Last Updated:

Privacy Policy

This Privacy Policy describes how Cholmarephralir collects, uses, and protects your personal information when you visit our website and use our services.

1. Information We Collect

1.1 Information You Provide Directly

We collect information that you voluntarily provide when you:

  • Fill out contact forms on our website
  • Schedule consultations or request services
  • Subscribe to newsletters or communications
  • Communicate with us via email or phone

This information may include:

  • Full name
  • Email address
  • Phone number
  • Postal address
  • Dietary preferences and goals
  • Budget constraints and financial information relevant to our services
  • Any other information you choose to share

1.2 Information Collected Automatically

When you visit our website, we automatically collect certain technical information, including:

  • IP address
  • Browser type and version
  • Operating system
  • Pages visited and time spent on pages
  • Referring website
  • Device identifiers

1.3 Cookies and Similar Technologies

We use cookies and similar tracking technologies to enhance user experience and analyze website usage. You can control cookie preferences through your browser settings or our cookie consent banner. For more information, please review our Cookie Policy.

2. How We Use Your Information

We use collected information for the following purposes:

  • Service Delivery: To provide requested consultations, meal planning services, and educational resources
  • Communication: To respond to inquiries, send appointment confirmations, and provide service updates
  • Personalization: To tailor our services and recommendations to your specific needs and preferences
  • Website Improvement: To analyze usage patterns and improve website functionality and content
  • Marketing: To send promotional materials and newsletters (only with your explicit consent)
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes
  • Security: To protect against fraud, unauthorized access, and other security threats

3. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), United Kingdom, and Switzerland, we process personal data based on the following legal grounds:

  • Consent: When you have given explicit permission for specific processing activities
  • Contract Performance: When processing is necessary to fulfill our service agreement with you
  • Legitimate Interests: When we have legitimate business reasons that do not override your privacy rights
  • Legal Obligation: When required by law to process your information

4. Information Sharing and Disclosure

We do not sell, rent, or trade your personal information to third parties. We may share information in the following limited circumstances:

4.1 Service Providers

We may share information with trusted third-party service providers who assist in website hosting, email delivery, payment processing, and analytics. These providers are contractually obligated to protect your information and use it only for specified purposes.

4.2 Legal Requirements

We may disclose information when required by law, court order, or government regulation, or when necessary to protect our rights, property, or safety.

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity, subject to the same privacy protections.

5. Your Privacy Rights

Depending on your location, you have certain rights regarding your personal information:

5.1 Rights Under GDPR (EEA, UK, Switzerland)

  • Right to Access: Request a copy of personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete information
  • Right to Erasure: Request deletion of your personal data ("right to be forgotten")
  • Right to Restriction: Request limitation of processing in certain circumstances
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests or for marketing purposes
  • Right to Withdraw Consent: Withdraw previously given consent at any time
  • Right to Lodge a Complaint: File a complaint with your local data protection authority

5.2 Exercising Your Rights

To exercise any of these rights, please contact us at online@cholmarephralir.world. We will respond to your request within 30 days.

6. Data Retention

We retain personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law. Specific retention periods include:

  • Contact Form Submissions: Retained for 3 years after last contact
  • Client Consultation Records: Retained for 7 years for legal and professional purposes
  • Marketing Communications: Retained until you unsubscribe or request deletion
  • Website Analytics Data: Aggregated and anonymized after 26 months

7. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • HTTPS encryption for all data transmission
  • Secure server infrastructure with regular security updates
  • Access controls limiting employee access to personal data
  • Regular security audits and vulnerability assessments
  • Encrypted storage of sensitive information

However, no method of transmission over the internet is completely secure. While we strive to protect your information, we cannot guarantee absolute security.

8. International Data Transfers

Our website and services are operated from New Zealand. If you are located in the EEA, UK, Switzerland, or other regions with data protection laws, your information may be transferred to and processed in countries with different privacy protections. When transferring data internationally, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions by relevant authorities
  • Your explicit consent where required

9. Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected information from a child, we will delete it promptly. If you believe we have collected information from a child, please contact us immediately.

10. Third-Party Websites

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of these external sites. We encourage you to review the privacy policies of any third-party websites you visit.

11. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of significant changes by posting a notice on our website or sending an email to registered users. The "Last Updated" date at the top of this policy indicates when it was last revised.

12. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Cholmarephralir
68 Beach Road
Auckland CBD, Auckland 1010
New Zealand

Email: online@cholmarephralir.world
Phone: +64 9 919 2320