1. Purpose
1.1 CheckSafe Limited (CheckSafe, our, us, we) know that how we collect, use, disclose and protect your information is important to you, and we value your trust. That’s why protecting your information and being clear about what we do with it is a vital part of our relationship with you.
1.2 The purpose of this Privacy Policy is to inform you about how we comply with the requirements of the New Zealand Privacy Act 2020 (the Privacy Act) in managing personal information.
1.3 This Privacy Policy does not apply to personal information entered into our software-as-a-service product by our customer organisations, as that information is collected, held and controlled by the customer organisation. We do not use this personal information for our own purposes. In these circumstances, the customer organisation is responsible for entering personal information into our product and ensuring their use of the product is compliant with privacy law. Any questions about a customer organisation’s privacy practices or specific settings within our product should be directed to the relevant organisation.
2. Consent to Privacy Policy
2.1 This Privacy Policy applies to all personal information that we collect and use for our own purposes when you access or use the products or services we provide, our digital platforms, or otherwise provide us with your personal information (collectively, our Services).
2.2 You acknowledge and agree that CheckSafe is permitted to collect, store, use and disclose your personal information in the manner set out in this Privacy Policy. If you do not agree with this Privacy Policy, please do not use our Services or otherwise provide us with personal information.
3. Collection of personal information
3.1 “Personal information” is defined in the Privacy Act as information about an identifiable individual (a natural person as opposed to a company or other legal entity).
3.2 The types of personal information we collect will vary depending on the nature of your dealings with us, but may include the following:
(a) contact details (such as your name, email address, postal address, phone number);
(b) details relating to your use of any our Services; and
(c) details of any enquiry you make with us.
3.3 CheckSafe may obtain and aggregate technical and other data about your use of our Services that does not identify you (Aggregated Anonymous Data). CheckSafe may use the Aggregated Anonymous Data to analyse, improve, support and operate the Services and otherwise for any business purposes.
3.4 Except as otherwise permitted by law, we will collect personal information:
(a) from you directly when you provide your details to us (including information that you provide to us in person, over the telephone or a video call (such as over Microsoft Teams, Zoom or Skype) when you contact our staff);
(b) from you indirectly (through one of our digital platforms like our website and social media pages, including through any online chat, virtual assistant, or bots), when you email or write to us, or when you participate in a marketing campaign, competition, or promotion (or a similar event) administered by us or our representatives;
(c) from an organisation (i.e. your employer) who is a customer of Checksafe where the information is necessary for business or administrative purposes connected to the use of our products and services by that organisation;
(d) from third parties in some instances, for example, where we have received your express consent to do so. We are not responsible for the privacy or security practices of third parties and the privacy practices of any third party are not covered by this Privacy Policy; and
(e) from available public sources, for example via the internet.
4. Online device information and cookies
4.1 If you are visiting us through our website and social media pages, then we collect information about your use and experience on these by using cookies. Cookies are small pieces of information stored on your hard drive or on your mobile browser. They can record information about your visit to the site, allowing it to remember you the next time you visit and provide a more meaningful experience. The cookies we send to your computer, mobile phone or other device cannot read your hard drive, obtain any information from your browser or command your device to perform any action. They are designed so that they cannot be sent to another site or be retrieved by any non-CheckSafe website.
4.2 When you interact with us through our website or social media pages, the information collected through the cookies may include:
(a) the date and time of visits;
(b) website page (or pages) viewed;
(c) the website from which you accessed the internet and our website or other digital platform;
(d) how you navigate through the website and interact with pages (including any fields completed in forms and applications completed (where applicable));
(e) information about your location;
(f) information about the device used to visit our digital platform; and
(g) IP address (or addresses), and the type of web browser used.
4.3 We will not ask you to supply personal information publicly over any social media platform that we use. Sometimes we may invite you to send your details to us through a private message, for example, to answer a question. You may also be invited to share your personal information through secure channels to participate in other activities, such as competitions, but we would require your express consent prior to us including you in such activities.
5. Purpose of collection and use of personal information
5.1 We collect and use personal information in order to:
(a) assess whether you are eligible for the Services offered by us;
(b) facilitate the provision of Services to you;
(c) respond to queries from you and provide you with any information that you request;
(d) provide you with further information about our other Services; and
(e) for any other purpose that may be permitted or required by law.
