- LAWS AND STANDARDS WE COMPLY WITH
We comply with:
- the New Zealand Privacy Act 2020 (including the Information Privacy Principles established by the New Zealand Privacy Act 2020); and
- to the extent the European Union’s General Data Protection Regulation 2016/679 (‘GDPR‘) applies to us and our use of your personal information, the GDPR.
- TYPES OF PERSONAL INFORMATION WE COLLECT
The personal information we collect may include the following:
- mailing or street address;
- email address;
- social media information;
- telephone number and other contact details;
- date of birth;
- credit card or other payment information;
- information about your business or personal circumstances;
- information in connection with client surveys, questionnaires and promotions;
- your device identity and type, I.P. address, geo-location information, page view statistics, advertising data and standard web log information;
- information about third parties; and
- any other information provided by you to us via this website or our online presence, or otherwise required by us or provided by you.
- HOW WE COLLECT PERSONAL INFORMATION
We endeavour to ensure that information we collect is complete, accurate, accessible and not subject to unauthorised access.We may collect personal information either directly from you, or from third parties, including where you:
- contact us or provide information to us through our website (through partially completed or completed contact forms);
- communicate with us via email, telephone, SMS, social applications (such as LinkedIn, Facebook or Twitter) or otherwise;
- use our automated referral system or manual referral service;
- interact with our website, social applications, services, content and advertising; and
- invest in our business or enquire as to a potential purchase in our business.
We may also collect personal information from you when you use or access our website or our social media pages. This may be done through use of web analytics tools, ‘cookies’ or other similar tracking technologies that allow us to track and analyse your website usage. Cookies are small files that store information on your computer, mobile phone or other device and enable and allow the creator of the cookie to identify when you visit different websites. Cookies may be used to serve relevant ads to website visitors through third party services such as Google Adwords. These ads may appear on this website or other websites you visit. If you do not wish information to be stored as a cookie, you can disable cookies in your web browser.
Optional: We may use Google Analytics to collect and process data, including when you use third party websites or apps. To find out more see How Google uses data when you use our partners’ sites or apps.
- USE OF YOUR PERSONAL INFORMATION
We collect and use personal information for the following purposes:
- to provide services or information to you, including by providing your personal information to our clients as a lead for the sale of any products you enquire about through our Website or other means;
- to contact you and ask you if you wish to complete any partially completed forms or information you have to provided to us;
- for record keeping and administrative purposes;
- to provide information about you to our contractors, employees, consultants, agents or other third parties for the purpose of providing services to you;
- to improve and optimise our service offering and customer experience;
- to comply with our legal obligations, resolve disputes or enforce our agreements with third parties;
- to send you marketing and promotional messages and other information that may be of interest to you and for the purpose of direct marketing (in accordance with the Unsolicited Electronic Messages Act 2007). In this regard, we may use email, SMS, social media or mail to send you direct marketing communications. You can opt out of receiving marketing materials from us by using the opt-out facility provided (e.g. an unsubscribe link);
- to send you administrative messages, reminders, notices, updates, security alerts, and other information requested by you; and
- to consider an application of employment from you.
We may also use your personal information collected for such other purposes that are compatible with the original purpose described above, or that you otherwise consent to from time to time.
We’ve endeavoured to ensure that our use and collection of your data is clear and as transparent as possible, but in the interests of keeping this policy concise it’s not possible to list every circumstance in which we will use your data.
If you are based in the EEA and the GDPR applies to your personal information, you have the right to object to the way we process your personal information where the processing is based on legitimate interests.
- DISCLOSING YOUR PERSONAL INFORMATION
We may disclose your personal information to:
- service providers and suppliers who provide necessary goods and/or services to us (including disaster recovery services and service providers we use to audit the infrastructure and applications we use to store your data));
- any business that supports our services, including hosting or maintaining any underlying IT system or data centre that we use to provide our website and/or services;
- other third parties for anonymised statistical information;
- a person who can require us to supply your personal information (e.g. a regulatory authority or law enforcement agency); and
- any other person or entity authorised by you.
We take reasonable steps to ensure your personal information is secure and protected from misuse or unauthorised access. Our information technology systems are password protected, and we use a range of administrative and technical measures to protect these systems. However, we cannot guarantee the security of your personal information.
Our website may contain links to other websites. Those links are provided for convenience and may not remain current or be maintained. We are not responsible for the privacy practices of those linked websites and we suggest you review the privacy policies of those websites before using them.
- REQUESTING ACCESS OR CORRECTING YOUR PERSONAL INFORMATION
If you wish to request access to (and/or a copy of) the personal information we hold about you, please contact us using the contact details in the ‘Contact Us’ section set out below including your name and contact details. We may need to verify your identity before providing you with your personal information. In some cases, we may be unable to provide you with access to all your personal information and where this occurs, we will explain why. We will deal with all requests for access to personal information within a reasonable timeframe.If you think that any personal information we hold about you is inaccurate, please contact us using the contact details in the ‘Contact Us’ section set out below and we will take reasonable steps to ensure that it is corrected.We reserve the right to refuse to provide you with information that we hold about you, in certain circumstances set out in the Privacy Act 2020.
If you are based in the EEA and the GDPR applies to your personal information, you have the right to ask for ‘subject access request’ or ‘SAR’ being a copy of your personal data held by us. Where we do hold such data about you we will provide you with a copy of the data we hold about you. This will be in a commonly used machine-readable file where you request us to e-mail the information to you. We will also give you a description of the data, tell you why we are holding it and tell you who we could have disclosed it to.
If you are based in the EEA and the GDPR applies to your personal information, you also have the right, under the GDPR, to:
- in certain circumstances, have your personal information erased;
- restrict the processing of your personal information;
- move, copy or transfer your personal information easily for your own purposes across different services in a safe and secure way; and
- object to processing where we rely on our legitimate interests as the lawful basis for processing.
Please note that in certain circumstances we may refuse to respond to a rights request where it we have the right to do so under the GDPR, for example, where a request is manifestly unfounded or excessive.
- HOW LONG WE KEEP YOUR PERSONAL INFORMATION
We will keep your personal information:
- until we no longer have a valid reason for keeping it;
- until you request us to stop using it; or
- for as long as required by law.
You should be aware that we do keep backups and logs for up to six months before they are automatically deleted.
- CHANGE OF CONTROL
If there is a change of control in our business or a sale or transfer of business assets, we reserve the right to transfer to the extent permissible at law our user databases, together with any personal information and non-personal information contained in those databases. This information may be disclosed to a potential purchaser under an agreement to maintain confidentiality. We would seek to only disclose information in good faith and where required by any of the above circumstances.
- OVERSEAS TRANSFERS
- TRANSFERS OUTSIDE THE EUROPEAN ECONOMIC AREA (‘EEA’)
If you are based in the EEA and the GDPR applies to your personal information, you acknowledge that Comparison Advantage is located in New Zealand, so your personal information may be transferred and/or stored there. In respect of our responsibilities under the GDPR, the appropriate safeguard in place for such a transfer is the existence of an adequacy decision under Article 45 of the GDPR.
If you wish to complain about how we handle your personal information or information held by us, please contact us using the details set out below including your name and contact details. We will investigate your complaint promptly and respond to you within a reasonable time.
For data which is subject to the GDPR, you have the right to lodge a complaint with the local regulator in your jurisdiction in Europe if you do not feel we have adequately upheld your rights under GDPR.
- Contact Us