Last updated August 17, 2023
It describes how we collect, store, use, share, dispose of and protect personal information that we receive about you when you visit our website (at https://www.openstar.tech) or otherwise interact with us directly (for example, at sales and marketing events or through the contact form on our website).
When handling Personal Information we will comply with all privacy laws that we are legally obliged to comply with (Applicable Privacy Laws), including (as applicable), the New Zealand Privacy Act 2020, the General Data Protection Regulation (EU) 2016/679 (EU GDPR), United Kingdom Data Protection Regulation (UK GDPR) and/or the California Consumer Privacy Act 2018 (CCPA).
What personal information do we process? When you access, use, or navigate our Services, we may process your personal information depending on how you interact with us and the Services, the choices you make, and the products and features you use.
Do we process any sensitive personal information? We do not process sensitive personal information.
Do we receive any information from third parties? We do not receive any information from third parties.
How do we process your information? We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We may also process your information for other purposes with your consent. We process your information only when we have a valid legal reason to do so.
In what situations and with which parties do we share personal information? We may share information in specific situations and with specific third parties.
How do we keep your information safe? We have organisational and technical processes and procedures in place to protect your personal information. However, no electronic transmission over the internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorised third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information.
What are your rights? Depending on where you are located geographically, you have certain rights regarding your personal information (depending on the Applicable Privacy Law).
How do you exercise your rights? The easiest way to exercise your rights is by contacting our Privacy Officer (Data Protection Officer) at email@example.com. We will consider and act upon any request in accordance with Applicable Privacy Laws.
Personal information you disclose to us
In Short: We collect personal information that you provide to us.
We collect personal information that you voluntarily provide to us when you express an interest in obtaining information about us or our products and services, when you access or use the Services, and when you interact with us (via the Services or otherwise).
The personal information that we collect depends on the context of your interactions with us and the Services, the choices you make, and requests that you make. The personal information we collect may include your name and your email address.
Information automatically collected
In Short: Some information — such as your Internet Protocol (IP) address and/or browser and device characteristics — is collected automatically when you access or use our Services.
We automatically collect certain information when you access, use, or navigate the Services. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services, and other technical information. This information is primarily needed to maintain the security and operation of our Services, and for our internal analytics and reporting purposes.
Like many businesses, we also collect information through cookies and similar technologies. You can find out more about this in our Cookie Notice: https://openstar.tech/cookies.
The information we collect includes:
We do not purposefully collect or process sensitive information. You must not provide us with any sensitive personal information.
In Short: We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We may also process your information for other purposes with your consent.
We process your personal information for a variety of reasons, depending on how you interact with our Services, including:
In Short: We only process your personal information when we believe it is necessary and we have a valid legal reason (i.e. legal basis) to do so under applicable law, like with your consent, to comply with laws, to provide you with services to enter into or fulfil our contractual obligations, to protect your rights, or to fulfil our legitimate business interests.
If you are located in the EU or the UK, the EU GDPR and/or the UK GDPR (as applicable) require us to explain the valid legal bases we rely on in order to process your personal information. As such, we may rely on the following legal bases to process your personal information:
If you are located in Canada, we may process your information if you have given us specific permission (i.e. express consent) to use your personal information for a specific purpose, or in situations where your permission can be inferred (i.e. implied consent). You can withdraw your consent at any time. However, in some exceptional cases, we may be legally permitted under applicable law to process your information without your consent, including, for example:
In Short: We may share information in specific situations described in this section and/or with the following third parties.
Vendors, Consultants, and Other Third-Party Service Providers. We may share your personal information with our third-party vendors, service providers, contractors, or agents (third parties) who perform services for us or on our behalf and require access to your personal information to do that work. We have contracts in place with our third parties, which are designed to help safeguard your personal information. This means that they cannot do anything with your personal information unless we have instructed them to do it. They also commit to protect the personal information they hold on our behalf and to retain it for the period we instruct. The third parties we may share personal information with are as follows:
We also may need to share your personal information in the following situations:
Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company (including in response to due diligence requests).
