1) Your personal information
Anaro Group Limited and respective subsidiaries and affiliates (collectively referred to as Anaro, we, us and our) take our responsibility for your personal information seriously and are committed to managing personal information in accordance with the Privacy Act 2020 (Act). In our privacy policy we set out how we will handle and manage personal information we collect and/or hold about you.
In our privacy policy, “personal information” has the same meaning as in the Privacy Act; (namely, information about an identifiable individual).
We may change this privacy policy from time to time, with or without notice to you. When we do so we will publish an updated version on our website www.anaro.co.nz (Website). We recommend that you visit our Website regularly to keep up to date with any changes.
This policy does not limit or exclude any of your rights under the Act. If you wish to seek further information on the Act, see www.privacy.org.nz.
2) What personal information we collect
Clients and prospective clients
When you enquire about our services or when you become a client of Anaro, a record is made which includes your personal information.
The types of personal information that we collect will vary, but will typically include:
- personal details such as your name, e-mail, postal address and other contact details;
- your IRD number and tax status;
- financial information, such as your statement of position, bank statements, income sources and value;
- documentation required to verify your identity, such as a passport or driver’s license;
- (to the extent applicable) information about your employer or an organisation who you represent;
- any additional personal information you provide to us, or authorise us to collect, as part of your interaction with us.
- Information that we are required to collect to meet our obligations under the Anti-Money Laundering and Countering Financing of Terrorism Act 2009
Prospective employees/applicants
In connection with considering your application and/or offering you an employment position:
We request directly from you and collect certain personal information.
We may also collect personal information from third parties (including government agencies), in ways which you would expect (for example, from recruitment agencies or referees you have nominated), and from conducting background checks. We do this regardless, not just for certain positions.
We may also collect relevant information from third party sources such as LinkedIn and other professional websites.
Other Individuals
We may collect personal information about other individuals who are not our clients. This includes members of the public who participate in events we are involved with; individual service providers and contractors; and other individuals who interact with us on a commercial basis. The kinds of personal information we collect will depend on the capacity in which you are dealing with us. Generally, it would include your first and last name, address, e-mail address and telephone number.
If you are participating in an event we are managing or delivering, we may take images or audio-visual recordings which may identify you. If we identify you, we will seek your specific consent.
In limited circumstances, we may collect information which is considered sensitive information. For example, if you are injured while participating in the services that we provide or at an event promoted or delivered by us, we may collect health information about you in an emergency or otherwise with your consent.
3) When we collect personal information:
We collect personal information from you:
- when you enter into discussions with us in relation to becoming a client with us;
- when you enter into our Client Agreement/Application form and any other related documentation for the purposes of becoming our client;
- when you apply for employment with us; and
- when you contact or interact with us.
4) Why we collect personal information, and what we use it for
We collect and use your personal information as reasonably necessary to carry out our business, to assess and manage our clients' needs, and provide services. We may also collect information to fulfil administrative functions associated with these services, for example billing, entering into contracts with you and/or third parties and managing client relationships.
The purposes for which we usually collect and use personal information depend on the nature of your interaction with us, but may include:
- to set up your account to use our services, including verifying your identity and the identity of any other authorised person (as defined in our Client Agreement / Application form);
- to provide our services including third party integrated services, carrying out your instructions, and administering your account;
- to develop our understanding of our clients’ preferences and interests in the services we offer;
- for our internal research, development and the optimisation of our services;
- to let you know about surveys, promotions and any marketing activities we may undertake from time to time, or other opportunities or matters relevant to your account, or ancillary services provided by us (you may opt out at any time);
- to comply with our license requirements, regulations, laws and court orders in New Zealand and overseas (if applicable), including laws relating to anti-money laundering and countering financing of terrorism legislation, and to prevent fraud or other crimes;
- for the purposes and uses described in applicable terms and conditions between you and us; and
- to manage our relationship and/or services provided to you with you and exercise our rights under applicable terms and conditions between you and us.
5) How we hold personal information
We store information in paper-based files and/or using other electronic record keeping methods in secure databases (including trusted third party storage providers based in New Zealand and overseas). Personal information may be collected in paper-based documents and converted to electronic form for use or storage (with the original paper-based documents either archived or securely destroyed). We take reasonable steps to protect your personal information from misuse, interference and loss and from unauthorised access, modification or disclosure.
We maintain physical security over paper and electronic data stores, such as through locks and security systems at our premises. We also maintain computer and network security; for example, we use firewalls (security measures for the Internet) and other security systems such as user identifiers and passwords to control access to our computer systems.
We endeavour to use encryption or other technologies to ensure the secure transmission and storage of information via the internet. Users of our websites are encouraged to exercise care in sending personal information via the internet.
Records must be kept for a minimum of 7 years after the end of a business relationship. We may keep the records for a longer period at our discretion.
6) Using and sharing your personal information
The purposes for which we may use and disclose your personal information will depend on the services we are providing you or the purposes for which we are interacting with you.
We may, subject to any internal conflict management procedures, provide your personal information to our employees, related companies, contractors, advisors, agents regulators, exchanges, courts, service providers and other third-parties (including financial institutions), where permitted or we believe this is appropriate to help us with any of the purposes we have outlined above. We will take reasonable steps to ensure that those recipients do not use that personal information for any other purpose.
We will not send your personal information to another organisation to use for their marketing purposes.
