Excel Digital Limited (we, us, our) complies with the New Zealand Privacy Act 2020 (the Act) when dealing with personal information. Personal information is information about an identifiable individual (a natural person).
This statement outlines how we collect, use, disclose, protect and dispose of your personal information.
This statement does not limit or exclude any of your rights under the Act. If you wish to seek further information on the Act, see www.privacy.org.nz
Excel Digital collects data in two different ways:
Data collected in standard course of business.
Data provided to us by our customers to enable the provision of services to them.
By engaging us to provide you with our services, we assume you have read and agreed to our Privacy Statement. Your continued engagement of us indicates acceptance of any changes made to the Privacy Statement.
Data collected in standard course of business
We collect, store and use information which we believe is relevant to help provide you with our services and to help us operate our business.
Who do we collect your personal information from?
We collect personal information about you from:
- you, when you provide that personal information to us, including via our websites, sites we host and any related service, through any registration or subscription process, through any contact with us (e.g. telephone call, email or any social media interaction), or when you request a quote, buy or use our services and products, or apply for a job with us.
- third parties where you have authorised this, or the information is publicly available.
If possible, we will collect personal information from you directly. However, information may be provided by a third party when they believe, on reasonable grounds, that the disclosure of the information is directly related to the purposes in connection with which the information was obtained. Further information can be found under the ‘Data provided to us by our customers to enable the provision of services to them’ section.
How we use your personal information
We may use your personal information which we obtain for our use:
- to verify your identity,
- to provide services and products to you,
- to market our services and products to you, including contacting you electronically (e.g. by email for this purpose),
- to improve the services and products that we provide to you,
- to undertake credit checks of you (if necessary),
- to bill you and to collect money that you owe us, including authorising and processing credit card transactions,
- to respond to communications from you, including a complaint,
- to conduct research and statistical analysis,
- to protect and/or enforce our legal rights and interests, including defending any claim,
- for any other purpose authorised by you or the Act.
This use can occur in person, via our web portal, via our website/communications, and/or in any other way we need in order to provide our services.
Disclosing your personal information
We may disclose your personal information to:
- any business that supports our services and products, including:
- any person that hosts or maintains any underlying IT system or data centre that we use to provide the website or other services and products,
- any person that requires the information to undertake activities necessary for the provision of services in accordance with the purpose for which it was supplied:
- courier and postal services,
- other services as required.
- a credit reference agency for the purpose of credit checking you;
- other third parties (for anonymised statistical information that will not include identifiable information about any individual);
- a person who can legally require us to supply your personal information (e.g. a regulatory authority);
- any other person authorised by the Act or another law (e.g. a law enforcement agency);
- any other person authorised by you.
Storing and protecting your personal information
We will keep your personal information safe from loss, unauthorised activity (such as access or modification), or other misuse. These steps include:
- Restricting access to personal information.
- Storing personal information securely.
- Our IT provider ensures that all offsite backup data is encrypted as recommended by the Department of Internal Affairs.
- We require our employees to respect the confidentiality of any personal information held by us.
Where we work with other businesses to provide our services and products (for example courier/postal companies and services), we will do everything we reasonably can to protect your personal information, including from unauthorised use or disclosure. This includes ensuring these businesses are reputable and have their own privacy and data protection statements.
Where we hold any physical personal information, this is held securely at our premises in Grenada North, Wellington. See our website for further contact details.
Accessing and correcting your personal information
Subject to certain grounds for refusal set out in the Act, you have the right to access your readily retrievable personal information that we hold and to request a correction to your personal information. We will need evidence to confirm that you are the individual to whom the personal information relates.
In respect of a request for correction, if we think the correction is reasonable and we are reasonably able to change the personal information, we will make the correction. If we do not make the correction, we will take reasonable steps to note on the personal information that you requested the correction.
If you want to exercise either of the above rights, email us at firstname.lastname@example.org. Your email should provide evidence of who you are (e.g., copy of your driver’s license, passport or utility bill) and set out the details of your request (e.g., the personal information, or the correction, that you are requesting).
We may charge you our reasonable costs of providing to you copies of your personal information.
Retention and deletion of your personal information
We retain personal data processed by us for as long as is necessary for the purpose for which it was collected, which includes for responding to retrospective questions/explaining services provided after the fact. When data is no longer required it is deleted or otherwise securely destroyed. Personal data may be held for longer periods where extended retention periods are required by law or regulation.
Electronic Marketing Communications
By providing us with your contact details, you consent to receive marketing communications which will remain current until you advise us otherwise. However, you have the opportunity to unsubscribe or opt out of electronic marketing communications from us by clicking on the “unsubscribe” link at the bottom of our emails or by advising us via email (email@example.com) that you do not want us to use your personal information for direct marketing purposes.
While we take reasonable steps to maintain secure internet connections, if you provide us with personal information over the internet, the provision of that information is at your own risk.
Data provided to us by our customers to enable the provision of services to them
Information supplied to us by our customers
If possible, we will collect personal information from you directly. However, an organisation who uses Excel Digital as their print and logistics partner, may provide us with personal information when they believe, on reasonable grounds, that the disclosure of the information is directly related to the purposes for which the information was obtained.
How we use the personal information
We will use the personal information to undertake activities necessary for the provision of services in accordance with the purpose for which it was supplied, including but not limited to, printing, file generation, personalisation and dispatch services.
We will not use the personal information for any purpose other than that for which it was provided to us by our customer.
We may disclose the personal information to:
- any business that enables our provision of services and products, including:
- courier and postal services;
- other services as required; and
- any person that hosts or maintains any underlying IT system or data centre that we use to provide the website or other services and products.
Breaches of this Privacy Statement
In the unlikely event we experience a serious privacy breach, we will comply with any notification obligations under the Privacy Act 2020.
If you are concerned there may have been a breach of your privacy, please contact firstname.lastname@example.org.
Changes to this Privacy Statement
This privacy statement was last updated on 16 March 2021.
We may update this privacy statement at any time by publishing an updated version here. The amended privacy statement will apply from the date it was last updated.