PRIVACY POLICY
Startup Dunedin
Last updated: 4 April 2024
INTRODUCTION
Startup Dunedin, an incorporated charitable trust, (“we” or “us”) is committed to respecting your privacy at all times. This Privacy Policy describes what personal information or data we collect, and how we use, store and disclose the personal information we collect, to ensure we comply with our obligations under the Privacy Act 2020.
By providing your personal information or using our products/services, you agree to this Privacy Policy. If you provide information about any other person, then you must have authorisation from that person to provide such data to us. We urge you to read our Privacy Policy carefully.
Our Privacy Policy outlines what personal data we collect, how we collect it, and how we process, use and disclose personal data. Generally we only process personal data where:
we have your specific, informed consent; or
we need to process your personal data:
to perform a contract with you;
to comply with laws or regulations; or
for our legitimate interests (rarely, and only if consistent with your fundamental rights and freedoms in relation to personal data).
This Privacy Policy may change at any time and we will tell you about any changes by posting an updated policy on our website. These changes will take effect from the date we post it, so please ensure you review our Privacy Policy from time to time. By using our website or any product/service offered by us, you will be accepting these changes.
WHAT INFORMATION WE COLLECT
We may obtain information about you from various sources, including through your general interactions with us and through your use of our services and website.
The types of personal information we may collect through your general interactions with us include your:
name, contact details, date of birth and other contact information;
driver licence details, student ID, or other form of identification;
conversations with our staff, agents or other persons;
email communications, and your written or verbal interactions with us or our agents;
number of visits to our websites;
use of our social media platforms; and
other information such as service preferences.
When you use our website, the data we collect depends on the authentication method used but may include, without limitation, profile information (e.g. from your Facebook profile, Twitter profile, or other social media profiles) and information voluntarily entered by you on our website (e.g. name, gender, birthdate, email address, phone number).
HOW WE COLLECT INFORMATION
We will usually collect personal information in a number of ways, including directly from you when you interact with us over the phone, via email or letter, via our website, when you meet with our staff or agents, or where you use our services.
We may also use cookies and similar tracking technologies to track the activity on our website and hold certain information. You may disable cookies by changing the settings on your browser, although this may mean that you cannot use all of the features of the website.
We (and any authorised third parties in accordance with this Privacy Policy) may also collect personal information:
when you apply for employment, contracting, volunteering or governance opportunities with us;
when you submit your personal details to participate in competitions and promotions or to subscribe to any of our communications;
through the use of cookies, web beacons and usage monitoring software when you use our website;
from a local or national government department, or law enforcement agency;
from our business partners that offer you products or services; and
from publicly available sources of information, such as telephone directories and websites.
When we receive personal information from a third party, we will process that data in accordance with this Privacy Policy.
Where required by law, we obtain your prior opt-in consent at the time of collection for the processing of:
personal information for marketing purposes; and
personal information that is “sensitive” under any applicable laws.
If you choose not to provide your personal information to us, we may not be able to:
provide you with the product or service you want;
respond to your requests;
manage or administer your services;
personalise your experience with us; or
verify your identity or protect against fraud.
WHY WE COLLECT THE INFORMATION
We, and any third parties in accordance with this Privacy Policy, may use your personal information for any one or more of the following purposes, to pursue our “legitimate interests”:
to provide, administer and communicate with you on our products, services and promotions;
to tailor experiences to you and report back to you on your experience;
to help us develop, market, improve, manage or review our services;
to conduct client surveys in order to improve our services;
to enforce our terms and conditions;
to comply with applicable legal requirements, industry standards and our policies, and as part of the investigation and analysis of incidents;
to respond to queries, complaints or to provide you with our general customer service;
to comply with requests made by a court or governmental or other public authority, for example, in connection with legal proceedings or the prevention or detection of fraud and crime;
to notify you of services, special offers, opportunities, products or benefits that are being offered by us; and
to generate statistical information and reports on the use of our products and services.
