The NZPA (we, us, our) complies with the New Zealand Privacy Act 1993 and the General Data Protection Regulation of the European Union (GDPR).
Personal information is information about an identifiable individual (a natural person), and includes personal data, personally identifiable information and equivalent information under applicable privacy and data protection laws.
It’s important to us that you trust us your personal information. This policy details how we collect, use, disclose and protect your personal information.
1. We are committed to your privacy and will comply with applicable privacy laws, including the Privacy Act 1993, any applicable Privacy Codes and other laws when dealing with your information.
2. What information do we collect?
We collect information to provide you with access to and use of the products and services listed on our website (Services), and also to develop new Services.
We collect the following personal information:
2.1 Information you give us, such as:
Account and profile information that you supply directly to us, like your name, contact details and demographic information, through web forms or application forms for services. Passwords are encrypted and cannot be viewed by NZPA.
Sensitive information, for example genetic and health data (Sensitive Information) in an insurance applications form. Use of this is subject to the service specific terms in clause 8.2.
Payment information. We or our service providers collect your financial information (like your bank account or credit card information) when you make payments to us or third parties using our Services.
Email communications and phone calls, when you communicate with us in relation to a Service. We may use these records for fraud prevention, internal training and quality assurance purposes.
2.2 Information we automatically collect, such as:
Usage information about your interactions with our Services.
Location information you use certain features of our Services such as information about your general location (e.g. your physical or postal address or your device’s IP address) or more specific location information (e.g. precise location from your mobile GPS). Most mobile devices allow you to control or disable the use of location services for applications in the device settings menu.
Analytical information, you use our website, even if you have not logged in (such as your IP address, access times, hardware and software information, device information, device event information (e.g. crashes, browser type), and the pages, applications or services you’ve viewed or engaged with before or after using our Services). We may use third party providers to help us with this.
Transaction and financial records, including details of purchases you make. Depending on your settings and the Services you use, we may collect financial information relating to your use of our Services and your financial history.
2.3 Information from third parties or external sources, such as:
Analytics information. We may collect analytics information from third parties (e.g. we may use Google Analytics, Google Analytics Demographics and Interest, Google AdWords, Flurry, and Nielsen//Online counting system). Analytics information is generally anonymised, but may include the device you’re using, the applications you use, your operating system, your IP address, and your geo-demographic information.
Information from public sources. To the extent permitted by applicable law, we may receive additional information about you that is publicly available (e.g. we may collect your property information held by local councils for our Property Insights Service).
3. How do we use your information?
We use your personal information to provide you with Services. We also combine your personal information with information from others so that we can analyse patterns across our data and improve our Services.
We may use your personal information in the following ways:
3.1 To contact you about your membership.
We may contact you by phone, email, text message, instant message or otherwise in relation to your membership or use. With our emails you can:
Unsubscribe from emailed newsletters and advertising/promotional materials.
For most Services, change your email preferences for Service related emails, such as alerts and Watchlist reminders.
3.2 To help provide our Services, for example:
To enable your use of our Services. We may enable you to communicate with other members or staff or make payments on our Services. For example, if you book a Holiday Home, or you make an enquiry about a house, we will send that information to the local property manager and will keep a record of the enquiry for administration of the database.
To personalise or enrich our Services. We may personalise, improve or enrich your experience by, (amongst other things) delivering relevant recommendation and content to you, creating a member profile, storing your client record for the Police Welfare Fund at your request, conducting research or carrying out training. We may use your information to improve our Services, including using third party analytics, accounting and customer relationship management tools.
For trust, safety and assurance, for example to protect the rights, property or safety of members, third parties or us, ensure we comply with our obligations, including disclosures authorised under the Privacy Act 1993, enforce agreements with other members or third parties, for auditing purposes Or to verify your identity or authenticate information provided by you, including information relating to others.
