Introduction

This Privacy Policy describes how we (“the Company”, “we”, “us”, or “our”) collect, use, disclose, and protect your personal information in accordance with the New Zealand Privacy Act 2020 and the 13 Information Privacy Principles (IPPs).

We are committed to protecting your privacy and handling your personal information in a transparent, fair, and responsible manner. This policy applies to all personal information we collect through our website, services, and business operations.

1. Information We Collect

1.1 Personal Information

We may collect the following types of personal information:

• Contact Information: Name, email address, phone number, postal address, and company details
• Professional Information: Job title, industry, company size, and business requirements
• Account Information: Username, password (encrypted), and account preferences
• Communication Records: Records of your communications with us, including emails, contact forms, and support inquiries
• Technical Information: IP address, browser type, device information, operating system, and browsing behavior on our website
• Usage Data: Information about how you interact with our website and services
• Marketing Preferences: Your preferences for receiving marketing communications

1.2 Sensitive Information

In the course of providing data consulting services, we may handle sensitive business data on behalf of our clients. We implement strict security measures and contractual obligations to protect this information.

2. How We Collect Information

We collect personal information through:

• Direct Interactions: When you contact us, request services, subscribe to newsletters, or create an account
• Website Usage: Automatically through cookies and similar tracking technologies when you visit our website
• Third Parties: From business partners, marketing platforms, and publicly available sources
• Service Delivery: During the provision of consulting services and project work

3. Purpose of Collection and Use

We collect and use your personal information for the following purposes:

• Service Delivery: To provide data consulting services, analytics, and technical solutions
• Client Communication: To respond to inquiries, provide support, and manage client relationships
• Contract Management: To enter into and fulfill contractual obligations
• Marketing: To send newsletters, promotional materials, and service updates (with your consent)
• Website Improvement: To analyze usage patterns and improve our website and services
• Legal Compliance: To comply with legal obligations and regulatory requirements
• Security: To protect against fraud, unauthorized access, and security threats
• Business Operations: To manage our internal operations, including recruitment and vendor management

4. Legal Basis for Processing

We process personal information based on:

• Consent: Where you have explicitly agreed to our use of your information
• Contract Performance: Where processing is necessary to fulfill contractual obligations
• Legal Obligation: Where we are required by law to process your information
• Legitimate Interests: Where processing serves our legitimate business interests while respecting your privacy rights

5. Information Sharing and Disclosure

5.1 Third-Party Service Providers

We may share your information with trusted third-party service providers who assist us in:

• Website hosting and maintenance
• Email delivery and marketing automation
• Analytics and performance monitoring
• Payment processing
• Cloud storage and computing services
• Customer relationship management (CRM)

5.2 Business Partners

We may share information with technology partners and strategic alliances to deliver integrated solutions, with appropriate data protection agreements in place.

5.3 Legal Requirements

We may disclose information when required by law, including:

• Compliance with court orders or legal processes
• Responding to government or regulatory requests
• Protecting our legal rights and interests
• Preventing fraud or investigating security incidents

6. Data Security

We implement comprehensive security measures to protect your personal information:

• Encryption: Data in transit is protected using SSL/TLS encryption
• Access Controls: Role-based access and authentication requirements
• Secure Storage: Encrypted storage solutions and secure data centers
• Regular Audits: Security assessments and vulnerability testing
• Staff Training: Regular privacy and security training for all personnel
• Incident Response: Procedures for detecting and responding to security breaches

7. Your Privacy Rights

Under the Privacy Act 2020, you have the following rights regarding your personal information:

7.1 Right to Access

You can request access to the personal information we hold about you. We will provide this information within 20 working days of your request, free of charge for the first request.

7.2 Right to Correction

You can request that we correct any inaccurate, incomplete, or out-of-date personal information. We will make corrections promptly and notify any third parties to whom we have disclosed the information.

7.3 Right to Deletion

You can request deletion of your personal information, subject to legal and contractual obligations that may require us to retain certain records.

8. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance user experience and analyze website performance. For detailed information about our use of cookies, please see our Cookie Policy.

9. Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will post the updated policy on our website with a revised “Last Updated” date and notify you of significant changes via email or prominent website notice.

10. Contact Information

For questions, concerns, or requests regarding your personal information or this Privacy Policy, please contact our Privacy Officer:

• Email: privacy@amplifydata.org.nz
• Phone: 09 558 7751

If you believe we have breached the Privacy Act 2020, you can contact the Office of the Privacy Commissioner at www.privacy.org.nz or phone 0800 803 909.