This policy explains how Beforehand collects, uses, stores, and shares your personal information. It complies with the Privacy Act 2020 and its 13 Information Privacy Principles (IPPs).
The information you put into Beforehand is sensitive, it includes your healthcare wishes, who matters to you, and how your affairs are organised. We treat it accordingly.
Beforehand is operated by NOWtech Limited (NZBN 9429033497617), trading as Beforehand.
Our Privacy Officer under section 23 of the Privacy Act 2020 is:
David Crompton
Email: privacy@beforehand.nz
Post: 66 Centennial Drive, Whitianga 3510
The Privacy Officer is your first point of contact for any privacy question, request, or complaint.
Account information.
Document content. Depending on which features you use, this may include identity details (date of birth, NHI number if you choose to add it), contact details for people who matter to you, account references (banks, insurance, KiwiSaver, utilities, names and reference numbers, not passwords), wishes (funeral preferences, cultural/religious considerations), advance directive content, nominee information, and anything else you choose to add to a free-text field.
Technical and usage information. Device type, browser, operating system, pages visited within the app, error logs (via Sentry), IP address (briefly, for security and rate-limiting).
We do not collect: marketing or behavioural advertising data, cross-site tracking data, information about you from third parties, or your card or bank details (these go directly to Stripe; we never see them).
We collect information directly from you, when you create an account, use the app, pay, or contact us.
We don't buy data from third parties, we don't scrape public sources, and we don't accept information about you from anyone except you.
This complies with IPP 1 (lawful purpose), IPP 2 (collection direct from individual), and IPP 4 (collection by lawful means).
For the specific purposes of:
We do not use your information for advertising, selling/renting/transferring data to third parties, profiling, training AI models, or any purpose not listed above.
This complies with IPP 10 (use limited to purpose collected for).
Your information is stored in a PostgreSQL database hosted on a server in New Zealand.
Backups are encrypted nightly and retained for 30 days.
For users on the Beforehand Plus tier, encrypted backups are also pushed to your chosen cloud storage (Google Drive, Dropbox, or iCloud). These backups are encrypted with a key only you control. We can't read them.
We apply reasonable safeguards under IPP 5:
We don't claim to be perfectly secure (no service can). But we apply protections proportionate to the sensitivity of the information.
We share specific limited categories of information with these third parties, only for the purposes described:
| Third party | What they receive | Why |
|---|---|---|
| Stripe | Payment data (card, billing details, amount) | Processing payments |
| Sentry | Error and performance data (scrubbed of personal content) | Bug detection |
| Mail-in-a-Box (mail.inabox.co.nz) | Email address + email content we send you | Magic-links, renewal notices |
| Cloudflare | Network metadata (IP, request data) | DNS, CDN, DDoS protection |
| Your chosen cloud storage (Plus tier only) | Encrypted PDF backups | Off-site backup |
We do not share with: advertising networks, analytics-marketing platforms, data brokers, social media platforms, government agencies (except in response to a lawful request), or anyone else not listed above.
When we share, we share only what's needed for the specific purpose. For example, Sentry receives "an error happened in the document-generation flow" but never receives the content of your documents.
This complies with IPP 11 (limits on disclosure).
Under IPP 12 of the Privacy Act 2020, we may only send your personal information overseas if we reasonably believe it will be subject to comparable safeguards.
We send limited information overseas via Stripe (US, PCI-DSS compliant), Sentry (US, SOC 2 Type II + GDPR-compliant; configured to scrub PII before transmission), and Cloudflare (US-headquartered, GDPR-bound, standard contractual clauses).
We do not transfer the substantive content of your documents overseas. Document content stays on our NZ-hosted database.
If you'd prefer not to use the service due to these overseas transfers, you can choose not to sign up.
| Situation | Retention |
|---|---|
| Active account | Indefinitely while active |
| You delete your account | 30 days, then permanent deletion |
| Immediate permanent deletion request | Within 7 days |
| Beforehand shuts down | All data deleted within 30 days of shutdown (after 90-day notice + export period) |
| Backups | 30-day rolling retention |
| Stripe payment records | Per Stripe's policy; we cannot delete |
| Email correspondence | 7 years (NZ business-records standard) |
| Error logs (Sentry) | 90 days |
If you'd like to know whether specific information about you is still retained, ask us.
Under the Privacy Act 2020, you have specific rights. We support all of them.
Access (IPP 6). Request a copy of all personal information we hold about you. We'll provide it within 20 working days, in a usable format. There's no charge for routine requests. You can also export most of your information yourself directly from the app.
Correction (IPP 7). If anything we hold about you is wrong, correct it directly in the app or ask us to correct it. If we disagree, we'll attach your correction request to the record (per Privacy Act 2020 s23(2)).
Deletion. Delete your account at any time. See section 9 for retention timelines.
Portability. Export your data at any time in a machine-readable format. We commit to keeping the export format documented and stable.
Complaint. Contact our Privacy Officer first (privacy@beforehand.nz). We'll respond within 20 working days. If you're not satisfied, complain to the Office of the Privacy Commissioner: privacy.org.nz, phone 0800 803 909, or post PO Box 10094 Wellington 6143.
We use the minimum cookies needed to operate the service:
We do not use tracking or advertising cookies, cross-site tracking, or behavioural analytics (no Google Analytics, no Mixpanel, no Hotjar).
The free crisis-information site at beforehand.nz uses Cloudflare Web Analytics, privacy-respecting, no cookies, no individual tracking. Aggregate page-view counts only.
Beforehand is for adults (18+). We don't knowingly collect information from anyone under 18. If you become aware that someone under 18 has created an account, please email privacy@beforehand.nz and we'll delete it.
If you're using Beforehand to organise the affairs of a minor, don't. Minors don't have testamentary capacity in NZ and Beforehand's documents won't be valid for them. Their parents/guardians need to make those decisions.
Under section 117 of the Privacy Act 2020, we must notify the Office of the Privacy Commissioner of any "notifiable privacy breach", broadly, a breach that's likely to cause serious harm. We must also notify affected individuals as soon as reasonably practicable.
Our breach response process:
We commit to transparency. If we have a breach affecting you, you'll hear about it from us, promptly, with specifics, with what we're doing about it.
We may update this policy from time to time. If we make material changes:
Minor changes (typo corrections, contact-detail updates) take effect immediately.
For any privacy question, request, or complaint:
Privacy Officer: David Crompton
We aim to respond within 5 working days for general queries, and within the statutory 20 working days for formal access or correction requests.