Data controller
The controller responsible for personal data is Vorgyronuz, located at 132 Willis Street, Te Aro, Wellington 6011, New Zealand. For privacy-related requests, email assist@vorgyronuz.world or telephone +64 4 385 9553. We may ask you to verify your identity before disclosing or changing records.
If you act through a representative, we may request proof of authorisation. We do not charge a fee for ordinary access requests unless the law allows a reasonable charge for repetitive or manifestly unfounded requests.
Categories of personal data
Contact data: name, email address, and the text of messages you submit through our contact form.
Technical data: IP address, approximate region derived from network information, browser type, device category, referring URL, and timestamps, as recorded in server or application logs.
Preference data: cookie and localStorage choices recorded when you use the cookie banner, including whether analytics or marketing categories are enabled.
We do not ask you to provide special categories of data (such as health information) through the website. Please avoid including sensitive details in free-text fields unless you choose to do so voluntarily.
Purposes and legal bases
We process contact submissions to respond to your enquiry and to maintain correspondence until the matter is closed. Depending on context, the legal basis may be steps prior to a contract, performance of a contract, or legitimate interests in operating a responsive studio.
We process technical logs to secure the site, detect abuse, and understand aggregate traffic. The basis is typically legitimate interests, balanced against your rights.
Optional analytics and marketing technologies, where used, rely on consent obtained through the cookie interface. You may withdraw consent at any time without affecting the lawfulness of processing before withdrawal.
Retention periods
Contact messages are retained for up to twenty-four months from the last substantive reply unless a longer period is required for unresolved disputes, legal claims, regulatory requests, or financial record-keeping. After the retention period, we delete messages or strip identifiable details so that content can no longer be linked to you.
Technical logs are kept on a rolling basis, typically not longer than ninety days, unless an incident investigation requires a temporary extension. Backup systems may retain encrypted copies for a short additional period before overwrite cycles complete.
Cookie preference records stored locally on your device remain until you clear site data or we change our storage key in a way that resets the banner.
Recipients and international transfers
We use a limited number of processors, such as hosting providers and email transport services, who process data on our instructions under written terms. We do not sell personal data and we do not allow processors to use your data for their own marketing.
If personal data is transferred outside New Zealand or the European Economic Area, we implement appropriate safeguards such as adequacy decisions, standard contractual clauses, or other mechanisms recognised under applicable law. You may request further information about transfers by contacting us.
Advertising, analytics, and third-party platforms
We may use online advertising and measurement technologies when you consent to marketing or analytics cookies, or as otherwise permitted by law. Partners such as Google (including services related to Google Ads and Google Analytics) may process technical data—including device or browser identifiers, IP-derived region, and interaction events—to measure site use, deliver or limit advertising, or build aggregated audience insights. Processing is subject to each provider's terms and privacy policy.
Google describes how it uses data here: Google Privacy Policy. You can control personalised ads from Google via Google Ads Settings and learn more about cookies in your browser.
We do not sell personal data. You may withdraw consent for optional cookies through our cookie banner or browser controls at any time.
New Zealand users: We handle personal information in line with the Privacy Act 2020, including the Information Privacy Principles. You may contact the Office of the Privacy Commissioner about concerns.
Security measures
We apply organisational measures including role-based access, confidentiality commitments for staff, and vendor review. Technical measures include transport encryption where supported, separation of environments, and monitoring for unusual activity.
No method of transmission over the internet is completely secure. If you have reason to believe that your interaction with us has been compromised, please inform us promptly using the contact details above.
Your rights
Subject to applicable law, you may request access to personal data we hold about you, ask for correction of inaccurate data, request deletion where appropriate, object to certain processing, ask for restriction, or request portability in a structured format where technically feasible.
You may withdraw consent for optional cookies through our banner or browser settings. You may lodge a complaint with the New Zealand Office of the Privacy Commissioner or, if you are in the EU, with a supervisory authority in your country of residence.
Children
The website is intended for adults planning urban travel. We do not knowingly collect personal data from children without verifiable parental or guardian consent where such consent is required by law.
Changes to this policy
We may update this policy to reflect legal, technical, or organisational changes. The hero section at the top shows today’s date as a reference point when you load the page; substantive edits will also be summarised in this section when needed.