Privacy Policy

Effective Date: August 21, 2025

This Privacy Policy describes the policies and procedures of The Ashra Ltd, trading as AshraDeal.com (“we,” “us,” or “our”), regarding the collection, use, and disclosure of your personal information. This policy is binding on all users of our website and services, including Indian brands and Oceania retailers (“clients” or “you”), and is a reflection of our commitment to upholding the highest standards of data protection and privacy.

  • Information We Collect and Its Purpose
    We collect personal information that is essential for the provision of our B2B services. The specific data collected and the purpose for its collection are as follows:

    1. Identity and Contact Data: This includes your name, company name, business registration details, physical address, email address, and phone number. This information is collected to verify your identity, establish your account, and facilitate all transactional and logistical communications.
    2. Financial and Transaction Data: This encompasses bank account details, payment information, transaction history, and financial records. This data is processed to manage payments, issue invoices, and ensure the secure and transparent flow of funds in accordance with our financial agreements.
    3. Compliance Data: To meet our legal obligations, particularly under Anti-Money Laundering (AML) and Counter-Financing of Terrorism (CFT) laws, we collect documentation for due diligence. This may include corporate director information, proofs of business registration, and other relevant verification documents.
    4. Communications Data: We collect and store correspondence you send to us, including emails and messages sent via our platform. This data is used to respond to your inquiries, improve our customer service, and maintain a record of our business relationship.
    5. Usage and Technical Data: When you interact with our website, we automatically collect certain non-personal information, such as IP address, browser type, and usage patterns, through cookies and analytics tools. This data is aggregated and used solely to enhance the functionality and security of our platform.
  • Legal Framework & Compliance
    Our data processing activities are conducted in strict compliance with the following legal frameworks relevant to our operations:

    1. New Zealand’s Privacy Act 2020: As a company registered in New Zealand, we adhere to the 13 Information Privacy Principles (IPPs) of this Act, which govern the collection, use, storage, and disclosure of personal information. This includes our obligation to hold and protect personal data securely and to provide individuals with the right to access and correct their information.
    2. Australia’s Privacy Act 1988 (Cth): For our clients and operations in Australia, we are guided by the Australian Privacy Principles (APPs). These principles ensure we handle your personal information responsibly and with transparency.
    3. General Data Protection Regulation (GDPR): While primarily applicable to individuals in the European Union, the principles of the GDPR serve as a global benchmark for our privacy practices. We incorporate principles such as data minimization, purpose limitation, and strong security measures to ensure a high level of protection for all our clients.
    4. The Information Technology Act, 2000 (India): For our business relationships with Indian brands, we ensure compliance with the reasonable security practices and procedures outlined in this Act and its rules, particularly the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011.
  • Data Security and Your Rights
    We are dedicated to safeguarding your personal information. We have implemented robust technical and organizational security measures, including data encryption, access control, and firewalls, to prevent unauthorized access, use, or disclosure of your data. We also conduct regular security audits and staff training to ensure our practices remain current.
    You have the following rights concerning your personal data, which you may exercise by contacting us:

    1. Right of Access: You may request a copy of the personal information we hold about you.
    2. Right to Rectification: You may request that we correct any inaccurate or incomplete information.
    3. Right to Erasure: You may request the deletion of your personal data, subject to our legal and regulatory obligations to retain certain records.
    4. Right to Object: You have the right to object to the processing of your personal data for certain purposes.
  • Contact Us
    For any questions or concerns regarding this Privacy Policy or our data handling practices, please contact our Data Protection Officer at:

    Phone: +64 022 159 0369

Scroll to Top