3.3 For advertising and marketing, for example to:
Send you promotional messages, marketing or advertising (complying always with our Unsolicited Electronic Messages Act 2007 obligations).
Run promotions, administer referral programmes, rewards, surveys, sweepstakes, contests, or other promotional activities or events sponsored or managed by us or our business partners.
Measure and improve our advertising.
3.5 For other things, with your express consent.
We may disclose your information at your direction, or otherwise as you agree with us. Please note that we:
Do not have access to your passwords.
Only use your credit card details for purposes related to your transactions and for fraud prevention or law enforcement purposes.
Have included some Service-specific terms below, which cover how we use your information for particular Services.
4. Who do we disclose your information to?
We disclose your personal information to others to provide you with our Services, to improve our Services or uphold the law or our terms. We may disclose your personal information in the following ways:
4.1 To others with your consent, when you ask or authorise us to (for example, your insurers or a property manager).
4.3 To other third parties, including developers who use our application programming interface (API) to build applications, subject to Police vetting, stringent confidentiality requirements and API terms and conditions.
4.5 To authorities or other entities to uphold the law or our terms, for example for legal compliance or law enforcement purposes, to the extent that disclosure is appropriate or permitted by the Privacy Act, to facilitate legal processes (if you wish to take Disputes Tribunal (or other) proceedings against another member, you can contact us for a statutory declaration form which must be completed before we will consider releasing anyone else's information to you. You may only request contact details for the sole purpose of making a claim), and to protect the rights, property or safety of us, our members or others (including collecting money you owe us and making such disclosures as are necessary in accordance with clause 3.3 above.
4.7 To other third parties, where your identity is anonymised, for example we may share non-personally identifiable, aggregated information for industry and market analysis, demographic profiling, marketing and advertising, and other business purposes.
5. How do we hold and protect your information?
5.1 We use industry recognised security practices and measures.
We follow generally accepted industry standards to protect the personal information we collect.
We continuously implement and update our administrative, technical, and physical security measures to help protect your personal information against unauthorised access, loss, destruction, or alteration. However, despite all of our measures we can’t 100% guarantee the security of the transmission or storage of your personal information.
5.2 We store your information in New Zealand or overseas subject to standards that will comply with our privacy obligations
You authorise us to transfer, store, and process your personal information in New Zealand and possibly other countries. Where we store information overseas, or a third party we use to provide our Services stores information overseas (e.g. Amazon Web Services), we will ensure that the storage complies with New Zealand privacy obligations.
5.3 We retain your information as long as reasonably required, unless we are legally required to hold it longer.
We will keep your personal information for as long as is reasonably required for us to use it in accordance with this policy, unless we are required by law to hold it longer.
5.4 Payment and financial information.
6. How can I manage my information?
We know your circumstances, details and preferences will change. So, we’ve built a number of tools for you to manage your personal information. You can:
6.1 Update your information by managing your online member profile, or contacting us directly at email@example.com
6.2 Ask us to update, provide or delete your information
If you wish to access or correct any of your personal information, you can contact us directly at firstname.lastname@example.org
If you want us to delete any personal information you have submitted to us, please contact our Member Services Centre at email@example.com
We will consider each request for deletion on a case by case basis taking into account the terms and conditions of the particular Service(s) and our legal obligations to retain certain information. Note that information that you have shared with others may continue to be publicly visible on our Services in association with your first name, even after your account is cancelled.
If you want to cancel your membership, please contact us at firstname.lastname@example.org
We may make updates from time to time. When this is done we’ll send our members an email notifying them of this and what the changes are. This policy was last updated on 4 April 2019
8. Service-specific terms
8.1 For Police General Insurance and Police Health Plan members:
We limit how we use your sensitive information from application forms. We understand that personal information in your insurance application forms or which you disclose on phone calls (such as health information about you or your dependents or beneficiaries) may be particularly sensitive. We will only use or disclose this information for purposes related to the relevant Service (e.g. providing this information securely to your chosen insurers or their third-party insurance software providers or contacting you about annual insurance reviews). We won’t use this information for purposes unrelated to Police General Insurance of Police Health Plan (as applicable), or your insurance needs without your permission, unless we are required to for fraud prevention, law enforcement purposes or by law. However, we may still use and share this information where it is in anonymised form, as described in clause 4.8.
