Our commitment to protect your privacy
Sherpa recognises the importance of your privacy and how important it is for us to protect your personal information. We are committed to protecting personal information which we hold and to complying with all relevant privacy laws in the jurisdictions in which we operate. This document describes how we manage your personal information and safeguard your privacy.
References to ‘Sherpa’, ‘we’ and ‘us’ includes Sherpa (NZ) Limited and its related bodies corporate.
How do we collect and hold personal information about you?
The kinds of personal information we collect and hold will depend upon the type of products and services we provide to you or obtain from you. It may be contained in:
- Information you give us when you request a service from us
- Records of communications and other interactions you have with us (including telephone, email and online); and
This information may include your name, address, telephone numbers, email address, bank account and credit card details, date of birth, identification information and organisation.
The personal information we request is generally optional, but if you choose not to provide personal information to us, we may not be able to fulfil your request or provide you with the product or service you require. Sometimes, however, there are situations where we are required by law to collect certain personal information from you and, if this is the case, we will take reasonable steps to inform you of the law that imposes this requirement.
We generally collect personal information directly from you whenever it is reasonable practicable to do so. We may also collect personal information from other parties such as our related bodies corporate your agents or representatives (such as your legal or financial adviser) and from publicly available sources of information.
What do we do with the personal information we collect?
We collect, use and disclose personal information to carry on our business; to provide, administer, improve and personalise our services; to identify and interact with our customers; to let our customers know about other products and services which might interest them; to assess and improve the quality of our services; to protect our lawful interests; to deal with our customers’ concerns and enquiries; and to assist us generally in managing transactions with our customers, suppliers and other contacts.
Sherpa may contact you on an ongoing basis by telephone, mail, electronically or otherwise to provide you with marketing, advertising or other material about our services or to follow up on your interest in services, unless or until you tell us not to or we are restricted by law.
We may also exchange information with other Sherpa entities and with our service providers including, call centres, accountants, auditors and lawyers, credit reporting and collection agencies, and providers of, banking, payment, data processing, data analysis, information broking, research, investigation, website and technology services.
We may also disclose your personal information in corporate transactions involving the transfer of all or part of our assets (including debts) or business or in a corporate restructure.
We may also be required or authorised by law to disclose your personal information. For example, we may disclose your personal information to a court in response to a subpoena or to a relevant taxation agency. We may also disclose information to other persons where you have provided your consent for us to do so.
Some of the third parties to which we disclose personal information may be located in Australia, Philippines and other countries and you acknowledge that, while they will often be subject to confidentiality or privacy obligations, they may not always follow the requirements of the New Zealand privacy laws.
How do we protect your personal information?
We hold personal information electronically and in hard copy form. We take reasonable steps to protect your personal information from loss, misuse, modification, or unauthorised access, use and disclosure. These steps include access control for our buildings, confidentiality obligations imposed on our employees and service providers and the use of security measures for computer system access.
Once we no longer require your personal information for any of the purposes for which it was collected we will, subject to any legal obligations and responsibilities, take reasonable steps to destroy or de-identify your personal information.
Your privacy on our websites
We operate websites which may utilise ‘cookies’ to collect personal information. A cookie is a small file that is stored on your hard disk by a website. Cookies contain information which is readable by the website that issued the cookie to you. Cookies cannot execute programs or access other information on your computer. Your web browser can be configured to reject cookies issued by our websites, but if you do so, some functionality that we provide on our websites may become unavailable as a result.
When you visit a website of ours, we may collect the following information from you: your IP address, domain name, the date, time and duration of your visit, the pages and documents you accessed, the previous site you had accessed (i.e. the referring URL), the type of browser you are using and information you volunteer such as survey information, name and email address.
While we take care that the personal information you give us on our websites is protected, the Internet is not a secure environment. If you are considering sending us any personal information through one of our websites, be aware that the information may be insecure in transit, particularly where no encryption is used (e.g. email, standard HTTP). We are subject to laws requiring us to protect information once it comes into our possession.
This section applies in relation to our handling personal information from credit reporting bodies (CRBs) and certain other consumer credit-related personal information described below (credit information). We generally handle credit information in the context of commercial credit rather than consumer credit arrangements. For example, information about an individual’s consumer credit worthiness may be handled where we provide trade credit to sole traders, or individuals such as directors provide personal guarantees in relation to trade credit we extend to companies.
We may collect and hold any types of credit information about an individual permitted under the Privacy Act, including:
- name, sex, date of birth, driver’s licence number, employer and three most recent addresses;
- confirmation of previous information requests about the individual to CRBs made by other credit providers and credit insurers;
- details of previous credit applications, including the amount and type of credit and credit limit;
- details of current and previous credit arrangements, including credit providers, start/end dates and certain terms and conditions;
- permitted payment default information, including information about related payment arrangements and subsequent repayment;
- information about serious credit infringements (e.g. fraud);
- information about adverse court judgments and insolvency;
- publicly available information about the individual’s credit worthiness; and
- any credit score or credit risk assessment indicating a CRB’s or credit provider’s analysis of the individual’s eligibility for consumer credit.
This credit information may include information about your arrangements with other credit providers as well as with us.
Where we collect credit information about you from a CRB, we may use that information to produce our own assessments and ratings in respect of your credit worthiness.
We may disclose credit information to CRBs to assist the CRBs to maintain information about you to provide to other credit providers for credit assessments. We may collect credit information from CRBs for purposes including, to the extent permitted by law, to assess your credit or guarantee application, manage your credit/guarantee, assign debts and collect overdue payments. We may also exchange credit information with debt buyers and other credit providers.
The CRBs we use may include:
- Equifax – email@example.com www.equifax.co.nz 0800 698 332
- Centrix – PO Box 62512, Greenlane, Auckland 1546 www.centrix.co.nz 0800 236 874
You have the right to request CRBs not to:
- use your credit information to determine your eligibility to receive direct marketing from credit providers; and
- use or disclose your credit information, if you have been or are likely to be a victim of fraud.
What rights do you have in relation to your personal information which we hold?
We take reasonable steps to ensure that the personal information we collect, use and disclose is accurate, complete and up-to-date. If you become aware of any errors in your personal information or you change your personal details such as your name, address or bank account details, please contact us at your earliest convenience.
You can gain access to personal information that we hold about you, subject to certain exceptions allowed by law. Please contact us (as set out below) if you would like details about the personal information we may hold about you or if you would like us to update or correct it. We will handle any request in accordance with the relevant privacy regulations. We may require you to complete a request form and we also reserve the right to charge a reasonable fee for gaining access. We endeavour to deal with such requests promptly, but requests for a large amount of information, or information which is not currently in use, may require significant time to extract.
Generally, if you request us to do so we will amend any personal information about you held by us which is inaccurate, incomplete or out of date. If we are not able or unwilling to provide you with access to any personal information or to correct any personal information held by us, we will provide you with our reasons. If we do not agree to amend your personal information and you disagree, you may request that we make a note of your requested correction with the information.
You may also contact us to request us to stop using your personal information to contact you about our products and services. You can contact us if you wish to obtain more information about the way we manage personal information about you which we hold or if you are concerned that we may have breached our privacy obligations and wish to make a complaint. If you make a complaint, we will endeavour to respond and resolve your complaint promptly. For more information about privacy generally, or if your compliant is not resolved to your satisfaction, you may contact the Office of the Privacy Commissioner at www.privacy.org.nz and on (04) 474 7590.
How To Contact Us
You can also contact our Privacy Officer via firstname.lastname@example.org
Changes to this privacy statement