Privacy

Privacy Policy

Last updated: 20 June 2026

Who we are

AI Tearoa Ltd ("AiTearoa", "we", "us") is a New Zealand company providing AI consulting, software development, and training services. We are based in Christchurch, Aotearoa. This policy explains how we handle personal information under the New Zealand Privacy Act 2020.

What we collect

  • Contact details — name, email, phone, business name — when you fill in a form, send us an email, or book a call.
  • Voice and message content — recordings or transcripts of voice messages you send us via the contact form.
  • Course platform data — for learners on our training platform, email, name, enrolment activity, lesson progress, and payment metadata from Stripe.
  • Trial workspace activity — session metadata when you use the trial.
  • Customer engagement data — for paid engagements, whatever data your written agreement covers. We never use customer data to train AI models.

How we use it

  • Reply to your enquiry and run sales conversations.
  • Deliver and support the engagements we contract with you.
  • Operate our courses platform — track enrolment, progress, certificates.
  • Improve our products via aggregated, anonymised usage signals.
  • Comply with our legal and tax obligations.

Sub-processors

We use a small set of trusted sub-processors, all under written DPAs: Supabase (Sydney, database + auth + storage), Fly.io (Sydney, hosting), Anthropic (Claude models, zero-retention tier — customer content is not used to train their models), Deepgram (voice transcription, zero-retention), Resend (transactional email), Stripe (payments for courses), DocuSign (e-signature).

Data residency

Primary data residency is Sydney (AWS ap-southeast-2). Some sub-processors (Anthropic, Stripe, Resend) process data in the United States under contractual safeguards. EU residency available on request for European customers.

Your rights

Under the Privacy Act 2020 you have the right to access the personal information we hold about you and to request corrections. Email hello@aitearoa.ai and we will respond within 20 working days.

Security & retention

We encrypt data in transit and at rest. Sensitive material (refresh tokens, prompt content for customer-confidential prompts) is additionally envelope-encrypted with per-tenant keys. We hold contact records for as long as we have an active business relationship plus seven years for tax records.

Contact

Questions about privacy? hello@aitearoa.ai. If you're not satisfied with our response you may contact the NZ Office of the Privacy Commissioner.