StampsNZ are New Zealand and Ross Dependency stamp dealers
operating from New Zealand. StampsNZ operate several websites including
stampsnz.com and stampsnz.org. It is StampsNZ's policy to respect and
protect your privacy regarding any information we collect while operating
or visiting our websites. Your privacy is critically important to us and we
follow these fundamental principles:
Like most web sites, StampsNZ collects non-personally
identifying information of the sort that web browsers and servers typically
make available, such as your browser type, referring site, and the date and
time of each visitor request using Google Analytics and our own in-house
system. StampsNZ's purpose in collecting non-personally identifying
information is to better understand how StampsNZ's visitors use our
website, correct coding errors and to improve your customer experience.
Disabling the collection of this information from your web browser is
browser. This should not affect your use of our site.
Cookies and Customer Orders
A cookie is a string of information that a website stores
on a visitor's computer, and that the visitor's browser provides to the
your session so that you may add items to your order form. These selections
are associated with a random GUID and are not personally identifiable in
the database on our publicly accessible web server - even after you have
completed a purchase. StampsNZ visitors who do not wish to have cookies
before using StampsNZ's order form. Disabling cookies may make it difficult
to use our ordering system but you should still be able to browse our
catalogue without difficulty.
Standing Order Subscriptions
Standing order subscriptions are processed using our own
in-house computer system. Name, address and order information is
transferred to our server over an SSL encoded connection and results in the
temporary storage of this information in the database on our live web
server. Name, address and order details are automatically downloaded to a
private server in our offices and deleted off of the publicly accessible
web server on a regular basis (currently every fifteen minutes). This
private server has access to the Internet but is protected behind a fire
wall and is not accessible from the Internet. The supply of this
information is not voluntary and is a required step when setting up a
standing order subscription.
Credit Card Information
Online orders paid for using credit card or PayPal payment
methods are processed using PayPal. Credit card numbers and name and
address information are keyed into the PayPal system and stored on their
servers. The supply of this information is a required step when paying for
an order so that we may deliver to you the philatelic items you have
ordered from us. StampsNZ understands and trusts that PayPal keeps this
information safe and secure from disclosure but cannot guarantee this as
their systems are out of our control. StampsNZ retrieves your name and
address details from PayPal and stores them along with the items on your
order form on a private server located in our offices. This server has
access to the Internet but is protected behind a fire wall and is not
accessible from the Internet. Your credit card information is never
disclosed to StampsNZ.
Direct Credit and Money Order Payments
Online orders paid for using direct credit or money order
are processed using our own in-house system. Name and address information
is transferred to our server over an SSL encoded connection and results in
the temporary storage of this information in the database on our live web
server. Name and address details are automatically downloaded to a private
server in our offices and deleted off of the publicly accessible web server
on a regular basis (currently every fifteen minutes). This private server
has access to the Internet but is protected behind a fire wall and is not
accessible from the Internet. The supply of this information is not
voluntary and is a required step when paying for an order so that we may
deliver to you the philatelic items you have ordered from
Disclosure of Inofrmation
StampsNZ collects personal information only as necessary to
fulfill stamp orders. StampsNZ will not disclose personally-identifying
information to any third party unless explicitly required to do so by a law
enforcement agency. We require a name and address in order to ship your
purchases to you but if you are concerned about supplying these details we
are quite happy to ship orders to a Post Office box.
The Fair Information Practice Principles define Access as
not only a consumer's ability to view the data collected, but also to
verify and contest its accuracy. We welcome customer review of all account
information including name and address that is stored on our servers and
offer that information for review on invoices and packing slips. This
information is both emailed and posted with each shipped order.
If you have questions about deleting, verifying or
correcting your personal data please contact us.
Use of the Enquiry form on our Contacts page results in the
storage of your query and email address in the database on our live web
server. These queries are automatically downloaded to a private server in
our offices and deleted off of the publicly accessible web server on a
regular basis (currently every fifteen minutes).
Protection of Personally-Identifying Information
StampsNZ discloses personally identifying information only
to those employees that need this information in order to process customer
orders or provide services available at StampsNZ's websites. Staff will not
disclose this information to anyone outside StampsNZ. Some of these
employees may be located outside of your home country (especially true if
you don't live in New Zealand).
StampsNZ will not rent, sell or gift personally identifying
information to anyone other than its employees and solely for the purpose
of fulfilling orders as described above unless compelled to by New Zealand
law in response to a subpoena, court order or other legal or governmental
Third Party Access
StampsNZ does not display third party advertisements on our
web sites and consequently we do not supply tracking cookies and such to
any outside organisation. As stated previously we do use Google Analytics
for statistical analysis of our web site and that appears to involve the
supply of a cookie to Google. You may block this cookie with our blessing
without affecting your experience on our web site.
StampsNZ will not under any circumstances sell your email
address or personally identifiable information to any third party. We are
stamp dealers, we do not support or condone SPAM and our only interest in
your personal information is to ensure that the stamps you order arrive
safely in your hands. In addition to never sending out SPAM ourselves we
endeavour to do whatever we can to help stop SPAM emails sent by third
parties. If you operate a mail server we encourage you to participate as we
do in DMARC and to filter
and discard SPAM emails wherever possible.
We do not operate any email distribution systems and all
emails from StampsNZ are individually written and are protected by SPF
and/or DKIM. Our mail server does not accept emails for random user names
at stampsnz.com and any email from a spoofed address that our mail servers
will not accept a connection for may be discarded
Susceptibility to Attack from Hackers
We have taken every care to protect our live systems from
attack. We are very careful to protect our systems from common forms of
attack that many live systems suffer from such as SQL injection attacks.
However, our primary defence mechanisms are to use static html pages
wherever possible and to not store sensitive information on our servers.
Even if our live systems were compromised the amount of information
disclosed to a hacker would be small. As previously mentioned we do not
store name, address or email information on the live system with the
exception of email addresses for customer enquiries and address details for
standing order subscriptions and direct credit and money order payments
entered within the last fifteen minutes.
Susceptibility to Attack from the Heartbleed Bug
We have never used any of the versions of OpenSSL
containing this security flaw and PayPal has also notified us that they
have never been susceptible. If you use the same password for PayPal as
other online systems and one of those other systems does have this security
flaw (and the flaw has been exploited) then you should change your
password. It is commonly acknowledged that you should NEVER use the same
password on multiple sites - if you do then I would take the time now to
change all of those passwords to unique codes.
Although most changes are likely to be minor, StampsNZ may
encourage visitors to regularly check this page for any changes to our
- We won't ask you for personal information unless we truly need it.
- We won't share your personal information with anyone unless forced to
comply with the law.
- We don't permanently store personal information on our publicly
accessible web servers.
This page was last updated on 19 Oct 2018
All content and images copyright © 2008 - 2018 StampsNZ