We may also use and disclose personal information for a range of administrative, management and operational purposes. This includes:
- administering billing and payments and debt recovery;
- planning, managing, monitoring and evaluating our services;
- quality improvement activities;
- statistical analysis and reporting;
- training staff, contractors and other workers;
- risk management and management of legal liabilities and claims (for example, liaising with insurers and legal representatives);
- responding to enquiries and complaints regarding our services;
- obtaining advice from consultants and other professional advisers; and
- responding to subpoenas and other legal orders and obligations. We may release personal information when we believe this is appropriate for legal compliance and law enforcement, or will help prevent fraud, money laundering or other crimes (including to government agencies with statutory law enforcement responsibilities). We may also release personal information to enforce or apply our terms of use, other applicable terms and conditions between you and us, or protect our company, our users, or others. We can release personal information to third parties as instructed by you, as explained at the time of collection of the information and in other ways permitted by the Act.
7) Direct Marketing
We may use or disclose your personal information for the purpose of informing you about our services, upcoming promotions and events, or other opportunities that may interest you. If you do not want to receive direct marketing communications, you can opt-out at any time by contacting us using the contact details below.
If you opt-out of receiving marketing material from us, we may still contact you in relation to our ongoing relationship with you.
8) Disclosure of information overseas
We work with clients, service providers, sponsors and commercial interests across the globe.
You have authorised us to make any disclosure permitted to any third party that provides services to Anaro or government agency/regulator whether in New Zealand, Australia or elsewhere.
9) Right to access your personal information or seek correction of your personal information
To find out what personal information we hold about you, to get a copy of that information, and/or request corrections to that information as outlined in the Privacy Act, or for any further information about this privacy policy, please contact us at office@anaro.co.nz.
We will take reasonable steps to ensure that the personal information we collect, use or disclose is accurate, complete and up-to-date. You can help us to do this by letting us know if you notice errors or discrepancies in information we hold about you and letting us know if your personal details change.
However, if you consider any personal information we hold about you is inaccurate, out-of-date, incomplete, irrelevant or misleading you are entitled to request correction of the information. After receiving a request from you, we will take reasonable steps to correct your information.
We may decline your request to access or correct your personal information in certain circumstances in accordance with the Act. If we do refuse your request, we will provide you with a reason for our decision and, in the case of a request for correction, we will include a statement with your personal information about the requested correction.
10) Where we receive information about others from you
If you provide us with personal information about someone else, you must ensure that you have their consent to do so (including their consent to Anaro contacting them), so that, without us taking any further steps required by applicable data protection or privacy laws, we may collect, use and disclose such information for the purposes we have described in this policy.
This means you must take reasonable steps when providing personal information so that the individual concerned is aware of and/or consents to this policy, including that:
- their personal information is being collected;
- the purposes for which that information is being collected;
- the intended recipients of that information;
- the individual's right to obtain access to that information; and
- our identity, and how to contact us.
11) How we interact with you over the internet
You may visit our Website without identifying yourself. If you identify yourself (for example, by providing your contact details in an enquiry), any personal information you provide to us will be managed in accordance with this privacy policy.
Our Website may contain links to third-party websites. We are not responsible for the content or privacy practices of websites that are linked to our website.
12) Cookies
We may use cookies when you are on the Website. Cookies are small blocks of text stored on your device. They allow us to recognise you (or rather, your internet browser) as you move around our site, and if you return to our site later. Cookies cannot read your hard drive or command your computer to perform any action.
Cookies may be used for security to help us identify you, to provide you with personalised features and for tracking traffic on our site. Any information we collect and share with third parties through cookies is aggregated and therefore anonymous (when shared with third parties, it does not include personal information which is likely to identify you).
You can prevent new cookies from being installed and delete existing cookies. The procedure depends on which browser you are using. For information on how to remove cookies check your internet browser. You may be unable to access certain pages on our Website unless you accept cookies.
13) Analytics
To improve our Website and services we may use patterns and other meaningful information gathered from website analytics tools. This may include the timing and frequency of your use of the Website, your IP address, page requests, form requests, mouse click activity and other information that you voluntarily enter into the website.
In addition, we may use third party cookies from third party services such as Google Analytics and/or Microsoft Application Insights. These services give us insight into behavioural information relating to users interests in our services, on an anonymous and aggregate level. This helps us to understand browsing behaviour to give a better experience whilst using our services.
You can access Google's Privacy Policy here and Microsoft’s Privacy Policy here.
14) Complaints about the handling of your personal information
You may contact us at any time if you have any questions or concerns about this privacy policy or about the way in which your personal information has been handled.
You may make a complaint about privacy to the Privacy Officer at the contact details set out below.
The Privacy Officer will first consider your complaint to determine whether there are simple or immediate steps which can be taken to resolve the complaint. We will generally respond to your complaint within a week.
If your complaint requires more detailed consideration or investigation, we will acknowledge receipt of your complaint within a week and endeavour to complete our investigation into your complaint promptly. We may ask you to provide further information about your complaint and the outcome you are seeking. We will then typically gather relevant facts, locate and review relevant documents and speak with individuals involved.
In most cases, we will investigate and respond to a complaint within 30 days of receipt of the complaint. If the matter is more complex or our investigation may take longer, we will let you know.
If you are not satisfied with our response to your complaint, or you consider that we may have breached the Act, a complaint may be made to the Office of the Privacy Commissioner (the Office of the Privacy Commissioner can be contacted by telephone on 0800 803 909 or by using the contact details on the website www.privacy.org.nz).
15) How you can contact us
The contact details Anaro Privacy Officer are as follows:
Anaro Privacy Officer
Jason Little