Privacy Policy
1. INTRODUCTION AND SCOPE
BLUE KIWI GROUP LTD and BKG INDUSTRIES LTD (“we,” “us,” “our,” or the “Company”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you:
- Visit our website at https://bkgindustries.ltd (the “Site”)
- Use any of our software applications, including ALERTIT, RECORDIT and Beebop Applicatications (collectively, the “Applications”)
- Contact our customer support or sales teams
- Subscribe to our newsletters or marketing communications
- Participate in surveys, promotions, or events
This Privacy Policy applies to all users worldwide, including individuals in the European Economic Area (EEA), United Kingdom, United States, and other jurisdictions. We comply with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), and other applicable privacy laws.
Company Contact Information:
- Legal Entity Name: BLUE KIWI GROUP LIMITED
- Registered Address: 257H Whakamarama Rd, Tauranga 3179, New Zealand
- Email: info@bkgindustries.ltd
- Phone: 64 800 514 498
2. INFORMATION WE COLLECT
2.1 Personal Data You Provide Directly
| Category | Examples | Purpose |
|---|---|---|
| Identity Data | First name, last name, username, title | Account creation, user identification |
| Contact Data | Email address, phone number, billing address | Communication, transaction processing |
| Financial Data | Credit card details, bank account information (processed by secure third-party payment processors) | Payment processing, subscription management |
| Account Data | Login credentials, account preferences, purchase history | Account management, service delivery |
| Communication Data | Customer support inquiries, feedback, survey responses | Customer support, product improvement |
| Professional Data | Company name, job title, industry | B2B account management, tailored services |
2.2 Data Collected Automatically
When you use our Site or Applications, we automatically collect:Table
Copy
| Category | Examples | Legal Basis (GDPR) |
|---|---|---|
| Technical Data | IP address, browser type and version, time zone, operating system, device identifiers | Legitimate interest / Consent |
| Usage Data | Pages visited, features used, click patterns, session duration, error logs | Legitimate interest / Consent |
| Location Data | General geographic location derived from IP address | Legitimate interest |
| Cookies & Tracking | See Section 8 (Cookies Policy) | Consent |
2.3 Data from Third Parties
We may receive personal data from:
- Business partners and resellers
- Analytics providers (e.g., Google Analytics)
- Payment processors (transaction confirmations)
- Publicly available sources (for B2B lead generation)
- Social media platforms (when you interact with our official accounts)
3. HOW WE USE YOUR INFORMATION
We process your personal data for the following purposes and legal bases:Table
Copy
| Purpose | Legal Basis (GDPR) | CCPA Category |
|---|---|---|
| Providing and maintaining our Applications and services | Performance of contract | Business Purpose |
| Processing transactions and managing subscriptions | Performance of contract | Business Purpose |
| Authenticating users and ensuring security | Legitimate interest / Legal obligation | Business Purpose |
| Communicating about service updates, security alerts, and support | Legitimate interest / Performance of contract | Business Purpose |
| Sending marketing communications (with opt-out) | Consent / Legitimate interest | Commercial Purpose |
| Conducting analytics to improve our products | Legitimate interest | Business Purpose |
| Complying with legal obligations | Legal obligation | Business Purpose |
| Enforcing our terms and protecting rights | Legitimate interest | Business Purpose |
| Personalizing user experience and recommendations | Consent / Legitimate interest | Commercial Purpose |
We do NOT:
- Sell your personal information (as defined under CCPA/CPRA)
- Use your data for automated decision-making with legal or similarly significant effects without human intervention
- Process special category data (health, biometric, genetic data) unless explicitly required for specific Applications with additional consent
4. DATA SHARING AND DISCLOSURE
4.1 Categories of Recipients
We may share your personal data with:Table
Copy
| Recipient Category | Purpose | Data Shared |
|---|---|---|
| Service Providers | Cloud hosting, payment processing, customer support, analytics | Contact, financial, technical, usage data |
| Professional Advisors | Legal, accounting, insurance services | Identity, contact, financial data |
| Affiliates and Subsidiaries | Internal business operations | All categories as necessary |
| Business Partners | Joint marketing, reseller arrangements (with consent where required) | Identity, contact, professional data |
| Regulatory Authorities | Legal compliance, law enforcement requests | As required by law |
4.2 International Data Transfers
For EU/EEA/UK Users: Your personal data may be transferred to countries outside the EEA, including the United States. We ensure appropriate safeguards are in place through:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Adequacy decisions (where applicable)
- Binding Corporate Rules (for intra-group transfers)
For All Users: We use service providers that maintain certifications such as:
- EU-US Data Privacy Framework certification
- ISO 27001 security certifications
- SOC 2 Type II compliance
4.3 Legal Disclosure
We may disclose personal data when required by:
- Court order, subpoena, or other legal process
- Government or regulatory authority request
- Protection of our rights, property, or safety
- Prevention or investigation of illegal activities
- Merger, acquisition, or asset sale (with notice to users)
5. YOUR RIGHTS AND CHOICES
5.1 GDPR Rights (EEA/UK Users)
If you are in the European Economic Area or United Kingdom, you have the right to:Table
Copy
| Right | Description | How to Exercise |
|---|---|---|
| Access | Request copies of your personal data | Email info@bkgindustries.ltd |
| Rectification | Correct inaccurate or incomplete data | Update via account settings or contact us |
| Erasure (“Right to be Forgotten”) | Request deletion of your data | Email info@bkgindustries.ltd |
| Restriction | Limit how we process your data | Email info@bkgindustries.ltd |
| Data Portability | Receive data in structured, machine-readable format | Email info@bkgindustries.ltd |
| Objection | Object to processing based on legitimate interests or direct marketing | Click unsubscribe or email us |
| Withdraw Consent | Withdraw previously given consent | Email info@bkgindustries.ltd |
| Complaint | Lodge complaint with supervisory authority | Contact your local data protection authority |
Response Time: We will respond to GDPR requests within 30 days. Complex requests may require up to 60 days with notice.
