Privacy Policy

Marine Reach New Zealand

PRIVACY POLICY

Last modified: 14 Sep 2020

 

At Marine Reach (hereafter, “we” or “us” or “our” or the “Trust”), we sincerely care about privacy, security, and transparency; these fundamental elements of privacy and security play an important part in our mission. Toward that goal, this Privacy Policy explains how we safeguard your personal information; it also clarifies your privacy privileges and how the law protects you. In agreeing to this Privacy Policy you allow us to use your information for the purposes outlined below in accordance with relevant national and international legislation.

UNDERSTANDING WHO CONTROLS YOUR INFORMATION

Under this Privacy Policy, you are the owner of your own information. In agreeing to our Privacy Policy, you instruct and authorise us to use, process and pass on your information in order to fulfil the purposes for which you have provided the information. Part of our role is to take necessary steps to safeguard your information in our care. However, in order to process your information, often we have to engage with third parties. A list of third parties is provided on page 5. Unfortunately, we cannot control these third parties or their Privacy Policies. In agreeing to our Privacy Policy, you instruct and authorise us to disclose your information to these third parties and you agree that any breach by them is between you and the third party, given we are herein acting on your consent instructions regarding use. 

For the safeguarding of information which remains in our care, we have put into place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We limit access to your personal data to those who need to know. 

We have procedures to deal with any suspected personal data breach and will notify you as soon as possible in the event of a breach. We will also update our Privacy Policy regularly according to needs and requirements. It is your responsibility to make sure you access our updated Privacy Policy.

We have assigned a data privacy manager to superintend all aspects of this Privacy Policy, ensuring your questions are answered and your rights are respected. Whenever you have questions, you should contact the data privacy manager via one of the methods below:

 

Post Email Phone
Marine Reach – Privacy Office

237 Warner Road, RD 3

Tauranga, New Zealand

info@marinereach.com +64 7 543 3787

 

INFORMATION WE MAY RECEIVE FROM YOU AND OTHERS

When engaging with you, participating with you and/or making a decision prior to your participation with us, we may receive the following personal information: 

  • Identity and Historical Information – first name, surname, date of birth, nationality and any other personal details you may send to us including your picture, a record of your opinions and views, your history, your health records, government documents, your police record and your financial information;
  • Contact Data of you and other persons connected to you – email address, geographic address, and phone numbers;
  • Enrolment Data – educational and vocational experience, character references, interview data, application decision data.

In agreeing with our Privacy Policy, you and others who provide the information to us, are deemed to do so by informed choice and without compulsion.

HOW WE RECEIVE YOUR INFORMATION

 

We may receive your data through direct or indirect interactions, automation and in some instances third parties. 

Information is collected through:

  • Direct interactions, including emails, telephone/video calls, meetings and documents.
  • Automated technologies or interactions. When you use our website or log in to our services, we may learn technical data about your computing system and browsing activity. This data is gathered by employing cookies and related tools.
  • Third parties. Your personal data may be received as follows:
    • Via a third party as persons you have authorised to communicate with us;
    • Via analytics through providers such as Google Analytics, which is located outside of the EU; and
    • From service providers we use, including companies such as:
      • WordPress to receive information input into forms on our website;
      • Hubspot and JotForm to process applications;
      • Paystation and Xero to process invoices and payments;
      • Infoodle to provide donor services;
      • Gmail, Messenger, and/or MailChimp to communicate with you;
      • Google Drive to share documents; and
      • Social Media platforms such as Facebook, Instagram, and YouTube for collaboration and advertising purposes.

HOW WE PROCESS YOUR DATA

Marine Reach will only process your data according to the allowance permitted by law: 

  1. When you provide us with your initial information for a limited, specific purpose; 
  2. When you authorise us to use and process your information, transfer your information to an assisting third party and engage in receiving communications;
  3. When we need to make sure our records are correct, accurate, relevant and not misleading;
  4. When we are fulfilling an obligation in law or a necessary contract.

