Master Plumbers, Gasfitters & Drainlayers NZ Inc
(“Master Plumbers NZ Inc, Masterlink Limited and NZ Plumber Limited”)
Master Plumbers (we, us, our) complies with the New Zealand Privacy Act 2020 (the Act) when dealing with personal information. Personal information is information about an identifiable individual (a natural person).
This policy sets out how we will collect, use, disclose, protect and store your personal information, together with your rights of access to; and correction of that information.
This policy does not limit or exclude any of your rights under the Act. If you wish to seek further information on the Act, see www.privacy.org.nz.
1. WHO DO WE COLLECT YOUR PERSONAL INFORMATION FROM
We collect personal information about you from:
- you, when you provide that personal information to us, including via the website and any related service, through any application to us, through any contact with us (e.g. telephone call or email); and
- third parties where you have authorised this or the information is publicly available.
2. WHAT PERSONAL INFORMATION DO WE COLLECT
We collect personal information for the purposes outlined in clause 3 below. Personal information collected by Master Plumbers means information about an identifiable individual, including:
- personal details, such as your full legal name, date of birth, drivers licence number, passport number, postal or residential address, email address, and telephone number;
- evaluative material (e.g. confidential references, performance reviews, online testing, reference checks to support applications for membership);
- academic results;
- payroll information (including income, taxation and bank account details);
- test results;
- medical reports;
- business details and financial information;
- information regarding your website use, including registration details and profiling, particulars of use, regularity of access and content viewed;
- notes regarding contact with you or about you; and
- any other information we deem necessary to carry out our operations.
Where possible, we will collect personal information from you directly, unless the information is publicly available or you consent to it being obtained from another person.
3. HOW AND WHY WE USE YOUR PERSONAL INFORMATION
We will use your personal information:
- to verify your identity;
- to assess your suitability for membership and employment;
- to market and provide our services to you and to provide information regarding products to you, including contacting you electronically (e.g. by text or email or other channels for this purpose);
- to improve the services that we provide to you;
- to undertake police checks of you;
- to bill you and to collect money that you owe us, including authorising and processing credit card transactions;
- to respond to communications from you, including a complaint made by you;
- to investigate any complaint made in relation to you;
- to conduct research and statistical analysis (on an anonymised basis);
- to protect and/or enforce our legal rights and interests, including defending any claim;
- complying with laws and regulations;
- legal proceedings, including collecting overdue amounts and seeking professional advice; and
- for any other purpose authorised by you or permitted by law.
4. DISCLOSING YOUR PERSONAL INFORMATION
We will disclose your personal information only in accordance with this Policy and the Act. We may provide personal information to third parties where necessary or appropriate to facilitate the purpose for which information was collected pursuant to the Policy.
For the purposes outlined above at clause 3, we may disclose your personal information to:
- another company within our group;
- our employees, contractors and advisors;
- training organisations;
- any business that supports our services and products, including any person that hosts or maintains any underlying IT system or data centre that we use to provide the website or other services and products;
- a credit reference agency for the purpose of credit checking you;
- other third parties (for anonymised statistical information);
- a person or agency who can require us to supply your personal information (e.g. a regulatory authority);
- any other person authorised by the Act or another law (e.g. a law enforcement agency); and
- any other person or agency authorised by you.
5. PROTECTING & STORING YOUR PERSONAL INFORMATION
The intended recipient of your personal information is Master Plumbers. We will use reasonable commercial endeavours to ensure that all personal information is securely protected against loss, unauthorised access and other misuse. This includes physical security, computer and network security, communications security and personnel security. However, we accept no responsibility for any loss, misuse, unauthorised access or disclosure, alteration or destruction of personal information which you submit to us.
We may retain all personal information that we collect (on our active systems and our archive systems) only for as long as necessary to carry out the purposes for which the information was collected (including for the purpose of providing services to you).
We may provide your personal information to third parties contracted by us in order to perform data storage and data processing services on our behalf. We will take all reasonable steps to ensure that these third parties comply with our instructions and do not use your personal information for any other purpose.
Please be aware that communications over the internet, such as emails, are not 100% secure even if they have been encrypted.
We may store your personal information on servers and services both within New Zealand and offshore (including third party cloud-based services and storage). We may access and use that personal information in and outside New Zealand. You acknowledge that some of the third party storage providers, which provide services to us under contract, are based in other countries that may not have equivalent privacy and data protection laws to New Zealand.
6. ACCESSING AND CORRECTING YOUR PERSONAL INFORMATION
Subject to certain grounds for refusal set out in the Act, you have the rights to:
- request access to your readily retrievable personal information that we hold; and
- request a correction to your personal information, to ensure it is accurate, up to date, complete, and not misleading.
Before you exercise these rights, we will need evidence to confirm that you are the individual to whom the personal information relates.
In respect of a request for correction, if we think the correction is reasonable and we are reasonably able to change the personal information, we will make the correction. If we do not make the correction, we will take reasonable steps to note on the personal information that you requested the correction, together with a statement of the correction sought.
In accordance with the Act, we may charge you our reasonable costs of providing to you copies of your personal information or correcting that information.
If you want to request access to or correction of your personal information, please email our Privacy Officer (using the contact details below at clause 7). Your email should provide evidence of who you are and set out the details of your request (e.g. the personal information required, or the correction sought).
7. PRIVACY OFFICER
In accordance with the requirements of the Act, we have appointed the HR Manager as our Privacy Officer. The Privacy Officer has statutory obligations to:
- encourage and ensure our compliance with the principles of the Privacy Act;
- deal with requests made to us for access to and/or correction of personal information; and
- work with the Privacy Commissioner on any investigation into our privacy practices.
Any enquiries or requests relating to the privacy of your personal information should be notified to the Privacy Officer. The Privacy Officer can be contacted by emailing firstname.lastname@example.org.
8. INTERNET USE
While we take reasonable steps to maintain secure internet connections, if you provide us with personal information over the internet, the provision of that information is at your own risk.
If you post your personal information on our website or social media sites you acknowledge and agree that the information you post is publicly available.
9. DATA BREACHES
In the event we become aware that personal information has been lost or subject to unauthorised access, misuse, interference, or disclosure, we will take steps to contain and rectify the data breach, as soon as practicable, prevent reoccurrence, and comply with any applicable notification obligations.
10. CHANGES TO THIS POLICY
Last updated March 2021