Thank you for your interest in how we handle your data
At Cubro, we're committed to providing you with the highest level of protection for your data and privacy. As a New Zealand company, we always strive to be compliant with some of the most stringent data protection laws in the world.
Thousands of customers already trust Cubro with their data and we ensure that the highest safety standards for data storage and processing are always met. We only collect data when it's truly necessary, and in our customers' best interests, e.g. to send you product updates via email.
The following outlines how we are applying the guidelines with specific reference to how they align with the relevant privacy regulations that apply.
Data Protection Policy Overview
- How can you contact us?
- What do we mean by certain terms?
- What personal data is processed by us?
- Why and on what legal basis do we store personal data?
- Why and who do we share personal data with?
- How do we collaborate with partners on your behalf?
- What do we use international partners for?
- What data protection settings are available?
- How can you revoke your consent?
- What are your rights?
- How do we protect personal data?
- What possibilities are there for minors to use our services?
- What other information is important?
This Data Protection Policy is intended to provide information on the processing of personal data in our companies. We hereby fulfil our statutory obligations under NZ legislative requirements as well as align with relevant overseas regulation, such as the EU General Data Protection Regulation (EU-GDPR, EU 2016/679).
Please read this Data Protection Policy carefully and make sure that you understand it. If you have any further questions or there is something you do not understand, please contact us.
For Cubro the protection of your privacy always has the highest priority. We have safeguards against malware, viruses, and other digital threats on our own systems and the protection of your personal data is very important to us.
This Data Protection Policy describes how we handle data which may be directly or indirectly related to natural persons (personal data) and which hardware and software is used.
We comply with relevant privacy laws and this Data Protection Policy at all times. We only share data with others as described in these provisions. Please note that further information may be added to our Data Protection Policy depending on the product or service concerned.
How can you contact us?
Cubro Ltd is responsible for data protection. If you wish to contact us regarding your data, you can do so in the following ways:
- Call our Customer care team on 0800 656 527 between 8am to 5pm, Monday to Friday
- Email firstname.lastname@example.org
- Visit our Headquarters at 149 Taurikura Drive, Tauriko, Tauranga 3171 or
- Write to us at Cubro, PO Box 9144, Greerton, Tauranga 3142
What do we mean by certain terms?
By modifying the data, identification of a natural person is no longer possible.
Data stored about the user's activities.
Programs allowing analyses of user behaviour.
Use of IT infrastructures and services that are not kept locally but are hired as a service and can be accessed via a network (e.g. the internet).
Cookies are small text files that are stored on your computer or in your browser.
General Data Protection Regulation, revision of data protection regulations for the European Union.
A (portable) object, such as a smartphone, tablet, notebook, or PC, used to access apps or programs and information services.
An address within the computer network based on the Internet Protocol (IP). This address is assigned to the device and thus allows the device to be addressed and so accessed.
Address of each individual network adapter.
This information relates to a specific or identifiable natural, living person.
Modification of data in such a way that it is no longer possible to allocate it to a certain data subject without additional supplementary information.
Programs developed to cause damage to a device or system.
Synonymous for ‘intelligent, clever’ devices (e.g. smartphone, smart TV, smart watch)
Freely selectable wireless network name.
Internet based software solution for managing your account or your settings.
What personal data is processed by us?
We process different data when you use our online products or visit our websites. This may be personal, either directly or indirectly, i.e. by involving other data sources.
Most of the data is collected in a pseudonymised or anonymised form. This includes the following information:
Information when you visit our websites
To activate or use some of our products or services, you need to create an account. During the process of setting up your Account, we will ask you for certain personal information such as your name, email address, possibly supplemented by additional information, such as your telephone number and address details.
If you contact us for support inquiries, we will store your data in connection with this particular inquiry, such as contact details, information on your enquiry and any related material that may help us provide the service you request. In some cases we may ask you to provide us with additional information to handle your support inquiry.