 

We are able to use, hold and disclose your personal information to others if we reasonably believe:

  • You have consented to the use of your information in that way; 
  • To comply with a legal, regulatory or necessary contractual obligation;
  • The use of the information is directly related to one of the purposes for which you have provided your information;
  • The disclosure of the information is necessary in court proceedings;
  • The information is going to be used in a form that does not identify you.

 

We will not:

  • Use your information in a way that is unlawful;
  • Deliberately use incorrect information about you;
  • Collect your information without your consent unless lawful to do so;
  • Refuse to give you access to your information, subject to the lawful parameters;
  • Disclose your information in a way that violates GDPR standards or criteria.

 

You have the right to:

    • Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
    • Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
    • Request erasure of your personal data. This enables you to ask us to delete or remove your personal data. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons.
    • Oppose the processing of your personal data and information derived from a third party. 
  • Request restrictions on processing of your personal data. 
  • Request the transfer of your personal data to a third party. Upon your written request, we will provide a third party you have chosen your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to information which you have provided consent for us to use when engaging with us or where we used the information to perform a contract with you. Shared information formulated by the Trust is not transferable without the Trust’s consent.
  • Withdraw consent at any time. You can withdraw your consent prior to the disclosure. This will not affect the lawfulness of any processing carried out before you withdraw your consent. 

 

We will comply with your request where reasonable to do so and in accordance with the law. We retain the right to refuse to allow you to participate with us if we are not satisfied all necessary and relevant information has been provided in relation to participating.

Your request, or a request by a third party authorised by you, may be denied by us if:

  • The request reasonably endangers your safety;
  • The request reasonably endangers another person’s safety or health;
  • The request breaches another person’s privacy;
  • The request breaches our privacy;
  • The request prevents detection and investigation of a criminal offence;
  • We are not lawfully compelled to disclose the information;
  • The information is not reasonably retrievable.

If you wish to make a request concerning your personal data, please contact us at info@marinereach.com

 

TIME

 

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, contractual or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

By law we have to keep your personal information for six years after your participation ceases and seven years for Financial and Transaction Data for tax purposes.

If you have any further questions about how we process your data, or if you want to revoke your consent, please contact us at info@marinereach.com.

 

SCOPE

We will only use your personal data for the purposes for which we collected it, unless otherwise authorised by you. There may be circumstances where we reasonably consider that we need to use your information in a different way or format, but which remains compatible with the original purposes for you providing the information. In agreeing to this Privacy Policy, you allow us this limited discretion.

We may further need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response. 

 

LAWFUL BASIS FOR PROCESSING

We use your personal information to:

  • Identify you and create a profile for you when you register with us and/or request information from us;
  • Verify your identity when you access our information or communicate with us;
  • Deal with your enquiries and requests;
  • Process your application and request to attend a course and/or participate with us;
  • Communicate with you;
  • Inform you with respect to the services and information that we provide;
  • Meet our obligations to you and other parties;
  • Provide, improve and personalise our services by analysing information about your use of our resources and to understand how people use our information so that we can make it more intuitive;
  • Comply with legal obligations;
  • Contact you and personalise the communications that we send to you to make them more relevant and interesting by analysing details of the services and information that you are receiving, and your transaction history, to make suggestions for other information that may be of interest
  • Exercise our legal rights where it is necessary to do so, for example to detect violations of law.

In the following table, we describe ways your personal information may be used and the legal basis for processing. 

 

Processing Data Personal Data Lawful Basis
Initial contact and requests for information: emails to us; requests for information; enquiries about enrolment. Identity Data: name. 

Contact Data: email address; phone number. 

Communication Data: marketing preferences.

Consent may be both implied and expressly stated in order to process your personal information for a specific and limited purpose and/or to fulfil a legitimate interest of a party and in the overall interests of all parties.
Application process: in completing, submitting, and processing an application for participation or enrolment in a program, and related communications. Identity Data: title; given names; Date of Birth, gender; nationality (but not race or ethnicity); marital status; passport information, photo.

