Privacy policy

Latest update – February 2021

Privacy policy

Latest update – February 2021

Privacy policy

Latest update – February 2021

In New Zealand, the Privacy Act 2020 (the ‘Act’) sets the boundaries for our right to privacy. The Act came into force on 1 December 2020, replacing the Privacy Act 1993. It deals mainly with the collection and disclosure of personal information. It is more about information privacy than other aspects of privacy. The Act has 13 principles that stipulate how information can be collected and used and people’s rights to access that information and ask for it to be corrected. The Act introduces greater protections for individuals and some new obligations for businesses and organisations. The changes include the requirement to report serious privacy breaches to the Privacy Commissioner and affected people. The Privacy Commissioner has new powers to help people access their personal information and to require businesses and organisations to comply with the law. There are increased fines for organisations that do not comply, and there are new rules when sending personal information overseas.

Personal information means information which tells us something about an identifiable person. It does not need to name you, as you may be identifiable in other ways, such as via an address. The Act is concerned with what the information is instead of the fact it is in the form of a note, letter, email, database, recording, photo, or scan; and whether it’s in hard copy, electronic form or held in the cloud.

Further information on the New Zealand Privacy Act 2020 is provided at www.privacy.org.nz and is a public resource.

As follows, our Privacy Policy sets out how we collect, store, use, and disclose your personal information in accordance with the Act.

In this Privacy Policy, ‘affinity+co’, ‘we’, ‘us’ and ‘our’ means Affinity+Co Life Limited and Affinity & Co General Limited who each trades as affinity+co.

Please take a look at the “Latest update” date at the top of this Privacy Policy to see when it was last revised.

We may update and make changes to this policy from time to time and upload the revised policy onto our official Website at www.affinityco.co.nz. The revised policy shall apply to you from the date we upload it.

 

Why we collect personal information, and how we collect it
We collect personal information solely for the purposes and related purposes of carrying out our functions, activities and duties as a Financial Advisor, an Insurance Broker and a business. For example, an insurance quote typically relies on certain general, specific, detailed or sensitive personal information (or a combination of) being collected from you, other persons or entities insured, to be insured, and co-insured. As a business, for health and safety purposes (e.g. in case of a pandemic, fire or earthquake) there may be a need to collect a name, address, and phone number from any visitors to our premises.

We may also collect personal information on referral to us, for the purposes and related purposes of that referral, through the use of our Website, Social Media sites (e.g. Facebook) and any Apps, other websites and online or electronic tools we may own, use or control (‘our technologies’) in connection with that use, and when you authorise us to contact third parties to provide you with the information or services that you have requested.

We will only collect information about you when it is for a lawful purpose, connected with what we do, and it is necessary to gather the information for that purpose. Also, we will only collect information about you in ways that are lawful, fair and not unreasonably intrusive.

We may collect personal information in several ways, including:

  • directly from you through any contact with us: for example, in person or via our Website, a registration or subscription process, survey, telephone call, in writing, by email;
  • indirectly from other people and organisations or sources, if necessary, and where you have authorised this: for example, your employer, accountant, referees, insurers, premium funders, other intermediaries (e.g. bank, broker), and other third-party service providers; or
  • where the information is publically available.

No one knows you better than you, so our preferred method of collecting personal information is directly from you.

Providing personal information is, of course optional; however, our industry’s nature is such that accessing quotes and purchasing products and services generally requires an exchange of personal and other relevant information to take place first. Suppose we cannot collect the personal information we have requested from you in the time frame we have set. In that case, we will not be able to offer or complete for you any functions, activities or duties as a Financial Advisor, Insurance Broker or business that are dependant on the personal information we are unable to collect from you.

 

The types of personal information we may collect
The personal information we collect, dependent on what you have asked us to do and that we have agreed to provide you, and related purposes, may include:

  • General identification and contact information: for example, your full name, date of birth, gender, email, phone number, address.
  • Identification numbers issued by government bodies or agencies: for example, if necessary, passport or driver’s license details to satisfy a legal obligation or other requirements to verify or hold proof of identity.
  • Financial information: for example, payment card number, bank account number, details of income, assets and liabilities, business turnover.
  • Insurance information: for example, location and details of a property to be insured, vehicle license plates or identification numbers, travel plans, age and dates of birth of other individuals to be insured, policy and claim numbers, prior accident or loss (claims) history, your status as director or partner, or other ownership or management interest in an organisation, details of other insurance policies and covers you hold.
  • Medical condition and health status: for example, current/historical physical, mental and medical condition(s) and health status, injury or disability information, medical procedures performed, present or former recreational activities such as smoking, vaping, use of drugs or consumption of alcohol, prescription medicines.
  • Other sensitive information: for example, details of any bankruptcy, criminal record and civil litigation history.
  • Personal and legal disclosures: for example, all and any material facts that may be relevant to a contract of insurance, claim, or insurer.
  • Marketing preferences or feedback: for example, the personal information you have provided to enter a contest or prize draw or other sales promotion, and information or feedback you have provided as part of a survey.

