Back to FernByte

    Privacy Policy

    Last updated: March 15, 2026

    Who we are

    FernByte ("we", "us", "our") provides IT services, web design, apps, ecommerce, and related digital services in New Zealand. We respect your privacy and handle personal information in accordance with the Privacy Act 2020 and its Information Privacy Principles (IPPs).

    "Personal information" has the same meaning as in the Privacy Act 2020.

    Personal information we collect

    We collect personal information you give us directly and information generated when you use our websites, apps, shop, and services, including:

    Contact and business details

    Name, email, phone, address, company, and role.

    Service and product information

    Enquiries, quotes, project briefs, support requests, technical requirements, app-related details, subscriptions, and ecommerce order information.

    Billing and transaction data

    Payment references and transaction details for services, apps, subscriptions, and ecommerce orders. Payments are processed by third-party providers and we do not store full card data.

    Website and technical data

    IP address, device or browser type, pages or screens viewed, referral information, and cookie-related data. See "Cookies and analytics" below.

    We may also receive personal information from service partners, such as payment providers, hosting providers, analytics providers, or other vendors where lawful.

    How we use personal information

    We use personal information to:

    • Provide, schedule, deliver, and support our IT services, websites, apps, ecommerce services, and related work.
    • Respond to enquiries and issue quotes, invoices, subscriptions, and order confirmations.
    • Operate, improve, and secure our websites, products, and customer experience.
    • Send service updates or important notices. You can opt out of non-essential marketing at any time.
    • Comply with legal, insurance, accounting, and tax obligations and protect our lawful interests.

    Disclosure of personal information

    We do not sell personal information. We may disclose it:

    • To service providers such as hosting, email, analytics, software, payment, ecommerce, or monitoring providers as needed to deliver our services.
    • Where required by law, court order, or to protect rights, safety, or security.
    • In connection with a business transaction such as a sale or merger, subject to appropriate safeguards.
    • With your consent or at your direction.

    Overseas disclosures (IPP 12)

    Some providers may be located outside New Zealand. Before disclosing personal information overseas, we will take reasonable steps to ensure the recipient is subject to privacy safeguards comparable to New Zealand law, or we will obtain your express authorisation after informing you that the overseas recipient may not be required to protect the information in a way that provides comparable safeguards.

    Security

    We use appropriate technical and organisational measures to protect personal information, including access controls, least-privilege practices, and encryption where appropriate. No method is 100% secure, but we work to prevent unauthorised access, alteration, or loss.

    Notifiable privacy breaches

    If a privacy breach is likely to cause serious harm, we will notify the Office of the Privacy Commissioner and affected individuals as soon as practicable and take steps to minimise any harm.

    Remote access and support privacy

    For remote support, website management, app support, software assistance, hosting, or related digital services:

    • We only access systems, dashboards, websites, apps, stores, or devices with your permission and only for setup, troubleshooting, support, or maintenance.
    • You remain responsible for the content, accounts, and business systems you control. We recommend strong passwords, least-privilege access, and secure account recovery methods.

    Your rights

    You have the right to request access to and correction of your personal information that we hold.

    You can also ask us to consider deletion where appropriate. We will action this where lawful and practicable, although we may need to retain certain records for tax, accounting, insurance, fraud prevention, or legal purposes.

    To make a request, contact us below. We may need to verify your identity and, where permitted, charge a reasonable cost for providing copies.

    Data retention

    We retain personal information only for as long as needed for the purposes above or as required by law. Business records, such as tax and financial records, are typically kept for at least 7 years where required.

    Cookies and analytics

    Our websites, web applications, and ecommerce experiences may use cookies and similar technologies to operate, remember preferences, keep sessions secure, and analyse traffic. You can control cookies in your browser, although some features may not function without them. If we use analytics tools, we use them to understand aggregate usage and improve our websites, apps, shop, and customer experience.

    Children

    Our services are directed to businesses and adult consumers. We do not knowingly collect personal information from children.

    Complaints

    If you have concerns about how we handle your personal information, contact us first so we can address the issue. If you are not satisfied, you can complain to the Office of the Privacy Commissioner:

    Website: www.privacy.org.nz

    Phone: 0800 803 909 (NZ)

    Contact us

    FernByte

    Email: info@fernbyte.co.nz

    Phone: +64 20 400 20178

    Address: Palmerston North, New Zealand

    Changes to this policy

    We may update this policy from time to time. We will post the updated version on our website with a new "Last updated" date. Your continued use of our websites, apps, shop, or services after any changes means you accept the updated policy.