Privacy Policy

At ApiHealth, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, make a purchase, or interact with our services. By using our website, you consent to the data practices described in this policy.

We collect information that you provide directly to us, including: • Personal Information: Name, email address, phone number, shipping and billing addresses • Account Information: Username, password (managed by Clerk authentication), profile picture • Payment Information: Credit card details, billing information (processed securely through payment processors) • Order Information: Purchase history, order details, shipping preferences • Communication Data: Messages, reviews, feedback, and correspondence with our customer service team • Newsletter Subscriptions: Email addresses for marketing communications (with your consent) We also automatically collect certain information when you visit our website: • Usage Data: Pages visited, time spent on pages, click patterns, and navigation paths • Device Information: IP address, browser type, operating system, device identifiers • Cookies and Tracking Technologies: Information collected through cookies, web beacons, and similar technologies

We use the information we collect for the following purposes: • Order Processing: To process and fulfill your orders, manage payments, and arrange shipping • Customer Service: To respond to your inquiries, provide support, and handle returns or refunds • Account Management: To create and manage your account, authenticate your identity, and maintain your preferences • Marketing Communications: To send you promotional emails, newsletters, and updates about our products (with your consent) • Website Improvement: To analyze website usage, improve our services, and enhance user experience • Legal Compliance: To comply with legal obligations, enforce our terms of service, and protect our rights • Fraud Prevention: To detect and prevent fraudulent transactions and unauthorized access • Personalization: To personalize your shopping experience and recommend products based on your preferences

We do not sell your personal information. We may share your information in the following circumstances: • Service Providers: We share information with third-party service providers who perform services on our behalf, including: - Payment processors (Stripe, PayPal) for secure payment processing - Shipping carriers (DHL, USPS) for order fulfillment - Email service providers for marketing communications - Analytics providers for website usage analysis - Cloud hosting providers for data storage • Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity • Legal Requirements: We may disclose information if required by law, court order, or government regulation • Protection of Rights: We may share information to protect our rights, property, or safety, or that of our users or others • With Your Consent: We may share information with your explicit consent for specific purposes

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include: • Encryption: We use SSL/TLS encryption to protect data transmitted between your browser and our servers • Secure Storage: Personal information is stored in secure databases with restricted access • Access Controls: Only authorized personnel have access to personal information on a need-to-know basis • Regular Security Audits: We conduct regular security assessments and updates to maintain protection • Payment Security: Payment information is processed through PCI-DSS compliant payment processors However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

You have the following rights regarding your personal information: • Access: You can request access to the personal information we hold about you • Correction: You can request correction of inaccurate or incomplete information • Deletion: You can request deletion of your personal information, subject to legal and contractual obligations • Data Portability: You can request a copy of your data in a portable format • Opt-Out: You can opt-out of marketing communications by clicking unsubscribe links or contacting us • Cookie Preferences: You can manage cookie preferences through your browser settings • Account Deletion: You can request deletion of your account through your account settings or by contacting us To exercise these rights, please contact us using the information provided in the "Contact Us" section below.

We use cookies and similar tracking technologies to collect and store information about your preferences and browsing behavior. Types of cookies we use include: • Essential Cookies: Required for the website to function properly (e.g., authentication, shopping cart) • Analytics Cookies: Help us understand how visitors interact with our website • Marketing Cookies: Used to deliver relevant advertisements and track campaign effectiveness • Preference Cookies: Remember your settings and preferences for a better user experience You can control cookies through your browser settings. However, disabling certain cookies may limit your ability to use some features of our website.

Our website integrates with third-party services that may collect information about you: • Authentication: Clerk (authentication and user management) • Payment Processing: Stripe, PayPal (payment processing) • Analytics: Google Analytics, and other analytics providers • Email Marketing: Email service providers for newsletter and marketing communications • Shipping: DHL, USPS, and other shipping carriers These third-party services have their own privacy policies. We encourage you to review their privacy policies to understand how they handle your information.

Our website is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information promptly.

ApiHealth NZ Ltd is based in New Zealand. Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country. By using our website, you consent to the transfer of your information to these countries. We take appropriate measures to ensure that your information receives an adequate level of protection in accordance with applicable data protection laws, including the New Zealand Privacy Act 2020.

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Factors we consider when determining retention periods include: • The nature of the information • Legal and regulatory requirements • Business needs and purposes • Potential disputes or legal claims When information is no longer needed, we will securely delete or anonymize it in accordance with our data retention policies.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by: • Posting the updated policy on this page with a new "Last Updated" date • Sending an email notification to registered users (for significant changes) • Displaying a notice on our website We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. Your continued use of our website after changes are posted constitutes acceptance of the updated policy.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: • Email: info@apihealth.com • Phone: +64-9 271-6104 • Address: ApiHealth NZ Ltd, 52B Stonedon Drive, East Tamaki, Auckland, 2013, New Zealand • Postal Address: P.O Box 58049, Botany, Auckland, 2163, New Zealand Business Hours: Monday - Friday, 9:00 AM - 5:00 PM NZST We will respond to your inquiry within a reasonable timeframe and assist you with any privacy-related requests.