Privacy Policy

Privacy Policy

Last updated: 28 April 2026

This Privacy Policy explains how Ops Digital ("we", "us", "our") collects, uses, stores, and protects personal information. Ops Digital is operated by Sam Pryke as a sole trader, based in New Zealand. By using our website (opsdigital.studio) or engaging our services, you agree to the practices described in this policy.

We comply with the New Zealand Privacy Act 2020 and apply equivalent principles to clients and users located outside New Zealand.

1. Who we are

  • Trading name: Ops Digital

  • Legal entity: Sam Pryke (sole trader)

  • Contact email: sam@opsdigital.studio

  • Country of operation: New Zealand

  • Business address: Christchurch, New Zealand

2. Information we collect

2.1 Information you provide directly

  • Name, email address, business name, and contact details when you enquire about our services or sign an engagement.

  • Billing details (handled by our payment processor — we do not store card numbers).

  • Any information you choose to share via email, scheduling tools, or calls.

2.2 Information collected to deliver our services

To deliver products such as Finance Tracker Pro, we may receive or access:

  • API credentials and OAuth tokens for third-party platforms you authorise us to connect to (e.g. Shopify, Meta Business Manager, Google Ads, TikTok Ads, Notion).

  • Business performance data drawn from those platforms (e.g. revenue figures, order counts, ad spend, campaign metadata).

  • Configuration values you provide for your dashboard (e.g. cost percentages, GST rates, shipping costs).

We access this information only with your explicit authorisation (for example, by you accepting a manager-account link request or inviting us as a user) and only for the purpose of delivering the services you have engaged us for.

2.3 Information collected automatically via our website

Our website may collect:

  • Standard server logs (IP address, browser type, pages visited, timestamps).

  • Cookies and analytics data (e.g. Google Analytics) to understand site usage.

You can disable cookies in your browser settings. Doing so will not affect your ability to use our services.

3. How we use your information

We use the information we collect to:

  • Respond to enquiries and provide quotes.

  • Deliver, maintain, and improve the services you have engaged us for.

  • Generate reports and dashboards within your own Notion workspace.

  • Issue invoices and process payments.

  • Communicate with you about your account, including service updates and support.

  • Comply with legal obligations (e.g. tax records).

  • Improve our website and service offerings.

We do not use your data for advertising, profiling, training AI models, or any purpose unrelated to the services you have engaged us for.

4. How we share your information

We do not sell, rent, or trade personal information. We share information only with:

  • Sub-processors and infrastructure providers strictly necessary to deliver our services, including:

    • Notion (workspace and dashboard hosting)

    • n8n (workflow automation, paid n8n Cloud instance under our account)

    • Google (Google Ads API, Google Workspace, Google Drive)

    • Meta (Meta Marketing API)

    • Shopify (Shopify Admin API)

    • TikTok (TikTok Marketing API, where applicable)

    • Hnry (sole trader invoicing and tax administration) and Stripe (card payments)

  • Professional advisors (accountants, legal advisors) where required.

  • Authorities, if required by New Zealand law.

We do not share data with third parties for marketing or analytics purposes outside the providers listed above.

5. Use of Google API data

Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

  • We only access data from Google Ads accounts that are explicitly linked to our Google Ads Manager Account with the account owner's consent.

  • We use Google Ads data only to populate the financial dashboards delivered to the client whose data it is.

  • We do not transfer Google Ads data to third parties except as necessary to deliver the service to that client, comply with applicable law, or as part of a merger, acquisition, or sale of assets with appropriate notice to clients.

  • We do not use Google Ads data for advertising purposes, to train AI/ML models, or for any purpose unrelated to the client's reporting dashboard.

  • We do not allow humans to read Google Ads data unless we have the client's affirmative agreement, it is required for security purposes, to comply with law, or the data is aggregated and used for internal operations.

6. Data storage and security

  • Personal information and API credentials are stored in encrypted form using industry-standard tools (e.g. 1Password for credential management, n8n encrypted credential storage).

  • Client business data resides primarily within the client's own Notion workspace; we do not maintain separate copies for our own purposes.

  • We restrict access to client data to authorised personnel of Ops Digital who require it to perform their work.

  • We use TLS encryption for all data in transit between APIs and our infrastructure.

No system is perfectly secure. While we take reasonable steps to protect information, we cannot guarantee absolute security and accept no liability for unauthorised access caused by factors outside our reasonable control.

7. Data retention

  • API credentials are retained only for the duration of the engagement and are deleted within 30 days of termination, or sooner on request.

  • Business records (invoices, contracts, correspondence) are retained for a minimum of seven years to comply with New Zealand tax law.

  • Marketing and enquiry records are retained for up to two years from last contact, after which they are deleted on request.

8. International transfers

Some of our sub-processors (e.g. Google, Meta, Notion, n8n) operate servers outside New Zealand, including in the United States, European Union, and Australia. Where data is transferred internationally, we rely on the privacy frameworks and contractual protections offered by those providers.

9. Your rights

Under the New Zealand Privacy Act 2020, you have the right to:

  • Access the personal information we hold about you.

  • Correct any information that is inaccurate.

  • Request deletion of personal information, subject to our legal obligations.

  • Withdraw consent for ongoing data processing, including by revoking platform access (e.g. unlinking your Google Ads account from our manager account).

  • Lodge a complaint with the Office of the Privacy Commissioner if you believe your rights have been breached.

To exercise any of these rights, email sam@opsdigital.studio. We will respond within 20 working days.

10. Cookies

Our website uses cookies for:

  • Essential site functionality (session management).

  • Analytics (e.g. Google Analytics) to understand visitor behaviour in aggregate.

You can disable cookies via your browser settings. We do not use cookies for advertising or tracking across third-party sites.

11. Children's privacy

Our services are intended for businesses and are not directed at children under 16. We do not knowingly collect personal information from children.

12. Changes to this policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page reflects the latest revision. Material changes will be communicated to active clients by email.

13. Contact

Questions, concerns, or requests relating to this Privacy Policy: