Stay up to date with UX New Zealand

Sign up for our news

Privacy Policy

Introduction

Optimal Workshop Limited (1973791) (we, us, our) complies with the New Zealand Privacy Act 2020 and the General Data Protection Regulation of the European Union (GDPR), the equivalent laws of the United Kingdom (UK GDPR) and the California Consumer Privacy Act of 2018 (CCPA) (if applicable) when dealing with personal information.  

Personal information is information about an identifiable individual (a natural person), and includes personal data, personally identifiable information and equivalent information under applicable privacy and data protection laws.  

This policy does not limit or exclude any of your rights under the New Zealand Privacy Act 2020 or the GDPR, UK GDPR or CCPA.  

This policy was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of our collection and use of personal information. We are happy to provide any additional information or explanation needed. Any request for further information should be sent to privacy@optimalworkshop.com.

Changes to this policy

We may change this policy by uploading a revised policy onto our website.  The change will apply from the date that we upload the revised policy.  

This policy was last updated on 2 September 2021.

When does this policy privacy apply

This policy sets out how we will collect, use, disclose and protect your personal information when you visit and use our website, purchase events from us, attend events, or otherwise deal with us.

Children

We do not intend to collect personal information from or about children aged under 16. If you have reason to believe that we have collected personal information from or about a child under the age of 16, please contact us at privacy@optimalworkshop.com.

What personal information do we collect

Directly from you

We collect the following information directly from you.  

When you sign up for, register and/or purchase tickets to any event on our website, we collect your name/email address/address/location/phone number/company/dietary and accessibility requirements/position/level of UX experience/prior attendance of a previous event/credit card information/purchase history and any other information we require or ask for to sign you up or register you for any event or that you submit to us for billing and purchase fulfilment purposes.

When you fill in a contact or enquiry form on our website, call us, meet us in person or otherwise contact us, we collect your name/email address/phone number/company and any other information you choose to provide to us.

When you sign up to our marketing and other relevant information, we collect your name/email address/location/company/position/user preferences any other information you provide to us when you ask to receive our marketing or other relevant information.

When you respond to our feedback surveys, we collect your name/email address/location and any other information you choose to include in your response. 

Some of the personal information that we collect directly from you may be mandatory and some may be optional.  We will let you know which of these applies at the time we collect the relevant personal information.  While you do not have to provide us with some of the information that we may request, this might mean that our services (including delivery of any event) may not perform as well as they should, or that we may not be able to provide some parts of the website or all of our services (including any event) to you.  If you require further information about the consequences of not providing us with any information, please contact us at privacy@optimalworkshop.com.

We use a third party service provider to process credit card transactions (including EventsAIR and EventDynamics).  We do not have access to your credit card information.  The name of this third party provider will generally be displayed when you are requested to enter your credit card information.  Where requested in relation to the processing of credit card transactions, we will share your personal information with EventsAIR and EventDynamics (as required).  You can see further information about how EventsAIR and EventDynamics process your credit card information in their respective privacy policies.

Automatically when you use our website 

When you access and use our website or related services we may automatically collect information about your device and usage of our website and services (including any event), including your IP address/operating system/browser type/time spent on certain pages of the website/pages visited/links clicked/language preferences.

Some of this data is collected through third party tools and/or the use of cookies, web beacons and similar storage technologies.  Please refer to our cookie policy below for further information, including information on how you can disable these technologies.

How we use our personal information

We may use your personal information to: 

  • verify your identity
  • provide our website, services and events to you
  • bill you and collect money that you owe us, including authorising and processing credit card transactions
  • market our events to you, including contacting you electronically (e.g. by text or email for this purpose)
  • improve our website, services and events
  • respond to communications from you, including enquiries and complaints
  • conduct research and statistical analysis (on an anonymised basis)
  • tailor content or advertisements on our website to you
  • protect and/or enforce our legal rights and interests, including defending any claim
  • respond to lawful requests by public authorities, including to comply with law enforcement requirements, or 
  • for any other purpose authorised by you or applicable law. 

We may transfer your information in the case of a sale, merger, consolidation, liquidation, reorganisation or acquisition.

You can stop receiving our marketing emails by following the unsubscribe instructions included in those emails.