We may use your personal information for additional purposes related to the purposes listed above and will provide specific notice at the time of collection. We will not, however, use your personal information other than for a purpose that:
you would reasonably expect;
is made known to you;
is required or permitted by law; or
is otherwise authorised by you.
By providing your email address, you consent to us sending you information connected with the above collection and use purposes via email.
If data is aggregated or de-identified so it cannot identify you or any other individual, we may use it for any business purpose.
WHO WE SHARE INFORMATION WITH
We may share information with our staff and advisers where they “need to know” that information. We may also disclose information to our service providers and contractors who perform services on our behalf, where permitted under this Privacy Policy.
We may disclose information about you to law enforcement authorities or other government officials:
if we are required to do so by law;
if we believe disclosure is necessary or appropriate to prevent physical harm or financial loss; or
in connection with an investigation of suspected fraudulent or illegal activity.
We also reserve the right to disclose personal information we have about you in the event we sell or transfer all, or a portion of, our business or assets or subsidiaries or related companies. If such a sale or transfer occurs:
we will use reasonable efforts to direct the purchaser to use personal information you have provided to us in a manner that is consistent with our Privacy Policy; and
following such a sale or transfer, you may contact the entity to which we transferred your personal information with any enquiries concerning the processing of that information.
In all other cases, we will not disclose personal information we collect about you, except as disclosed to you, and authorised by you, at the time the information is collected.
HOW WE PROTECT AND RETAIN INFORMATION
We implement and maintain appropriate administrative, technical and physical safeguards designed to protect the personal information you provide against accidental, unlawful or unauthorised destruction, loss, alteration, access, disclosure or use.
We generally store the personal information we collect in New Zealand, or overseas via cloud-based services, including the United States, the United Kingdom and various countries within the European Union.
If needed to provide our services, we may potentially store your data securely on servers owned by other technology providers located in New Zealand or overseas.
We only keep your identifiable personal information for as long as and to the extent that we need it to reasonably meet the purposes for which we collect it (as set out in this Privacy Policy). The length of time we retain your identifiable personal information is also affected by:
any legal requirements we are subject to with respect to your personal information; and
any consent given by you to retain such personal information.
YOUR RIGHTS AND CHOICES
We offer you certain choices about what personal information we collect from you, how we use that information, and how we communicate with you. You also have certain rights, including the rights to:
not provide personal information to us;
refrain from submitting information directly to us;
ask us not to share your personal information with third parties;
withdraw any consent you previously provided to us; or
object at any time on legitimate grounds to the processing of your personal information.
In some circumstances, taking these actions may mean that you cannot take advantage of our products and services. You do not need to provide us with some information that we automatically collect (e.g. some cookies), but we may need this information to provide you with full functionality of our products and services.
You can request access to, and correction or deletion of, your personal information held by us. We will process all requests for access, correction or deletion within a reasonable time. If you would like to ask for a copy of your information, or to have it corrected, please contact us at hello@startupdunedin.nz.
The right to access personal information may be limited in some circumstances by legal requirements. In order for us to process your request, we will need to verify your identity. In the event that we refuse you access to your personal information, we will provide you with an explanation for that refusal. These reasons may include where:
access would have an unreasonable impact on the privacy of other individuals;
the information relates to legal proceedings relating to you;
the information would reveal our commercially-sensitive trade secrets; or
we are prevented by law from disclosing the information or providing access.
QUESTIONS AND COMPLAINTS
If, at any time, you have questions, concerns or comments about this Privacy Policy or our privacy practices, please contact us by e-mail at hello@startupdunedin.nz.
If you wish to complain about any breach or potential breach of this Privacy Policy, please contact us via the contact details below and we will make every effort to resolve your complaint internally. If we do not resolve the complaint to your satisfaction, you may apply to the Privacy Commissioner.
For more information on how you may lodge a complaint with the Privacy Commissioner, please contact the Commissioner on 0800 803 909, at enquiries@privacy.org.nz or at https://www.privacy.org.nz/about-us/contact/.