By donating or signing up to receive our newsletter, whether by using our website, over the phone, by letter or email or in person, you are deemed to have accepted this policy.
We may change this policy from time to time and if we do so, we will post the updated policy on our website. We encourage you to check our website periodically to ensure you are aware of the terms of our current policy.
1. What personal information we collect and how we collect it
We may collect personal information about you (such as your first and last name, mailing address, telephone number, e-mail address, credit card number, debit card number), directly from you when you make a donation or sign up to receive our newsletter by using our website, over the phone, by letter or email or in person. Using our website includes by mobile phone, tablet, notebook, PC or any other means; donating and signing up in person includes making financial or goods donations at our main reception, at Distribution Centre, shops or any other Mission site, or at an event where the Mission has a presence.
We may monitor and record phone calls made to or by us for quality control or staff training purposes. If a call you make to us, or that we make to you, is to be monitored and recorded, you will be informed of this at the time of the call. We also retain emails from you for quality control.
We may also collect other information including:
- Website usage information through tracking your individual click behaviour.
- Aggregated website traffic information collected by our web server or third party systems we subscribe to. This information does not identify you personally and is not linked to the personally identifiable information you may have provided.
- Images recorded on CCTV footage in and around some of our premises to help reduce anti-social behaviour and to promote community safety.
2. Why we collect your personal information
We will only use and disclose your personal information for the purposes for which it was collected (or otherwise as required or authorised by law). This may include using your personal information for the following purposes:
- to process and receipt payments received by us;
- to undertake customer service activities, such as responding to any queries, comments or complaints you may have;
- to measure the performance of our email campaigns and improve their relevance and content;
- for safety and security purposes;
- for associated funding, administration, staff training and quality improvement purposes;
- to comply with relevant laws and regulations; and
- for any other purposes for which you give us permission.
From time to time, we may also contact you for market research purposes or to provide you with information about our events, news, services or special promotions that we consider may be of interest to you. This may include information about our programmes, research funding, special events, donor and fundraising programmes. We will allow you to opt out before receiving any unsolicited content.
If you do not want your personal information to be collected, please do not submit it to us.
3. How we share or disclose your information
For the purposes we have described, we may disclose your personal information in the following ways.
- We may disclose your information where disclosure is directly related to the purpose for collection of the information. We will not share your personal information with any other third parties unless legally required or authorised to do so, for example, where you give your permission.
- We sometimes employ contractors, service providers and other third parties to perform functions on our behalf. Examples include print service providers, mail houses and major delivery companies. They have access to the limited personal information needed to perform their functions, but may not keep, use or disclose it for other unauthorised purposes. Our agreements with them protect the information that we collect from any unauthorised use.
- The aggregated data (not personally identifiable information) may be shared with third parties such as advertisers or business partners.
- We may also disclose your personal information to anyone who hosts or maintains data centres, service platforms and other infrastructure and systems on behalf of us, where your personal information is processed and/or stored.
We will take reasonable steps to ensure that the persons and organisations to whom we disclose personal information are bound to protect the privacy of that personal information. Please note that some of the persons to whom we disclose personal information may be situated outside New Zealand. Our website and systems may also be on servers located outside of New Zealand or based in the cloud.
4. What if you do not provide us with the personal information requested
If you do not provide us with the personal information about you that we request from you, we may not be able to adequately respond to your correspondence, process your donation and provide a receipt, or otherwise deal with any requests or enquiries you have submitted.
5. Data security
We work diligently to protect the security of your personal information, including credit and debit card information. We take commercially reasonable steps to ensure your personal information is protected from misuse, loss, interference and unauthorised access, modification or disclosure. For example, whenever we ask for your financial details online, security-encrypted response forms are used and your information is held in secure servers. Collecting your credit card and debit card information also follows the PCI DSS (Payment Card Industry Data Security Standards) protocol, i.e. we meet all PCI DSS requirements to ensure that we process, store or transmit credit card and debit card information securely.
However, data protection and security measures are never completely secure and, despite the measures we have put in place, we cannot guarantee the security of your information. It is important for you to protect against unauthorised access to your password and to your computer. We recommend that you logout when you have finished, especially if using a shared computer. You must take care to protect your personal information (for example, by protecting any usernames and passwords) and you should notify us as soon as possible of any security breaches. If you do not wish to make your financial contribution online, please contact us to receive a hard-copy form. Also please do not include any credit card or debit card information in an email to us as this would not comply with this section of this policy.
6. How long we hold personal information
We keep all personal information that we collect (on both our active systems and our archive systems) for only as long as is needed to achieve the purpose for which we collected it.
7. How you can access and correct your personal information
You may request confirmation of whether or not we hold any personal information about you and you may request access to your personal information that we hold by emailing us at email@example.com or otherwise contacting us at the addresses provided below. Once we have verified your identity we will provide you with such confirmation and access unless one of the grounds for refusal under the Privacy Act applies.
You may request the personal information we hold about you to be corrected by emailing us at firstname.lastname@example.org. If we agree your record of personal information is to be corrected we will do this and provide you with your amended record if requested. To keep your information accurate please notify us of any changes as soon as possible.
Your rights of access to and correction of any personal information we hold about you are subject to the procedures set out in the Privacy Act.
8. Who you can contact for further information
If you have questions or comments about this policy, or you wish to access or make changes to your personal information, please contact Manager Fundraising and Reputation on 09 303 9780 or email email@example.com
Updated: August 2020