Privacy Policy
Effective Date: 9 July 2026
This Privacy Policy explains how Ivor Software Ltd t/a Ivor Software (“Ivor Software”, “we”, “us”, or “our”) collects, uses, stores, discloses, and protects personal information when you use our websites, software, mobile applications, cloud services, hosting services, Ivor ERP System, integrations, support services, and related online services.
By using our services, you agree to the collection and use of information in accordance with this Privacy Policy.
1. Who We Are
Ivor Software Ltd is a New Zealand software, ERP, website, hosting, and online service provider.
Ivor Software Ltd
300 Richmond Rd, Grey Lynn, Auckland 1021
New Zealand
Website: https://www.ivorsoftware.com/
Support: https://myaccount.ivorsoftware.com/client/plugin/support_manager/client_tickets/departments/
2. Services Covered by This Policy
This Privacy Policy applies to services provided by Ivor Software, including but not limited to:
- Ivor ERP System and related software modules
- Point-of-sale systems
- eCommerce websites
- Booking systems
- Customer portals
- Website hosting and system hosting
- Domain name services
- Email services
- Database hosting
- SMS services
- Data backup services
- Virtual servers
- Mobile applications
- Software integrations with third-party platforms
- Technical support, maintenance, and related professional services
3. Information We Collect
We may collect or process the following types of information.
3.1 Account and Customer Information
When you create an account, order a service, request support, or use our systems, we may collect information such as:
- Name
- Business or organisation name
- Postal address
- Email address
- Phone number
- Billing information
- Service order details
- Account login details
- Support ticket content
- Communication records
- Domain, hosting, website, email, database, server, or software configuration details
We collect this information so we can provide, manage, support, invoice, and maintain our services.
3.2 Business and Customer Data
Depending on the services you use, our systems may host, store, process, or transmit business data, including but not limited to:
- Customer records
- Supplier records
- Product and inventory data
- Sales and order records
- Booking records
- POS transaction records
- Website content
- Uploaded files
- Reports and exports
- Email-related data
- Accounting, operational, or workflow data
- System logs
- Backup data
This data is processed for the purpose of providing the services requested by you or your authorised users.
3.3 Technical and Usage Information
When you use our websites, applications, software, or hosted services, we may collect technical and usage information such as:
- IP address
- Browser type
- Device type
- Operating system
- Server environment
- Web server version
- PHP version
- MySQL version
- Installed PHP extensions
- Installed software modules or add-ons
- Active modules and templates
- Number of active users, administrators, clients, domains, or servers
- Login, access, error, security, and audit logs
- Licensing and activation status
- Information used to prevent spam, abuse, brute-force attacks, phishing, hacking, unauthorised access, or other security risks
We use this information to operate, secure, authenticate, troubleshoot, support, license, and improve our software and services.
3.4 Mobile App Information
If you use one of our mobile applications, we may collect or process information such as:
- App account information
- Device type and operating system
- App version
- Crash reports and diagnostic information
- Push notification tokens, if notifications are enabled
- Information entered, uploaded, or processed through the app
- Data required for app features, authentication, security, and support
We do not collect precise location, camera, microphone, contacts, photos, or other device permissions unless the app feature requires it and you grant permission.
4. Third-Party Platform Integrations
Some Ivor Software services may allow you or your authorised users to connect third-party platforms, applications, marketplaces, payment providers, email providers, calendar providers, file storage providers, accounting systems, eCommerce platforms, or other external services.
Examples may include platforms such as Google, Apple, Microsoft, Shopify, WooCommerce, Trade Me, payment gateways, email services, calendar services, file storage services, and other business systems.
We only access third-party platform data when you or your authorised user connects, authorises, or enables the relevant integration.
Depending on the integration and permissions granted, we may access or process information such as:
- Account profile information
- Email address
- Customer records
- Product records
- Inventory records
- Order records
- Payment or transaction records
- Booking or calendar records
- Email, message, or communication records
- File names, file metadata, or file content
- Spreadsheet, report, or document data
- API tokens or authentication credentials required to operate the integration
We use third-party platform data only to provide, maintain, secure, troubleshoot, and improve the features you have enabled or requested.
We do not sell third-party platform data.
We do not use third-party platform data for advertising or retargeting.
We do not transfer third-party platform data to data brokers or advertising platforms.
We do not use third-party platform data to determine credit-worthiness or for lending purposes.
We do not use third-party platform data to train general artificial intelligence or machine learning models, unless you have specifically agreed to a separate feature or agreement that permits this.
5. How We Use Information
We may use personal information, business data, service data, technical data, and third-party platform data to:
- Provide, operate, and maintain our services
- Create and manage customer accounts
- Process service orders, invoices, payments, renewals, and cancellations
- Configure hosting, ERP, website, email, database, domain, backup, SMS, server, app, and integration services
- Provide customer support and technical support
- Authenticate users and protect accounts
- Monitor software licensing and authorised use
- Detect, prevent, and respond to fraud, spam, abuse, hacking, unauthorised access, system attacks, or other harmful activity
- Maintain backups and business continuity
- Improve software reliability, security, functionality, and user experience
- Send service notices, billing notices, support updates, security alerts, and administrative messages
- Comply with legal, tax, accounting, regulatory, and contractual obligations
- Enforce our Terms of Service, EULA, acceptable use rules, and other agreements
6. Legal Basis and Consent
We collect and use personal information where it is reasonably necessary to provide our services, perform our agreements, comply with legal obligations, protect our systems, prevent abuse, support our customers, or pursue legitimate business purposes.
