CFS is an institution offering financial services. We comply with the New Zealand Privacy Act 2020 and the Australian Privacy Act 1988 and the Privacy Principles of each Privacy Act (collectively, Privacy Laws) when dealing with personal information.
This is where we explain our privacy practices and why you can trust us to handle your information with care and respect. This privacy statement sets out how we collect, use, hold and disclose your personal information.
By using and continuing to use our website, applications, services, client portal or otherwise (each, a platform) providing us with your personal information, you consent to us collecting, maintaining, using and disclosing your personal information about you, and provided by you, or by another person as set out in this policy.
What does Personal Information mean?
Personal Information is any information or opinion about an identifiable individual (a natural person) whose identity is apparent or can be reasonably ascertained from the information. (You and your) refers to the person accessing or using our platforms. Personal information includes credit card details, information gathered on websites/platforms, and mobile telephone numbers linked to user names and mailing lists.
There are 12 PPs set out in the Privacy Act 2020 regulating the collection, security, storage, use and disclosure of personal information. These PPs represent the minimum or baseline standards of privacy protection policy that must be adopted.
The 12 Privacy Principles
The following is a brief outline of the PPs. Details about each PP is set out below:
- Principle 1, Principle 2, Principle 3 and Principle 4 govern the collection of personal information. This includes the reasons why personal information may be collected, where it may be collected from, and how it is collected.
- Principle 5 governs the way personal information is stored. It is designed to protect personal information from unauthorised use or disclosure.
- Principle 6 gives individuals the right to access information about themselves.
- Principle 7 gives individuals the right to correct information about themselves.
- Principle 8 and Principle 9, Principle 10 and Principle 11 place restrictions on how people and organisations can use or disclose personal information. These include ensuring information is accurate and up-to-date, and that it isn’t improperly disclosed.
- Principle 12 governs how ‘unique identifiers’, such as IRD numbers, bank client numbers, drivers’ licence numbers, and passport numbers, can be used.
Updates to this Policy
This policy may be reviewed from time to time to reflect news laws, changes to our operations and any change in our business environment. The changes will apply from the date that we upload the revised policy. It is up to you to check for any changes.
Why do we collect personal information?
The personal information you provide to us (whether on our website or in an application form for Crown or elsewhere) will be collected and held by Crown Financial Services Limited or any of its subsidiaries or related entities (together, the Crown Group), and any of the Crown Group’s employees, contractors, advisers, and agents including Crown Private Limited, Make-It Fund Operating Manager L.P., Clearing House Limited and Cybercom Hospitality Solutions Limited, for the following purposes (as applicable):
- processing and responding to your web queries
- the provision of our financial products and services to you
- administration, marketing, operation, security and management of Funds
- compliance with any laws, rules and regulations whether in New Zealand, Australia or in any other country
- to understand our users’ preferences and interests
- for internal research, development, and optimisation of our platforms and the services we provide
- targeting our advertising, and letting you know about new features and services we offer
- evaluation and improvement to our client service
To whom do we disclose your personal information?
Your personal information may be disclosed to, and held and used by, the following entities:
- Crown Financial Services Limited or any of its subsidiaries or related entities (together, the Crown Group), and any of the Crown Group’s employees, contractors, advisers, and agents.
- Any third party, whether in New Zealand, Australia or elsewhere, that provides services to the Crown Group (note that if you are an Australian or New Zealand investor and have opted for Electronic Identity Verification in connection with an application, your information will be shared with external agencies who may use a credit file header database to verify your address (note, however, this is not a credit check)). The Crown Group takes reasonable steps to ensure the third party does not breach the Privacy Principles.
- Other bodies such as government agencies, regulators, and legal and professional advisers.
- Any other person or entity where it is relevant to do so for the purposes set out above.
We can also disclose personal information to third parties as instructed by you and in other ways permitted by the Privacy Laws and Principles.
