OUR PRIVACY COMMITMENT
We are committed to being open and transparent about how we manage your personal information.
- We will only use your personal information when it is necessary for us to deliver you our services or perform other necessary business functions and activities.
- We will not use or disclose your personal information for purposes unrelated to our business activities and the services we provide, unless we first obtain your consent.
WHAT INFORMATION DO WE COLLECT?
Information you provide to us directly: Our usual practice is to collect personal information directly from you, when you meet with us in person, complete any form, including online forms, register to use our Services, or provide any other information in connection with your use of our Services. Generally speaking, personal information we collect and hold about you may include, but is not limited to:
- Personal details: given name(s); contact details; occupation.
- Demographic information: gender; date of birth; age.
- Contact details: telephone number; email address; physical address.
- Billing information: bank details; your account with us.
You can always choose not to provide your personal information to the GPSIT Group, but it may mean that we are unable to provide you with the Services.
Information we get from third parties: We collect or obtain personal information from authorised third parties (e.g. credit reference agencies or law enforcement agencies). This includes information such as publicly available information, references, and background checks such as credit and criminal record checks.
Information we collect automatically: We may collect personal information about you, your computer and your computer network automatically when you visit our websites or use our Services, like your IP address and device type but you can rest assured that we will never access or store your passwords. Some of this information may be collected using cookies and similar tracking technologies.
Information we create in the performance of the Services: We may also create or obtain personal information about your interactions with us such as CCTV security footage and call recording.
Information you make public: We may collect or obtain your personal information that you manifestly choose to make public, including via online channels such as social media (e.g. LinkedIn, Facebook etc.)
HOW IS YOUR PERSONAL INFORMATION PROCESSED?
Where we collect personal information, we will only process it:
- to perform a contract with you; or
- where we have legitimate interests to process the personal information and these interests are not overridden by your rights; or
- in accordance with a legal obligation; or
- where we have your consent.
The GPSIT Group collects your personal information so that we can provide you with the Services and any related services you may request. In doing so, we may use the personal information we have collected from you for purposes related to the Services including:
- to process and administer the Services, and to help us develop, improve, manage, administer and facilitate our Services and business operations;
- to process your personal information for the GPSIT Group’s internal business purposes;
- to personalise and customise your experiences;
- to provide you with updates, offers or proposals in relation to your matters and our products and services that may be of interest to you;
- to invite you to events and functions;
- to verify your identity and personal details; for general internal purposes (such as record keeping, database management, billing);
- to assist with the resolution of any issues relating to the Services;
- to comply with all laws and regulations in all applicable jurisdictions;
- for crime prevention purposes (i.e. in relation to CCTV surveillance at our offices); and/or
- to communicate with you.
HOW WE USE TRACKING TECHNOLOGIES
IN WHAT VERY LIMITED CIRCUMSTANCES MIGHT WE DISCLOSE YOUR PERSONAL INFORMATION?
Your personal information will not be sold, traded, rented or otherwise provided to others without your consent.
We will not otherwise disclose your personal information unless permitted by applicable laws, including where:
- you have consented to such disclosure;
- the disclosure is one of the purposes in connection with which the information was obtained or is directly related to the purposes in connection with which the information was obtained;
- the source of the information is a publicly available publication and, in particular circumstances, it would not be unfair or unreasonable to disclose the information;
- we are authorised or required to do so by a court or under applicable laws or regulations or where requested by a government agency under applicable law;
- such disclosure is to appropriate persons, and where disclosure is necessary to avoid endangering someone’s health or safety or public health or public safety; or
- when disclosure is necessary to avoid a prejudice to the maintenance of the law.
Where possible and appropriate, we will notify you if we are required by law to disclose your personal information.
INTERNATIONAL DATA TRANSFERS
In connection with providing the Services, you accept that your personal information may be collected or held in New Zealand and be disclosed to recipients in, or transferred to, or processed in, countries other than New Zealand.
Certain businesses that supports our services and products may be located outside New Zealand, for example, our CRM, cloud services or authentication providers. The Privacy Act 2020 permits us to transfer personal information to third parties outside of New Zealand who hold or process your personal information on our behalf.
