Privacy Policy

We are committed to protecting privacy and confidentiality in accordance with the Privacy Act 2020 (“Privacy Act”), and it is one of our prime responsibilities, that any personal or sensitive information provided to us is not used for any other purpose than that of which is intended and expected. Our Privacy Policy describes our current policies and practices for collecting, handling, using and disclosing personal information. It also deals with how to complain and how we report a breach of the privacy laws, how individuals can access the personal information we hold about them and how to have that information corrected.

What information do we collect and hold?

We will only collect personal information about you when you have knowingly provided that information to us or authorised a third party to provide that information to us.

Personal information includes any information or opinion about an identified individual or an individual who can be reasonably identified from their information. The information or opinion will still be personal information whether it is true or not and regardless of whether we have kept a record of it.

We may ask for identification information. This information includes and is not limited to: name, address, contact details, date of birth and tax file number.

We may collect and hold additional personal information about you. This could include transaction information or making a record of queries or complaints a client makes and, if they make an insurance claim, collecting additional information to assess the claim.

The collection of sensitive information is restricted by the Privacy Act. This includes information about religion, racial or ethnic origin, political opinions, criminal record, and sexual orientation. It also includes health information and biometric information.

Generally, we only collect this sort of information if it is necessary to provide a specific product or service and you have consented to that collection. For example, we may collect health information about you to process a claim under an insurance policy or collect voice biometric information to verify identity or authorise transactions.

What if you choose not to provide some information?

We may be unable to provide services if we do not have all the relevant information required to deliver such services.

For what purposes do we collect, hold, use and disclose personal information?

The main reason we collect, use, hold and disclose personal information is to facilitate the provision of our service offerings. This includes:

• checking whether a client is eligible for the product or service;

• assisting where online applications are not completed;

• providing the product or service; and

• helping to manage the product or service

We may also use information to comply with legislative or regulatory requirements in any jurisdiction, to prevent fraud, crime or other activity that may cause harm in relation to its products or services and to help run the business. We may also use information to tell you about products or services that we feel may be of interest to you.

What service offerings do we provide?

We understand the importance of a holistic service offering, whereby clients can see their goals, needs and expectations being met. This approach encompasses:

• Wealth Management

• KiwiSaver

• Lending

• Tax

• Accounting

• Insurance, including general and risk including ACC

• Specialist Services, including tax advisory

• Business Advisory

• Corporate Finance

• Audit and Assurance

• Corporate Benefits

• Management Consulting

• HR Consulting

• Payroll Services

How do we hold and protect your information?

We strive to maintain the relevance, reliability, accuracy, completeness and currency of the personal information we hold and to protect its privacy and security. Much of the information we hold about you will be stored electronically in secure data centres, which are located in Australia, and owned by either us or external service providers. This does not include third parties backing up or mirroring data in overseas jurisdictions. Some information we hold about you will be stored in paper files and these files may be held in secure offsite storage. We use a range of physical and electronic security measures to protect the security of the personal information they hold.

We take reasonable steps to destroy or permanently de-identify any personal information after it can no longer be used.

Will we disclose the information we collect to anyone?

We may provide personal information about you to external organisations. This may include recipients which are located outside Australia, for example, a global financial institution whereby you have given us permission to make enquiries on your behalf.

To protect personal information, we enter into contracts with service providers that require them to comply with the Privacy Act. These contracts oblige them to only use the personal information we disclose to them for the specific role we ask them to perform.

We may also disclose your personal information to others where:

• We are required or authorised by law or where we have a public duty to do so;

• You may have expressly consented to the disclosure or the consent may be reasonably inferred from the circumstances; or

• We are otherwise permitted to disclose the information under the Privacy Act.

Do we use or disclose personal information for marketing?

We will use personal information to offer you products and services we believe may interest you but will not do so if you tell us not to. We may offer you products and services by various means, including mail, telephone, email, SMS or other electronic means, such as through social media or targeted advertising through our website.

We may also disclose your personal information to external companies who assist us to market our products and services to you, such as a mailing house.

If you do not wish to receive marketing offers from us, you must expressly require us not to do so.

Do we collect personal information electronically?

We will collect information from you electronically, for instance through internet browsing, mobile or tablet applications.

Each time you visit one of our websites, we collect information about your use of the website, which may include the following:

• The date and time of visits;

• Which pages are viewed;

• How users navigate through the site and interact with pages (including fields completed in forms and applications completed);

• Location information about users;

• Information about the device used to visit our website; and

• IP addresses.

We use technology called cookies whenever you visit our websites. Cookies are small pieces of information stored on your hard drive or in memory. Cookies can record information about your visits to the site, allowing it to remember them the next time you visit and provide a more meaningful experience. Cookies are designed so that they cannot be sent to another site or be retrieved by any non-Findex site.

How can you check, update or change the information we are holding?

Under the Privacy Act, you have a right to seek access to information which we hold about you; although, there are some exceptions to this. You also have the right to ask us to correct information about you which is inaccurate, incomplete or out of date. To do so, you must contact us.

We do not charge for receiving a request for access to personal information or for complying with a correction request. We do however reserve the right to charge you for all reasonable costs and outgoings specifically incurred in meeting your request for information.

Reporting privacy breaches

We work hard to keep all personal information safe. However, despite applying strict security measures and following industry standards to protect personal information, there is still a possibility that our security could be breached. If you are aware of a privacy breach, where there is a loss or unauthorised access or disclosure of personal information, whether you think it is likely to cause serious harm, you must notify the Privacy Officer as soon as you become aware of the breach.

Tell us what you think

We welcome your questions and comments about privacy. If you have any concerns or complaints, please email our Privacy Officer at [email protected]

This Privacy Policy Statement may change from time to time. To request a copy of the complete Privacy Policy, please do not hesitate to contact us.

Issued: 1 December 2020