This Privacy Policy sets out how we will collect, store, use, disclose and protect your personal information.
This policy does not limit or exclude any of your rights under the Act. If you wish to seek further information on the Act, see www.privacy.org.nz
How we collect your personal information
Wherever practicable, we will only collect information from you personally, for example when we deal with you in person or over the phone, when you send us details via correspondence. Sometimes it may be necessary to collect your personal information from a third party. An example of this could be when we collect personal information about you from your authorised or personal representative or from a publicly available record.
Personal Information (or data) is any information that relates to an identifiable person. We collect and store personal information for the purpose of conducting our business, to market our services and to meet our legal obligations, including in relation to our privacy and anti-money laundering compliance obligations.BBR has engaged third party agents to assist with its Customer Due Diligence (CDD) requirements under the Anti-Money Laundering and Countering Financing of Terrorism Act 2009.
Depending on the nature of your relationship with BBR, the personal information we will collect from you may include:
- Name, date of birth, address and contact details;
- Occupation;
- Payment details;
- Employment history;
- Education and qualifications;
- Evidence of source of funds (in some cases); and
- Any other information which assists us in conducting our business, providing and marketing our services and meeting our legal obligations.
• to process transactions;
• to provide accounting services and solutions through technology;
• to provide you with information and marketing material about other services that we offer that may be of interest to you;
• to respond to requests;
• to maintain contact with you;
• to provide you with information relevant to your type of business or other area of expertise or interest;
• to keep you informed of our services and industry developments;
• to provide you with the opportunity to meet other people and attend seminars, conferences or other events in your type of business, or other area of expertise or interest;
• to facilitate our internal business operations, including the fulfilment of any legal or regulatory requirements;
• for administrative purposes;
• for recruitment purposes;
• to analyse our services and client needs with a view to improving those services;
• for engagement of service providers, contractors or suppliers relating to the operation of our business; and
• for other purposes related to the performance of our business functions and activities as Accountants and Business Advisors.
Generally, we only use personal information about you for the purpose for which it was collected (as set out above). We disclose personal information about you to:
- experts of other third parties contracted as part of an engagement with us;
- our service providers, who assist us in operating our business (including technology service providers), and who may not be required to comply with our privacy policy;
- our professional advisors;
- a client, if you are a contractor or a supplier of services to a client;
BBR takes all reasonable steps to ensure that your personal information is stored safely to protect it from loss, unauthorised use, modification, disclosure, and any other misuse. We store your personal information in different ways, including in paper and electronic format. These measures include electronic and physical security measures, such as:
- securing our premises;
- placing passwords to limit access and protect electronic information;
- the use of firewalls, encryption, passwords and digital certificates;
- providing locked cabinets for the storage of physical records; and
- requiring our staff to undertake privacy and data protection training.
We will use, disclose or retain your personal information for as long as necessary to fulfil the purpose for which it was collected and as otherwise permitted or required by law.
In the event of a privacy breach, we have established procedures for notifying the Privacy Commissioner and the individual affected, including setting out the reasonable steps we have taken to mitigate the effects of a privacy breach, should we be required to do so under law.
This Privacy Policy sets out how we will collect, store, use, disclose and protect your personal information.
This policy does not limit or exclude any of your rights under the Act. If you wish to seek further information on the Act, see www.privacy.org.nz.
You can request access to your personal information we hold about you by making a request to us in writing. We will endeavour to respond to your request within a reasonable period. We may charge you a reasonable fee for processing your request (but not for making a request for access).We may decline a request for access to personal information in circumstances prescribed by the Privacy Act, including when:
- the request is considered frivolous or vexatious;
- giving access would reveal information related to a commercially sensitive decision making process;
- giving access would be unlawful; or
- giving access would likely prejudice enforcement related activities relating to criminal activities and other breaches of law.
If we decline a request for access to personal information, we will provide you with a written notice that sets out the reasons for the refusal (unless it would be unreasonable to provide those reasons) and the mechanisms available to you to make a complaint. If, upon receiving access to your personal information, or at any other time, you believe the personal information we hold about you is inaccurate, incomplete or out of date, please notify us immediately in writing. We take reasonable steps to correct the information so that it is accurate, complete and up to date. For this purpose our staff may ask you to confirm that your contact details are correct when you attend an appointment or interact with us at any other time. If we refuse to correct your personal information, we will provide you with a written notice that sets out the reasons for our refusal (unless it would be unreasonable to provide those reasons) and the mechanisms available to you to make a complaint.
If you have any concerns about the way in which we collect, store and use your personal information, or if you have any queries about this Privacy Policy, we ask that you contact us in writing (see ‘How to contact us’).
If you would like to contact us for any reason relating to your personal information or if you have a query in relation to our Privacy Collection Statement or Revised Privacy Policy or you would like to make a complain about BBRs’ handing of your personal information, please contact BBR as follows:
The Director
BBR Limited
PO Box 99273
Newmarket
Auckland, 1026
New Zealand
T +64 9 303 1373
E info@bbr.co.nz
This Privacy Policy may be updated at any time.