5.2 We may also have an obligation to disclose certain personal information to regulatory and similar bodies - see “Disclosure of your personal information” below. These bodies have a legal right to such information.
6. Storage and protection of your personal information
6.1 We may electronically record and store personal information which we collect from you. When we do so, we will take reasonable steps to keep it secure and prevent unauthorised disclosure. However, we cannot guarantee that your personal information will not be accessed by an unauthorised person (e.g. a hacker) or that unauthorised disclosures will not occur.
6.2 If we provide you with any passwords or other security devices, it is important that you keep these confidential and do not allow them to be used by any other person. You should notify us immediately if the security of your password or security device is breached, this will help prevent the unauthorised disclosure of your personal information.
6.3 Some information we hold about you will be stored in paper files, but most of your information will be stored electronically on physical hard drives and/or on the cloud, by cloud service providers – see “Cloud-based service providers” below.
7. Cloud-based service providers
7.1 We use third party service providers to store and process most of the information we collect.
7.2 We ensure that our cloud-based service providers are subject to appropriate security and information handling arrangements and that the information stored or processed by them remains subject to confidentiality obligations.
8. Timeframes for keeping personal information
8.1 We take reasonable steps to destroy or permanently de-identify any personal information as soon as practicable after the date of which it has no legal or regulatory purpose, or we have no legitimate business purpose with it.
8.2 In the case of information that relates to our Services or to Services we have provided, we may be required by law to hold this information for seven years. After this time, provided that the personal information is no longer relevant to any Service we are providing you, we will take reasonable steps to safely destroy or de-identify any personal information.
9. Disclosure of your personal information
9.1 We may share your personal information with third parties outside CheckSafe where:
(a) it is necessary to enable us to achieve the purpose that we collected the information for;
(b) we are required or authorised by law;
(c) you have expressly consented to the disclosure; or
(d) we are permitted to disclose the information under the Privacy Act.
10. Parties we may disclose your information to
10.1 We may disclose your personal information to third parties for the purpose of providing Services to you, including, but not limited to:
(a) other companies or service providers who assist us in providing our Services or perform functions on our behalf (such as hosting and data storage providers and auditors);
(b) other Checksafe related companies;
(c) our professional advisers (such as our lawyers and our external dispute resolution service);
(d) the Privacy Commissioner or other government bodies or regulators;
(e) credit reporting and debt collecting organisations;
If we don’t need to share your information with a third party in order to provide our Services, we will not pass on your information to them without your consent. Under no circumstances will we sell or receive payment for disclosing your personal information.
11. Sending your information overseas
11.1 We may send your personal information outside New Zealand, including to overseas members of CheckSafe related companies, overseas service providers or other third parties who process or store our information, or provide certain services to us.
11.2 Where we do this, it does not change any of our commitments to you to safeguard your privacy. We make sure that appropriate security and information handling arrangements are in place and the information remains subject to confidentiality obligations.
11.3 If we need to send your personal information to a third party outside of New Zealand who uses that information for their own purposes, we will ensure that party is subject to privacy laws that are comparable to the Privacy Act, or is otherwise required to protect your personal information in a way that provides comparable safeguards to those in the Privacy Act.
11.4 Where it is not possible to ensure that appropriate security and information handling arrangements are in place, we will let you know and gain your express consent prior to sending your personal information overseas.
12. Third party websites
12.1 Through our Services, you may be able to link to other websites which are not under our control. We are not responsible for the privacy or security practices of those third-party websites and the sites are not covered by this Privacy Policy. Third party websites should have their own privacy and security policies and we encourage you to read them.
12.2 In addition, we have no knowledge of (or control over) the nature, content, and availability of those websites. We do not sponsor, recommend, or endorse anything contained on these linked websites. We do not accept any liability of any description for any loss suffered by you by relying on anything contained or not contained on these linked websites.
13. Right to access and correct personal information
13.1 You have the right to request access to, and correction of, your personal information. You can do so by contacting us at:
12 Aerodrome Road, Mount Maunganui
Or via email at [email protected]
13.2 When you contact us with such a request, we will take steps to update your personal information, provide you with access to your personal information and/or otherwise address your query within 20 working days after we receive your request. To protect the security of your personal information, you may be required to provide identification before we update or provide you with access to your personal information.
