Privacy Policy

How we handle your information

Last updated: March 26, 2026

Do AI respects your privacy. This policy explains what personal information we collect, why we collect it, and how we keep it safe. It follows the New Zealand Privacy Act 2020 and the 13 Information Privacy Principles (IPPs).

What we collect

Information you give us

When you contact us or book a call, you may share:

  • Your name
  • Email address
  • Company name
  • Whether you are a founder or represent a business
  • Details about your project or problem
  • Budget range and timeline (optional)

You choose what to share. If you do not provide certain details, we may not be able to help with your request.

Information collected automatically

When you visit our website, we collect some data automatically:

  • Your IP address
  • Pages you view and how you navigate the site
  • How you found us (including if you came from an AI platform like ChatGPT or Perplexity)
  • Device and browser information

We collect this through Google Analytics 4 and Google Tag Manager. This helps us understand how people use our site and improve it.

Why we collect your information

We use your personal information to:

  • Respond to your questions and requests
  • Schedule and manage AI Discovery Calls
  • Understand if our services fit your needs
  • Improve our website and services
  • Comply with legal requirements

Who we share information with

We work with trusted third-party services that help us run our business. These services may process your personal information:

  • Formspree — processes contact form submissions and sends them to our team
  • Google Analytics 4 — tracks website usage and visitor behaviour
  • Google Tag Manager — manages tracking and conversion events
  • Google Calendar — handles booking for discovery calls
  • Zapier — routes form submissions and helps with lead scoring
  • PostHog — analytics and testing (installed but not currently active)

These services are based in the United States and other countries. By using our website, you acknowledge that your information may be transferred to and processed in these locations. We only work with services that meet our security standards.

Indirect collection (IPP 3A)

Starting May 1, 2026, New Zealand privacy law requires us to tell you when we receive your information indirectly. This means data that comes from sources other than you directly.

We may receive your information indirectly through:

  • Analytics tools (Google Analytics) that track your visit
  • UTM parameters that tell us which AI platform referred you
  • Google Calendar when you book a meeting
  • Zapier when it processes your form data

When we receive your information this way, we will notify you as required by law and explain what we have collected and why.

Cookies and tracking

Our website uses cookies and similar technologies to:

  • Remember your preferences
  • Understand how you use our site
  • Measure the performance of our pages
  • Track which AI platforms send visitors to us

You can control cookies through your browser settings. Note that blocking cookies may affect how some features work.

How we protect your information

We take reasonable steps to keep your personal information safe:

  • Our website uses SSL encryption (HTTPS)
  • We host on Vercel, a secure cloud platform
  • Formspree uses spam protection including honeypot fields
  • We limit access to personal information to team members who need it
  • We do not sell your personal information to anyone

How long we keep your information

We keep your personal information only as long as needed for the purposes we collected it. This typically means:

  • Contact form submissions: kept while we are working with you, then archived
  • Analytics data: retained according to Google's policies
  • Calendar bookings: kept for business records

When we no longer need your information, we delete it or anonymise it.

Your rights

Under the Privacy Act 2020, you have the right to:

  • Ask for a copy of the personal information we hold about you
  • Request corrections if your information is wrong or outdated
  • Ask us to delete your personal information in certain circumstances
  • Complain to the Privacy Commissioner if you believe we have breached your privacy

Contact us

Privacy Officer

Do AI is required by law to have a Privacy Officer. Our Privacy Officer is:

Taru Peters-Naug
Email: taru@doai.co.nz

Contact our Privacy Officer to:

  • Request access to your personal information
  • Ask for corrections to your data
  • Raise a privacy concern or complaint
  • Ask questions about this privacy policy

General contact

Do AI
Level 4/40 Taranaki Street
Te Aro, Wellington 6011
New Zealand

Email: taru@doai.co.nz

If there is a data breach

If we discover a data breach that is likely to cause you serious harm (such as a leak of sensitive personal information), we are legally required to:

  • Notify the Office of the Privacy Commissioner
  • Notify you as soon as possible
  • Take steps to prevent further harm

Changes to this policy

We may update this privacy policy from time to time. When we do, we will change the "Last updated" date at the top of this page. We encourage you to review this policy periodically.

More information

For more information about your privacy rights in New Zealand, visit the Office of the Privacy Commissioner website.

This privacy policy was created to comply with the New Zealand Privacy Act 2020, including IPP 3A (indirect collection notification) effective May 1, 2026.