If you interact with our Website, Social Media sites (e.g. Facebook,) and any Apps, other websites and online or electronic tools we may own, use or control (‘our technologies’), our third-party service providers and we may collect other information in a variety of ways which does not necessarily reveal your specific identity, including:

  • Through your internet browser. Certain information is collected by websites these days, including (for example) IP addresses (your computer’s address on the internet), screen resolution, time of the visit and the page(s) visited, operating system type and version, internet browser type and version. The purposes may include but are not limited to monitoring websites’ usage levels, administering and improving a website, diagnosing server problems, and creating a better user experience across multiple devices and various platforms.
  • Using cookies. Cookies are pieces of information that can be stored directly on a computer or mobile device when accessing the internet. Cookies make it possible to recognise a computer and to collect and store information such as but not limited to internet browser type, time spent on a website, the pages visited and language preferences. The purposes may include but are not limited to security and accessibility features, remembering user regional and currency preferences, facilitating navigation, displaying information more effectively, gathering statistical information about website usage, and personalisation of user experience. Due to regulatory changes across the globe, a website is more likely to prompt you on your first visit these days to accept cookies or not. Declining cookies for some websites may prevent you from using the site or reduce the features and functionality you would otherwise experience.
  • Using pixel tags, web beacons, clear GIFs and other similar technologies. These technologies are commonly used in connection with website pages and HTML-formatted email messages and among other things can track the actions of website users and email recipients (e.g. has an email been read), and measure the success of marketing campaigns and help compile statistics about website usage and response rates.
  • Demographic information and other information provided by you. Information such as your location or preferred means of communication is collected if you voluntarily provide it. Unless combined with personal information, this information does not personally identify you.
  • By aggregating information. Information can be collected, and then grouped, using only certain pieces of that information. A public example of this is Census information, that can be aggregated based on gender to calculate people under 25 years old as a percentage of the population in a region or city. A business may wish to aggregate information to calculate by postcode, the percentage of customers in each postcode, to make better marketing decisions.

 

The purposes of using and disclosing your personal information
We use and disclose your personal information for the purposes and related purposes of carrying out our functions, activities and duties to you as Financial Advisors, your Insurance Broker and a business, and for any other purpose authorised by you or the Act or required by law. Such purposes include:

  • in accordance with our scope of service, terms of business and your instructions to us, to obtain one or more insurance quotes for your consideration, to re-market your insurances, to place or renew insurance policies, to facilitate or administer claims, to provide insurance advice or to correspond and interact with Insurers;
  • to verify your identity;
  • to set up, manage and process payment arrangements, premium funding, your premiums and other payment types;
  • to respond to requests, enquiries, complaints, and other customer care related activities;
  • to communicate with you to ensure you have an initial awareness (as opposed to for marketing purposes) of a potentially relevant new or existing industry product, service, message or issue;
  • for necessary communications with you appropriate to services you have in place, in progress, or are considering with us (as opposed to for marketing purposes);
  • to provide other marketing information to you about other industry products and services and our other product and service offerings (including information about products and services offered by selected third-parties and alliance partners) but only in accordance with the marketing preferences you have expressed;
  • to send you important information regarding changes to our policies, other terms and conditions, our Website and other administrative information;
  • for administrative purposes such as creating and maintaining accounts, establishing and maintaining a Client Relationship Management (CRM) system, maintaining and keeping records, compliance, invoicing and debt collection;
  • to conduct market or customer research;
  • to improve the products and services, we offer;
  • to develop, establish, and administer alliances and other arrangements with other organisations in relation to the promotion, administration and use of our services;
  • to make decisions about whether to provide insurance and assistance services (for example, claims assessment, processing, and settlement and where applicable, managing claim disputes);
  • to set you up or provide you access to our technologies: for example, access a customer portal or an App;
  • to personalise or enhance your user experience of our technologies: for example, by remembering your site preferences and adding personalisation such as your name when your browser recognises you have returned to our Website;
  • to allow you to participate in contests, prize draws and similar promotions, and to administer these activities. Some of these activities have additional terms and conditions, which could contain additional information about how we use and disclose your personal information, so we recommend that you read these carefully;
  • to manage our infrastructure and business operations and comply with internal policies and procedures including those relating to auditing, finance and accounting, billing and collections, IT systems, data and website hosting, business continuity, and record-keeping, document and print management;
  • to resolve complaints, and handle requests for data access or correction;
  • to prevent, detect and investigate crime including fraud and money laundering, and analyse and manage other commercial risks;
  • to comply with applicable laws and regulatory obligations (including laws outside your country of residence), such as those relating to anti-money laundering and anti-terrorism; comply with legal process, and respond to requests from public and governmental authorities (including those outside your country of residence);
  • for the purposes and related purposes of internal and external audit;
  • for statutory or regulatory reporting;
  • to establish, protect, enforce and defend your or our legal rights, pursue available remedies and limit our damages;
  • for any other purpose notified to you at the time your personal information is collected; and
  • for any other purpose authorised by you or the Act or required by law;

 

Before using or disclosing personal information, we will check that it is accurate, up to date, complete, relevant and not misleading.