We may also provide your personal information to third parties in countries other than New Zealand if we have reasonable grounds to believe the recipient is required to protect your personal information in a way that, overall, provides comparable safeguards to those required by New Zealand’s privacy laws.
However, we also acknowledge that there may be differences between New Zealand’s privacy laws and those of the overseas locations in which we may store and process your personal information. If we cannot ensure that recipients in those locations are required to protect your personal information using comparable safeguards to those under New Zealand’s privacy laws then we will only provide your personal information to recipients in those locations if you authorise us to do so.
For further information, please contact us using the details set out in the contact section below.
STORAGE AND SECURITY
We are committed to protecting the security of your personal information and we take reasonable precautions to protect it from unauthorised access, modification or disclosure.
The GPSIT Group implements and maintains organisational and technical security measures that are designed to provide reasonable protection against the loss, interference or misuse of your personal information and to prevent unauthorised access, modification or disclosure of that information.
You acknowledge that the security of online transactions and the security of communications sent by electronic means or by post is never fail-safe. You provide information to us via the internet or by post at your own risk, though here are some of the measures we do take to ensure your personal information is protected:
- physical and audio surveillance at our offices;
- we retain personal information in secure hard copy and electronic files where there’s either restricted physical access or password access protections;
- we use secure Cloud services or data storage providers and encryption technology;
- we take reasonable steps to ensure that any third parties who handle files maintained in offsite facilities have suitable privacy protections in place; and
- we periodically review our security arrangements.
If despite these measures, a privacy breach does unfortunately occur, we have processes in place to ensure our obligations under the Privacy Act 2020 are met. We will promptly assess the privacy breach and notify you and the Privacy Commissioner, as appropriate and required by the Privacy Act 2020.
WHAT ABOUT LINKS TO OTHER WEBSITES?
EMAIL, TEXT AND TELEPHONE COMMUNICATIONS
We are committed to full compliance with the Unsolicited Electronic Messages Act 2007.
By subscribing to emails and/or text communications, or otherwise providing your email address and/or mobile number, you consent to receiving emails and/or texts (as the case may be) which promote and market our products and services, or the products and services of others, from time to time.
You can unsubscribe from our email communications and/or text communications at any time by clicking the “Unsubscribe” link in any promotional or marketing email or text received or by emailing email@example.com or firstname.lastname@example.org.
Once you have unsubscribed from the email or text communications, you will be removed from the corresponding marketing list as soon as is reasonably practicable.
HOW YOU CAN ACCESS OR CORRECT YOUR PERSONAL INFORMATION
It is your responsibility to ensure that the personal information you provide is accurate, complete and up-to-date.
You may request access to the information we hold about you, or request that we update or correct any personal information we hold about you, or ask us to restrict or cease processing your personal information or even delete your personal information, by setting out your request in writing and sending it to us at email@example.com or firstname.lastname@example.org.
We will review your request as soon as reasonably practicable to comply with our legal obligations. If we are unable to give you access to the information you have requested, we will give you reasons for this decision when we respond to your request.
The length of time we keep your personal information depends on what it is and whether we have an ongoing business need to retain it (for example, to provide you with a service you’ve requested or to comply with applicable legal requirements such as money laundering and financial reporting legislation).
We’ll retain your personal information for as long as we have a relationship with you and for a period of time afterwards where we have an ongoing business need to retain it, in accordance with our internal retention policies and practices. Following that period, we’ll make sure it’s deleted or anonymised. Otherwise, as a general rule, we only keep your personal information for as long as we require it for the purposes of providing you with our Services.
We take your concerns seriously. If you have any concerns about privacy or the use or collection of your personal information by the GPSIT Group please contact our Privacy Officer at:
Free phone (within NZ): 0800 247 748
Phone: +64 (7) 573 6077
We may ask you to lodge your complaint in writing. We will respond as quickly as possible (our target response is 20 days) and handle all complaints in a way that is fair and consistent.
If you believe that we have not adequately dealt with your complaint or where we are unable to satisfactorily resolve your concerns about our handling of your personal information, then you can always contact the Office of the Privacy Commissioner (you can visit www.privacy.org.nz for their contact details).