Introduction and Acceptance
It is our policy to respect your privacy regarding any personal information we collect while operating or using the service. All personal information will be handled and stored in accordance with the provisions of the New Zealand Privacy Act 1993 and from December 1st, 2020, the Privacy Act 2020 (“Act”).
For the avoidance of doubt, your business information (i.e., information that relates to your business and not an individual person) is collected, used, and stored in strict confidence and accordance with our General Terms of Service and Specific Terms of Service.
What personal information do we collect and why?
We collect personal information that is reasonably necessary for one or more of our business functions or activities. We may collect and hold personal information, including your name, address, email address, contact telephone numbers, or any other personal information you give us.
If we are not able to collect this personal information from you, we may not be able to, and will not be required to, provide you with the services you have requested.
We will only use and disclose your personal information for the purposes for which it was collected (or otherwise as required or authorized by law). This may include using your personal information for the following purposes:
- to undertake customer service activities, such as responding to any queries, comments, or complaints, you may have;
- to administer our services, including processing any requests about our services;
- to collect statistics about how you use our service (i.e.,we may collect the total amount of built interactions from all of our customers and
display this as a collective total on our website or for use in a benchmark or metrics study). We do not disclose personally-identifiable
- to maintain and develop our business systems, including testing and upgrading them;
- to enable us to monitor, review and improve our services and communicate with you about them;
- for our administrative purposes and internal record keeping;
- to comply with relevant laws and regulations; and
- for any other specific purpose which we notify you of at the time your personal information is collected.
From time to time, we may also contact you for market research purposes or to provide you with marketing information about new products or services or special offers and promotions. We will allow you to opt-in before receiving any unsolicited content. If you do opt-in, we will also give you the opportunity to opt-out of receiving such direct marketing or market research content.
How is information collected?
We will only collect personal information in accordance with the provisions of the Privacy Act. We may collect personal information in several ways, including without limitation:
- through the account, you create or use on Qotient.com, and when you use our services;
- through cookies;
- by email or other written mechanisms;
- over a telephone call;
- in person;
- through transactions;
- through the Qotient.com website; and
- when a third party provides personal information to us
- by technology that is used to support communications between us:
- through publicly available information sources (which may include telephone directories, the internet, and social media sites); and
- direct marketing database providers.
We may also receive personal information about you from our reseller partners when you purchase or use our services.
Do we disclose any information to outside parties?
We may disclose your personal information to other third parties to the extent reasonably required to carry out the purposes we have described, and we may disclose your personal information:
- to any company in the Qotient group of companies (which includes our related companies);
- to our suppliers (including service, content and hosting providers and payment processors), contractors, agents, and business partners who help us administer our services;
- to our professional advisers in the course of enforcing our site or service policies and to protect ours or others rights, property or safety;
- to anyone to whom our assets or business (or any part of it) is transferred;
- where you have otherwise consented;
- as otherwise required or authorized by law; or
- if we are requested to do in the course of legal proceedings or other investigations.
We will take reasonable steps to ensure that the persons and organizations to whom we disclose personal information are bound to protect the privacy of that personal information. Our website, servers, and systems may also be based on servers located outside of New Zealand.
Non-personally identifiable visitor information may also be provided to other parties for marketing, advertising, or other uses.
How can you access and correct your personal information we hold?
Where you request details of your personal information and the information requested is not readily retrievable, we may charge a reasonable fee for the cost of accessing or retrieving that information. We note that we are not required to provide access to information in certain situations, but if we refuse access, we will give you our reasons for doing so.
If you request a correction to your personal information and we agree that your personal information needs correcting, an amended record of your personal information will be provided back to you. If we do not agree to your request for a correction, you may request that we take reasonable steps to attach to the information a statement of correction sought but not made.
How do we ensure the integrity and security of your personal information?
We take reasonable measures to ensure the security of your personal information that is held by us from such risks as loss, misuse, unauthorized access, disclosure, alteration, and destruction. However, we remind you that if you send information to our website, the Internet is not a secure environment. Although all reasonable care is taken, we cannot warrant or guarantee the security of information you provide to us via electronic means.
We also have a variety of security measures in place to maintain the safety of your personal and company information when you enter, submit, or access your personal or company information while operating or using the service. We offer the use of a secure third party server. All supplied sensitive/credit information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our payment gateway providers’ database only to be accessible by those with special access rights to such systems, and are required to keep the information confidential.
For how long do we hold personal information?
We will keep your personal information for only as long as is necessary to achieve the purpose for which we collected it.
How can you contact us?
Additional terms that apply to some residents of the European Economic Area (EEA)
In addition to the rights already recorded above, if you are based in the EEA, you may have the following additional rights concerning the personal information we hold about you:
- Right to erasure: You can ask us to delete or remove your personal information in some circumstances, such as where we no longer need it or, if we are relying on your consent to process the information, you withdraw your consent. If you are entitled to erasure, we will comply with your request. If we have shared your personal information with others, we will let them know about your request where reasonably possible. If you ask us where it is reasonably possible and lawful for us to do so, we will also tell you who we have shared your personal information with so that you can contact them directly.
- Right to restrict processing: You can ask us to ‘block’ or suppress the processing of your personal information in certain circumstances, such as where you contest the accuracy of that personal information, or you do not want us to erase your information but require a restriction of processing instead. If you are entitled to restriction of processing of your personal information, and we have shared your personal information with others, we will let them know about the restriction where it is reasonably possible for us to do so. If you ask us where it is reasonably possible and lawful for us to do so, we will also tell you who we have shared your personal information with so that you can contact them directly.
- Right to data portability: You have the right, in certain circumstances, to obtain personal information you have provided us with (in a structured, commonly used, and machine-readable format) and to reuse it elsewhere or to ask us to transfer this to a third party of your choice.
- Right to object: You can ask us to stop processing your personal information, and we will do so if we are:
- relying on our own or someone else’s legitimate interests to process your personal information, except if we can demonstrate compelling legal grounds for the processing; or
- processing your personal information for direct marketing purposes.
- Right to withdraw consent: If we rely on your consent as our legal basis for processing your personal information, you have the right to withdraw that consent at any time.
- Right to lodge a complaint with the supervisory authority: If you have a concern about any aspect of our privacy practices, including the way we have handled your personal information, you can report it to the relevant Supervisory Authority in the EEA.
Please be aware that some of these rights may be limited or unavailable where we have an overriding interest or legal obligation to continue to process the data or where data may be exempt from disclosure due to reasons of legal professional privilege or professional secrecy obligations.
Your personal information may be processed by our third-party provider in the United States. The European Commission has not recognized the United States as providing adequate protection. We have enforceable contractual arrangements with this third-party provider to ensure appropriate safeguards are in place to protect your personal information.