 

Disclosing your personal information
We will disclose your personal information for the purposes and related purposes of carrying out our functions, activities and duties to you as Financial Advisors, your Insurance Broker and a business and for any other purpose authorised by you or the Act or required by law, to:

  • each other, meaning between the companies trading as affinity+co named at the beginning of this Privacy Policy;
  • PSC Connect NZ Limited as our Financial Advice Provider Licence Holder;
  • insurers, underwriting agencies, reinsurers, other insurance intermediaries (e.g. banks, brokers, agents), insurance reference bureaus, industry bodies and regulators, assessors, appointed representatives, distributors, marketing partners, financial institutions, securities firms and other business and alliance partners;
  • service providers and suppliers engaged to provide a service in connection with your insurance (such as providing repairs or replacement);
  • persons or businesses named as an interested party under any policy of insurance;
  • others named on your application form, quote or policy as co-insureds;
  • our service providers, if necessary – including disputes resolution providers, medical professionals, accountants, actuaries, auditors, industry experts, lawyers and other professional advisors, travel and medical assistance providers, call centre service providers, payment system operators, IT suppliers; CRM, storage, security, portal, systems, support and hosting service providers; printing, advertising, marketing and market research and analysis service providers; insurers, banks and other financial institutions, third-party claim administrators, document and records management providers, claim investigators and adjusters, construction consultants, engineers, examiners, jury consultants, translators, and similar third-party vendors and outsourced service providers we may engage from time to time for their products or services (or combination of) to you and our business;
  • other third parties, if necessary – including payees, emergency providers (fire, police and medical emergency services), retailers, medical networks, organisations and providers, travel carriers, credit bureaus, credit reporting agencies, and other people involved in an incident that is the subject of a claim, as well as purchasers and prospective purchasers or other parties in any actual or proposed reorganisation, merger, sale, joint venture, assignment, transfer or other transaction relating to all or any portion of our business, assets or stock;
  • governmental authorities, regulators, and third parties involved in court action. We may also share personal information with governmental or other public authorities (including, but not limited to, workers’ compensation boards, courts, law enforcement, tax authorities and criminal investigations agencies), and third-party civil legal process participants and their accountants, auditors, lawyers and other advisors and representatives as we believe to be necessary or appropriate: (a) to comply with applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities including public and government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our group companies; (f) to protect your and our rights, privacy, safety or property, and that of others; and (g) to allow us to pursue available remedies or limit our damages;
  • a person who can require us to supply your personal information (e.g. a regulatory authority);
  • any other person authorised by the Act or another law (e.g. a law enforcement agency);
  • any other entities notified to you at the time of collection; and
  • any other person authorised by you.

Other than when required or permitted by law, as specified in this Privacy Policy or where you have provided your consent, we will not disclose your personal information. However, nothing in this Privacy Policy prevents us from using and disclosing to others de-personalised aggregated data.

 

Transfer of personal information overseas
We may disclose your personal information to third-party service providers or insurers (or combination of) who may process your personal information either on our behalf or otherwise for one or more of the above-stated purposes. Some of the third-party service providers we disclose personal information to may be located in countries outside New Zealand, such as (including but not limited to) Australia, United Kingdom, United States of America, India, Singapore, Malaysia, Philippines and Vietnam. In this regard, unless exempted by the Privacy Act 2020, we would have sought your express authorisation to do so before the transfer of your personal information overseas.  Overseas disclosure of your personal information will be made only for one or more of the purposes specified in this Privacy Policy. We will take appropriate steps to ensure that transfers of personal information are in accordance with applicable law and carefully managed to protect your privacy rights, such as by ensuring disclosures are limited to recipients who are subject to privacy laws which are recognised as providing a comparable level of legal protection as the Privacy Act 2020 or where we can be satisfied that alternative arrangements are in place to protect your privacy rights.

 

Your obligations when you provide personal information of others
You must not provide us with personal information of any other individual unless you have the express authorisation of that individual to do so.

If you do provide us with such information about another individual, it must be accurate, complete, up to date and not misleading, and before doing so you:

  • must tell that individual that you will be providing their information to us and that we will handle their information in accordance with this Privacy Policy;
  • must provide that individual with a copy of (or refer them to) this Privacy Policy; and
  • warrant that you have that individual’s consent to provide their information to us.

If you have not done this, you must tell us before you provide any third party information.

