Privacy Policy
| We at SAM for Compliance understand that your privacy is important to you and that you care about how your personal data is used and shared online. We respect and value the privacy of our Users and those that use our SAM for Compliance site (“our Application”) and will only collect and use personal data in ways that are described here, and in a manner that is consistent with our obligations and your rights under the law. |
| Please read this Privacy Policy carefully and ensure that you understand it. You are deemed to have accepted our Privacy Policy when you first use our application. If you do not accept and agree with this Privacy Policy, the message will continue to appear at the bottom of the screen until you click Agree. If you do not agree, please stop using our application. |
| 1. | Definitions and Interpretations |
| In this Policy, the following terms have the following meanings: | |
| 1.1 | User(s) means any individual, firm or corporate body to which we provide our services |
| 1.2 | Cookie means a small text file placed on your computer or device by our Application, when you visit certain parts of our Application and/or when you use certain features of our Application. Details of the Cookies used by our Application are set out in section 10 below |
| 1.3 | Data Protection Laws relates to the Privacy law in New Zealand and other applicable countries |
| 1.4 | Personal data means any and all data that relates to an identifiable person who can be directly or indirectly identified from that data. in this case, it means personal data that you give to us by becoming a User of our Application. This definition shall, where applicable, incorporate the definitions provided in the applicable Data Protection Laws |
| 1.5 | We/Us/Our means SAM for Compliance Ltd, a company registered in New Zealand under number 6251330, whose registered office address is at 71 Montana Road, Hastings, New Zealand 4175 |
| 2. | What Does This Policy Cover? |
| 2.1 | This Privacy Policy applies to our use of personal data collected when you become a User of ours. |
| 2.2 | Our Application does not contain links to other websites, including social media links, however it is possible for our Users to add their own links within text fields. Please note that we have no control over how your data is collected, stored, or used by other organisations and we advise you to check the privacy policies of any such websites before providing any data to them. |
| 3. | Your Rights |
| 3.1 | As a data subject, you have the following rights under the applicable Data Protection laws, which this Policy and our use of personal data have been designed to uphold: |
| 3.1.1 The right to be informed about our collection and use of personal data. | |
| 3.1.2 The right of access to the personal data we hold about you. | |
| 3.1.3 The right to rectification if any personal data we hold about you is inaccurate or incomplete. | |
| 3.1.4 The right to be forgotten - i.e. the right to ask us to delete any personal data we hold about you. | |
| 3.1.5 The right to restrict (i.e. prevent) the processing of your personal data. | |
| 3.1.6 The right to data portability (obtaining a copy of your personal data to re-use with another service or organisation). | |
| 3.1.7 The right to object to us using your personal data for particular purposes. | |
| 3.1.8 Rights with respect to automated decision making and profiling. | |
| 3.2 | If you have any cause for complaint about our use of your personal data, please contact us and we will do our best to solve the problem for you. If we are unable to help, you also have the right to lodge a complaint with the New Zealand Privacy Commissioner's Office. |
| 4. | What Data Do We Collect and How Do We Use Your Data? |
| 4.1 | We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows: |
| 4.1.1 Identity Data includes first name, last name, username password, job title and organisation department | |
| 4.1.2 Organisation Data includes physical and email addresses, phone numbers, billing information, location, business type, time zone, logo | |
| 4.1.3 Transaction Data includes details about payments from you, and other details of products and services you have purchased from us | |
| 4.1.4 Technical Data includes internet protocol (IP address), login data and session activity | |
| 4.1.5 Usage Data includes activity data included in logs> | |
| 4.2 | All personal data is processed and stored securely, for no longer than is necessary or statutorily required in light of the reasons) for which it was first collected. |
| 4.3 | Our use of your personal data is for the following purposes: |
| User Account: To enable your use of the SAM for Compliance Application | |
| System Admin: To troubleshoot any issues not resolvable by your User Manager | |
| Main Contact: To send notifications and subscription renewal notices to | |
| Billing Contact: To send the subscription invoices to | |
| 4.4 | Where permitted by law, we may also use your data for marketing purposes which may include contacting you by email with information, news relevant to the SAM for Compliance platform, subscription renewal notices and other services that we offer. We will not, however, send you any unsolicited marketing or spam and will take all reasonable steps to ensure that we fully protect your rights and comply with our obligations under the applicable Data Protection laws. |
| 4.5 | You have the right to withdraw your consent to us using your personal data at any time and to request that we delete it. To achieve this, we will remove your user account from the SAM for Compliance Application. |
| 4.6 | We do not keep your personal data for any longer than is necessary in light of the reason(s) for which it was first collected. Your user account is associated with a client organisation. Once the client organisation is deleted, all users associated with that client are also deleted. |
| 5. | How and Where Do We Store Your Data? |
| 5.1 | We only keep your Personal Data for as long as we need to in order to use it as described above in section 4. |
| 5.2 | We will store your data within our SAM for Compliance database in accordance with data sovereignty laws. |
| 5.3 | Data security is very important to us and to protect your data, we have taken suitable measures to safeguard and secure data collected. |
| 5.4 | The User Manager(s) for your Organisation are responsible for creating and managing your user account and user profile and will have access to this data. |
| 6. | Do We Share Your Data? |
| 6.1 | We do not share any personal data with any third parties. |
| 6.2 | Consolidated anonymised data is collected where a client framework belongs to a benchmark group. This data is used to calculate the group benchmark. The consolidated anonymised benchmark data may be shared with the group owner, e.g. a Regulator or Industry Group. The data collected does not contain any personal information and no individual, Organisation, or their data can be identified or deconstructed. |
| 6.3 | In certain circumstances, we may be legally required to share certain data held by us, which may include your personal data, for example, where we are involved in legal proceedings, where we are complying with legal requirements, a court order, or a governmental authority. |
| 7. | What Happens If Our Business Changes Hands? |
| 7.1 | We may, from time to time, expand or reduce our business and this may involve the sale and/or the transfer of control of all or part of our business. Any personal data that you have provided will, where it is relevant to any part of our business that is being transferred, be transferred along with that part and the new owner or newly controlling party will, under the terms of this Privacy Policy, be permitted to use that data only for the same purposes for which it was originally collected by us. |
| 7.2 | In the event that any of your data is to be transferred in such a manner, you will not be contacted in advance and informed of the changes. |
| 8. | How Can You Control Your Data? |
| 8.1 | Your User Manager can change your access or remove your user account from the SAM for Compliance application, and you will no longer have access to the platform. References associated with your username are also removed as part of this process. |
| 9. | How Can You Access Your Data? |
| 9.1 | You have the right to ask for a copy of any of your personal data held by us from your site User Manager or from us at [email protected]. |
| 10. | Our Use Of Cookies |
| 10.1 | All Cookies used by and on our Application are used in accordance with current Cookie law. |
| 10.2 | We only use Cookies for the user authentication and session management processes. Cookie Law deems these Cookies to be “strictly necessary” for the functionality of the Application. |
| 11. | Changes To Our Privacy Policy |
| 11.1 | We may change this Privacy Policy from time to time (for example, if the law changes). Any changes will be reflected in our Privacy Policy. |
| 12. | Contact Us |
| 12.1 | If you have any questions about our Application or this Privacy Policy, please contact us by email at [email protected]. Please ensure that your query is clear, particularly if it is a request for information about the data we hold about you. Requests for information will be processed in accordance with New Zealand’s Privacy law and Principles. |