13.3 There is no fee for requesting that your personal information is corrected or for us to make corrections. In processing your request for access to your personal information, a reasonable cost may be charged. This charge covers such things as locating the information and supplying it to you.
13.4 There are some circumstances in which we are not required to give you access to your personal information. If we refuse to give you access or to correct your personal information, we will let you know our reasons, except if the law prevents us from doing so.
13.5 If we refuse your request to correct your personal information, you also have the right to request that a statement be associated with your personal information noting that you disagree with its accuracy.
13.6 If we refuse your request to access or correct your personal information, we will also provide you with information on how you can complain about the refusal.
14. What happens if you do not provide us your information?
14.1 If you do not provide information we have requested, you may be unable to obtain or access our Services for which the information is required. Please contact us using the details below if you are unsure what information is important and how this might affect you.
15. Changes to this Privacy Policy
15.1 We review this Privacy Policy periodically to keep it current and available on our website. If the changes are significant, we will advise you either through our website or via other means, such as email. By using our Services after the effective date of the change, you will be deemed to have accepted the changes to this Privacy Policy. If you do not agree to such changes, you must immediately notify us and stop using and/or accessing our Services.
16. Privacy Policy queries and concerns
16.1 If you are concerned about how your personal information is being handled or if you feel that we have compromised your privacy in some way, please contact us at:
12 Aerodrome Road, Mount Maunganui
[email protected]
0800 607 383
16.2 We aim to acknowledge any complaint within three working days of its receipt. We will let you know if we need any further information from you to investigate your complaint. We aim to resolve complaints as quickly as possible. We strive to resolve complaints within five working days, but some complaints take longer to resolve. If your complaint is taking longer, we will let you know what is happening and a date by which you can reasonably expect a response.
16.3 If you are not satisfied with our response to any privacy related concern you may lodge a complaint on the Office of the Privacy Commissioner’s website (www.privacy.org.nz) or send a complaint form to the Privacy Commissioner at:
Office of the Privacy Commissioner
P O Box 10-094
Wellington 6143, New Zealand
Email: [email protected]
Telephone: 0800 803 909
Last updated: June 2021
1.1 CheckSafe Limited (CheckSafe, our, us, we) know that how we collect, use, disclose and protect your information is important to you, and we value your trust. That’s why protecting your information and being clear about what we do with it is a vital part of our relationship with you.
1.2 The purpose of this Privacy Policy is to inform you about how we comply with the requirements of the New Zealand Privacy Act 2020 (the Privacy Act) in managing personal information.
1.3 This Privacy Policy does not apply to personal information entered into our software-as-a-service product by our customer organisations, as that information is collected, held and controlled by the customer organisation. We do not use this personal information for our own purposes. In these circumstances, the customer organisation is responsible for entering personal information into our product and ensuring their use of the product is compliant with privacy law. Any questions about a customer organisation’s privacy practices or specific settings within our product should be directed to the relevant organisation.
2. Consent to Privacy Policy
2.1 This Privacy Policy applies to all personal information that we collect and use for our own purposes when you access or use the products or services we provide, our digital platforms, or otherwise provide us with your personal information (collectively, our Services).
2.2 You acknowledge and agree that CheckSafe is permitted to collect, store, use and disclose your personal information in the manner set out in this Privacy Policy. If you do not agree with this Privacy Policy, please do not use our Services or otherwise provide us with personal information.
3. Collection of personal information
3.1 “Personal information” is defined in the Privacy Act as information about an identifiable individual (a natural person as opposed to a company or other legal entity).
3.2 The types of personal information we collect will vary depending on the nature of your dealings with us, but may include the following:
(a) contact details (such as your name, email address, postal address, phone number);
(b) details relating to your use of any our Services; and
(c) details of any enquiry you make with us.
3.3 CheckSafe may obtain and aggregate technical and other data about your use of our Services that does not identify you (Aggregated Anonymous Data). CheckSafe may use the Aggregated Anonymous Data to analyse, improve, support and operate the Services and otherwise for any business purposes.
