Last updated: 19 April 2026 · Effective date: 3 April 2026
FernNola Limited (NZBN 9429053630490) ("we", "us", or "our") is a New Zealand limited liability company that builds and operates integration applications connecting popular business platforms. Our products help businesses automate workflows and synchronise data between the tools they use every day.
Contact details:
Email: support@fernnola.com
Website: www.fernnola.com
Registered office: 1222 State Highway 16, RD3, Waimauku, New Zealand
This Privacy Policy explains how FernNola collects, uses, stores, and protects personal information through:
For information about how personal data is handled by specific FernNola applications that integrate with third-party platforms, please refer to the privacy policy for each individual app. Each app‑specific policy supplements this policy and governs data processed through that product.
Currently published app‑specific policies:
As additional applications are released, their privacy policies will be listed here.
FernNola acts in different roles depending on the source of the data:
When you create a FernNola account and use the platform, we collect and store:
To connect your Fergus account to FernNola tools, we store:
Your PAT is used solely to make API requests to Fergus on your behalf. It is never shared with third parties and is permanently deleted if you disconnect your Fergus account.
Holiday & Events Calendar: We store your selected region (locale), whether holiday sync is enabled, sync history, and any custom company events you create (name, description, date).
Timesheet Exporter: We store per-employee payroll notes you add. Notes are shared with all users in your company and persist until you manually clear them.
We record metadata about outbound calls made to the Fergus API on your behalf, including the endpoint called, HTTP status code, and response time. These logs do not include the content of API responses and are used for operational monitoring and error diagnosis. Logs are retained for 30 days.
Our website is primarily informational. We do not currently use analytics tools, advertising pixels, or marketing cookies. As part of standard web server operation, we may collect limited server‑level request logs (such as IP addresses and page requests). These logs are retained for a short period for security and operational purposes only.
When you contact us via email or another support channel, we may collect your name and email address, the content of your message and any attachments, and communication history. This information is used solely to respond to enquiries and to maintain a record of support interactions.
We do not collect:
| Purpose | Information Used | Lawful Basis (GDPR) | NZ Privacy Act Principle |
|---|---|---|---|
| Providing and operating the platform | Account details, Fergus credentials, tool settings | Performance of contract | IPP 1, 2 |
| Authenticating your identity | Email address, OAuth tokens | Performance of contract | IPP 1, 2 |
| Operating integrations with Fergus | Encrypted PAT, company identifiers | Performance of contract | IPP 1, 2 |
| Platform analytics and improvement | App usage events, API call logs | Legitimate interests | IPP 1, 2 |
| Operating and maintaining our website | Server logs | Legitimate interests | IPP 1, 2 |
| Responding to support enquiries | Contact details, message content | Contract / legitimate interests | IPP 1, 2 |
| Complying with legal obligations | As required | Legal obligation | IPP 1 |
We will never use personal information for purposes incompatible with those listed above without consent, unless required by law.
We do not currently use tracking cookies, analytics tools, advertising pixels, or other third‑party tracking technologies on our public website.
The FernNola platform uses technically necessary cookies and session tokens to maintain your authenticated session. These are required for the platform to function and are not used for marketing or profiling.
If tracking technologies are introduced in the future, this policy will be updated and consent will be obtained where required by law.
We do not sell, rent, or trade personal information. We share information only in the following limited circumstances:
| Recipient | Purpose | Location |
|---|---|---|
| Vercel Inc. | Website hosting and application infrastructure (Next.js deployment, serverless functions) | United States |
| Railway (Infrastructure as a Service) | Database hosting - all platform data is stored in a PostgreSQL database hosted on Railway | United States |
| Google LLC | OAuth sign-in provider - used when users authenticate via Google | United States |
| Nager.Date | Public holiday data - a free public API used by the Holiday & Events Calendar to fetch official holiday dates | Austria |
| Fergus Software | Integration target - your Fergus PAT is used to make API calls to Fergus on your behalf | New Zealand / Australia |
| Legal or regulatory authorities | Where required by law | New Zealand / International |
All third‑party providers are selected with care and are required to handle data in accordance with applicable privacy laws.
FernNola is based in New Zealand. Our infrastructure is hosted by Vercel Inc. and Railway, both based in the United States.
When personal information is transferred overseas, we take reasonable steps to ensure appropriate safeguards, including:
We retain personal information only for as long as necessary or as required by law.
| Data Type | Retention Period |
|---|---|
| Account details (name, email, role) | For the life of your account, then deleted within 30 days of account closure |
| Encrypted Fergus PAT and company identifiers | Deleted immediately when you disconnect your Fergus account |
| Holiday sync settings and company events | For the life of your account |
| Employee payroll notes | For the life of your account, or until you manually clear them |
| App usage events (login) | 2 years |
| Fergus API call logs | 30 days |
| Server‑level request logs | 30 days |
| Support communications | 2 years from last contact |
| Social media direct messages | 2 years or until no longer relevant |
When retention periods expire, information is securely deleted or anonymised.
We use appropriate technical and organisational measures to protect personal information, including:
If you believe your information has been involved in a security incident, please contact us at support@fernnola.com.
To exercise any of these rights, contact support@fernnola.com. We respond within 20 working days (NZ) or 30 calendar days (GDPR).
Our services are intended for business users and not for individuals under 18. We do not knowingly collect personal information from children. If you believe we have collected such information, contact us and it will be deleted promptly.
Our website may contain links to third‑party websites. We are not responsible for their privacy practices and encourage you to review their policies.
We may update this Privacy Policy from time to time. When changes are made, the "Last updated" date will be revised. If materially new data practices are introduced, this policy will be updated before those practices begin.
FernNola
Email: support@fernnola.com
Website: www.fernnola.com
New Zealand:
Office of the Privacy Commissioner
Website: www.privacy.org.nz
Phone: 0800 803 909
UK / EU:
You may lodge a complaint with your local supervisory authority, such as the UK Information Commissioner's Office (ICO): www.ico.org.uk