • Right to lodge a complaint: File a complaint with a supervisory authority, including the Office of the Privacy Commissioner in New Zealand or your local data protection authority in the EEA or UK

To exercise any of these rights, contact us at admin@cleansesweeppure.world or write to our postal address above. We will verify your identity before processing requests and respond within thirty calendar days. In complex cases, we may extend this period by a further sixty days with prior notification.

10. Children's Privacy

Our website and services are directed at adults aged eighteen and over. We do not knowingly collect personal data from individuals under eighteen years of age. If we become aware that we have collected data from a minor without appropriate parental consent, we will take steps to delete that information promptly. Parents or guardians who believe their child has provided data to us should contact us immediately.

11. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or business operations. Material changes will be communicated by updating the date at the top of this page and, where appropriate, by notifying registered clients via email. We encourage you to review this policy regularly to stay informed about how we protect your information.

12. Contact Information

For questions, concerns, or requests relating to this Privacy Policy or our data handling practices, please contact:

Cleansesweeppure — Privacy Enquiries
Shop 8, 239 Queen St, Auckland 1010, New Zealand
Email: admin@cleansesweeppure.world
Phone: +64 9 969 1800