Privacy Policy

Page last updated: 09 May 2022

 

1) Your personal information


Anaro Group Limited and respective subsidiaries and affiliates (collectively referred to as Anaro, we, us
and our) take our responsibility for your personal information seriously and are committed to managing
personal information in accordance with the Privacy Act 2020 (Act). In our privacy policy we set out
how we will handle and manage personal information we collect and/or hold about you.


In our privacy policy, “personal information” has the same meaning as in the Privacy Act; (namely,
information about an identifiable individual).


We may change this privacy policy from time to time, with or without notice to you. When we do so we
will publish an updated version on our website www.anaro.co.nz (Website). We recommend that you
visit our Website regularly to keep up to date with any changes.


This policy does not limit or exclude any of your rights under the Act. If you wish to seek further
information on the Act, see www.privacy.org.nz.


2) What personal information we collect


Clients and prospective clients


When you enquire about our services or when you become a client of Anaro, a record is made which
includes your personal information.


The types of personal information that we collect will vary, but will typically include:

 

  • personal details such as your name, e-mail, postal address and other contact details;
  • your IRD number and tax status;
  • financial information, such as your statement of position, bank statements, income sources and value;
  • documentation required to verify your identity, such as a passport or driver’s licence;
  • (to the extent applicable) information about your employer or an organisation who you represent;
  • any additional personal information you provide to us, or authorise us to collect, as part of your interaction with us.
  • Information that we are required to collect to meet our obligations under the Anti-Money Laundering and Countering Financing of Terrorism Act 2009

Prospective employees/applicants


In connection with considering your application and/or offering you an employment position:


We request directly from you and collect certain personal information.


We may also collect personal information from third parties (including government agencies), in ways
which you would expect (for example, from recruitment agencies or referees you have nominated), and
from conducting background checks. We do this regardless, not just for certain positions.


We may also collect relevant information from third party sources such as LinkedIn and other
professional websites.


Other individuals


We may collect personal information about other individuals who are not our clients. This includes
members of the public who participate in events we are involved with; individual service providers and
contractors; and other individuals who interact with us on a commercial basis. The kinds of personal
information we collect will depend on the capacity in which you are dealing with us. Generally, it would
include your first and last name, address, e-mail address and telephone number.


If you are participating in an event we are managing or delivering, we may take images or audio-visual
recordings which may identify you. If we identify you, we will seek your specific consent.


In limited circumstances, we may collect information which is considered sensitive information. For
example, if you are injured while participating in the services that we provide or at an event promoted
or delivered by us, we may collect health information about you in an emergency or otherwise with
your consent.


3) When we collect personal information


We collect personal information from you:

 

  • when you enter into discussions with us in relation to becoming a client with us;
  • when you enter into our Client Agreement/Application form and any other related documentation for the purposes of becoming our client;
  • when you are using any application created by or for us or the Website and enter or upload information;
  • when you apply for employment with us; and
  • when you contact or interact with us.

4) Why we collect personal information, and what we use it for


We collect and use your personal information as reasonably necessary to carry out our business, to
assess and manage our clients' needs, and provide services. We may also collect information to fulfil
administrative functions associated with these services, for example billing, entering into contracts with
you and/or third parties and managing client relationships.


The purposes for which we usually collect and use personal information depend on the nature of your
interaction with us, but may include:

 

  • to set up your account to use our services, including verifying your identity and the identity of any other authorised person (as defined in our Client Agreement / Application form);
  • to provide our services including third party integrated services, carrying out your instructions, and administering your account;
  • to develop our understanding of our clients’ preferences and interests in the services we offer;
  • for our internal research, development and the optimisation of our services;
  • to let you know about surveys, promotions and any marketing activities we may undertake from time to time, or other opportunities or matters relevant to your account, or ancillary services provided by us (you may opt out at any time);
  • to let you know about changes and updates to our services, applicable terms and conditions between you and us and this privacy policy;
  • to comply with our license requirements, regulations, laws and court orders in New Zealand and overseas (if applicable), including laws relating to anti-money laundering and countering financing of terrorism legislation, and to prevent fraud or other crimes;
  • for the purposes and uses described in applicable terms and conditions between you and us; and
  • to manage our relationship and/or services provided to you with you and exercise our rights under applicable terms and conditions between you and us.

5) How we hold personal information


We store information in paper-based files and/or using other electronic record keeping methods in
secure databases (including trusted third party storage providers based in New Zealand and
overseas). Personal information may be collected in paper-based documents and converted to
electronic form for use or storage (with the original paper-based documents either archived or securely
destroyed). We take reasonable steps to protect your personal information from misuse, interference
and loss and from unauthorised access, modification or disclosure.


We maintain physical security over paper and electronic data stores, such as through locks and security
systems at our premises. We also maintain computer and network security; for example, we use
firewalls (security measures for the Internet) and other security systems such as user identifiers and
passwords to control access to our computer systems.


We endeavour to use encryption or other technologies to ensure the secure transmission and storage
of information via the internet. Users of our websites are encouraged to exercise care in sending
personal information via the internet.


Records must be kept for a minimum of 7 years after the end of a business relationship.
We may keep the records for a longer period at our discretion.


6) Using and sharing your personal information


The purposes for which we may use and disclose your personal information will depend on the services
we are providing you or the purposes for which we are interacting with you.


We may, subject to any internal conflict management procedures, provide your personal information
to our employees, related companies, contractors, advisors, agents regulators, exchanges, courts,
service providers and other third-parties (including financial institutions), where permitted or we
believe this is appropriate to help us with any of the purposes we have outlined above. We will take
reasonable steps to ensure that those recipients do not use that personal information for any other
purpose.


We will not send your personal information to another organisation to use for their marketing purposes.


