Privacy Policy | Dorivo – NZ Privacy Act 2020 & Data Security

Article 1: Identification of the Agency

This Privacy Policy outlines the data processing protocols maintained by Dorivo ("the Platform", "we", "us", or "our"), headquartered at Level 12, 175 Queen Street, Auckland CBD, Auckland 1010, New Zealand. We operate as an "Agency" under the New Zealand Privacy Act 2020. We are committed to upholding the 13 Information Privacy Principles (IPPs) to ensure the highest standards of data integrity and transparency for our users.

Article 2: Categories of Information Collected

In accordance with the principle of data minimisation, we collect information only as necessary to provide our proprietary analytical services:

Identity Metrics: Full legal name, date of birth, and government-issued identification required for mandatory Know Your Customer (KYC) and Anti-Money Laundering (AML) verification.

Technical Telemetry: IP addresses, device hardware specifications, geographical metadata, and granular logs of user interactions with our predictive interfaces.

Financial Context: Source of wealth information and digital asset telemetry where required to satisfy our obligations under the AML/CFT Act 2009.

Article 3: Legal Basis and Purpose of Collection

We collect and process your information founded upon the following:

Contractual Necessity: Essential for provisioning your account and delivering our core technological services.

Statutory Obligations: Mandatory compliance with the Financial Markets Conduct Act 2013 and directives from the Financial Markets Authority (FMA).

Legitimate Business Interests: Required for proactive fraud prevention, network security enhancement, and the continual optimisation of our analytical models via anonymised data aggregates.

Explicit Consent: For the delivery of personalised market insights where explicit opt-in has been provided.

Article 4: Data Security and Sovereignty

Dorivo deploys enterprise-grade security architecture:

Advanced Encryption: Data at rest is secured using AES-256 encryption, and all transmissions are protected via TLS 1.3 protocols.

Hosting Protocols: Our data is hosted on redundant, highly secure servers. While we utilise global cloud infrastructure for low-latency access, all processing remains subject to New Zealand data protection standards.

Article 5: Retention and Your Rights

Under the Privacy Act 2020, you possess the right to access and request the correction of any personal information we hold. We retain records only for as long as necessary to fulfil the purposes for which they were collected or to comply with statutory retention periods (typically 7 years for financial and identity records). For any inquiries, please contact our Privacy Officer at [email protected].