Privacy Policy ISAC NZ Limited.
ISAC NZ Limited of Level 8 SAP Tower, 151 Queen Street, Auckland CBD , Auckland, 1010, and its related bodies corporate (“we”, “our”, “us”) are committed to providing you with the highest level of customer service. This includes protecting your privacy. This Privacy Policy sets out how we handle personal information and how we comply with our obligations under the Privacy Act 1993.
This Privacy Policy explains how and why we collect your personal information, how we may use and disclose it, how we keep it secure, how you can access or correct your personal information and how to make a complaint relating to your privacy.
What is personal information?
This Privacy Policy applies to “personal information” as defined in the Privacy Act and includes any information that can be used to identify you. This may include your name, address, telephone number, email address and profession or occupation. If the information we collect personally identifies you or you are reasonably identifiable from it, the information will be considered to be personal information.
Collecting personal information
We may collect the following types of personal information about you:
• Your name and the name of your employer
• Mailing or street address
• Email address
• Telephone number
• Facsimile number
• Profession, occupation or job title
• Credit card details
• Details of the products or services you have purchased from us or which you have inquired about, together with any additional information necessary to deliver those products and services or to respond to your inquiries
• Any additional information relating to you that you provide to us directly through our websites or indirectly through use of our websites or online presence
• Information you provide to us through customer surveys or through conversations with us
• Any information that is provided to us by or that we have collected on behalf of you in the course of our provision of ongoing services to you such as software support. This may include information relating to your staff or your own clients where you operate a business.
How we collect personal information
Where reasonable and practicable, we will collect personal information directly from you and inform you that this is being done. We may collect personal information in a number of ways including:
• Through your access and use of our websites
• During our conversations with you
• When you or your organisation submits to us a document containing personal information.
However, in some circumstances it is necessary for us to collect personal information from third parties including:
• From credit reporting agencies
• From law enforcement agencies and other government entities
• From agents, dealers and subcontractors that form part of our sales and/or service network
• From our customers that have outsourced a function to us (such as hosting software)
• From our related bodies corporate and service providers that collect information on our behalf.
If we receive personal information that we have not requested (unsolicited information) and we determine that we could not have collected that information under the Privacy Act if we had requested it, we will destroy or de-identify that information if it is lawful and reasonable to do so.
Purposes for which we collect, hold, use and disclose personal information
We collect, hold, use and disclose your personal information for the following purposes:
• To provide products and services to you and/or your organisation and to send communications requested by you or your organisation including to inform you of updates or changes to the products or services you have acquired
• To answer inquiries and provide information or advice about existing and new products and services
• To assess and improve the performance, operation and relevance of our websites, products and services
• To facilitate and process your orders and payments logistics
• To perform functions outsourced to us (such as hosting services) which may require us to provide personal information to our related bodies corporate, contractors, service providers or other third parties
• To process and respond to any complaint made by you
• For direct marketing of promotions, products or services that we think may be of interest to you, including adding you to a database compiled by us for this purpose
• To our related bodies corporate and third-party service providers for use in direct marketing of promotions, services or products that our related bodies corporate or third party service providers think may be of interest to you, including adding you to a database compiled for this purpose
• For our internal planning, including product or service development, quality control and research purposes and those of our related bodies corporate, contractors or service providers
• For internal accounting and administration purposes
• To update our records and keep your contact details up to date
• For regulatory reporting and compliance with our legal obligations
• To various regulatory bodies and law enforcement officials and agencies to protect against fraud and for related security purposes
• To facilitate product reviews and to seek your feedback in relation to particular products and services in order to improve customer satisfaction and our relationship with you.
Disclosure of personal information by us
We may disclose your personal information to related bodies corporate or to third party organisations. Your personal information is only disclosed to these organisations for the purposes set out in this Privacy Policy. These third-party organisations include those that carry out our:
• Customer inquiries
• Mailing operations
• Billing and debt-recovery functions
• Information technology services
• Marketing and telemarketing services
• Market research
• Website usage analysis
• Sales and support for our products and services.
In addition, we may disclose personal information to other third parties such as:
• Third party professional advisers such as accountants, solicitors, business advisers, consultants
• Credit-reporting and fraud-checking agencies
• Government and regulatory authorities and other organisations, as required or authorized by law.
We take reasonable steps to ensure that these organisations are bound by confidentiality and privacy obligations in relation to the protection of your personal information.
Direct marketing material
We may collect, hold, use and/or disclose your personal information to send you direct marketing communications and information about our products and services that we believe may be of interest to you. These communications logistics may be sent in various forms including mail, SMS, fax and email, in accordance with applicable laws governing the sending of marketing materials.
At any time, you may opt-out of receiving marketing communications from us, by using the opt-out facilities specified in our direct marketing communications or by using the contact details set out below under “contact us”. We will then ensure that your details are removed from the relevant marketing contact list you have elected to opt-out of.
Web site collection
We collect information from our web sites during the optional web site registration process and during your use of our web sites. More specifically, information is collected in the following ways:
Registration process
During our one-off registration process, the following information is collected: your email address, name, organisation (if any), address, telephone number, facsimile number (optional), where you heard about our websites (optional), your ship-to number (optional), your areas of interest for our daily email alerting service (optional), the type of information to be included in those email alerts, your username and password.
