Sargon provides trustee and supervisory services through its Financial Markets Authority licensed subsidiary Heritage Trustee Company Limited (Heritage).
1 Application of this Policy
1.1 Heritage Trustee Company Limited (Heritage) complies with the New Zealand Privacy Act 1993 (the Act) when dealing with personal information. Personal information is information about an identifiable individual (a natural person).
1.2 Heritage recognises the importance of safeguarding individuals’ personal information. This policy sets out how Heritage will collect, use, disclose and protect personal information.
1.3 The collection of individual’s personal information and/or your Supervised Entities’ investors’ personal information is essential to enable Heritage to conduct its business of offering and providing its range of products and services (“Services”). This information may be confidential or sensitive, so it is important Heritage has a policy on how it treats this information
2 What information does Heritage collect?
2.1 Heritage is committed to its obligations under the Act relating to collecting personal information. In order to provide the Services, it is essential that Heritage collects and processes some personal information.
2.2 The information Heritage collects can include:
(a) Information provided by individuals when using Heritage’s Services. This includes information provided at the time of registering or utilising any of the Services, interacting with our staff, or posted material.
(b) Where individuals contact Heritage, Heritage may keep a copy of the correspondence.
(c) Details of transactions individuals carry out with Heritage’s team or using its technology including the fulfilment of these transactions.
(d) Details of individuals’ visits to our websites including, but not limited to, traffic data, location data, weblogs and other communication data, and the resources you access.
(e) Heritage may also ask individuals to complete surveys used for research purposes, although individuals do not have to respond to these requests.
3 IP Addresses
3.1 Heritage may collect information about individuals’ computers, including, where available, their IP address, operating system and browser type, for system administration. This is statistical data about users’ browsing patterns and actions, and does not identify any individual.
4.1 Heritage may set and access Cookies on its website. Cookies are small text files, which collect non-personal information including type of operating system, domain name and IP address. The information collected is anonymous and is used for the purpose of understanding individual behaviour when using the website.
5 How Heritage uses personal information
5.1 Heritage may use an individual’s information:
(a) To establish their requirements and provide the appropriate product or service;
(b) To set up, administer and manage Heritage’s products and services;
(c) To understand an individual’s needs and improve Heritage’s products and services, including training and developing of staff and representatives;
(d) To verify an individual’s identity;
(e) To communicate with the individual;
(f) To protect Heritage’s rights;
(g) To ensure the secure and proper operation of Heritage’s website;
(h) For internal research purposes;
(i) For any other use the individual authorises;
5.2 Heritage may be required by the Financial Transactions Reporting Act 1996 and the Anti- Money Laundering and Countering Financing of Terrorism Act 2009 to collect individuals’ personal information to verify their identity. Therefore, the collection of certain personal information will be mandatory for particular Services.
6 Sharing your information
6.1 Heritage may use and disclose an individual’s personal information for the purposes Heritage collected it.
6.2 Heritage may use and disclose an individual’s personal information for a secondary purpose only if the secondary purpose is directly related to the purpose of collection.
6.3 When necessary and in connection with the purposes listed above, Heritage may disclose an individual’s personal information to:
(a) Subsidiaries, related companies or joint venture companies where required or authorised by the individual.
(b) Information technology providers, including hardware and software vendors and consultants such as programmers, for the development or delivery of the Services only.
(c) Customer research organisations, solely for the purpose of service improvements, however, not for direct marketing purposes.
(d) Intermediaries including an individual’s agent, adviser, broker, a representative acting on their behalf, or Heritage’s authorised representatives and agents.
(e) Accounting and financial specialists, government, law enforcement or statutory bodies, professional advisors, administration or business management services.
(f) Printers and mail service and delivery providers for the mailing of statements, and marketing material.
(g) Imaging and document management services.
6.4 Additionally, if individuals have not opted out of receiving marketing material from Heritage, Heritage may also provide individuals’ contact details to carefully selected third parties who Heritage reasonably believes provide products or services that may be of interest to those individuals, or who have contracted with Heritage to keep the information confidential, or who are subject to obligations to protect the individuals’ personal information.
7 Disclosure overseas
7.1 There are also instances where Heritage may have to send personal information overseas or collect personal information from overseas. These instances include:
(a) When individuals have asked Heritage to do so.
(b) When Heritage is authorised or required by law to do so, including in response to any order from any regulator or court in any jurisdiction.
(c) When Heritage has outsourced a business activity or function to an overseas provider with whom Heritage has a contractual arrangement.
(d) Certain electronic transactions.
(e) When it is necessary in order to facilitate a transaction on behalf of an individual.
Heritage Trustee Company Limited
7.2 Heritage will only send information overseas or collect personal information about an individual from overseas for the purposes in this statement.
8.1 Individuals are entitled to obtain confirmation from Heritage that it holds personal information about them and can request access to the personal information by contacting Heritage. In some circumstances, Heritage is able to deny such a request for access to personal information. If Heritage denies a request, Heritage will tell the individual why.
8.2 If accessing an individual’s personal information will take an extended period of time, Heritage will inform the individual of the likely delay. For more detailed requests for access to information, an administration fee may be charged to cover the associated cost of supplying this information.
9.1 If an individual believes the information Heritage holds about them is incorrect, they may ask for it to be corrected. If Heritage declines to correct the information, the individual may request a statement is attached to the information that a correction was sought but not made.
10 Personal Information Storage
10.1 Heritage will endeavour to store personal information on secure servers and encrypt any passwords and transactions details provided to Heritage.
10.2 Heritage will use every security precaution reasonably available to it to maintain the security of personal information. However, there are risks inherent in transmitting and storing data online. As such, Heritage cannot guarantee data sent or stored electronically will be secure, and any information provided to Heritage is at the individual’s own risk.
10.3 Heritage will endeavour to contact affected individuals if any security breaches compromise the security of their personal information.
11.1 This policy will be reviewed at least annually by the Risk and Compliance Manager and the results of the review presented to the Board. Any changes will be approved by the Board.