Your personal information may also be used by, and you consent to the use of your personal information by, any Crown Group member to keep you informed about other financial opportunities, products and services of any Crown Group member, including by email, by text message, by Crown Group’s online portals (if any) or by any other electronic means. Any electronic communication offering other financial opportunities, products or services will include an unsubscribe facility.
How do we collect personal information?
We collect most personal information directly from you. Sometimes we may (and you authorise us to) collect personal information about you from other people. We may also collect information about you from publicly available sources of information. When you are dealing with CFS by telephone or live video chat service, your conversations may be recorded for training or verification purposes.
Cookies and similar technologies
CFS may share information collected through cookies (or similar technologies) with third parties (who may also use that information for ad targeting and the other purposes described above).
Opting out of cookies
You can prevent new cookies from being installed and delete existing cookies. The procedure depends on which browser you are using. For information on how to remove cookies, check your internet browser. You may be unable to make full use of our website or its integration with other social media platforms such as Facebook, Instagram or Twitter unless you accept cookies.
How do we hold personal information?
We will take all reasonable steps and use a range of security measures to keep your personal information safe from loss, unauthorised activity or other misuse.
Data security around your personal information
We take reasonable steps to preserve the security of personal information we collect. Only authorised employees, contractors, advisers and agents (who have agreed to keep information secure and confidential) have access to this information. All stored client information is protected from unauthorised access through the use of secure passwords and user logons or other security procedures.
Ensuring your personal information is up-to-date and accessing your personal information
We rely on the personal information we hold about you to efficiently conduct our business of providing financial products and services so use all reasonable endeavours to ensure that the personal information is accurate, complete and up-to-date. So we encourage you to contact us to correct any personal information we hold about you.
You have the right to correct any personal information we hold about you in accordance with Privacy Act laws and Principles. However, this is subject to exceptions set out in Privacy Act laws and Principles and this can be done by contacting us by email email@example.com or telephone +64 9 973 5888.
During this process, we will require you to verify your identity and to specify what information you require. You may be charged a fee for providing access. If a fee is to be charged, we will inform you of the likely cost in advance.
What happens if personal information is not provided?
If we are not able to collect, handle, use and disclose personal information about you as set out in this policy, we may not be able to provide you with our services or with access to our platforms which may adversely affect our ability to respond to you or supply the relevant service or to perform our obligation to you.
What are your rights?
If you have any questions or complaints about your privacy, please contact us using the contact details below. We may ask you to lodge your complaint via email. If you are unable to satisfactorily resolve your concerns about our handling of your personal information, you can either contact us to discuss your concerns or make a complaint to the New Zealand Privacy Commissioner via www.privacy.org.nz or the Australian Privacy Commissioner via www.oaic.qov.au.
Appointment of Privacy Officer
The Privacy Act 2020 requires every agency to have a Privacy Officer whose responsibilities include:
- the encouragement of compliance, by the agency, with the information privacy principles; dealing with requests made to the agency pursuant to this Act, working with the Privacy Commissioner in relation to investigations, and otherwise ensuring compliance by the agency with the provisions of this Act.
The Board of CFS may at its absolute discretion appoint or employ any person to be the Privacy Officer of the company. The Privacy Officer would be the first point of contact in CFS when privacy issues arise either internally or externally.
Until determinated otherwise by the CFS Board, the Managing Partner of CFS is appointed as the Privacy Officer.
If calling from Australia or New Zealand: +64 9 973 5888 or by email firstname.lastname@example.org
Application of European privacy laws
If you are an individual in a country in the European Economic Area (EEA), we may be required to comply with the EU General Data Protection Regulation 2016/679 (the GDPR) which applies to us when processing the personal information of individuals (Data Subjects) who are in countries in the EEA in relation to offering you our products or services or if we monitor any of your behaviour when in those countries. This includes additional information we are required to tell you about in relation to your privacy, including the basis on which we collect your personal information and your data subject rights under the GDPR.