Humankind Limited (we’ll use we, us, and our from now on) complies with the New Zealand Privacy Act 2020 (we’ll use the Act from now on) when dealing with personal information. Personal information is information about an identifiable individual.
We know maintaining client confidentiality and protecting personal information is important. Given the nature of our business, we have access to personal information and this policy explains how we will collect, use, disclose, and protect your personal information.
This policy does not exclude any of your rights under the Act. For further information on the Act, check out www.privacy.org.nz.
We may change this policy by uploading a revised policy onto our website. The change will apply from the date that we uploaded the revised policy. This policy was last updated on 11 June 2021.
Collecting personal information
When we work with you, we may collect personal information about you, your business, and your employees. This may happen:
We may also collect other confidential information from you about your organisation. This may include commercially sensitive information.
Holding and using personal information
We will use the personal information we collect:
Disclosing personal information
We may disclose your personal information to:
A business that supports our services may be located outside of New Zealand. This may mean your personal information is held and processed outside of New Zealand.
We are committed to:
Accessing and correcting your personal information
Subject to certain grounds for refusal set out in the Act, you have the right to access your readily retrievable personal information that we hold and to request a correction to your personal information. We will first need evidence from you to confirm that you are the individual the personal information relates to.
If you request a correction, we will make it if we think the correction is reasonable and we are reasonably able to change the personal information. If we do not make the correction, we will take reasonable steps to note on the personal information that you requested the correction.
If you want to access or correct your information, simply email us at [email protected] Your email should provide evidence of who you are and set out the details of your request (e.g., the personal information, or the correction, that you are requesting).
We may charge you the costs of providing to you copies of your personal information or correcting that information (within reason of course).
Our primary data storage process is via the cloud, in Microsoft 365 Tenant, however, if the work requires it, we may physically store the personal information we collect at our office located at L8 175 Victoria St, Wellington or at a Humankind approved workspace outside our offices. If the personal information is in a physical format, it will be stored in a secure environment.
We take technical and organisational measures to prevent unauthorised processing of your personal information and against accidental loss or destruction of, or damage to your personal information.
We work with a third-party IT supplier (CodeBlue) to monitor and proactively maintain the cyber security of our systems and information. This third-party supplier will have access to personal information processed on Humankind IT systems. We use industry-standard security practices to protect the integrity, confidentiality, and security of any personal information we own or hold on behalf of clients including:
Notification of Data Breach
While all precautions are taken to ensure all personal information (physical or digital) is treated with security, if we become aware of any breach of security that results in the accidental or unauthorised disclosure of or access to your personal information, we will take steps in accordance with the Act, including:
While we take reasonable steps to maintain secure internet connections, if you provide us with personal information over the internet, that is at your own risk.