5.2 CCPA/CPRA Rights (California Residents)
If you are a California resident, you have the right to:Table
Copy
| Right | Description | How to Exercise |
|---|---|---|
| Know | Request disclosure of categories and specific pieces of personal information collected | Email info@bkgindustries.ltd |
| Delete | Request deletion of personal information (with exceptions) | Email info@bkgindustries.ltd |
| Correct | Request correction of inaccurate personal information | Email info@bkgindustries.ltd |
| Opt-Out of Sale/Sharing | We do not sell personal information; opt-out of cross-context behavioral advertising | Email info@bkgindustries.ltd |
| Limit Use of Sensitive Information | Restrict use of sensitive personal information to necessary purposes | Email info@bkgindustries.ltd |
| Non-Discrimination | We will not discriminate against you for exercising privacy rights | N/A |
Authorized Agents: You may designate an authorized agent to make requests on your behalf. We require signed permission and identity verification.
Response Time: We will respond to CCPA requests within 45 days, extendable by 45 days with notice.
5.3 Other US State Rights
Residents of Virginia, Colorado, Connecticut, Utah, and other states with comprehensive privacy laws have similar rights regarding access, deletion, and opt-out of targeted advertising. Contact Email info@bkgindustries.ltd for state-specific requests.
6. DATA RETENTION
We retain personal data only as long as necessary for the purposes outlined in this policy:Table
Copy
| Data Category | Retention Period |
|---|---|
| Account information | Duration of account + 7 years for legal compliance |
| Transaction records | 7 years (as required by tax/accounting laws) |
| Marketing preferences | Until opt-out + 1 years for suppression lists |
| Usage data/analytics | 3 months (anonymized thereafter) |
| Customer support records | 7 years for quality assurance |
| Deleted account data | 1 days (then permanently erased or anonymized) |
7. DATA SECURITY
We implement appropriate technical and organizational measures to protect your personal data:
- Encryption: AES-256 encryption for data at rest; TLS 1.3 for data in transit
- Access Controls: Role-based access, multi-factor authentication
- Monitoring: 24/7 security monitoring, intrusion detection
- Testing: Regular penetration testing and vulnerability assessments
- Training: Employee security awareness training
- Incident Response: Documented breach notification procedures
Breach Notification: In the event of a personal data breach, we will notify affected users and relevant supervisory authorities within 72 hours (GDPR) or without unreasonable delay (US state laws), as required by applicable law.
8. COOKIES AND TRACKING TECHNOLOGIES
8.1 What We Use
Table
Copy
| Category | Purpose | Examples |
|---|---|---|
| Essential | Site functionality, security | Session cookies, authentication tokens |
| Functional | Preferences, language settings | User preferences, accessibility settings |
| Analytics | Understand usage patterns | Google Analytics, Mixpanel |
| Marketing | Personalized advertising | Facebook Pixel, LinkedIn Insight Tag |
8.2 Your Choices
- Browser Settings: Most browsers allow you to refuse cookies
- Cookie Banner: Manage preferences via our cookie consent tool
- Industry Opt-Outs:
- Digital Advertising Alliance: www.aboutads.info/choices
- Network Advertising Initiative: www.networkadvertising.org/choices
- European Interactive Digital Advertising Alliance: www.youronlinechoices.eu
Do Not Track: We honor Global Privacy Control (GPC) signals and Do Not Track requests where legally required.
9. CHILDREN’S PRIVACY
Our Site and Applications are not intended for children under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately at info@bkgindustries.ltd, and we will delete the information.
10. APPLICATION-SPECIFIC PROVISIONS
10.1 Various Applications
- We provide a comprehensive set of applications specifically targeted at the business market. When we sell these applications, we specifically contract with each customer.
- Google Firebase Message
- Apple Push Notifications
- Novu notification data collection
- Zello integration (if applicable)
- Device identifiers collected (FCM token, Android ID)
11. THIRD-PARTY LINKS AND INTEGRATIONS
Our Site and Applications may contain links to third-party websites or integrations (e.g., social media login, payment processors). This Privacy Policy does not apply to third-party services. We encourage you to review the privacy policies of any third-party services you interact with.
12. CHANGES TO THIS PRIVACY POLICY
We may update this Privacy Policy periodically. Changes will be posted on this page with an updated “Last Updated” date. Material changes will be notified via:
- Email to registered users
- Prominent notice on our Site
- In-application notifications
For significant changes affecting how we use your data, we will seek renewed consent where required by law.
13. CONTACT US
For questions, concerns, or to exercise your privacy rights, contact our Data Protection team:
Primary Contact:
- Email: info@bkgindustries.ltd
- Phone: +64 800
- Address: [COMPANY_ADDRESS_LINE_1], [CITY], [STATE/PROVINCE], [POSTAL_CODE], [COUNTRY]
14. GOVERNING LAW AND JURISDICTION
This Privacy Policy is governed by the laws of New Zealand. Any disputes arising from this policy shall be resolved in the courts of Wellington, except where mandatory local law requires otherwise.