GDPR ADDITIONAL TERMS
LAWFUL BASIS FOR PROCESSING PERSONAL INFORMATION
Our lawful basis for processing (as that term is defined in the GDPR) personal information that we collect, use and disclose depends on the personal information collected and the context in which we collect it.
Generally, we collect personal information from you where we have your consent, where processing is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract, or where processing is necessary for the purposes of our legitimate interests (except where such interests are overridden by your interests or fundamental rights and freedoms).
Where we process personal information based on your consent, you may withdraw your consent at any time.
Our lawful basis for processing Sensitive Information is your consent.
Despite the above, we may process your personal information where such processing is necessary for compliance with applicable laws.
If you have any question about the legal basis on which we process personal information or need further information, please contact us at email@example.com
YOUR RIGHTS UNDER THE GDPR
If you are located in the European Union, your rights in relation to your personal information include:
right of access - if you ask us, we will confirm whether we are processing your personal information and provide you with a copy of that personal information
right to rectification - if the personal information we hold about you is inaccurate or incomplete, you have the right to have it rectified or completed. We will take reasonable steps to ensure inaccurate personal information is rectified. If we have shared your personal information with any third party, we will tell them about the rectification where possible
right to erasure – when your personal information is no longer needed for the purposes for which you provided it, we will delete it. You may request that we delete your personal information and we will do so if deletion does not contravene any applicable law. If we have shared your personal data with any third party, we will take reasonable steps to inform those third parties that they must delete your personal information
right to withdraw consent - if the basis of our processing of your personal information is consent, you can withdraw that consent at any time
right to restrict processing - you may request that we restrict or block the processing of your personal information in certain circumstances. If we have shared your personal information with any third party, we will tell them about this request where possible
right to object to processing - you may request that we stop processing your personal information at any time and we will do so to the extent required by the GDPR
rights related to automated decision-making, including profiling - you have the right to not be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, except where such automated decision-making is necessary for entering into, or the performance of, a contract with you, is authorised by applicable laws or is based on your explicit consent. We do not undertake automated individual decision-making.
right to data portability - you may obtain your personal information from us that you have consented to give us or that is necessary to perform a contract with you. We will provide this personal information in a commonly used, machine-readable and interoperable format to enable data portability to another data controller. Where technically feasible, and at your request, we will transmit your personal information directly to another data controller
the right to complain to a supervisory authority - you can report any concern you have about our privacy practices to your local data protection authority.
Where personal information is processed for the purposes of direct marketing, you have the right to object to such processing, including profiling related to direct marketing.
If you would like to exercise any of your above rights, please contact us at firstname.lastname@example.org
if you are not satisfied by the way we deal with your query, you may refer your query to your local data protection authority.
By continuing to use our website and related services, you indicate your agreement for us to use the cookies described below.
WHAT ARE COOKIES
Cookies are text files containing small amounts of information which are downloaded to your browsing device, e.g. a computer or smartphone, when you visit a website. Cookies can be recognised by the website that downloaded them, or by other websites that use the same cookies. This helps a website know if the browsing device has visited that or other websites before.
Cookies can be used to collect information relating to your use of a website or your device, let you navigate between pages effectively, help to remember your preferences and generally improve your browsing experience. Cookies can also help ensure advertising you see online is more relevant to you and your interests. Cookies can be session or persistent cookies. Session cookies are temporary and only stay on your browser until you stop browsing. Persistent cookies stay on your device until they expire or are deleted.