Where a third-party platform, mobile device permission, or optional feature requires consent, we will request permission before accessing the relevant data or feature.
You may withdraw consent or disconnect an integration where supported, but some features may stop working if the required data or permission is no longer available.
7. Data Storage and Security
We take reasonable steps to protect personal information and business data against unauthorised access, use, disclosure, alteration, loss, or destruction.
Security measures may include:
- Access controls
- Password-protected systems
- Encrypted connections where appropriate
- Server monitoring
- Firewalls and abuse-prevention tools
- Backup systems
- Logging and audit records
- Security updates and maintenance
- Limiting access to authorised staff, contractors, and service providers
- Operational security procedures
No method of electronic transmission or storage is completely secure. While we take reasonable steps to protect information, we cannot guarantee absolute security.
8. Data Retention
We retain personal information, business data, service data, technical data, logs, and third-party platform data only for as long as reasonably necessary for the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law, contract, tax, accounting, backup, security, dispute resolution, or legitimate business requirements.
When a service is cancelled, suspended, or terminated, data may be deleted in accordance with our Terms of Service, service configuration, backup cycles, and legal obligations.
Some information may remain temporarily in backups, archives, logs, or disaster recovery systems until those records are overwritten or deleted in accordance with our normal retention procedures.
9. Data Deletion and Account Removal
You may request deletion of your personal information, account data, or third-party integration data by contacting us through our support system:
https://myaccount.ivorsoftware.com/client/plugin/support_manager/client_tickets/departments/
After receiving a deletion request, we will take reasonable steps to delete, anonymise, or restrict the relevant information, unless we are required or permitted to retain it for legal, tax, accounting, security, backup, fraud prevention, dispute resolution, or legitimate business purposes.
If you use a mobile application, you may also request account deletion through the app where this feature is provided, or through our support system.
10. Disclosure of Information
We may disclose personal information or service data to:
- Our staff, contractors, agents, and authorised representatives
- Hosting, infrastructure, payment, email, SMS, domain, backup, software, analytics, security, and support service providers
- Third-party platforms or integration providers where required to provide a feature you have enabled
- Professional advisers, including accountants, lawyers, auditors, and insurers
- Debt collection agencies where invoices remain unpaid
- Law enforcement, regulators, courts, government agencies, or other parties where required or permitted by law
- A purchaser, successor, or related party in connection with a business sale, merger, acquisition, restructuring, or transfer of assets
We only disclose information where reasonably necessary to provide our services, operate our business, protect our rights and systems, or comply with legal obligations.
11. International Processing
Some of our service providers, infrastructure providers, software providers, or technical systems may be located outside New Zealand.
Where personal information is transferred or processed outside New Zealand, we take reasonable steps to ensure that the information is protected in accordance with applicable privacy laws and contractual obligations.
12. Cookies and Similar Technologies
Our websites, applications, and online services may use cookies, sessions, logs, local storage, or similar technologies to:
- Keep users signed in
- Maintain secure sessions
- Remember user preferences
- Provide website, ERP, POS, booking, eCommerce, or customer portal functionality
- Analyse service performance
- Detect abuse, fraud, or unauthorised access
- Improve security and user experience
You may disable cookies in your browser, but some features may not work correctly.
13. Analytics, Diagnostics, and Performance Monitoring
We may use analytics, diagnostics, crash reporting, logging, and monitoring tools to understand how our websites, applications, and services are performing.
This information helps us detect errors, improve reliability, troubleshoot issues, protect systems, and improve user experience.
Where practical, we use aggregated or de-identified information for analytics and performance improvement.
14. Marketing Communications
We may send service-related emails, billing notices, renewal reminders, security alerts, support updates, and administrative messages.
We may also send marketing or promotional communications where permitted by law or where you have opted in. You may unsubscribe from marketing communications where an unsubscribe option is provided.
We do not sell your personal information to advertisers.
15. Children’s Privacy
Our services are intended for businesses and users who are at least 18 years old, or who use our services with parental or guardian consent where applicable.
Our services are not directed to children under 13, and we do not knowingly collect personal information from children under 13.
16. Your Rights
Subject to applicable law, you may have the right to:
- Request access to personal information we hold about you
- Request correction of inaccurate or incomplete personal information
- Request deletion of personal information where appropriate
- Withdraw consent for optional features or integrations
- Disconnect third-party platform integrations
- Request information about how your data is used
- Make a privacy complaint
To make a request, please contact us through our support system.
17. Compliance with New Zealand Privacy Law
Ivor Software Ltd is based in New Zealand and takes reasonable steps to comply with the Privacy Act 2020 and other applicable privacy laws.
If you believe we have not handled your personal information appropriately, please contact us first so we can try to resolve the issue.
18. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. The updated version will be posted on our website with a new effective date.
If we make material changes to how we collect, use, disclose, or protect personal information, we will provide notice where required by law or applicable platform requirements.
19. Contact Us
If you have any questions, requests, or complaints about this Privacy Policy or how we handle personal information, please contact:
Ivor Software Ltd
300 Richmond Rd, Grey Lynn, Auckland 1021
New Zealand
Website: https://www.ivorsoftware.com/
Support: https://myaccount.ivorsoftware.com/client/plugin/support_manager/client_tickets/departments/