Tailored Solutions For Your Security Priorities
Privacy Policy
1. About Rush Security
Rush Security Limited is a New Zealand company registered at [Insert Registered Address]. We provide comprehensive security services including but not limited to:
- Physical security services and consultancy
- Cybersecurity solutions and assessments
- Security equipment sales through our ecommerce platform
- Risk assessment and management services
- Security training and education
2. Information We Collect
2.1 Personal Information
We collect personal information that you provide directly to us, including:
- Identity Information: Full name, date of birth, identification documents
- Contact Information: Address, email address, phone numbers
- Financial Information: Credit card details, bank account information, billing addresses
- Professional Information: Employment details, security clearances, qualifications
- Security-Specific Information: Access credentials, security assessments, incident reports
2.2 Automatically Collected Information
- Device Information: IP address, browser type, operating system
- Usage Data: Website interactions, page views, time spent on pages
- Location Data: General location information based on IP address
- Security Logs: Access attempts, system interactions, security events
2.3 Sensitive Information
For security services, we may collect sensitive information including:
- Criminal background check results
- Security clearance information
- Biometric data for access control systems
- Health information relevant to security duties
3. How We Use Your Information
3.1 Primary Purposes
- Service Delivery: Providing security services, processing orders, managing accounts
- Communication: Responding to inquiries, providing updates, emergency notifications
- Compliance: Meeting legal obligations, conducting background checks
- Business Operations: Processing payments, managing contracts, quality assurance
3.2 Security Services Specific Uses
- Conducting security assessments and risk analyses
- Managing access control systems and monitoring
- Investigating security incidents and breaches
- Providing security training and certification
- Maintaining security clearance records
3.3 Ecommerce Specific Uses
- Processing online orders and payments
- Managing inventory and shipping
- Providing customer support and warranty services
- Personalizing shopping experiences
- Fraud prevention and detection
4. Data Sharing and Disclosure
4.1 We May Share Your Information With:
| Recipient Type | Purpose | Legal Basis |
|---|---|---|
| Service Providers | Payment processing, IT support, logistics | Contractual necessity |
| Government Agencies | Compliance with legal obligations, investigations | Legal requirement |
| Security Authorities | Incident reporting, threat intelligence | Legitimate interest/Legal requirement |
| Business Partners | Joint security services, equipment suppliers | Contractual necessity |
4.2 We Do Not Share Information:
- With third parties for marketing purposes without consent
- For commercial gain unrelated to our services
- With unauthorized parties or for unauthorized purposes
5. Security Measures
5.1 Technical Safeguards
- Encryption: AES-256 encryption for data at rest and TLS 1.3 for data in transit
- Access Controls: Multi-factor authentication, role-based access controls
- Network Security: Firewalls, intrusion detection systems, network segmentation
- Monitoring: 24/7 security monitoring and incident response
5.2 Physical Safeguards
- Secure data centers with biometric access controls
- Locked filing cabinets for paper records
- Visitor access controls and monitoring
- Secure disposal of physical documents
5.3 Administrative Safeguards
- Regular security training for all staff
- Background checks for personnel handling sensitive data
- Incident response and data breach procedures
- Regular security audits and assessments
6. Your Rights Under the Privacy Act 2020
Under New Zealand's Privacy Act 2020, you have the following rights:
6.1 Information Privacy Principles
- Right to Know: We will inform you about collection and use of your information
- Right of Access: You can request access to your personal information
- Right of Correction: You can request correction of inaccurate information
- Right to Complain: You can complain about privacy breaches
6.2 How to Exercise Your Rights
To exercise your privacy rights, contact us:
- Email: admin@rushsecurity.co.nz
- Phone: 09 377 4858
- Post: Privacy Officer, Rush Security Limited, [Insert Address]
We will respond to your request within 20 working days as required by law.
7. Cookie Policy
7.1 Types of Cookies We Use
| Cookie Type | Purpose | Duration |
|---|---|---|
| Essential Cookies | Website functionality, security | Session/1 year |
| Analytics Cookies | Website performance analysis | 2 years |
| Functional Cookies | Remember preferences, login status | 1 year |
| Security Cookies | Fraud prevention, threat detection | Session/30 days |
7.2 Managing Cookies
You can control cookies through your browser settings. However, disabling certain cookies may affect website functionality, particularly for our security and ecommerce services.
