(Last updated: 16 August 2017)
“Personal Data” refers to data, whether true or not, about an individual who can be identified from that data in combination with other information to which the organization may have access and includes the meaning otherwise as defined in the applicable Act as amended from time to time.
“You” or “your” means any individual to whom the Act applies and includes an individual actual or prospective customer but excludes any corporate entity (including corporate customers) and any other entity that is excluded under the Act.
2. Collection and consent
2.1 Personal Data may be collected from you in one or more of the following ways: (a) when you use or access our website; (b) when you contact us or request that we contact you; (c) when you respond to our promotions, campaigns or other initiatives or attend our events; (d) when we receive references from business partners and third parties, for example, where you have been referred by them; (e) when you submitted your Personal Data to us for any other reasons; and/or (f) when we collect your Personal Data by other lawful means.
2.2 Unless permitted by applicable laws, we will not collect Personal Data without your consent.
2.3 You warrant and represent to us that (a) Personal Data which you disclose to us is accurate and complete, and (b) where you volunteer Personal Data of another person to us, that you are authorised by such other person to disclose such Personal Data to us, and that such Personal Data is accurate and complete.
3.1 Your Personal Data may be collected, used and/or disclosed for the following purposes: (a) To manage, develop, improve and ensure that content from our website is presented in the most effective manner for you and for your computer. (b) To facilitate the provision of our services to you. (c) To respond and deal with enquiries, complaints and other customer-care matters or otherwise communicate with you. (d) To send you information, promotions, updates, marketing and advertising materials in relation to our services. (e) To carry out our obligations arising from any contract which may be entered into between you and us. (f) To facilitate your participation in interactive features of our services, when you choose to do so. (g) To notify you about changes to our services. (h) To comply with legal and regulatory requirements. (i) To facilitate business asset transactions (which may extend to any mergers, acquisitions or asset sales). (j) For other purposes for which we have obtained your consents. (k) For any other purposes reasonably necessary, ancillary or related to the above specified purposes and in other circumstances authorised by the applicable Act.
3.2 Your Personal Data may be disclosed for the purposes indicated above to our officers and employees, third parties, affiliates, service providers, advisors, which include without limitation, the following persons or entities: (a) Banks, credit card companies and payment vendors. (b) Logistics and courier services companies. (c) Our business partners. (d) Relevant government regulators or authorities or law enforcement agencies. (e) Our insurers and advisors, including consultants, auditors and lawyers. (f) Data intermediaries. (g) Any other party to whom you authorise us to disclose your Personal Data.
3.3 If you subscribe to receive electronic newsletters from us you have the option to remove yourself from our mailing list at any time. Each newsletter we send to subscribers will have a facility to opt out of receiving further communications from us.
3.4 Your Personal Data may be transferred, stored and/or processed in a country or territory outside your country of employment and you consent to any such transfer, storage and/or processing of your Personal Data outside in those circumstances. We will however ensure that any party to whom we transfer your Personal Data outside your country of employment provides to such Personal Data a standard of protection at least comparable to the protection under the Act.
4. Withdrawal of Consent
4.1 You may withdraw your consent to our continued use and disclosure of your Personal Data at any time by contacting our Privacy Officer(s) via email at [email protected] You may also withdraw your consent for specific forms of communication and on specific communications via the unsubscribe options as stated on our email or other marketing messages.
4.2 In withdrawing your consent, you acknowledge that we may not be able to facilitate or continue facilitating the provision of services to and effective use and access to our website by you and we may cease facilitating such provision accordingly without any liability.
5. Accuracy, Access and Correction
5.1 We will endeavour to ensure that your Personal Data we use is sufficiently accurate and complete in making any decision that impacts you.
5.2 Subject to the exceptions set out in the Act, you may gain access to the personal information which we hold about you by contacting us. We will require you to verify your identity and to put your request in writing. We will respond to your request for access to your personal information in a reasonable time frame.
5.3 To help us maintain the accuracy of your Personal Data, we encourage you to inform us when there are changes to your Personal Data which you have provided us by writing to our Privacy Officer(s) via email at [email protected] We will correct or complete your Personal Data as soon as reasonably practicable.
6. IP Addresses and Cookies
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration. This is only statistical data and does not identify any individual.
We may use “cookies”, which are small pieces of information that are stored by your browser on your computer’s hard drive, to enhance the user experience of the website. You may at any time refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies.
7. Government Related Identifiers
The Company does not use Government related identifiers (e.g. NHI numbers, drivers licence or passport numbers).
8. Security and Protection
8.1 We will endeavour to protect your Personal Data in our possession or control against risks of unauthorised access, collection, use, disclosure, copying, modification, disposal or destruction, through reasonable and appropriate security measures. We strive to ensure that our systems are secure and they meet industry standards.
8.2 To prevent unauthorised access, we have put in place appropriate physical, electronic and managerial procedures to safeguard and secure the Personal Data we collect. Notwithstanding our security measures for protecting your Personal Data, you acknowledge that no data transmission over the Internet is completely secure and by providing your Personal Data, you are transmitting information at your own risk.
8.3 In the event that there is a data breach involving the unauthorised access or disclosure of personal information, credit reporting information or tax file information, and which puts the individuals affected at real risk of serious harm, we will take all reasonable steps to remedy the breach as soon as reasonably practicable after we become aware of the breach.
8.4 If we are unable to remedy the breach, we will notify the Office of the Privacy Commissioner and, if possible, the persons affected by the breach.
8.5 If we notify the Office of the Privacy Commissioner of a data breach, the notification will include: (a) our identity and contact details; (b) a description of the data breach; (c) the kinds of information concerned; and (d) recommendations about the steps that individuals should take in response to the data breach.
9. Retention of Personal Data
We will retain your Personal Data for as long as you use or access our website and as may be necessarily required or relevant for business or legal purposes. Where we no longer require your personal information for a permitted purpose, we will take reasonable steps to destroy it.
10. Other websites
We take all complaints seriously and intend to resolve your complaint within a reasonable time frame.
Any complaints relating to this Policy should be directed to the Privacy Officer(s) by emailing [email protected] in the first instance. We will respond to your complaint in writing within a reasonable time frame.
We encourage you to contact us with any concerns in the first instance but you may, at any time, also choose to lodge a complaint directly with the Office of the Privacy Commissioner. For more information on the Office of the Privacy Commissioner, including contact details, please visit their website at https://www.privacy.org.nz/your-rights/how-to-complain/.