Privacy Policy
Last Updated: 27 February 2026
Personal Information We Collect
The personal information we collect depends on our relationship with you and the products and services you use.
Account Information
Information like your contact details, identification documents, names and identities of those authorised on your account, payment details, billing information, credit scores, and information relevant to credit checks.
Settings and Preferences
Technical settings and preferences such as names and phone numbers that you add as speed dials to your hosted phone system service or IP address details to provide you with a connection and router.
Usage Information
Information we need to bill you or provide our service to you, such as call records, data usage, and connection start and stop times. We may also collect information about our services and equipment, and how they are performing for you.
Call Recordings and Packet Captures
In some cases, we collect call recordings and packet captures. We always minimise this as much as possible, and when we do, handle these with the highest level of care.
Call Recordings
We may record your phone calls if:
- You have subscribed to or enabled call recordings on your service.
- You contact us via phone.
- Where you have agreed we can e.g. to troubleshoot a fault.
- We reasonably believe your service is involved in an attack against our network security or is affecting our network integrity.
- We are legally required to do so or where we reasonably believe we need to do so to prevent fraud, a serious threat to public health, safety, or the life or health of another person.
Packet Captures
We may capture the full payload of packets you send and receive on our network if:
- You have agreed we can e.g. to troubleshoot a fault.
- We reasonably believe your service is involved in an attack against our network security or is affecting our network integrity.
- We are legally required to do so or where we reasonably believe we need to do so to prevent fraud, a serious threat to public health, safety, or the life or health of another person.
Medical Information
In very limited circumstances, for example if you seek Vulnerable End User status for you or a member of your household under the 111 Contact Code.
Service Availability
Physical address information that you provide us with may be sent to our Network Partners to check service availability at your location.
How We Collect Your Information
We collect your information in three ways:
- You give it to us — for example when you sign up, manage your account, or contact us by phone or email.
- Third parties give it to us — for example credit agencies when we run a credit check, or network partners when checking service availability at your address.
- It's generated automatically — for example call records, data usage logs, and connection times that are created as you use our services.
How We Use Your Information
We use your information to:
- Set up, provide, and bill you for your services
- Run credit checks and recover unpaid debts
- Communicate with you about your account or our services
- Detect and prevent fraud and protect our network
- Meet our legal and regulatory obligations
Marketing
We may occasionally contact you about our own products and services. When we do, we'll provide you with an option to opt-out of future communications.
How We Share Your Personal Information
We never sell your Personal Information.
Except for our internal use, we only share your personal information in accordance with the purpose for which it was collected, for a directly related purpose, with your consent, or for a lawful purpose.
Except for our internal use, we only share your personal information in accordance with the purpose for which it was collected, for a directly related purpose, with your consent, or for a lawful purpose.
Who We Share Your Personal Information With
We may share your personal information with people you ask us to share it with. We may also share your personal information with third parties, but only ones that we trust and believe that we need to share it with, such as:
Network Partners
Including Chorus, Enable Networks, Northpower Fibre, Tuatahi First Fibre, Vector Fibre and other infrastructure providers for service availability checks, quoting, service delivery and fault resolution.
Infrastructure Partners
Including Microsoft, Amazon Web Services, and Cloudflare, for hosting, network security and performance.
Business Partners
Including related entities, and third parties we engage with to run our business such as Xero, Baycorp, Centrix, and others.
Government and Legal Authorities
Including Police, Inland Revenue, Courts of New Zealand, and others, when we are compelled to do so. Emergency services, if we are asked to assist in a threat to health or threat to life situation.
Overseas Transfers
Some providers above are based overseas. These transfers are made under:
- Data processing agreements providing equivalent privacy protection, or
- To countries with comparable privacy laws to New Zealand
How We Store, Manage and Protect Your Personal Information
How Long We Keep Your Personal Information
By default we only hold and use your Personal Information for as little amount of time as necessary. After that we either delete or anonymise it.
Certain information is kept for longer for purposes relating to the original purpose it was collected, or to comply with our legal obligations. For example:
Certain information is kept for longer for purposes relating to the original purpose it was collected, or to comply with our legal obligations. For example:
- Account and billing details and records: 7 years, even after you stop being a customer.
- Usage and technical logs: 2 years maximum.
- Call Recordings: SkyPhone Premium: Until you request deletion. Teams Calling: maximum 90 days, or sooner if requested.
How We Hold and Protect Your Personal Information
- All data is encrypted at rest where technically possible
- All data is encrypted in transit using TLS (Transport Layer Security) where technically possible
- Access to your data is limited to authorised staff only
- We undertake regular security reviews and updates
What We Will Do If There Is a Breach
If we become aware of or suspect a data breach that we think includes your Personal Information, we'll notify you as soon as we can. We'll also notify the Privacy Commissioner and report the breach publicly where we're required to by law.
Your Rights
This policy doesn't limit or exclude your rights under the Privacy Act 2020, the Telecommunications Information Privacy Code 2020, or any other code of practice that may be issued under the Privacy Act.
You can:
You can:
- Request to see what information we hold about you, by contacting us using the details at the end of our Privacy Policy. We'll respond within 20 working days.
- Ask us to correct incorrect information by contacting us using the details at the end of our Privacy Policy. We'll respond within 20 working days.
- Request deletion of your information where we're not legally required to retain it, by contacting us using the details at the end of our Privacy Policy. We'll respond within 20 working days.
- Complain to the Privacy Commissioner about our data handling at www.privacy.org.nz or 0800 803 909.
How to Contact Us
If you have questions about this privacy policy or your personal information:
Email: support@vorco.net
Phone: 09 222 2222
Courier Address: Vorco, 124B Ponsonby Road, Grey Lynn, Auckland 1011
Email: support@vorco.net
Phone: 09 222 2222
Courier Address: Vorco, 124B Ponsonby Road, Grey Lynn, Auckland 1011