Mortgage Design Limited (we us , our ) complies with the New Zealand Privacy Act 2020 (the Act ) when dealing with personal information. Personal information is information about an identifiable individual (a natural person). This policy sets out how we will collect, use, disclose and protect your personal information.
This policy does not limit or exclude any of your rights under the Act. If you wish to seek further information on the Act, you can contact our Privacy Officer by email on email@example.com. Or visit www.privacy.org.nz for further information.
We may change this policy by uploading a revised policy onto the website. The change will apply from the date that we upload the revised policy.
Personal information is information about an identifiable individual. It includes (but is not limited to) name, address, contact details, date of birth, occupations, payment details, employment history and/or details, education and qualifications, financial information, testimonials and feedback, evidence of source of funds or source of wealth (in some cases) and other information.
We will use your personal information:
Except as described above, we will not disclose your personal information without your written or oral consent, unless we are required to do so by applicable law.
We will take reasonable steps to keep your personal information safe from loss, unauthorised activity, or other misuse. Our software is subject to audits to ensure it is continuing to meet security requirements. All data handled in our software is encrypted in transit and during storage and can only be accessed over secure network connections.
We will only retain personal information as long as it is required for the purposes for which the information may lawfully be used. All data stored online is backed up and can be retrieved in the event of data loss or corruption.
Data will sometimes be held on-premise at the local adviser’s place of work if it is provided to us outside of our software.
Subject to certain grounds for refusal set out in the Act, you have the right to access your readily retrievable personal information that we hold and to request a correction to your personal information. Before you exercise this right, we will need evidence to confirm that you are the individual to whom the personal information relates.
In respect of a request for correction, if we think the correction is reasonable and we are reasonably able to change the personal information, we will make the correction. If we do not make the correction, we will take reasonable steps to note on the personal information that you requested the correction.
If you want to exercise either of the above rights, email us at firstname.lastname@example.org. Your email should provide evidence of who you are and set out the details of your request (e.g. the personal information, or the correction, that you are requesting).
Our Privacy Officer has processes and systems in place in the unfortunate event of a data breach. If such an event occurs, we will promptly identify, report and examine a personal data breach.
While we take reasonable steps to maintain secure internet connections, if you provide us with personal information over the internet, the provision of that information is at your own risk.
We may use information about your use of our websites and other IT systems to prevent unauthorised access or attacks on our software. We may utilise services from one or more third party suppliers to monitor use of our systems. These third-party suppliers will have access to monitoring and logging information as well as information processed on our websites and other IT systems.