We know that how we collect, use, disclose and protect your information is important to you, and we value your trust. That’s why protecting your information and being clear about what we do with it is a vital part of our relationship with you.
Collection of Personal Information
Personal Information is defined in the Privacy Act as information about an identifiable individual (a natural person as opposed to a company or other legal entity) and which is in a form which enables that person to be identified.
The types of personal information we collect will vary depending on the nature of your dealings with us. At all times we try to only collect the personal information that we require for what we are doing. Where reasonable and practicable, we will collect your personal information directly from you and inform you that this is being done and we mainly collect personal information about you when you give it to us, for example:
- Over the telephone or skype e.g. when you contact our financial advisers;
- Via the internet - our website;
- When you write to us; or
- When you participate in a marketing campaign or promotion (or a similar event) administered by us or our representatives.
Generally, the types of personal information we collect and hold includes your name, email address, postal address, physical address, date of birth, telephone number, details relating to your use of any product and/or service offered by us, and details of your enquiry notified to us and any other preferences you tell us about.
We may also collect personal information about you from:
- Publicly available sources e.g. via the internet;
- Your professional advisers e.g. accountant;
One of the reasons for using cookies is to offer you increased security. The cookies we send to your computer cannot read your hard drive, obtain any information from your browser or command your computer to perform any action. They are designed so that they cannot be sent to another site or be retrieved by any non-Finance New Zealand website.
- The date and time of visits;
- Website page (or pages) viewed;
- The website from which you accessed the internet and our website;
- How you navigate through the website and interact with pages (including any fields completed in forms and applications completed (where applicable));
- Information about your location;
- Information about the device used to visit our website; and
- IP address (or addresses), and the type of web browser used.
We will not ask you to supply personal information publicly over any social media platform that we use. Sometimes we may invite you to send your details to us via private messaging, for example, to answer a question. You may also be invited to share your personal information through secure channels to participate in other activities, such as competitions but we would require your express consent prior to us including you in such activities.
Purpose of Collection and Use of Personal Information
Any personal information you provide to us may be used to:
- check whether you are eligible for the product or services offered by us;
- facilitate those services;
- provide information that you request; and / or
- provide you with further information about our products and services.
We also have an obligation to maintain personal information to disclose to regulatory and similar bodies see “Disclosure of your personal information” below. These bodies have a legal right to such information.
Storage and Protection of Your Personal Information
We may electronically record and store personal information which we collect from you. When we do so we will take all reasonable steps to keep it secure, prevent unauthorised disclosure and to keep it accurate and up to date.
However, we do not promise that your personal information cannot be accessed by an unauthorised person (e.g. a hacker) or that unauthorised disclosures will not occur. If we provide you with any passwords or other security devices it is important that you keep these confidential and do not allow them to be used by any other person. You should notify us immediately if the security of these devices is breached to prevent the unauthorised disclosure of your personal information.
Some information we hold about you will be stored in paper files.
We use a range of physical and electronic security measures to protect the security of the personal information we hold, including that:
- Access to information systems is controlled through identity and access management;
- Employees are bound by internal information security policies and are required to keep information secure;
- Employees are required to complete training about information security and privacy; and
- We regularly monitor and review our compliance with internal policies and industry best practice.
We take reasonable steps to destroy or permanently de-identify any personal information after seven years in the case of personal information which is held solely for the purpose of providing you with further information about our products (we may seek your ongoing consent to maintain this information) and services or as soon as reasonably practicable after the date of which it has no legal or regulatory validity for other personal information.
Disclosure of Your Personal Information
We may disclose your personal information to others outside the Company where:
- We are required or authorised by law or where we have a public duty to do so;
- You may have expressly consented to the disclosure or the consent may be reasonably inferred from the circumstances; or
- We are otherwise permitted to disclose the information under the Privacy Act 2020.
Your personal information may be used by us for the purpose of providing advice and service to you and, may also be used by agencies such as, but not limited to:
- Any out-sourced service provider who assists in the services we are required to carry out such as auditors and external compliance reviewers; and
- Our external dispute resolution service;
- The Regulator
Disclosure of Your Personal Information to Third Parties
In addition, we have no knowledge of (or control over) the nature, content, and availability of those websites. We do not sponsor, recommend, or endorse anything contained on these linked websites. We do not accept any liability of any description for any loss suffered by you by relying on anything contained or not contained on these linked websites.
None of the information we collect is passed on to any third party without your consent and under no circumstances will we sell or receive payment for disclosing your personal information.
Right to Access, Correct and Delete Personal Information
You have the right to request access to, correct and, in some circumstances, delete your personal information. You can do so by contacting us at:
PO Box 65164
Or via email at email@example.com
When you contact us with such a request, we will take steps to update or delete your personal information, provide you with access to your personal information and/or otherwise address your query within a reasonable period after we receive your request. To protect the security of your personal information, you may be required to provide identification before we update or provide you with access to your personal information.
We are only able to delete your data to the extent that it is not required to be held by us to satisfy any legal, regulatory or similar requirement(s).
There is no fee for requesting that your personal information is corrected or deleted or for us to make corrections or deletions. In processing your request for access to your personal information, a reasonable cost may be charged. This charge covers such things as locating the information and supplying it to you.
There are some circumstances in which we are not required to give you access to your personal information. If we refuse to give you access to or to correct or delete your personal information we will let you know our reasons except where it would be unreasonable to do so.
If we refuse your request to correct or delete your personal information, you also have the right to request that a statement be associated with your personal information noting that you disagree with its accuracy.
If we refuse your request to access, correct or delete your personal information, we will also provide you with information on how you can complain about the refusal.
What Happens if You Do Not Provide Us Your Information
If you do not provide information we have requested, you may be unable to obtain or access our services for which the information is required. Please ask us if you are unsure what information is important and how this might affect you.
Changes to this Policy
If you are concerned about how your personal information is being handled or if you have a complaint about a breach of the New Zealand Privacy Principles by us, please contact us at:
PO Box 65164
Or via email at firstname.lastname@example.org
We will acknowledge your complaint within three working days of its receipt. We will let you know if we need any further information from you to investigate your complaint.
We aim to resolve complaints as quickly as possible. We strive to resolve complaints within five working days but some complaints take longer to resolve. If your complaint is taking longer, we will let you know what is happening and a date by which you can reasonably expect a response.
If you are not satisfied with our response to any privacy related concern you may have, you may contact the Privacy Commissioner at:
Office of the Privacy Commissioner
PO Box 10-094
Wellington, New Zealand
Telephone: 04-474 7590 (Wellington)
Telephone: 09-302 8680 (Auckland)
Fax: 04- 474 7595