Contact Data: phone number; email; mailing address; emergency contact details.

Enrolment Data: education and vocational experience; language proficiency; character references.

Special Categories of Data: religious beliefs; information about your health; financial support; insurance information.

Communication Data: marketing preferences.

You have given consent for the processing of your personal information and/or it is necessary to fulfil an obligation and/or it is necessary to fulfil a legitimate interest of a party and in the overall interests of all parties.
Relationship management including: asking you for feedback, notifying you about changes to our terms and conditions, notifying you about changes to our Privacy Policy, sending you communication through our newsletter, asking you to update your contact information, communicating with you about our services. Identity Data: name.

Contact Data: email address; phone number.

Communication Data: marketing preferences.

You have given consent and the processing is necessary to fulfil an obligation and/or to fulfil a legitimate interest of a party and in the overall interests of all parties.
Payment processing: donations; invoices and payments. Identity Data: name; 

Contact Data: email address; billing address; phone number; account numbers, third parties, tax deductible location.

You have given consent to the processing your personal financial data or those of third parties for a specific purpose and/or the processing is necessary to fulfil an obligation.

 

TRANSFERRING YOUR DATA

We may communicate with external third parties as part of the processing of your information. Some of these are based outside of New Zealand. We do not control these third-parties and are not responsible for their privacy statements or how they use your information. In agreeing to our Privacy Policy, you authorise and instruct us to transfer your information to third parties shown below for the purposes of processing your information and you agree that any breach of your privacy by these third parties, is between you and the third party given we are simply acting on your instructions and authorisation in this agreement. 

 

Name of Subprocessor Registered Business Address Location of Processing Link to Privacy / Security Policy
WordPress (Aut O’Mattic A8C Ireland Ltd.) Dublin 1, Ireland Ireland Privacy Policy
Google: Analytics, Gmail, Google Drive, Forms, Ads, YouTube Mountain View, California, United States United States Privacy Policy
Hubspot Cambridge, Massachusetts 

United States

United States Privacy Policy
JotForm San Francisco, California, United States United States Privacy Policy
MailChimp Atlanta, Georgia, 

United States

United States Privacy Policy
Paystation Wellington, New Zealand New Zealand Privacy Policy
Infoodle Mount Maunganui, New Zealand New Zealand Privacy Policy
Xero Wellington,  New Zealand New Zealand / United States Privacy Policy
Facebook, Inc. 

(and Instagram)

Menlo  Park, California, United States United States Data Policy

 

When needing to transfer your information internationally –

 

COMMUNICATION & MARKETING

We will make every effort to provide you with choices regarding certain personal data uses, particularly around marketing and advertising.

We may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. You will receive marketing communications from us if you have requested information from us and/or have agreed to our processing and/or use of your information. 

  • We also may evaluate Technical Data including your internet protocol (IP) address, operating system, browser type and plug-ins, mobile platform, and other technical data regarding your computing platform. Usage Data includes data regarding how you use our platform, which pages you visit, and other relevant metrics about our website.
  • Communication Data includes marketing data, including choice in whether or not to receive newsletters and communication from us or our third parties.

It should be noted that statistical and demographic data is not personal data when it does not directly or indirectly reveal your identity. Only when statistical data is combined with personal data is the information protected by your privacy provisions.

You have a right to request:

  • A copy of your communications and marketing information; 
  • That your information be removed; and
  • That we stop sending you marketing messages at any time.

 

Opting-out of receiving communications and marketing messages will not apply to the personal data you have provided to us.

 

CONTACT INFORMATION

Marine Reach welcomes your comments regarding this Privacy Policy. Please contact us at info@marinereach.com. If there is a problem, we will use reasonable efforts to promptly determine and remedy the issue. Our Data Privacy Manager can be contacted at +64 7 543 3787.

Menu