Free IT & Security Audit

Privacy Policy

This policy explains how and when mercuryit.co.nz collects personal information, what we do with it and your right to see or change it.

Privacy

1. What personal information do we collect?

1.1 The types of personal information we collect will depend on the circumstances in which the information is collected. However, the types of personal information we collect and hold about you may include:

– identifying information, such as your name and date of birth; – contact information, such as your address, email address and telephone/mobile number;

– financial information, such as bank account or other payment details;

– for our employees, employee records that may contain personal information including safety information (e.g. location information, emergency contacts) and travel and right to work information (e.g. copies of passports, visas and drivers licences);

– for employees, personal information captured in our records when using Mercury IT systems and devices for personal use (e.g. transaction history);

– usernames and passwords that you create when registering for an account with us;

– your organisation and position, where your organisation has business dealing with us; – information about your occupation and employer organisation;

– details of any products or services we provide to your organisation;

– information about how you use the products or services we provide to you;

– records of our communications with you, such as telephone, email, SMS, online and in- person communications;

– other information that you provide us during the course of business; and

– other information that is capable of identifying you.

1.2 If you choose not to supply us with this information, we may not be able to allow you to access or use our products or services (or all of the features and functionality offered by our products or services) or to respond to queries or requests that you submit to us.

1.3 You are always welcome to provide us with comments, queries and feedback in relation to our products and services. We may record and monitor telephone calls and other communications between you and us for training, quality control and compliance purposes.

1.4 When you communicate with us, we may collect additional information including the languages you speak, how best to manage communications with you, and information about your dealings with us.

1.5 If you participate in a survey or competition, or respond to a feedback request, we will collect the information that you provide in doing so, and associated information such as when and how you submitted the response.

1.6 We collect information about people who are our employees, contractors, suppliers and business partners, or who are employed by our contractors, suppliers and business partners. The information we collect is what we need to conduct business with that individual or party.

1.7 When you do business with us, we may collect information about you from others, such as from referees or from others who do business with you.

1.8 Our website may contain links to other websites. We are not responsible for the privacy practices or the content of those other websites. The privacy practices applicable to those other websites may differ substantially from ours, so we advise you to read the privacy policy of those other websites before using them.

Log data, device and location information

1.9 When using our products and services (including our website), we will collect information about you and about your use of our products and services, such as which services you use and how you use them. We will collect information such as:

– user name and password;

– device information, such as the model and ID of the device you use, operating system, telephone number and mobile phone network; server log information, such as details of how you used the products or service (including our website), IP address, hardware settings, browser type, browser language, the date and time of your use and referral URL;

– your browser or your account using cookies (see below); and – real-time location information.

1.10 Our products and services (including our website) may also detect and use your IP address or domain name for internal traffic monitoring and capacity management purposes or to otherwise administer the products and services. The patterns of usage of visitors to the online services may be tracked for the purposes of providing improved service and content based on aggregate or statistical review of user traffic patterns.

1.11 We may use third party services, such as Microsoft services (e.g. Office 365). For more about how Microsoft collects and processes data, please see Microsoft’s Privacy Policy.

Sensitive data

1.12 We may also collect sensitive information about you such as information about your health, racial or ethnic origin, religious beliefs and criminal record if you provide your explicit consent or if we are otherwise allowed or required by law.

2. How do we collect personal information?

2.1 We may collect personal information about you in the following ways:

– when you order products or services from us;

– when you use our online services, and other products and services (including our website);

– when you visit our sites or offices;

– when we visit your sites or offices;

– when you submit a query or request to us;

– when you respond to a survey that we run or fill in forms on our website;

– by tracking your use of our products and services (including our website);

– from third parties who are entitled to disclose that information to us;

– from publicly available sources;

– from online sources (including social media platforms and providers (e.g. LinkedIn);

– suppliers of information products and services (e.g. companies that consolidate data from multiple public sources);

– when you apply for a job with us; or

– other lawful means.

2.2 From time to time, we may use third-party online services to collect personal information such as your name and email address or telephone number to administer online competitions, customer feedback and surveys.

2.3 If you provide us with personal information about someone else, you must only do so if that person has consented to you doing so and to us collecting, holding, using and disclosing their information in accordance with this privacy policy.