 

Your obligations when we provide you with personal information
If we give you or provide you access to, the personal information of any other person, you must only use it:

  • for the purposes we have agreed to; and
  • in compliance with applicable privacy laws (including the Privacy Act 2020) and this Privacy Policy.
  • You must also ensure that your agents, advisers, employees and contractors meet the above requirements.

 

Retention of personal information
We retain personal information in accordance with the Act and this Privacy Policy. We may take reasonable steps to ensure that the personal information we hold remains accurate, complete, relevant, up to date and is not misleading. We may contact you specifically from time to time for this purpose or request you confirm certain information for us during a meeting or other interaction. Other than to observe a legal requirement to do so, we do not keep personal information for longer than is necessary. Various third-parties such as (but not limited to) the Financial Markets Authority (FMA) and the Inland Revenue Department (IRD) require that we maintain certain records for a specific amount of time. Once the timeframe has expired, we do not keep the information.

 

Security of your personal information
We take reasonable steps to protect any personal information that we hold from misuse, interference and loss, and from unauthorised access, alteration and disclosure.  However, data protection measures are never completely secure, and, despite the measures we have put in place, we cannot guarantee the security of your personal information. You must take care to ensure you protect your personal information. You should notify us as soon as possible if you become aware of any security breaches. Where required by law, we will notify you of any notifiable privacy breach concerning your personal information.

 

Marketing preferences
We may provide you with opportunities to update or tell us your marketing preferences. We will not send you marketing-related emails unless we hold your express consent to do so.  You are free to opt-out from receiving any marketing-related emails from us at any time in accordance with the Unsolicited Electronic Messages Act 2007.

 

Internet use, sites, apps, and third-party websites
While we take reasonable steps to maintain secure internet connections, if you provide us with personal information over the internet (including via email), the provision of that information is at your own risk.

If you post any of your personal information on our Website or Social Media sites (e.g. Facebook,) or other such sites, you acknowledge and agree that the information you post or provide (or combination of) is publicly available.

Suppose you follow a link available to you through any one of our technologies to a third-party website, social media site or App. In that case, we recommend that you review that site or Apps privacy policy before you post any personal information. This Privacy Policy does not address, and we are not responsible for, the privacy, information or other practices of any third-parties, including any third-party operating any site or App to which any one or more of our technologies contain a link. The inclusion of a link or any reference to a third-party site or App will not imply any endorsement of the linked site by us in any one or more of our technologies.

 

Use of our technologies by minors
Our Website, Social Media sites (e.g. Facebook,) and any Apps, other websites and online or electronic tools we may own, use or control (‘our technologies’) are not intended for or directed to individuals under the age of sixteen (16). We request that such individuals do not provide us with personal information through these technologies.

 

Accuracy, access and correction of your personal information
We take reasonable steps to ensure that your personal information is accurate, complete, relevant and up-to-date whenever we collect, use or disclose it. However, we also rely on you to advise us of any changes to your personal information. If you give us personal information, you must ensure that it is accurate, complete, up to date and not misleading.

Please contact us using our contact details below as soon as possible if any changes need to be made to your personal information or if you believe the personal information we hold about you is not accurate, complete, relevant or up-to-date.

You can request to access your personal information or have it corrected by contacting us using the contact details below. However, before we release any information to you, we will require evidence from you to confirm that you are the individual to whom the personal information relates. If you make an access request, we will provide you with access to the personal information we hold about you unless otherwise required or permitted by law. We will notify you of the basis for any denial of access to your personal information (e.g. it may be because you request involves an unwarranted breach of someone else’s privacy). The Act includes guidance on individual refusal grounds.

Regarding a request for correction, if we think the correction is reasonable and we can reasonably change the personal information, we will make the correction. If we cannot make the correction, we will take reasonable steps to note on the personal information that you requested the correction.

 

How to make a complaint
If you wish to make a complaint about a breach of this Privacy Policy or any breach of applicable privacy laws, you can contact us using the contact details below. You will need to provide us with sufficient details regarding your complaint together with any supporting evidence and information.  If you have attempted to address a matter relating to your privacy with us and have not been satisfied, you can also contact the Privacy Commissioner with your complaint (see www.privacy.org.nz). Before you complain to the Privacy Commissioner, they may encourage that you contact the business or organisation concerned to let it know what the problem is. If you haven’t yet contacted the business or organisation, you may need to tell the Privacy Commissioner why. They may decide not to investigate your complaint until you have done this.

 

How to contact us
If you wish to gain access to your personal information, would like us to correct or update it, have a complaint about a breach of your privacy or any other query relating to our Privacy Policy, please submit your request in writing to:

The Privacy Office
affinity+co
PO Box 224
Timaru 7940

 

Or by emailing: info@affinityco.co.nz

 

Updates of the privacy policy
We reserve the right to amend our Privacy Policy from time to time to ensure we properly manage and process your personal data.  We will place updates on our Website.

Please take a look at the “LAST UPDATED” date at the top of this Privacy Policy to see when it was last revised.