We may also use and disclose personal information for a range of administrative, management and
operational purposes. This includes:

 

  • administering billing and payments and debt recovery;
  • planning, managing, monitoring and evaluating our services;
  • quality improvement activities;
  • statistical analysis and reporting;
  • training staff, contractors and other workers;
  • risk management and management of legal liabilities and claims (for example, liaising with insurers and legal representatives);
  • responding to enquiries and complaints regarding our services;
  • obtaining advice from consultants and other professional advisers; and
  • responding to subpoenas and other legal orders and obligations. We may release personal information when we believe this is appropriate for legal compliance and law enforcement, or will help prevent fraud, money laundering or other crimes (including to government agencies with statutory law enforcement responsibilities). We may also release personal information to enforce or apply our terms of use, other applicable terms and conditions between you and us, or protect our company, our users, or others. We can release personal information to third parties as instructed by you, as explained at the time of collection of the information and in other ways permitted by the Act.

7) Direct marketing


We may use or disclose your personal information for the purpose of informing you about our services,
upcoming promotions and events, or other opportunities that may interest you. If you do not want to
receive direct marketing communications, you can opt-out at any time by contacting us using the
contact details below.


If you opt-out of receiving marketing material from us, we may still contact you in relation to our
ongoing relationship with you.


8) Disclosure of information overseas


We work with clients, service providers, sponsors and commercial interests across the globe.


You have authorised us to make any disclosure permitted to any third party that provides services to
Anaro or government agency/regulator whether in New Zealand, Australia or elsewhere.


9) Right to access your personal information or seek correction of your personal information


To find out what personal information we hold about you, to get a copy of that information, and/or
request corrections to that information as outlined in the Privacy Act, or for any further information
about this privacy policy, please contact us at office@anaro.co.nz.


We will take reasonable steps to ensure that the personal information we collect, use or disclose is
accurate, complete and up-to-date. You can help us to do this by letting us know if you notice errors or
discrepancies in information we hold about you and letting us know if your personal details change.


However, if you consider any personal information we hold about you is inaccurate, out-of-date,
incomplete, irrelevant or misleading you are entitled to request correction of the information. After
receiving a request from you, we will take reasonable steps to correct your information.


We may decline your request to access or correct your personal information in certain circumstances
in accordance with the Act. If we do refuse your request, we will provide you with a reason for our
decision and, in the case of a request for correction, we will include a statement with your personal
information about the requested correction.


10) Where we receive information about others from you


If you provide us with personal information about someone else, you must ensure that you have their
consent to do so (including their consent to Anaro contacting them), so that, without us taking any
further steps required by applicable data protection or privacy laws, we may collect, use and disclose
such information for the purposes we have described in this policy.


This means you must take reasonable steps when providing personal information so that the individual
concerned is aware of and/or consents to this policy, including that:

 

  • their personal information is being collected;
  • the purposes for which that information is being collected;
  • the intended recipients of that information;
  • the individual's right to obtain access to that information; and
  • our identity, and how to contact us.

11) How we interact with you over the internet


You may visit our Website without identifying yourself. If you identify yourself (for example, by
providing your contact details in an enquiry), any personal information you provide to us will be
managed in accordance with this privacy policy.


Our Website may contain links to third-party websites. We are not responsible for the content or
privacy practices of websites that are linked to our website.


12) Cookies


We may use cookies when you are on the Website. Cookies are small blocks of text stored on your
device. They allow us to recognise you (or rather, your internet browser) as you move around our site,
and if you return to our site later. Cookies cannot read your hard drive or command your computer to
perform any action.


Cookies may be used for security to help us identify you, to provide you with personalised features and
for tracking traffic on our site. Any information we collect and share with third parties through cookies
is aggregated and therefore anonymous (when shared with third parties, it does not include personal
information which is likely to identify you).


You can prevent new cookies from being installed and delete existing cookies. The procedure depends
on which browser you are using. For information on how to remove cookies check your internet
browser. You may be unable to access certain pages on our Website unless you accept cookies.


13) Analytics


To improve our Website and services we may use patterns and other meaningful information gathered
from website analytics tools. This may include the timing and frequency of your use of the Website,
your IP address, page requests, form requests, mouse click activity and other information that you
voluntarily enter into the website.


In addition, we may use third party cookies from third party services such as Google Analytics and/or
Microsoft Application Insights. These services give us insight into behavioural information relating to
users interests in our services, on an anonymous and aggregate level. This helps us to understand
browsing behaviour to give a better experience whilst using our services.


You can access Google's Privacy Policy here and Microsoft’s Privacy Policy here.


14) Complaints about the handling of your personal information


You may contact us at any time if you have any questions or concerns about this privacy policy or about
the way in which your personal information has been handled.


You may make a complaint about privacy to the Privacy Officer at the contact details set out below.


The Privacy Officer will first consider your complaint to determine whether there are simple or
immediate steps which can be taken to resolve the complaint. We will generally respond to your
complaint within a week.


If your complaint requires more detailed consideration or investigation, we will acknowledge receipt of
your complaint within a week and endeavour to complete our investigation into your complaint
promptly. We may ask you to provide further information about your complaint and the outcome you
are seeking. We will then typically gather relevant facts, locate and review relevant documents and
speak with individuals involved.


In most cases, we will investigate and respond to a complaint within 30 days of receipt of the
complaint. If the matter is more complex or our investigation may take longer, we will let you know.


If you are not satisfied with our response to your complaint, or you consider that we may have breached
the Act, a complaint may be made to the Office of the Privacy Commissioner (the Office of the Privacy
Commissioner can be contacted by telephone on 0800 803 909 or by using the contact details on the
website www.privacy.org.nz).


15) How you can contact us


The contact details Anaro Privacy Officer are as follows:


Anaro Privacy Officer
Jason Little


jason@anaro.co.nz