3. How do we use personal information?

3.1 We use personal information that we collect about you to:

– verify your identity when you are dealing with us;

– determine your eligibility for any of our products or services;

– maintain our relationship with you;

– enable us to provide you or your organisation with our products and services;

– answer your queries and requests;

– comply with our legal and regulatory obligations;

– carry out market analysis and research;

– monitor use of our products and services (including our website);

– assess, operate, maintain, upgrade and improve our products and services (including our website);

– provide better products, services and information to our customers and to the community;

– carry out education and training programs for our employees;

– manage and resolve any legal or commercial complaints or issues (including debt recovery);

– meet our obligations and perform our functions under applicable laws and agreements;

– maintain and update our records;

– use in accordance with any request or instructions from you;

– carry out planning and forecasting activities and other internal business processes;

– keep you informed about our activities and notify you of changes to our products or services;

– make special offers related to our products or services that we think may be of interest to you; and

– use as otherwise required or authorised by law or government agency.

3.2 We may also use your personal information for any other purpose as authorised by you.

Direct marketing and research

3.3 We may use and disclose your personal information for marketing purposes (but we will not sell your personal information to any third party). We may contact you about our products and services (including our website), the products and services of other people, or related special offers from our business partners, that we think may be of interest to you.

4. Who do we disclose personal information to?

4.1 We may disclose your personal information to:

– your representatives, advisers and others you have authorised to interact with us on your behalf;

– related entities within our corporate group;

– our employees and third parties including business partners, consultants, contractors, suppliers, service providers, professional advisers and agents who need the information to assist us with conducting our business activities;

– payment system operators and financial institutions;

– prospective purchasers of all or part of our business or shares in our company or a related entity;

– government agencies or authorities, regulators, law enforcement agencies and other parties where authorised or required by law who ask us to disclose that information and to which we are legally required to disclose your personal information;

– parties identified at the time of collecting your personal information or as otherwise authorised by you

5. How do we maintain and secure your personal information?

5.1 We take reasonable steps to ensure that any of your personal information which we hold is accurate, complete and up-to-date. These steps include promptly updating personal information when we are advised that personal information has changed, checking our contact lists for accuracy, and providing individuals with a simple means to update their personal information.

5.2 We generally store the personal information that we collect in electronic databases, some of which may be held on our behalf by third party data storage providers (which may be located off-shore). Sometimes we also keep hard copy records of this personal information in physical storage facilities. We use a range of physical and technical security processes and procedures to protect the confidentiality and security of the information that we hold, and we update these from time to time. These measures include: – restricting access to our physical and electronic databases, and physical security such as security procedures for access to our business premises; and – technological security procedures including password protection, network firewalls, encryption, intrusion detection and site monitoring where practicable to do so.

5.3 We also take steps to monitor access to and modification of your information by our employees and contractors, and ensure that our employees and contractors are aware of and properly trained in their obligations for managing your privacy.

5.4 However, the internet is not a secure environment and no matter what physical and technical security processes and procedures are used we cannot guarantee the security of your personal information. You also play an important role in keeping your information secure by maintaining the confidentiality of any usernames and passwords you use with our products and services (including our website)

6. How long do we store your personal information.

Personal information is only retained for as long as it is needed for the purpose for which it was collected or as required by law. Within a reasonable time after the expiry of this period, we will take reasonable steps to de-identify or destroy the personal information which is in our possession or control

7. How can you access, restrict use, correct and transfer your personal information?

7.1 You have a right to:

– request a copy of your personal information,

– ask us to restrict the use of your personal information; or

– correct or rectify any personal information that is out-of-date, incorrect, incomplete or misleading.

Such requests should be submitted to us in writing using the contact details below. We may ask you to verify your identity before providing you with or correcting such information.

7.2 We will action your request within a reasonable time frame and provide one copy of your personal information free of charge. If your request is for additional copies or your request is manifestly unfounded, excessive or repetitive, we may refuse your request or charge a reasonable fee. If we refuse a request or charge a reasonable fee, we will advise you of the reasons for our refusal or any fees within a reasonable time frame.

7.3 You have a right to request a copy of the personal information you have provided to us in a structured, commonly used and machine-readable format and the right to have that information transmitted or ported to another entity under certain circumstances.

7.4 There may be cases where we are unable to provide the information you request, such as where it would interfere with the privacy, rights or freedoms of others, or result in a breach of confidentiality or applicable laws. In these cases we will let you know why we cannot comply with your request.

8. How can you erase your personal information

8.1 You have a right to request the erasure or destruction of your personal information when it is no longer necessary for the purpose for which it was originally collected, it is not being used for the purposes for which it was collected, or you wish to withdraw your consent for certain processing.

8.2 There may be cases where we are unable to comply with your request such as where we need to continue processing your personal information in order to comply with applicable laws. Such requests should be submitted in writing using the contact details below. We may ask you to verify your identity before complying with your request.

back-to-top