In New Zealand, the Privacy Act 2020 (the ‘Act’) sets the boundaries for our right to privacy. The Act came into force on 1 December 2020, replacing the Privacy Act 1993. It deals mainly with the collection and disclosure of personal information. It is more about information privacy than other aspects of privacy. The Act has 13 principles that stipulate how information can be collected and used and people’s rights to access that information and ask for it to be corrected. The Act introduces greater protections for individuals and some new obligations for businesses and organisations. The changes include the requirement to report serious privacy breaches to the Privacy Commissioner and affected people. The Privacy Commissioner has new powers to help people access their personal information and to require businesses and organisations to comply with the law. There are increased fines for organisations that do not comply, and there are new rules when sending personal information overseas.

Personal information means information which tells us something about an identifiable person. It does not need to name you, as you may be identifiable in other ways, such as via an address. The Act is concerned with what the information is instead of the fact it is in the form of a note, letter, email, database, recording, photo, or scan; and whether it’s in hard copy, electronic form or held in the cloud.

Further information on the New Zealand Privacy Act 2020 is provided at www.privacy.org.nz and is a public resource.

As follows, our Privacy Policy sets out how we collect, store, use, and disclose your personal information in accordance with the Act.

In this Privacy Policy, ‘affinity+co’, ‘we’, ‘us’ and ‘our’ means Affinity+Co Life Limited and Affinity & Co General Limited who each trades as affinity+co.

Please take a look at the “Latest update” date at the top of this Privacy Policy to see when it was last revised.

We may update and make changes to this policy from time to time and upload the revised policy onto our official Website at www.affinityco.co.nz. The revised policy shall apply to you from the date we upload it.

 

Why we collect personal information, and how we collect it
We collect personal information solely for the purposes and related purposes of carrying out our functions, activities and duties as a Financial Advisor, an Insurance Broker and a business. For example, an insurance quote typically relies on certain general, specific, detailed or sensitive personal information (or a combination of) being collected from you, other persons or entities insured, to be insured, and co-insured. As a business, for health and safety purposes (e.g. in case of a pandemic, fire or earthquake) there may be a need to collect a name, address, and phone number from any visitors to our premises.

We may also collect personal information on referral to us, for the purposes and related purposes of that referral, through the use of our Website, Social Media sites (e.g. Facebook) and any Apps, other websites and online or electronic tools we may own, use or control (‘our technologies’) in connection with that use, and when you authorise us to contact third parties to provide you with the information or services that you have requested.

We will only collect information about you when it is for a lawful purpose, connected with what we do, and it is necessary to gather the information for that purpose. Also, we will only collect information about you in ways that are lawful, fair and not unreasonably intrusive.

We may collect personal information in several ways, including:

  • directly from you through any contact with us: for example, in person or via our Website, a registration or subscription process, survey, telephone call, in writing, by email;
  • indirectly from other people and organisations or sources, if necessary, and where you have authorised this: for example, your employer, accountant, referees, insurers, premium funders, other intermediaries (e.g. bank, broker), and other third-party service providers; or
  • where the information is publically available.

No one knows you better than you, so our preferred method of collecting personal information is directly from you.

Providing personal information is, of course optional; however, our industry’s nature is such that accessing quotes and purchasing products and services generally requires an exchange of personal and other relevant information to take place first. Suppose we cannot collect the personal information we have requested from you in the time frame we have set. In that case, we will not be able to offer or complete for you any functions, activities or duties as a Financial Advisor, Insurance Broker or business that are dependant on the personal information we are unable to collect from you.

 

The types of personal information we may collect
The personal information we collect, dependent on what you have asked us to do and that we have agreed to provide you, and related purposes, may include:

  • General identification and contact information: for example, your full name, date of birth, gender, email, phone number, address.
  • Identification numbers issued by government bodies or agencies: for example, if necessary, passport or driver’s license details to satisfy a legal obligation or other requirements to verify or hold proof of identity.
  • Financial information: for example, payment card number, bank account number, details of income, assets and liabilities, business turnover.
  • Insurance information: for example, location and details of a property to be insured, vehicle license plates or identification numbers, travel plans, age and dates of birth of other individuals to be insured, policy and claim numbers, prior accident or loss (claims) history, your status as director or partner, or other ownership or management interest in an organisation, details of other insurance policies and covers you hold.
  • Medical condition and health status: for example, current/historical physical, mental and medical condition(s) and health status, injury or disability information, medical procedures performed, present or former recreational activities such as smoking, vaping, use of drugs or consumption of alcohol, prescription medicines.
  • Other sensitive information: for example, details of any bankruptcy, criminal record and civil litigation history.
  • Personal and legal disclosures: for example, all and any material facts that may be relevant to a contract of insurance, claim, or insurer.
  • Marketing preferences or feedback: for example, the personal information you have provided to enter a contest or prize draw or other sales promotion, and information or feedback you have provided as part of a survey.