The cookies used on our website may be first party cookies (i.e. set by us) or third party cookies (i.e. cookies set on our website by a person other than us). The third party companies that place cookies on our website will have their own privacy policies.
WHAT TYPES OF COOKIES DO WE USE
The types of cookies used by us, and most websites, can generally be categorised as follows.
Strictly necessary cookies
These cookies are essential for the full functionality of our website and related services. They enable you to navigate around our website and services and use their features e.g. accessing secure areas and enabling services that you have asked to receive. If you opt out of these cookies, you may not be able to access all the functions of our website and some services that you have asked to receive.
These cookies do not track where else you have been on the internet and do not remember your preferences beyond your current visit. These cookies are generally first party session cookies which will expire when you close your browsing session. These cookies do not collect information that could be used for marketing purposes.
These cookies allow a website to remember choices you make and provide enhanced, more personal features.e.g. these cookies allow us to remember the settings you have applied to the website (such as font size, preferences or colours), identify whether you are a returning website visitor and present you with a personalised version of the website, or eliminate the need for you to re-enter your login details. The information these cookies collect is generally anonymous and they do not track your browsing activity on other websites. These cookies may be first or third party, session or persistent cookies.
These cookies collect information about how you use a website, e.g. which pages are the most visited and if you receive any error message from any page. This information helps us improve the way our website and related services work and helps us manage the performance and design of the website and services. These cookies do not gather information that identifies you. All of the information these cookies collect is aggregated and anonymous. These cookies may be first or third party, session or persistent cookies.
Targeting cookies are used to present advertising that is relevant to you and your interests. These cookies collect information about your browsing habits e.g. the pages you have visited and the links you have followed across the internet. They may also be used to limit the number of times you see an advertisement and help measure the effectiveness of advertising campaigns. These cookies will usually be persistent but time-limited and may be placed on our website by third party service providers or advertising partners with our permission.
We use targeting cookies to present interest-based advertising on our website and for retargeting. This is a form of interest-based advertising that enables our advertising partners to build a profile of your interests and show you advertising based on your browsing activity across the internet, including to allow us to advertise to people who previously visited our website.
We use Google Analytics to collect information about visitors to our website. Google Analytics collects information related to your device, browser, IP address, network location, and website activities to measure and report statistics about your interactions on our website. We use this information to help us manage the performance and design of our website and to improve our website.
We use Google Analytics Advertising Features, including Remarketing with Analytics, Demographic and Interests reporting in Analytics, Campaign Manager integration (formerly known as DoubleClick), Display & Video 360 integration, Google Display Network (GDN) Impression Reporting and Segments.
HOW TO CONTROL OR OPT OUT OF COOKIES AND TARGETED ADVERTISING
You can control and/or delete cookies as you wish. You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. However, if you do this, you may have to manually adjust some preferences every time you visit our website and attempt use our services, you may not be able to access certain parts of our website or services, and some functionalities may not work.
You can find out more information about how to change your browser cookie settings at www.aboutcookies.org.uk.
To learn more about how to control cookie settings through your browser:
click here to learn more about the Private Browsing setting and managing cookie settings in Firefox
click here to learn more about Incognito and managing cookie settings in Chrome
click here to learn more about InPrivate and managing cookie settings in Internet Explorer
click here to learn more about Private Browsing and managing cookie settings in Safari.
You may opt out of targeted advertising at http://www.youronlinechoices.eu/. You can learn more about interest-based advertising and opt out of interest-based advertising from participating online advertising companies at the following links.
Network Advertising Initiative (NAI) – http://optout.networkadvertising.org/
Digital Advertising Alliance (DAA) – http://optout.aboutads.info/
Digital Advertising Alliance EU (EDAA) – http://www.youronlinechoices.com/
DAA AppChoices page – http://www.aboutads.info/appchoices
Please note that opting out of interest-based advertising does not mean you will no longer be served advertising. You will continue to receive generic ads.
THIRD PARTY WEBSITE COOKIES