Disclosing your personal information

We may disclose your personal information to: 

  • another company within our group
  • any business that supports our website and services, including any person that hosts or maintains any underlying IT system or data centre that we use to provide our website, services or that we use to process payments
  • fulfil any purchase of tickets made by you on our website
  • deliver any event to you, including to any third party provider that we use to deliver the event
  • third parties (for anonymised statistical information)
  • the sponsors of any event, including for their own marketing and lead generation purposes 
  • professional advisers e.g. accountants, lawyers or auditors
  • a person who can require us to supply your personal information (e.g. a law enforcement agency or regulatory authority)
  • any other person with your consent 
  • any other company in the case of a sale, merger, consolidation, liquidation, reorganisation or acquisition
  • any other person authorised by applicable law. 

Also, we may share information about your use of our website with our trusted advertising and analytics partners through the use of cookies, web beacons, and similar storage technologies.  Please refer to our cookie policy below for further information.

International transfers of personal data

A business that supports our website, and services (including any event) may be located outside of New Zealand (the country where we are incorporated) and also outside of the country where you are located.  This means that the personal information we collect may be transferred to, and stored in, a country outside of New Zealand and the country where you are located.

If you are located in the European Union (EU), your personal information may be transferred outside of the European Economic Area (EEA).  Under the GDPR, the transfer of personal information to a country outside the EEA may take place where the European Commission has decided that the country ensures an adequate level of protection.  In the absence of an adequacy decision, we may transfer personal information if other appropriate safeguards are in place.

If you are located in the United Kingdom (UK) your personal information may be transferred outside of the UK.  Under the UK GDPR, the transfer of personal information to a country outside the UK may take place where the European Commission (as at 31 December 2020) or the UK government has decided that the country ensures an adequate level of protection.  In the absence of an adequacy decision, we may transfer personal information if other appropriate safeguards are in place.

Where we transfer personal information outside the EEA or UK, it will only be transferred to countries that have been identified as providing adequate protection for EU/UK data, or to a third party where approved transfer mechanisms are in place to protect your personal information (e.g. by entering into the European Commission’s Standard Contractual Clauses).  For further information, please contact at privacy@optimalworkshop.com.

Some of the personal information we collect is processed in New Zealand.  New Zealand is recognised by the European Commission as a country that has an adequate level of data protection and we rely on this decision in transferring personal information to New Zealand.

Protecting your personal information

As required by applicable law, we will take steps to keep your personal information safe from loss, unauthorised activity, or other misuse. We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risks inherent in processing personal information.

Accessing and correcting your personal information

Subject to certain grounds for refusal under applicable law, you have the right to access your personal information that we hold and to request a correction to your personal information.  Before you exercise this right, we will need evidence to confirm that you are the individual to whom the personal information relates.

Where you request a correction, if we think the correction is reasonable and we are reasonably able to change your personal information, we will make the correction.  In all other cases, we will take reasonable steps to make a note of the personal information that was the subject of your correction request.

If you want to exercise either of the above rights, email us at privacy@optimalworkshop.com.  Your email should provide evidence of who you are and set out the details of your request (e.g. the personal information to be corrected and the correction that you are requesting).

Subject to applicable law, we may charge you our reasonable costs of providing to you copies of your personal information or correcting that information. 

Other rights

In addition to the rights to access and correct your personal information:

  • if you are based in the EU or UK, you have the additional rights set out in the GDPR Additional Terms Addendum set out below; and
  • if you are located in California, you have the additional rights set out in the CCPA Addendum set out below.

Internet use

While we take reasonable steps to maintain secure internet connections, if you provide us with personal information over the internet, the provision of that information is at your own risk.

If you follow a link on our website to another website, the owner of that website will have its own privacy policy relating to your personal information.  We suggest you review that website’s privacy policy before you provide personal information to that owner or website.

Data retention policy

The personal information that we collect and use will not be kept longer than necessary for the purposes for which it is collected, or for the duration required for compliance with applicable law, whichever is longer.

Contacting us

If you have any question about this privacy policy, or our privacy practices, or if you would like to request access to, or correction of, your personal information, you can contact us at privacy@optimalworkshop.com.

The name and contact details of our Data Protection Officer for the purposes of the GDPR, UK GDPR and the CCPA are:

Name: Meiken Bassant

Email address: privacy@optimalworkshop.com

Contacting us

If you have any question about this privacy policy, or our privacy practices, or if you would like to request access to, or correction of, your personal information, you can contact us at privacy@optimalworkshop.com.

The name and contact details of our Data Protection Officer for the purposes of the GDPR, UK GDPR and the CCPA are:

Name: Meiken Bassant

Email address: privacy@optimalworkshop.com