Compliance with law. We may share or transfer your personal information with a person who can require us to supply Personal Information (e.g. a Government agency, regulatory authority or law enforcement agency).
To any other person expressly authorised by you.
The rights of disclosure in this section may, if applicable, be subject to further restrictions contained in data processing agreements with our third party service providers (as applicable).
In Short: We may transfer, store, and process your information in countries other than your own.
Although you can access the Services from anywhere in the world, Open Star is located in New Zealand, so your personal information may be transferred and/or stored there. For the purposes of the EU GDPR and the UK GDPR, New Zealand has been recognized as providing adequate protection.
If you are located in the EU or the UK and we transfer your personal information to a third party located in a country outside (as applicable):
Our servers are located in the United States. If you are accessing our Services from outside the United States, please be aware that your information may be transferred to, stored, and processed by us in our facilities and by those third parties with whom we may share your personal information (see section 4 above for a list) in the United States and other countries.
We will keep your Personal Information:
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
Where we maintain or use de-identified information, we will continue to maintain and use the de-identified information only in a de-identified fashion and will not attempt to re-identify the information.
In Short: We aim to protect your personal information through a system of organisational and technical security measures.
We have implemented appropriate and reasonable technical and organisational security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorised third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment.
If you have any questions about our security policies or you believe that you have experienced unauthorized access or use of your account, please contact us immediately, at firstname.lastname@example.org.
In Short: We do not knowingly collect data from or market to children under 18 years of age.
We do not knowingly solicit data from or market to children under 18 years of age. By using the Services, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent’s use of the Services. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under age 18, please contact us at email@example.com.
In Short: depending on the geographic region in which you are located, you have various rights that allow you greater access to and control over your personal information.
You have the right to access your readily retrievable personal information that we hold about you, and to ask for it to be corrected if you think it is wrong. In fact, it is really important that the information you provide us with is accurate and up to date.
If you are based in the EU or the UK you have the right, under the EU GDPR or the UK GDPR (as applicable), to:
We will consider and act upon any request in accordance with applicable data protection laws.
Please note that in certain circumstances we may refuse to respond to a rights request where we have the right to do so under Applicable Privacy Laws, for example, where a request is manifestly unfounded or excessive.
If you are a resident of California, you have the right under the CCPA, to:
Opting out of marketing and promotional communications. You can unsubscribe from our marketing and promotional communications at any time by clicking on the unsubscribe link in the emails that we send, or by contacting us using the details provided in the section ' CONTACT DETAILS ' below. You will then be removed from the marketing lists. However, we may still communicate with you — for example, to send you Service-related messages that are necessary for the administration and use of your account, to respond to Service requests, or for other non-marketing purposes.
Cookies and similar technologies. Most Web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove cookies and to reject cookies. If you choose to remove cookies or reject cookies, this could affect certain features or services of our Services. You may also opt out of interest-based advertising by advertisers on our Services. For further information, please see our Cookie Notice: https://openstar.tech/cookies.
If you have questions or comments about your privacy rights or your wish to exercise any such rights, you may email our Privacy Officer (Data Protection Officer) at firstname.lastname@example.org.
In Short: Yes, we will update this notice as necessary to stay compliant with relevant laws.
Open Star Technologies Limited
20 Glover Street, Ngauranga
Wellington City , Wellington 6035
Your correspondence should provide evidence of who you are and set out the details of your request (e.g. the personal information, or the correction, that you are requesting).
If you believe we are unlawfully processing your personal information and wish to lodge a complaint, you can lodge a complaint with us directly using the above contact details, or you can lodge a complaint with the New Zealand Privacy Commissioner. Information about how to lodge a complaint is available at Privacy Commissioner’s website
If you are located in the EEA or UK, you also have the right to complain to your Member State data protection authority or UK data protection authority.
If you are located in Switzerland, you may also contact the Federal Data Protection and Information Commissioner.