3.4 Except as otherwise permitted by law, we will collect personal information:
(a) from you directly when you provide your details to us (including information that you provide to us in person, over the telephone or a video call (such as over Microsoft Teams, Zoom or Skype) when you contact our staff);
(b) from you indirectly (through one of our digital platforms like our website and social media pages, including through any online chat, virtual assistant, or bots), when you email or write to us, or when you participate in a marketing campaign, competition, or promotion (or a similar event) administered by us or our representatives;
(c) from an organisation (i.e. your employer) who is a customer of Checksafe where the information is necessary for business or administrative purposes connected to the use of our products and services by that organisation;
(d) from third parties in some instances, for example, where we have received your express consent to do so. We are not responsible for the privacy or security practices of third parties and the privacy practices of any third party are not covered by this Privacy Policy; and
(e) from available public sources, for example via the internet.
4. Online device information and cookies
4.1 If you are visiting us through our website and social media pages, then we collect information about your use and experience on these by using cookies. Cookies are small pieces of information stored on your hard drive or on your mobile browser. They can record information about your visit to the site, allowing it to remember you the next time you visit and provide a more meaningful experience. The cookies we send to your computer, mobile phone or other device cannot read your hard drive, obtain any information from your browser or command your device to perform any action. They are designed so that they cannot be sent to another site or be retrieved by any non-CheckSafe website.
4.2 When you interact with us through our website or social media pages, the information collected through the cookies may include:
(a) the date and time of visits;
(b) website page (or pages) viewed;
(c) the website from which you accessed the internet and our website or other digital platform;
(d) how you navigate through the website and interact with pages (including any fields completed in forms and applications completed (where applicable));
(e) information about your location;
(f) information about the device used to visit our digital platform; and
(g) IP address (or addresses), and the type of web browser used.
4.3 We will not ask you to supply personal information publicly over any social media platform that we use. Sometimes we may invite you to send your details to us through a private message, for example, to answer a question. You may also be invited to share your personal information through secure channels to participate in other activities, such as competitions, but we would require your express consent prior to us including you in such activities.
5. Purpose of collection and use of personal information
5.1 We collect and use personal information in order to:
(a) assess whether you are eligible for the Services offered by us;
(b) facilitate the provision of Services to you;
(c) respond to queries from you and provide you with any information that you request;
(d) provide you with further information about our other Services; and
(e) for any other purpose that may be permitted or required by law.
5.2 We may also have an obligation to disclose certain personal information to regulatory and similar bodies - see “Disclosure of your personal information” below. These bodies have a legal right to such information.
6. Storage and protection of your personal information
6.1 We may electronically record and store personal information which we collect from you. When we do so, we will take reasonable steps to keep it secure and prevent unauthorised disclosure. However, we cannot guarantee that your personal information will not be accessed by an unauthorised person (e.g. a hacker) or that unauthorised disclosures will not occur.
6.2 If we provide you with any passwords or other security devices, it is important that you keep these confidential and do not allow them to be used by any other person. You should notify us immediately if the security of your password or security device is breached, this will help prevent the unauthorised disclosure of your personal information.
6.3 Some information we hold about you will be stored in paper files, but most of your information will be stored electronically on physical hard drives and/or on the cloud, by cloud service providers – see “Cloud-based service providers” below.
7. Cloud-based service providers
7.1 We use third party service providers to store and process most of the information we collect.
7.2 We ensure that our cloud-based service providers are subject to appropriate security and information handling arrangements and that the information stored or processed by them remains subject to confidentiality obligations.
8. Timeframes for keeping personal information
8.1 We take reasonable steps to destroy or permanently de-identify any personal information as soon as practicable after the date of which it has no legal or regulatory purpose, or we have no legitimate business purpose with it.
8.2 In the case of information that relates to our Services or to Services we have provided, we may be required by law to hold this information for seven years. After this time, provided that the personal information is no longer relevant to any Service we are providing you, we will take reasonable steps to safely destroy or de-identify any personal information.
9. Disclosure of your personal information
9.1 We may share your personal information with third parties outside CheckSafe where:
(a) it is necessary to enable us to achieve the purpose that we collected the information for;
(b) we are required or authorised by law;
(c) you have expressly consented to the disclosure; or
(d) we are permitted to disclose the information under the Privacy Act.