When using our products and services, we collect and process personal data at various points. The respective collection and processing of personal data depends on the product used and the associated services and product features. In some cases, you may deliberately submit or provide us with files for verification. If these contain personal data, processing is carried out in accordance with the guidelines set out in this Data Protection Policy.
Cubro online ordering - With Cubro Online Ordering, we provide a web console which you can use to manage your account and our services that you use. For this, we collect and process personal data at various points to help us optimise the services you use.
Cubro does not currently offer any online payment options on its website or online services. We will not request details of payment cards, and do not store payment card details on our systems and storage.
Why and on what legal basis do we store personal data?
We process your data, whether it can be traced back directly or indirectly to a natural person or not, for the following purposes:
- To provide services to you.
- To process your registration and administer the services you have access to.
- For correct operation of our products and services.
- For convenient and straightforward use of our products and services.
- To send you direct marketing, by post and electronic means, including by email, phone and text/SMS.
- To offer you optimised advertising and product information.
Your consent is required for the processing of certain data. In these events we will inform you expressly about the situation and provide you with the opportunity to allow us to process this data.
In these cases we will inform you about the purpose of the data processing and about your right of revocation.
Storage and deletion periods
We store personal data only to the extent required to fulfil the purpose. The storage period depends on legal requirements and the duration of the contractual relationship.
Should the data no longer be used, it will be anonymised and/or deleted in accordance with legal regulation.
Should you wish to have your data deleted, please note that due to technical restrictions it may take up to 180 days to permanently delete your data from the live systems.
Further, please note that after the confirmation of your deletion request it is not possible to restore your data.
Cookies are stored on your individual device and you have full control over their use. You may deactivate or restrict the transmission of cookies by changing the settings of your web browser. Cookies that are already stored may be deleted at any time. Should you visit the Cubro site with cookies deactivated, you may possibly not be able to use all of the functions on our site to the full extent.
In addition to our own systems, we also use the following third-party tools for marketing purposes and to make your visit to our websites or the use of our products/services more user-friendly.
Google Analytics 360
You still have the option to prevent Google from collecting data generated by cookies and relating to your use of the website (including your IP address) as well as from processing this data by downloading and installing a browser plug-in provided by Google.
Further information on Google Analytics can be found here.
Adobe Analytics (Omniture)
Without your express consent, the pseudonymised usage profiles will not be merged with other personal information that we may have received from you. Adobe does not process your IP address and only saves it in a shortened form. You may also opt-out of the collection and storage of your information by Adobe at
For more info about the cookies we make use of in conjunction with Hotjar, please visit Cookie Information. You may opt-out of the collection and storage of your information by Hotjar at any time by following the instructions under the following link: Opt-out here
Why and who do we share personal data with?
Your personal data will not be transmitted to third parties for reasons other than those listed below.
- You have expressly given us your consent for this,
- it is legally permissible and necessary for the execution of our contractual relationships with you,
- data transmission is based on a legal obligation,
- data disclosure is justified by a particular interest and there is no reason to assume that you have an overriding legitimate interest in the non-disclosure of your data at this time.
We share personal data with the following recipients or categories of recipients for the aforementioned reasons:
- Employees (internal and external)
- IT infrastructure service providers
- Payment processors
- Support service providers
- Software service providers
- Providers of analysis tools
- Public authorities
SurveyMonkey (SurveyMonkey USA) - we use this platform to conduct surveys such as on your product satisfaction. For your protection, personal data is processed in a pseudonymised form.
How do we collaborate with partners on your behalf?
We may share anonymised and aggregated information (which is not capable of identifying you) with our contractors, affiliates, business partners and other third parties.
In providing and managing our customer products, we also contract with other businesses to provide services to us and we may disclose personal information to them to enable them to provide those services.
We require these service providers to adhere to our confidentiality requirements and to the requirements of the Privacy Act.
What do we use international partners for?