If you interact with our Website, Social Media sites (e.g. Facebook,) and any Apps, other websites and online or electronic tools we may own, use or control (‘our technologies’), our third-party service providers and we may collect other information in a variety of ways which does not necessarily reveal your specific identity, including:

  • Through your internet browser. Certain information is collected by websites these days, including (for example) IP addresses (your computer’s address on the internet), screen resolution, time of the visit and the page(s) visited, operating system type and version, internet browser type and version. The purposes may include but are not limited to monitoring websites’ usage levels, administering and improving a website, diagnosing server problems, and creating a better user experience across multiple devices and various platforms.
  • Using cookies. Cookies are pieces of information that can be stored directly on a computer or mobile device when accessing the internet. Cookies make it possible to recognise a computer and to collect and store information such as but not limited to internet browser type, time spent on a website, the pages visited and language preferences. The purposes may include but are not limited to security and accessibility features, remembering user regional and currency preferences, facilitating navigation, displaying information more effectively, gathering statistical information about website usage, and personalisation of user experience. Due to regulatory changes across the globe, a website is more likely to prompt you on your first visit these days to accept cookies or not. Declining cookies for some websites may prevent you from using the site or reduce the features and functionality you would otherwise experience.
  • Using pixel tags, web beacons, clear GIFs and other similar technologies. These technologies are commonly used in connection with website pages and HTML-formatted email messages and among other things can track the actions of website users and email recipients (e.g. has an email been read), and measure the success of marketing campaigns and help compile statistics about website usage and response rates.
  • Demographic information and other information provided by you. Information such as your location or preferred means of communication is collected if you voluntarily provide it. Unless combined with personal information, this information does not personally identify you.
  • By aggregating information. Information can be collected, and then grouped, using only certain pieces of that information. A public example of this is Census information, that can be aggregated based on gender to calculate people under 25 years old as a percentage of the population in a region or city. A business may wish to aggregate information to calculate by postcode, the percentage of customers in each postcode, to make better marketing decisions.

 

The purposes of using and disclosing your personal information
We use and disclose your personal information for the purposes and related purposes of carrying out our functions, activities and duties to you as Financial Advisors, your Insurance Broker and a business, and for any other purpose authorised by you or the Act or required by law. Such purposes include:

  • in accordance with our scope of service, terms of business and your instructions to us, to obtain one or more insurance quotes for your consideration, to re-market your insurances, to place or renew insurance policies, to facilitate or administer claims, to provide insurance advice or to correspond and interact with Insurers;
  • to verify your identity;
  • to set up, manage and process payment arrangements, premium funding, your premiums and other payment types;
  • to respond to requests, enquiries, complaints, and other customer care related activities;
  • to communicate with you to ensure you have an initial awareness (as opposed to for marketing purposes) of a potentially relevant new or existing industry product, service, message or issue;
  • for necessary communications with you appropriate to services you have in place, in progress, or are considering with us (as opposed to for marketing purposes);
  • to provide other marketing information to you about other industry products and services and our other product and service offerings (including information about products and services offered by selected third-parties and alliance partners) but only in accordance with the marketing preferences you have expressed;
  • to send you important information regarding changes to our policies, other terms and conditions, our Website and other administrative information;
  • for administrative purposes such as creating and maintaining accounts, establishing and maintaining a Client Relationship Management (CRM) system, maintaining and keeping records, compliance, invoicing and debt collection;
  • to conduct market or customer research;
  • to improve the products and services, we offer;
  • to develop, establish, and administer alliances and other arrangements with other organisations in relation to the promotion, administration and use of our services;
  • to make decisions about whether to provide insurance and assistance services (for example, claims assessment, processing, and settlement and where applicable, managing claim disputes);
  • to set you up or provide you access to our technologies: for example, access a customer portal or an App;
  • to personalise or enhance your user experience of our technologies: for example, by remembering your site preferences and adding personalisation such as your name when your browser recognises you have returned to our Website;
  • to allow you to participate in contests, prize draws and similar promotions, and to administer these activities. Some of these activities have additional terms and conditions, which could contain additional information about how we use and disclose your personal information, so we recommend that you read these carefully;
  • to manage our infrastructure and business operations and comply with internal policies and procedures including those relating to auditing, finance and accounting, billing and collections, IT systems, data and website hosting, business continuity, and record-keeping, document and print management;
  • to resolve complaints, and handle requests for data access or correction;
  • to prevent, detect and investigate crime including fraud and money laundering, and analyse and manage other commercial risks;
  • to comply with applicable laws and regulatory obligations (including laws outside your country of residence), such as those relating to anti-money laundering and anti-terrorism; comply with legal process, and respond to requests from public and governmental authorities (including those outside your country of residence);
  • for the purposes and related purposes of internal and external audit;
  • for statutory or regulatory reporting;
  • to establish, protect, enforce and defend your or our legal rights, pursue available remedies and limit our damages;
  • for any other purpose notified to you at the time your personal information is collected; and
  • for any other purpose authorised by you or the Act or required by law;

 

Before using or disclosing personal information, we will check that it is accurate, up to date, complete, relevant and not misleading.

