Ghexoranshep

Privacy

How we respect your information

This page explains what we collect when you visit ghexoranshep.world, why we process it, how long we keep it, and which rights you may exercise. We write for readers in New Zealand, the European Economic Area, the United Kingdom, Switzerland, and the Netherlands, without forgetting other regions that expect plain transparency.

Introduction

Privacy is part of how we build trust. Ghexoranshep publishes calm food and organisation content. When you interact with the site, we may process limited personal data to reply to you, secure our systems, and—only with consent—measure readership. We avoid collecting more than we need and we document retention so you can plan accordingly. We do not create health profiles for the purpose of misleading advertising, and we do not sell personal data.

Nothing in this policy replaces advice from your own lawyer or supervisory authority. If you are unsure how a rule applies to you, seek local guidance.

Controller and representative details

The data controller responsible for this site is Ghexoranshep, located at 588 Chapel Rd, East Tāmaki, Auckland 2013, New Zealand. You can email ask@ghexoranshep.world or call +64 9 271 5382 for privacy questions. If EU law requires an EU representative in your case, please ask us in writing and we will provide updated contact coordinates where applicable.

Scope of this policy

This policy covers processing connected to the public website, contact forms, optional newsletters if offered in the future, downloadable resources, and paid informational services described on the site. It does not govern third-party platforms that we merely link to; their policies apply once you leave our domain.

Categories of personal data

Depending on how you use the site, we may process:

Identity and contactName, email address, and any signature you type into the contact form.
CorrespondenceThe body of your message and internal notes required to answer it.
TechnicalIP address, browser type, approximate region derived from network data, timestamps, and pages requested.
Consent recordsTimestamp and category selections stored when you interact with the cookie interface.
Activity Example data Source
Contact form Name, email, message text You
Browsing IP, user agent Your device
Cookie banner Preference JSON in local storage Your browser
Optional analytics Pseudonymous usage metrics Your device, if enabled

Purposes and lawful bases

Responding to enquiries

We process form submissions to communicate with you. The primary lawful basis is consent ticked on the form. In limited cases we may rely on legitimate interests in documenting commercial correspondence, balanced against your rights.

Security and abuse prevention

We monitor technical logs to detect spam, intrusion attempts, or unusual load. This processing relies on legitimate interests in protecting our infrastructure.

Analytics and marketing measurement

Optional tools activate only when you allow the relevant categories in the cookie layer. The basis is consent, which you may withdraw without affecting the lawfulness of earlier processing.

Legal compliance

We retain some records where tax, accounting, or regulatory obligations require it. The basis is legal obligation where applicable, otherwise legitimate interests in proving compliance.

Retention periods

We keep data only as long as necessary for the purposes above:

  • Contact messages: up to twenty-four months after the last reply unless a longer period is needed for an active dispute or statutory requirement.
  • Security logs: ninety days, then deletion or aggregation.
  • Consent logs: twelve months from the last update, unless a newer record supersedes them.
  • Invoices and payment evidence for paid services: duration required by New Zealand tax practice, typically seven years unless a shorter period is validated by counsel.

When retention expires, we delete or irreversibly anonymise records. Backups may persist for a short technical window before rotation completes.

Recipients and processors

We use trusted service providers for hosting, email delivery, and optional analytics. Processors act on our instructions and must protect data to a standard that matches this policy. We do not sell personal data. If we ever run a structured sale of assets, your information may transfer as part of the business, subject to notice requirements.

International transfers

Our operations are anchored in New Zealand. Providers may process data in the EU, United Kingdom, United States, or other regions. Where GDPR applies and data leaves the EEA, we implement appropriate safeguards such as Standard Contractual Clauses and supplementary technical measures like encryption in transit. You may request a summary of safeguards by writing to the contact details above.

Security measures

We combine organisational and technical controls: role-based access, separation of production and administrative accounts, TLS for connections where supported, monitoring alerts, and periodic review of integrations. No system is perfectly secure; we mitigate risk through minimisation, training, and incident review procedures.

Your rights

Subject to applicable law, you may request:

  • Access to the personal data we hold about you.
  • Rectification of inaccurate information.
  • Erasure where there is no overriding legitimate ground.
  • Restriction of processing in specific circumstances.
  • Portability for data you provided where processing is automated and based on consent or contract.
  • Objection to processing based on legitimate interests.
  • Withdrawal of consent at any time for consent-based activities.

You may lodge a complaint with a supervisory authority. Residents of the Netherlands may contact the Autoriteit Persoonsgegevens. We may need to verify identity before fulfilling requests that could expose another person’s data.

Cookies and local storage

Detailed descriptions of each category, storage duration, and your controls appear in the Cookie Policy. The banner on this site links to that document and stores your preferences locally.

Children

The site is designed for adults planning meals and routines. We do not knowingly collect data from children without appropriate authority. If you believe a minor submitted data, contact us and we will delete it promptly where verification allows.

Automated decision-making

We do not use automated processing that produces legal effects or similarly significant impacts on you. Optional analytics may aggregate traffic patterns without making individual decisions about your rights.

Changes to this policy

When we introduce new processing activities or partners, we update this text and refresh the publication reference in the site footer. Material changes may require renewed consent for optional tools. Continued use of the site after notice may constitute acceptance where local law permits.

Contact

For privacy requests, email ask@ghexoranshep.world with the subject line “Privacy request” and enough detail for us to locate your records without excessive follow-up. We aim to acknowledge requests within five business days and respond within statutory timelines that apply to your jurisdiction.

We use optional analytics and marketing cookies only if you allow them. Strictly necessary cookies keep preferences and security working.