Pathway Trust (referred to in this Supporter Privacy Policy as “we”, “our” or “us”) is committed to safeguarding the privacy of your personal information. This Supporter Privacy Policy outlines what personal information we collect when you make a financial or goods donation or sign up to receive our newsletter, the purpose of collecting it and how we disclose it. The policy is all in accordance with the Privacy Act 1993.
By donating or signing up to receive our newsletter, whether by using our website, over the phone, by letter or email or in person, you are deemed to have accepted this policy.
We may change this policy from time to time and if we do so, we will post the updated policy on our website. We encourage you to check our website periodically to ensure you are aware of the terms of our current policy.
1. WHAT PERSONAL INFORMATION WE COLLECT AND HOW WE COLLECT IT
We may collect personal information about you (such as your first and last name, mailing address, telephone number, e-mail address, credit card number, debit card number), directly from you when you make a donation or sign up to receive our newsletter by using our website, over the phone, by letter or email or in person. Using our website includes by mobile phone, tablet, notebook, PC or any other means; donating and signing up in person includes making financial or goods donations at our main reception, at or any other Pathway site, or at an event where Pathway has a presence.
We may also collect other information including:
2. WHY WE COLLECT YOUR PERSONAL INFORMATION
We will only use and disclose your personal information for the purposes for which it was collected (or otherwise as required or authorised by law). This may include using your personal information for the following purposes:
From time to time, we may also contact you for market research purposes or to provide you with information about our events, news, services or special promotions that we consider may be of interest to you. This may include information about our programmes, research funding, special events, donor and fundraising programmes. We will allow you to opt out before receiving any unsolicited content.
If you do not want your personal information to be collected, please do not submit it to us.
3. HOW WE SHARE OR DISCLOSE YOUR INFORMATION
For the purposes we have described, we may disclose your personal information in the following ways.
We will take reasonable steps to ensure that the persons and organisations to whom we disclose personal information are bound to protect the privacy of that personal information. Please note that some of the persons to whom we disclose personal information may be situated outside New Zealand. Our website and systems may also be on servers located outside of New Zealand or based in the cloud.
4. WHAT IF YOU DO NOT PROVIDE US WITH THE PERSONAL INFORMATION REQUESTED
If you do not provide us with the personal information about you that we request from you, we may not be able to adequately respond to your correspondence, process your donation and provide a receipt, or otherwise deal with any requests or enquiries you have submitted.
5. DATA SECURITY
We work diligently to protect the security of your personal information, including credit and debit card information. We take commercially reasonable steps to ensure your personal information is protected from misuse, loss, interference and unauthorised access, modification or disclosure. For example, whenever we ask for your financial details online, security-encrypted response forms are used and your information is held in secure servers. Collecting your credit card and debit card information also follows the PCI DSS (Payment Card Industry Data Security Standards) protocol, i.e. we meet all PCI DSS requirements to ensure that we process, store or transmit credit card and debit card information securely.
However, data protection and security measures are never completely secure and, despite the measures we have put in place, we cannot guarantee the security of your information. It is important for you to protect against unauthorised access to your password and to your computer. We recommend that you logout when you have finished, especially if using a shared computer. You must take care to protect your personal information (for example, by protecting any usernames and passwords) and you should notify us as soon as possible of any security breaches. If you do not wish to make your financial contribution online, please contact us to receive a hard-copy form. Also please do not include any credit card or debit card information in an email to us as this would not comply with this section of this policy.
6. HOW LONG WE HOLD PERSONAL INFORMATION
We keep all personal information that we collect (on both our active systems and our archive systems) for only as long as is needed to achieve the purpose for which we collected it.
7. HOW YOU CAN ACCESS AND CORRECT YOUR PERSONAL INFORMATION
You may request confirmation of whether or not we hold any personal information about you and you may request access to your personal information that we hold by emailing us at [email protected] or otherwise contacting us at the addresses provided below. Once we have verified your identity we will provide you with such confirmation and access unless one of the grounds for refusal under the Privacy Act applies. You may request the personal information we hold about you to be corrected by emailing us at [email protected]. If we agree your record of personal information is to be corrected we will do this and provide you with your amended record if requested. To keep your information accurate please notify us of any changes as soon as possible.
Your rights of access to and correction of any personal information we hold about you are subject to the procedures set out in the Privacy Act.
8. WHO YOU CAN CONTACT FOR FURTHER INFORMATION
If you have questions or comments about this policy, or you wish to access or make changes to your personal information, please us on 03 982 1952 or email [email protected]