stampsnz.com
Privacy Policy

 

StampsNZ are New Zealand and Ross Dependency stamp dealers operating from New Zealand. StampsNZ operate several websites including stampsnz.com and stampsnz.org. It is StampsNZ's policy to respect and protect your privacy regarding any information we collect while operating or visiting our websites. Your privacy is critically important to us and we follow these fundamental principles:
Website Visitors
Like most web sites, StampsNZ collects non-personally identifying information of the sort that web browsers and servers typically make available, such as your browser type, referring site, and the date and time of each visitor request using Google Analytics and our own in-house system. StampsNZ's purpose in collecting non-personally identifying information is to better understand how StampsNZ's visitors use our website, correct coding errors and to improve your customer experience. Disabling the collection of this information from your web browser is perfectly acceptable and is simply a matter of disabling Javascript in your browser. This should not affect your use of our site.

Cookies and Customer Orders
A cookie is a string of information that a website stores on a visitor's computer, and that the visitor's browser provides to the website each time the visitor returns. StampsNZ uses cookies to identify your session so that you may add items to your order form. These selections are associated with a random GUID and are not personally identifiable in the database on our publicly accessible web server - even after you have completed a purchase. StampsNZ visitors who do not wish to have cookies placed on their computers should set their browsers to refuse cookies before using StampsNZ's order form. Disabling cookies may make it difficult to use our ordering system but you should still be able to browse our catalogue without difficulty.

Standing Order Subscriptions
Standing order subscriptions are processed using our own in-house computer system. Name, address and order information is transferred to our server over an SSL encoded connection and results in the temporary storage of this information in the database on our live web server. Name, address and order details are automatically downloaded to a private server in our offices and deleted off of the publicly accessible web server on a regular basis (currently every fifteen minutes). This private server has access to the Internet but is protected behind a fire wall and is not accessible from the Internet. The supply of this information is not voluntary and is a required step when setting up a standing order subscription.

Credit Card Information
Online orders paid for using credit card or PayPal payment methods are processed using PayPal. Credit card numbers and name and address information are keyed into the PayPal system and stored on their servers. The supply of this information is a required step when paying for an order so that we may deliver to you the philatelic items you have ordered from us. StampsNZ understands and trusts that PayPal keeps this information safe and secure from disclosure but cannot guarantee this as their systems are out of our control. StampsNZ retrieves your name and address details from PayPal and stores them along with the items on your order form on a private server located in our offices. This server has access to the Internet but is protected behind a fire wall and is not accessible from the Internet. Your credit card information is never disclosed to StampsNZ.

Direct Credit and Money Order Payments
Online orders paid for using direct credit or money order are processed using our own in-house system. Name and address information is transferred to our server over an SSL encoded connection and results in the temporary storage of this information in the database on our live web server. Name and address details are automatically downloaded to a private server in our offices and deleted off of the publicly accessible web server on a regular basis (currently every fifteen minutes). This private server has access to the Internet but is protected behind a fire wall and is not accessible from the Internet. The supply of this information is not voluntary and is a required step when paying for an order so that we may deliver to you the philatelic items you have ordered from us.

Disclosure of Inofrmation
StampsNZ collects personal information only as necessary to fulfill stamp orders. StampsNZ will not disclose personally-identifying information to any third party unless explicitly required to do so by a law enforcement agency. We require a name and address in order to ship your purchases to you but if you are concerned about supplying these details we are quite happy to ship orders to a Post Office box.
The Fair Information Practice Principles define Access as not only a consumer's ability to view the data collected, but also to verify and contest its accuracy. We welcome customer review of all account information including name and address that is stored on our servers and offer that information for review on invoices and packing slips. This information is both emailed and posted with each shipped order.
If you have questions about deleting, verifying or correcting your personal data please contact us.

Enquiries
Use of the Enquiry form on our Contacts page results in the storage of your query and email address in the database on our live web server. These queries are automatically downloaded to a private server in our offices and deleted off of the publicly accessible web server on a regular basis (currently every fifteen minutes).

Protection of Personally-Identifying Information
StampsNZ discloses personally identifying information only to those employees that need this information in order to process customer orders or provide services available at StampsNZ's websites. Staff will not disclose this information to anyone outside StampsNZ. Some of these employees may be located outside of your home country (especially true if you don't live in New Zealand).
StampsNZ will not rent, sell or gift personally identifying information to anyone other than its employees and solely for the purpose of fulfilling orders as described above unless compelled to by New Zealand law in response to a subpoena, court order or other legal or governmental demand.

 
Third Party Access
StampsNZ does not display third party advertisements on our web sites and consequently we do not supply tracking cookies and such to any outside organisation. As stated previously we do use Google Analytics for statistical analysis of our web site and that appears to involve the supply of a cookie to Google. You may block this cookie with our blessing without affecting your experience on our web site.

SPAM
StampsNZ will not under any circumstances sell your email address or personally identifiable information to any third party. We are stamp dealers, we do not support or condone SPAM and our only interest in your personal information is to ensure that the stamps you order arrive safely in your hands. In addition to never sending out SPAM ourselves we endeavour to do whatever we can to help stop SPAM emails sent by third parties. If you operate a mail server we encourage you to participate as we do in DMARC and to filter and discard SPAM emails wherever possible.
We do not operate any email distribution systems and all emails from StampsNZ are individually written and are protected by SPF and/or DKIM. Our mail server does not accept emails for random user names at stampsnz.com and any email from a spoofed address that our mail servers will not accept a connection for may be discarded immediately.

Susceptibility to Attack from Hackers
We have taken every care to protect our live systems from attack. We are very careful to protect our systems from common forms of attack that many live systems suffer from such as SQL injection attacks. However, our primary defence mechanisms are to use static html pages wherever possible and to not store sensitive information on our servers. Even if our live systems were compromised the amount of information disclosed to a hacker would be small. As previously mentioned we do not store name, address or email information on the live system with the exception of email addresses for customer enquiries and address details for standing order subscriptions and direct credit and money order payments entered within the last fifteen minutes.

Susceptibility to Attack from the Heartbleed Bug
We have never used any of the versions of OpenSSL containing this security flaw and PayPal has also notified us that they have never been susceptible. If you use the same password for PayPal as other online systems and one of those other systems does have this security flaw (and the flaw has been exploited) then you should change your password. It is commonly acknowledged that you should NEVER use the same password on multiple sites - if you do then I would take the time now to change all of those passwords to unique codes.

Privacy Policy Changes
Although most changes are likely to be minor, StampsNZ may revise this Privacy Policy from time to time at StampsNZ's discretion. We encourage visitors to regularly check this page for any changes to our Privacy Policy.

Catalogue · Order Form · Currency Converter · USB/CD-ROM
Stanley Gibbons Reference · Scott Reference
What to Expect
Contact Us · Links · Standing Order Subscription


This page was last updated on 21 Aug 2017
All content and images copyright © 2008 - 2017 StampsNZ