 

Disclosing your personal information
We will disclose your personal information for the purposes and related purposes of carrying out our functions, activities and duties to you as Financial Advisors, your Insurance Broker and a business and for any other purpose authorised by you or the Act or required by law, to:

  • each other, meaning between the companies trading as affinity+co named at the beginning of this Privacy Policy;
  • PSC Connect NZ Limited as our Financial Advice Provider Licence Holder;
  • insurers, underwriting agencies, reinsurers, other insurance intermediaries (e.g. banks, brokers, agents), insurance reference bureaus, industry bodies and regulators, assessors, appointed representatives, distributors, marketing partners, financial institutions, securities firms and other business and alliance partners;
  • service providers and suppliers engaged to provide a service in connection with your insurance (such as providing repairs or replacement);
  • persons or businesses named as an interested party under any policy of insurance;
  • others named on your application form, quote or policy as co-insureds;
  • our service providers, if necessary – including disputes resolution providers, medical professionals, accountants, actuaries, auditors, industry experts, lawyers and other professional advisors, travel and medical assistance providers, call centre service providers, payment system operators, IT suppliers; CRM, storage, security, portal, systems, support and hosting service providers; printing, advertising, marketing and market research and analysis service providers; insurers, banks and other financial institutions, third-party claim administrators, document and records management providers, claim investigators and adjusters, construction consultants, engineers, examiners, jury consultants, translators, and similar third-party vendors and outsourced service providers we may engage from time to time for their products or services (or combination of) to you and our business;
  • other third parties, if necessary – including payees, emergency providers (fire, police and medical emergency services), retailers, medical networks, organisations and providers, travel carriers, credit bureaus, credit reporting agencies, and other people involved in an incident that is the subject of a claim, as well as purchasers and prospective purchasers or other parties in any actual or proposed reorganisation, merger, sale, joint venture, assignment, transfer or other transaction relating to all or any portion of our business, assets or stock;
  • governmental authorities, regulators, and third parties involved in court action. We may also share personal information with governmental or other public authorities (including, but not limited to, workers’ compensation boards, courts, law enforcement, tax authorities and criminal investigations agencies), and third-party civil legal process participants and their accountants, auditors, lawyers and other advisors and representatives as we believe to be necessary or appropriate: (a) to comply with applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities including public and government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our group companies; (f) to protect your and our rights, privacy, safety or property, and that of others; and (g) to allow us to pursue available remedies or limit our damages;
  • a person who can require us to supply your personal information (e.g. a regulatory authority);
  • any other person authorised by the Act or another law (e.g. a law enforcement agency);
  • any other entities notified to you at the time of collection; and
  • any other person authorised by you.

Other than when required or permitted by law, as specified in this Privacy Policy or where you have provided your consent, we will not disclose your personal information. However, nothing in this Privacy Policy prevents us from using and disclosing to others de-personalised aggregated data.

 

Transfer of personal information overseas
We may disclose your personal information to third-party service providers or insurers (or combination of) who may process your personal information either on our behalf or otherwise for one or more of the above-stated purposes. Some of the third-party service providers we disclose personal information to may be located in countries outside New Zealand, such as (including but not limited to) Australia, United Kingdom, United States of America, India, Singapore, Malaysia, Philippines and Vietnam. In this regard, unless exempted by the Privacy Act 2020, we would have sought your express authorisation to do so before the transfer of your personal information overseas.  Overseas disclosure of your personal information will be made only for one or more of the purposes specified in this Privacy Policy. We will take appropriate steps to ensure that transfers of personal information are in accordance with applicable law and carefully managed to protect your privacy rights, such as by ensuring disclosures are limited to recipients who are subject to privacy laws which are recognised as providing a comparable level of legal protection as the Privacy Act 2020 or where we can be satisfied that alternative arrangements are in place to protect your privacy rights.

 

Your obligations when you provide personal information of others
You must not provide us with personal information of any other individual unless you have the express authorisation of that individual to do so.

If you do provide us with such information about another individual, it must be accurate, complete, up to date and not misleading, and before doing so you:

  • must tell that individual that you will be providing their information to us and that we will handle their information in accordance with this Privacy Policy;
  • must provide that individual with a copy of (or refer them to) this Privacy Policy; and
  • warrant that you have that individual’s consent to provide their information to us.

If you have not done this, you must tell us before you provide any third party information.

 

Your obligations when we provide you with personal information
If we give you or provide you access to, the personal information of any other person, you must only use it:

  • for the purposes we have agreed to; and
  • in compliance with applicable privacy laws (including the Privacy Act 2020) and this Privacy Policy.
  • You must also ensure that your agents, advisers, employees and contractors meet the above requirements.