Purchase Process
When you purchase goods from us online, we (either directly or through our service providers) need to collect the following information from you: Your username, password (if you want us to automatically enter existing contact details), name, organisation, email address, telephone number, facsimile number (optional), mailing address, cardholder name, credit card type, credit card number and credit card expiry date.
Our web servers
When you browse our web sites, our web servers, which may be controlled by us directly or indirectly through our service providers, make a record of your visit and log the following information, mainly for statistical analysis or system administration purposes:
• Your Internet protocol (IP) address and/or fully qualified domain name
• The date and time of your visit to the web site
• The web pages which you accessed, the files you downloaded and the size of those pages/files
• If you followed a link to our web site, the name of the previous web page and the name of the web site you visited
• The type and version of your web browser (for example, MS Explorer, Firefox or Chrome)
• The name of your operating system (for example Windows 7 or 8, Apple or Linux)
• The protocols used (for example http, https, ftp).
Search terms
Search terms that you provide when you search our web sites are collected for statistical analysis, to understand what users are looking for on our web sites and to improve the products and services which we provide.
Cookies
We use cookies to better tailor our information and services to meet your needs. A cookie is a small summary file containing a unique ID which is sent to your internet enabled device, such as your computer.
Our web servers generate a single cookie which is used to let us know who you are, to deliver information, publications and services to you based on your account information and to keep track of the web pages you visit while you are using our web sites. The cookie contains an organisation identity number (if any), user type, group identity number (if any), user identity number and the browser session identity number.
If you do not wish to receive cookies, you can set your browser so that your internet enabled device does not accept them. However, your browser must have cookies enabled for you to be able to use our web sites.
Third parties
Our Internet Service Provider (ISP) and your ISP may make a record of your visit to our web sites and collect some or all of the same or similar information as referred to above under Web site collection.
Our web sites work with a third-party service provider that collects anonymous data relating to web site traffic referred by external search engines. This third party may use cookies and other anonymous identifiers and may create anonymous profiles associated with cookies or other anonymous identifiers but will not associate any data gathered with any personally identifiable information from any source.
We may from time to time use third party services for the serving or targeting of advertisements, promotions or other marketing information on our web sites.
When you follow a link from our web sites to a third-party web site, that web site may make a record of your visit and collect some or all of the same or similar information that we collect as referred to above under Web site collection. We are not responsible for the privacy practices or the content of any third-party web sites.
Consequences if we cannot collect personal information
If you do not provide us with personal information some or all of the following may occur:
• We may not be able to provide requested products or services to you. If for instance you do not complete an on-line registration process, then you will not have access to our online information, news and events in your area(s) of interest, our opt-in daily email alerting service or a range of other free services. Where purchasing goods from us online, a failure to provide the required personal information will mean we will be unable to process your order
• We may not be able to provide you with information about products or services
• We may be unable to tailor the content of our websites to your preferences and your experience of our web sites will not be as enjoyable or useful.
Accessing and correcting personal information
If you wish to access, correct or update any personal information we may hold about you, please contact us as set out below under “contact us”. We may charge you for our reasonably incurred costs in providing access to this information. We will not charge you for correcting information. We may refuse access in certain instances, where for example, granting access would interfere with others’ privacy. Where we are unable to provide access to your personal information, we will give you a written notice setting out:
• the reasons for the refusal (to the extent it is reasonable to do so); and
• the steps that can be taken to lodge a complaint in respect of our refusal.
Alternatively, if you have registered to use our web sites, most of the information provided during registration may be corrected by you online through your personalized Membership Services pages. The information which you can correct includes your name, street address, contact details (telephone number, facsimile number, email address), password and your daily email alerting service profile.
Protecting the security of personal information
We may hold your personal information in either electronic or hard copy form. We have security measures in place and take all reasonable steps to ensure that your personal information is stored in a secure environment and is protected from misuse, interference, loss, unauthorized access, modification and disclosure.
Whenever you register or purchase goods or services logistics from our web sites, we use current technology to encrypt the information and online access to your information, products and services requires you to provide a username and password. The sections of our web sites dealing with credit card information can work with browsers using high-security encryption.
Where we are not required or authorized by law to retain your personal information, it will be destroyed or de-identified when it is no longer required for any purpose for which we may lawfully use or disclose it.
Notification of collection of personal information
At or soon after the time when we collect your personal information, we will take reasonable steps to ensure that you are aware of the collection, the purpose(s) of the collection, the main consequences (if any) if the information is not collected, the types of organisations (if any) to which the information may be disclosed (including those located overseas), any law that required the information to be collected and the fact that this Privacy Policy contains details on access, correction and complaints.
Complaints about a breach of privacy
If you have any concerns or questions about the way your personal information is managed and used by us or are concerned that the Privacy Act or this Privacy Policy has been breached, please contact our Privacy Officer.
We take compliance with our privacy obligations seriously. We will ensure that your complaint is registered with us and may request that you provide the complaint in writing. The Privacy Officer will ensure that the complaint is referred to the correct persons within the organisation to investigate and respond to the complaint. Any response or action will be notified to you as soon as practicable.
Updates to this Privacy Policy
We may amend this Privacy Policy from time to time. Any updated versions will be effective from the date of posting on our website.
This Privacy Policy was last updated on 14th September 2023