10. Parties we may disclose your information to
10.1 We may disclose your personal information to third parties for the purpose of providing Services to you, including, but not limited to:
(a) other companies or service providers who assist us in providing our Services or perform functions on our behalf (such as hosting and data storage providers and auditors);
(b) other Checksafe related companies;
(c) our professional advisers (such as our lawyers and our external dispute resolution service);
(d) the Privacy Commissioner or other government bodies or regulators;
(e) credit reporting and debt collecting organisations;
If we don’t need to share your information with a third party in order to provide our Services, we will not pass on your information to them without your consent. Under no circumstances will we sell or receive payment for disclosing your personal information.
11. Sending your information overseas
11.1 We may send your personal information outside New Zealand, including to overseas members of CheckSafe related companies, overseas service providers or other third parties who process or store our information, or provide certain services to us.
11.2 Where we do this, it does not change any of our commitments to you to safeguard your privacy. We make sure that appropriate security and information handling arrangements are in place and the information remains subject to confidentiality obligations.
11.3 If we need to send your personal information to a third party outside of New Zealand who uses that information for their own purposes, we will ensure that party is subject to privacy laws that are comparable to the Privacy Act, or is otherwise required to protect your personal information in a way that provides comparable safeguards to those in the Privacy Act.
11.4 Where it is not possible to ensure that appropriate security and information handling arrangements are in place, we will let you know and gain your express consent prior to sending your personal information overseas.
12. Third party websites
12.1 Through our Services, you may be able to link to other websites which are not under our control. We are not responsible for the privacy or security practices of those third-party websites and the sites are not covered by this Privacy Policy. Third party websites should have their own privacy and security policies and we encourage you to read them.
12.2 In addition, we have no knowledge of (or control over) the nature, content, and availability of those websites. We do not sponsor, recommend, or endorse anything contained on these linked websites. We do not accept any liability of any description for any loss suffered by you by relying on anything contained or not contained on these linked websites.
13. Right to access and correct personal information
13.1 You have the right to request access to, and correction of, your personal information. You can do so by contacting us at:
12 Aerodrome Road, Mount Maunganui
Or via email at [email protected]
13.2 When you contact us with such a request, we will take steps to update your personal information, provide you with access to your personal information and/or otherwise address your query within 20 working days after we receive your request. To protect the security of your personal information, you may be required to provide identification before we update or provide you with access to your personal information.
13.3 There is no fee for requesting that your personal information is corrected or for us to make corrections. In processing your request for access to your personal information, a reasonable cost may be charged. This charge covers such things as locating the information and supplying it to you.
13.4 There are some circumstances in which we are not required to give you access to your personal information. If we refuse to give you access or to correct your personal information, we will let you know our reasons, except if the law prevents us from doing so.
13.5 If we refuse your request to correct your personal information, you also have the right to request that a statement be associated with your personal information noting that you disagree with its accuracy.
13.6 If we refuse your request to access or correct your personal information, we will also provide you with information on how you can complain about the refusal.
14. What happens if you do not provide us your information?
14.1 If you do not provide information we have requested, you may be unable to obtain or access our Services for which the information is required. Please contact us using the details below if you are unsure what information is important and how this might affect you.
15. Changes to this Privacy Policy
15.1 We review this Privacy Policy periodically to keep it current and available on our website. If the changes are significant, we will advise you either through our website or via other means, such as email. By using our Services after the effective date of the change, you will be deemed to have accepted the changes to this Privacy Policy. If you do not agree to such changes, you must immediately notify us and stop using and/or accessing our Services.
16. Privacy Policy queries and concerns
16.1 If you are concerned about how your personal information is being handled or if you feel that we have compromised your privacy in some way, please contact us at:
12 Aerodrome Road, Mount Maunganui
[email protected]
0800 607 383
16.2 We aim to acknowledge any complaint within three working days of its receipt. We will let you know if we need any further information from you to investigate your complaint. We aim to resolve complaints as quickly as possible. We strive to resolve complaints within five working days, but some complaints take longer to resolve. If your complaint is taking longer, we will let you know what is happening and a date by which you can reasonably expect a response.
16.3 If you are not satisfied with our response to any privacy related concern you may lodge a complaint on the Office of the Privacy Commissioner’s website (www.privacy.org.nz) or send a complaint form to the Privacy Commissioner at:
Office of the Privacy Commissioner
P O Box 10-094
Wellington 6143, New Zealand
Email: [email protected]
Telephone: 0800 803 909
Last updated: June 2021