8. Third-Party Integrations
8.1 Payment Processors
- Stripe, PayPal, and other PCI-DSS compliant payment processors
- Bank payment gateways for direct debit services
8.2 Analytics and Monitoring
- Google Analytics (with IP anonymization)
- Security monitoring tools for threat detection
8.3 Communication Platforms
- Email service providers for marketing communications
- Customer support platforms for service delivery
9. Data Retention
9.1 Retention Periods
| Data Type | Retention Period | Legal Basis |
|---|---|---|
| Customer Account Information | 7 years after account closure | Tax and business records requirements |
| Security Clearance Records | 10 years after expiry | Security industry regulations |
| Financial Transaction Records | 7 years | Financial services legislation |
| Security Incident Reports | 10 years | Security and compliance requirements |
| Website Analytics Data | 26 months | Business analysis and improvement |
9.2 Secure Disposal
When personal information is no longer required, we securely dispose of it using industry-standard data destruction methods including:
- Cryptographic erasure for encrypted data
- Physical destruction of storage media
- Secure paper shredding for physical documents
10. Cross-Border Data Transfers
10.1 Data Processing Locations
Your personal information may be processed in the following locations:
- New Zealand: Primary data processing and storage
- Australia: Backup storage and disaster recovery
- United States: Cloud services (Google Cloud, AWS) with appropriate safeguards
- European Union: Security monitoring services with GDPR compliance
10.2 Transfer Safeguards
When transferring data overseas, we ensure appropriate safeguards including:
- Standard contractual clauses with service providers
- Adequacy decisions where available
- Certification schemes and codes of conduct
- Privacy impact assessments for high-risk transfers
11. Specific Privacy Considerations
11.1 Security Services
Background Checks: We conduct comprehensive background checks as required by security industry regulations. This may include criminal history, credit checks, and character references.
Surveillance and Monitoring: Our security services may involve surveillance activities. We ensure compliance with the Surveillance Devices Act and obtain necessary consents.
Access Control Systems: Biometric data collected for access control is encrypted and stored securely, with limited access and regular audits.
11.2 Ecommerce Operations
Order Processing: Customer information is used solely for order fulfillment, customer service, and legal compliance.
Product Recommendations: We may analyze purchase history to provide relevant product suggestions, with options to opt-out.
Fraud Prevention: Transaction monitoring is conducted to prevent fraudulent activities while minimizing impact on legitimate customers.
12. Data Breach Response
12.1 Our Commitment
In the event of a data breach, we will:
- Assess the breach within 72 hours of discovery
- Notify the Privacy Commissioner if required by law
- Notify affected individuals if there is serious harm risk
- Take immediate steps to contain the breach
- Conduct a thorough investigation and implement remediation measures
12.2 Notification Process
If you are affected by a data breach, we will notify you via:
- Direct email to your registered email address
- SMS to your registered mobile number
- Posted notice on our website
- Traditional mail if electronic contact is not possible
13. Children's Privacy
Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child, we will delete it immediately.
For security training services involving minors, we require parental consent and implement additional privacy protections.
14. Contact Information
Privacy Officer
Company: Rush Security Limited
Address: 52 Remuera Road, Newmarket Auckland, 1050 New Zealand
Phone: 09 377 4858
Email: admin@rushsecurity.co.nz
Website: https://rushsecurity.co.nz/
Complaints
If you are not satisfied with our response to your privacy concern, you may lodge a complaint with:
Office of the Privacy Commissioner
Phone: 0800 803 909
Email: enquiries@privacy.org.nz
Website: www.privacy.org.nz
15. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will:
- Post the updated policy on our website
- Update the "Last Updated" date at the top of this policy
- Notify customers of material changes via email
- Provide 30 days notice for significant changes affecting your rights
Your continued use of our services after changes take effect constitutes acceptance of the updated Privacy Policy.
16. Governing Law
This Privacy Policy is governed by New Zealand law, including the Privacy Act 2020. Any disputes arising from this policy will be subject to the jurisdiction of New Zealand courts.