 

Retention of personal information
We retain personal information in accordance with the Act and this Privacy Policy. We may take reasonable steps to ensure that the personal information we hold remains accurate, complete, relevant, up to date and is not misleading. We may contact you specifically from time to time for this purpose or request you confirm certain information for us during a meeting or other interaction. Other than to observe a legal requirement to do so, we do not keep personal information for longer than is necessary. Various third-parties such as (but not limited to) the Financial Markets Authority (FMA) and the Inland Revenue Department (IRD) require that we maintain certain records for a specific amount of time. Once the timeframe has expired, we do not keep the information.

 

Security of your personal information
We take reasonable steps to protect any personal information that we hold from misuse, interference and loss, and from unauthorised access, alteration and disclosure.  However, data protection measures are never completely secure, and, despite the measures we have put in place, we cannot guarantee the security of your personal information. You must take care to ensure you protect your personal information. You should notify us as soon as possible if you become aware of any security breaches. Where required by law, we will notify you of any notifiable privacy breach concerning your personal information.

 

Marketing preferences
We may provide you with opportunities to update or tell us your marketing preferences. We will not send you marketing-related emails unless we hold your express consent to do so.  You are free to opt-out from receiving any marketing-related emails from us at any time in accordance with the Unsolicited Electronic Messages Act 2007.

 

Internet use, sites, apps, and third-party websites
While we take reasonable steps to maintain secure internet connections, if you provide us with personal information over the internet (including via email), the provision of that information is at your own risk.

If you post any of your personal information on our Website or Social Media sites (e.g. Facebook,) or other such sites, you acknowledge and agree that the information you post or provide (or combination of) is publicly available.

Suppose you follow a link available to you through any one of our technologies to a third-party website, social media site or App. In that case, we recommend that you review that site or Apps privacy policy before you post any personal information. This Privacy Policy does not address, and we are not responsible for, the privacy, information or other practices of any third-parties, including any third-party operating any site or App to which any one or more of our technologies contain a link. The inclusion of a link or any reference to a third-party site or App will not imply any endorsement of the linked site by us in any one or more of our technologies.

 

Use of our technologies by minors
Our Website, Social Media sites (e.g. Facebook,) and any Apps, other websites and online or electronic tools we may own, use or control (‘our technologies’) are not intended for or directed to individuals under the age of sixteen (16). We request that such individuals do not provide us with personal information through these technologies.

 

Accuracy, access and correction of your personal information
We take reasonable steps to ensure that your personal information is accurate, complete, relevant and up-to-date whenever we collect, use or disclose it. However, we also rely on you to advise us of any changes to your personal information. If you give us personal information, you must ensure that it is accurate, complete, up to date and not misleading.

Please contact us using our contact details below as soon as possible if any changes need to be made to your personal information or if you believe the personal information we hold about you is not accurate, complete, relevant or up-to-date.

You can request to access your personal information or have it corrected by contacting us using the contact details below. However, before we release any information to you, we will require evidence from you to confirm that you are the individual to whom the personal information relates. If you make an access request, we will provide you with access to the personal information we hold about you unless otherwise required or permitted by law. We will notify you of the basis for any denial of access to your personal information (e.g. it may be because you request involves an unwarranted breach of someone else’s privacy). The Act includes guidance on individual refusal grounds.

Regarding a request for correction, if we think the correction is reasonable and we can reasonably change the personal information, we will make the correction. If we cannot make the correction, we will take reasonable steps to note on the personal information that you requested the correction.

 

How to make a complaint
If you wish to make a complaint about a breach of this Privacy Policy or any breach of applicable privacy laws, you can contact us using the contact details below. You will need to provide us with sufficient details regarding your complaint together with any supporting evidence and information.  If you have attempted to address a matter relating to your privacy with us and have not been satisfied, you can also contact the Privacy Commissioner with your complaint (see www.privacy.org.nz). Before you complain to the Privacy Commissioner, they may encourage that you contact the business or organisation concerned to let it know what the problem is. If you haven’t yet contacted the business or organisation, you may need to tell the Privacy Commissioner why. They may decide not to investigate your complaint until you have done this.

 

How to contact us
If you wish to gain access to your personal information, would like us to correct or update it, have a complaint about a breach of your privacy or any other query relating to our Privacy Policy, please submit your request in writing to:

The Privacy Office
affinity+co
PO Box 224
Timaru 7940

 

Or by emailing: info@affinityco.co.nz

 

Updates of the privacy policy
We reserve the right to amend our Privacy Policy from time to time to ensure we properly manage and process your personal data.  We will place updates on our Website.

Please take a look at the “LAST UPDATED” date at the top of this Privacy Policy to see when it was last revised.

After further information?

Get in touch for an obligation free conversation with one of our advisors

Contact us
After further information?

Get in touch for an obligation free conversation with one of our advisors

Contact us