We use a global IT infrastructure including computers, cloud-based servers, networks, and software solutions of international companies to provide our services. In certain specific cases your personal data may be forwarded to third countries based on your express consent. In these countries, the same level of data protection is not always governed by and established in law as in the New Zealand.
For this reason, we have taken a number of measures in accordance with relevant standards and legislation to ensure the highest possible protection of your personal data.
- NZ Privacy Act 1993
- NZ GCSB Information Security Manual v2.7 Dec 2017
- Health Information Security Framework HISO 10029:2015
- EU General Data Protection Regulation (EU) 2016/679
We insist that our partners take reasonable technical and organisational precautions, including complying with generally accepted industry standards, to protect personal information that they hold. However, no method is completely secure and we cannot be responsible for any breach of security caused by third parties.
What data protection settings are available?
Browsers used to access our products offer you a number of options and settings. These are usually explained to you when you first install or use them. It is quite possible that by changing the settings, certain Cubro services may no longer function properly.
How can you revoke your consent?
If you have given us your consent to process certain data, e.g. to receive a newsletter or third-party offers, you have the right to revoke this consent - also in part - at any time. You can do so by contacting us directly.
In the case of direct advertising, you have a general right to object without having to provide information on the particular situation. Please inform us of your objection in writing (e.g. email) or by telephone.
What are your rights?
You have the following rights in connection with your personal data, subject to possible legal restrictions:
The right to be informed, rectification, erasure, restriction of processing, portability, and object.
Right to information
If you would like to know what personal data we hold on you, please contact us directly. Following your request, we will send you information about the data we have via email. The provision of this information may take some time, depending on the scope of the activity data.
Right to rectification
You can request to change or update your data at any time by contact us directly.
Right to erasure
If you wish to delete your data, please contact us directly. We will then erase your data in accordance with legal requirements.
Wherever possible, we will block your data immediately, however due to technical restrictions it may take up to 180 days to permanently delete your data, provided there are no legal obligations and statutory rights preventing deletion.
Please note that after the confirmation of your deletion request it is not possible to restore your data.
Right to restriction of processing
You have the right to restrict the processing of your personal data. To this end, please inform us of the categories of data affected by your request and the reasons for your request. We will examine the facts immediately and inform you of the result.
Right to data portability
Please let us know in text form (e.g. email) which data you would like to transfer to whom. We will examine your request immediately and inform you of the result.
Right to lodge a compliant
If you are dissatisfied with our efforts in connection with data protection, you have the right to lodge a complaint with the data protection supervisory authority responsible in New Zealand.
- Office of the Privacy Commissioner – PO Box 10094, Wellington 6143.
- OR Click Here
How do we protect personal data?
We have put in place safeguards that are state-of-the-art and meet the requirements of data protection legislation to protect your personal data. These are continuously checked and, if necessary, adapted. The objective is to protect your data against accidental or intentional manipulation, partial or total loss, destruction, or unauthorised knowledge or access by third-parties.
To transfer data between our websites, our applications and backend systems, communication is encrypted using the latest SSL (Secure Socket Layer) procedure.
We protect the systems and processing by a series of technical and organisational measures. These include data encryption, pseudonymisation and anonymisation, logical and physical access restriction and control, firewalls and recovery systems, and integrity testing.
Our employees are regularly trained in the sensitive handling of personal data and are obliged to observe data secrecy in accordance with legal requirements.
What possibilities are there for minors to use our services?
Our products and services may not be ordered or installed by minors.
What other information is important?
Remember that the data you send to forums, such as our web based social media facilities, will be classified and treated as information that is ‘manifestly made public’. If you are active in our forums, there is a risk that others may find and use the information you provide. Be careful and handle your personal information in a responsible manner when online in a public forum.
Changes to this data protection policy
This Data Protection Policy is revised on an ad-hoc basis to adapt it to current developments in relation to our company, our products and services, legal requirements and social developments.