Red Office (we, us, our) complies with the New Zealand Privacy Act 1993 (the Act) when dealing with personal information. Personal information is information about an identifiable individual (a natural person).
This policy sets out how we will collect, use, disclose and protect your personal information.
This policy does not limit or exclude any of your rights under the Act. If you wish to seek further information on the Act, see http://www.privacy.org.nz.
Changes to this policy
We may change this policy by uploading a revised policy onto the website. The change will apply from the date that we upload the revised policy.
Who do we collect your personal information from
We collect personal information about you from:
- you, when you provide that personal information to us, including via the website and any related service, through any registration or subscription process, through any contact with us (e.g. telephone call or email), or when you buy or use our services and products
- Third parties where you have authorised this or the information is publicly available.
If possible, we will collect personal information from you directly.
How we use your personal information
We will use your personal information
- to verify your identity
- to provide services and products to you
- to market our services and products to you, including contacting you electronically (e.g. by text or email for this purpose)
- to improve the services and products that we provide to you
- to undertake credit checks of you (if necessary)
- to bill you and to collect money that you owe us, including authorising and processing credit card transactions
- to respond to communications from you, including a complaint
- to conduct research and statistical analysis (on an anonymised basis)
- to protect and/or enforce our legal rights and interests, including defending any claim
- for any other purpose authorised by you or the Act.
Disclosing your personal information
We may disclose your personal information to:
- any business that supports our services and products, including any person that hosts or maintains any underlying IT system or data centre that we use to provide the website or other services and products
- a credit reference agency for the purpose of credit checking you
- other third parties (for anonymised statistical information)
- a person who can require us to supply your personal information (e.g. a regulatory authority)
- any other person authorised by the Act or another law (e.g. a law enforcement agency)
- any other person authorised by you.
- We may also disclose information you have given us for the purposes of verifying it with third parties and third-party databases for the purposes of fraud prevention or the Anti-Money Laundering and Countering Financing Terrorism Act 2009. In order to verify your information we may disclose it to a credit reporting agency, they may hold information on their credit reporting database and use it for providing credit reporting services and for any other lawful purpose and they may disclose information to their subscribers for the purpose of credit checking or debt collection or for any other lawful purpose.
We will only use or disclose personal information that you have provided to us, or which we have obtained about you for the above-mentioned purposes, or:
- if you have authorised us to do so;
- if we believe that the use or disclosure is reasonably necessary to assist a law enforcement agency or an agency responsible for national security in the performance of their functions;
- if we believe that the use or disclosure is reasonably necessary to enforce any legal rights we may have, or is reasonably necessary to protect the rights, property and safety of us, our customers, or others; or
- if we are authorised, required or permitted by law to disclose the information.
Protecting your personal information
We will take all reasonable steps to keep your personal information safe from loss, unauthorised activity, or other misuse.
Storage and Security
We will take reasonable efforts to protect personal information that is held by us from loss, misuse, unauthorised access, disclosure, alteration, or destruction. We will keep your personal information for as long as we have a relationship with you. Once our relationship with you has come to an end, we will retain your personal information for a period of time that enables us to maintain business records for analysis and/or audit purposes. We will delete your personal information when it is no longer required for these purposes. If there is any information that we are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further processing or use of the data.
Accessing and correcting your personal information
Subject to certain grounds for refusal set out in the Act, you have the right to access your readily retrievable personal information that we hold and to request a correction to your personal information. Before you exercise this right, we will need evidence to confirm that you are the individual to whom the personal information relates.
In respect of a request for correction, if we think the correction is reasonable and we are reasonably able to change the personal information, we will make the correction. If we do not make the correction, we will take reasonable steps to note on the personal information that you requested the correction.
If you want to exercise either of the above rights, email us at firstname.lastname@example.org. Your email should provide evidence of who you are and set out the details of your request (e.g. the personal information, or the correction, that you are requesting).
We may charge you our reasonable costs of providing to you copies of your personal information or correcting that information.
Direct marketing means using your personal information to contact you via the phone, sms or email to promote our services. You acknowledge that by providing us with your personal information, we, our related entities or business partners may contact you to promote and market our respective products and services. You can opt-out from being contacted by us, our related entities or business partners for direct marketing by emailing us at email@example.com at any time and asking to be unsubscribed, or by following the link on our newsletters.
While we take reasonable steps to maintain secure internet connections, if you provide us with personal information over the internet, the provision of that information is at your own risk.
You have certain rights regarding your personal information, subject to applicable law. These include rights in certain circumstances to:
- access your personal information
- have inaccurate personal data rectified, blocked, erased or destroyed
- erase your personal information (right to be forgotten)
- restrict our use of your personal information (including prevent processing for the purpose of direct marketing)
- object to our use of your personal information (including objecting to decisions being taken by automated means)
- receive your personal information in a usable electronic format and transmit it to a third party (right to data portability)
- lodge a complaint with your local data protection authority.
If you would like to discuss or exercise such rights, please contact us at firstname.lastname@example.org
To ensure that the personal information we hold about you is accurate and current, please notify us of any changes to your personal information as soon as possible.
If you have a complaint or concern regarding your personal information and privacy, we would like to work with you to obtain a fair resolution. Please contact us using the details at the end of this privacy notice.