Luxury Real Estate Limited – Privacy Policy
When you use the services of Luxury Real Estate New Zealand, you’re trusting us with your information. We understand this is a big responsibility and work hard to protect your information and put you in control – that applies to our clients, potential clients, persons associated with our clients, suppliers and others. The purpose of this Privacy Policy is to inform our clients and any users of our digital platforms (i.e.our website, social media pages and other digital channels) about how we comply with the requirements of the New Zealand Privacy Act 2020 (“the Privacy Act”) in managing personal information. By using our services you provide us with express consent for the collection, use and disclosure of this information as required.
The types of personal information we collect will vary – we will only collect personal information that is necessary to assist you or do business. Where reasonable and practicable, we will collect your personal information directly from you and inform you that we are collecting it. Ways in which we may collect this information include:
- Over the telephone or a video call
- Through one of our digital platforms like our website and social media pages
- When you email or write to us; or
- Any other documentation which you provide to us
We may also collect personal information about you from third parties. i.e:
- Publicly available sources e.g. via social media, public websites or other public sources
- Your professional advisers e.g. Solicitor or Accountant
In some cases, a third party may collect information from you on our behalf, including our data suppliers and third party providers (such as AMLHub) who verify your identity on our behalf for the purpose of compliance with our anti money laundering obligations.
We collect your personal information from the above parties (other than publicly available sources) where we have received your express consent to do so. We are not responsible for the privacy or security practices of the above parties and the parties described above are not covered by this Privacy Policy.
Generally, the types of personal information we collect and hold include (but are not limited to) your:
- Name
- Contact details
- Details of your enquiry
- Details of any preferences you tell us about
- Information you provide which allows us to identify you for AML purposes such as a driver’s licence or passport and proof of address
In many cases, if personal information is not provided as requested by us we may not be able to provide our services to you or carry out your instructions.
Use / disclosure of personal information
We may use the personal information we have collected for the purpose for which it is collected, for reasonably expected secondary purposes related to the purpose for which it is collected and in other circumstances authorised by the Privacy Act. Generally, this means that we use your personal information for purposes related to the services including:
- conducting our business;
- providing or marketing our services to you;
- performing a contract with you;
- communicating with you;
- marketing our services, and those of our selected partners, to you – including sending you direct marketing communications and information about offerings and services. This may be sent in various forms, including email, post or SMS, in accordance with applicable laws;
- engaging third-parties on your behalf;
- helping us improve our business practises and enhance our services;
- Analysing website and sales data;
- Performing an Information Match Request to the official record holder;
- checking your identity against governmental databases and to otherwise comply with our legal and anti-money laundering obligations;
- complying with our other legal obligations; and
- otherwise, if you have consented to the use of your personal information in a particular way.
Disclosure: We may disclose personal information to:
- Companies or individuals who assist us in providing services or who perform functions on our behalf
- other companies or individuals who perform checks that are necessary or desirable under law on our behalf such as auditors and external compliance reviewers;
- other companies, agencies or individuals that maintain databases against which your identity may be verified, which may include (but are not limited to) the New Zealand Department of Internal Affairs and the Commonwealth of Australia Document Verification Service;
- courts, tribunals, government and regulatory authorities;
- credit reporting and debt collecting organisations;
- anyone else to whom you consent to us disclosing your information; and
- where we are required to do so by law.
If we don’t need to share your information with a third party in order to provide advice and services to you, we will not pass on your information to them without your consent. Under no circumstances will we sell or receive payment for disclosing your personal information.
Storage and protection of your information
Personal information may be stored in hard copy and/or electronic form including with third party data facilities and in cloud storage located in and outside New Zealand. When you provide us with your personal information you give us your consent to store your personal information outside of New Zealand and in third party facilities. We
use LockedOn & AMLHub cloud servers located in Australia and New Zealand.
We take all reasonable steps to protect the personal information we hold from misuse and loss and from unauthorised access, modification or disclosure. We have implemented policies and procedures to safeguard the secure storage and processing of data and have verified the security arrangements of our outsourced data providers however, we cannot promise that your personal information will not be accessed by an
unauthorised person (e.g. a hacker) or that unauthorised disclosures will not occur.
We take reasonable steps to destroy or permanently de-identify any personal information as soon as practicable after the date of which it has no legal or regulatory purpose, or we have no legitimate business purpose with it.
Access to your personal information
We endeavour to ensure that the personal information we hold is accurate, complete and up-to-date. You have the right to request that we correct any personal information we hold about you in accordance with the Privacy Act.
Subject to the exceptions set out in the Privacy Act, you may seek access to the personal information which we hold about you by contacting our Privacy Officer (details at the bottom of this page).
Once a request for access to personal information is received, we will review your request as soon as reasonably practicable. To comply with our legal obligations, we will require you to provide proof of your identity. If we are unable to give you access to the information you have asked for, we will give you reasons for this decision when we respond to your request.
There are some circumstances in which we are not required to give you access to your personal information. If we refuse to give you access or to correct or delete your personal information, we will let you know our reasons, except if the law prevents us from doing so.
If we refuse your request to correct or delete your personal information, you also have the right to request that a statement be associated with your personal information noting that you disagree with its accuracy.
If we refuse your request to access, correct or delete your personal information, we will also provide you with information on how you can complain about the refusal.
Should a privacy breach occur
Despite applying strict security measures and following industry standards to protect your personal information, there is still a possibility that our security could be breached. If we experience a privacy breach, where there is a loss or unauthorised access or disclosure of your personal information that is likely to cause you
serious harm, we will, as soon as we become aware of the breach:
- Seek to quickly identify and secure the breach to prevent any further breaches and reduce the harm caused;
- Assess the nature and severity of the breach, including the type of personal information involved and the risk of harm to affected individuals;
- Advise and involve the appropriate authorities where criminal activity is suspected;
- Where appropriate, notify any individuals who are affected by the breach (where possible, directly);
- Where appropriate, put a notice on our website advising our clients of the breach; and
- Notify the Privacy Commissioner
- Notify you (individually or by public notice), unless we are not required to notify you because specific exceptions in the Privacy Act apply relating to your health or safety or the safety of another person, national security or law enforcement or a trade secret, or we are required to delay notifying you because notification or public notice may have risks for the security of the personal information we hold that outweigh the benefit of notifying you.
International data sharing
Personal information may be transferred to, and processed in, countries other than New Zealand. There may be differences with New Zealand’s privacy laws. We may disclose your personal information to an overseas person or entity (“overseas person”) who is not already subject to the Privacy Act only if:
- the overseas person is subject to privacy laws which provide comparable safeguards to the Privacy Act, or the overseas person agrees with us to be bound by comparable safeguards to the Privacy Act. We would ensure the overseas person’s compliance with the relevant legal obligations by including standard contractual clauses in our agreement with them; or
- you authorise the disclosure after we have advised you that the overseas person may not have to protect the information in a way that provides comparable safeguards as the Privacy Act.
For individuals in the European Economic Area (EEA), your personal information may be transferred outside the EEA. Where your personal information is transferred outside the EEA, it will only be transferred to countries that have been identified as providing adequate protection for EEA data (like New Zealand), or to a third party where we have approved transfer mechanisms in place to protect your personal information (e.g. by entering into the European Commission’s Standard Contractual Clauses). Where our third party service providers process personal data, provided in the EEA, outside the EEA in the course of providing services to us, our written agreement with them will include appropriate measures to ensure compliance with the relevant legal obligations, usually standard contractual clauses.
Cookies and online device information
If you are visiting us through our website, digital platforms and social media pages, then we collect information about your use and experience on these by using cookies. Cookies are small pieces of information stored on your hard drive or on your mobile browser. They can record information about your visit to the site, allowing it to remember you the next time you visit and provide a more meaningful experience. If you do not wish to have cookies placed on your computer, please set your browser preferences to reject all cookies before accessing our website.
The cookies we send to your computer, mobile phone or other device cannot read your hard drive, obtain any information from your browser or command your device to perform any action.
When you interact with us through our website, digital platform or social media pages the information collected through the cookies may include:
- The date and time of the visit or visits;
- Website page (or pages) viewed;
- The website from which you accessed the internet and our website or other digital platform;
- device type, operating system and browser information;
- How you navigate through the website and interact with pages (including any fields
- Completed forms;
- Information about your location;
- Information about the device used to visit our digital platform; and
- IP address (or addresses)
We will not ask you to supply personal information publicly over Facebook or any other social media platform that we use.
Links to other websites
Our website may contain links to other websites or third party analytics services that are not under our control. These websites may use cookies. It is the responsibility of those third parties to collect appropriate consents from you in order to permit their own cookies (to the extent this is required by law) and to inform you about the cookies they use. You should check the privacy policy on all third party websites to ensure you are comfortable with third party cookies.
We have no responsibility for linked websites and provide them solely for your information and convenience. We specifically disclaim responsibility for their content, privacy practices and terms of use, and we make no endorsements, representations or warranties about their accuracy, content or thoroughness. Your disclosure of personal information to third party websites is at your own risk.
Updates to the Privacy Policy
We review this Privacy Policy periodically to keep it current and available on our website. If the changes are significant, we may advise you directly. You may also obtain a copy of the latest version by calling us on 021 530 000.
Privacy Policy queries and concerns
If you are concerned about how your personal information is being handled or if you feel that we have compromised your privacy in some way, please contact us at:
Privacy Officer
Luxury Real Estate New Zealand
3 Arrow Lane, Arrowtown New Zealand
Phone 021 530 000
Or via email at [email protected]
We will acknowledge your complaint within three working days of its receipt. We will let you know if we need any further information from you to investigate your complaint.
We aim to resolve complaints as quickly as possible. We strive to resolve complaints within five working days, but some complaints take longer to resolve. If your complaint is taking longer, we will let you know what is happening and a date by which you can reasonably expect a response.
If you are not satisfied with our response to any privacy related concern you may lodge a complaint on the Privacy Office website (www.privacy.org.nz) or send a complaint form to the Privacy Commissioner at:
Office of the Privacy Commissioner
P O Box 10-094
Wellington 6143, New Zealand
Fax: 04- 474 7595
Email: [email protected]
Telephone: 0800 803 909
Website: www.privacy.org.nz