Book A Demo
To book a demo please complete the form and we will come back to you shortly.
Report it Now
New Zealand
Privacy policy
Purpose
In this Privacy Policy (Policy), any references to “Report It Now”, “we”, “us” or “our” shall be a reference to Report It Now.
Report it Now comprises:
• Report It Now Global Limited
• Report It Now Global (Australia) Pty Ltd
• Report It Now NZ Limited
Your privacy is important to us, we respect your personal privacy and are committed to maintaining your trust and confidence in the way we collect, store, use and share your personal information. This Policy sets out how we collect, store, use and share your personal information, and how we comply with our obligations under the Australian Privacy Principles (APPs) as set out in the Australian Privacy Act 1988 (Cth) (Privacy Act) and the Information Privacy Principles (IPPs) as set out in the New Zealand Privacy Policy 2020 (NZ) (collectively, the Privacy Acts).
By submitting your personal information to us, you acknowledge that you have read and understood and agree to the use of your personal information in accordance with this Policy.
Definitions
In Australia:
Personal information means information and/or an opinion (including information or opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual who is identifiable, whose identity is apparent, or whose identity can reasonably be ascertained, from the information or opinion.
Sensitive Information, a subset of personal information, includes information or an opinion about (for example) an individual’s racial or ethnic origin, political opinions, political association membership, religious beliefs or affiliations, philosophical beliefs, professional or trade association membership, trade union membership, sexual orientation or practices or criminal record, and includes health information and genetic information.
In New Zealand:
Personal information – means information about an identifiable individual.
What personal information we collect and hold
We will only collect personal information by lawful and fair means, in accordance with the Privacy Acts.
You have the choice not to provide us with your personal information (other than as required by law). However, this may result in us being unable to provide you with some or all of our services or may substantially reduce the level of service we are able to provide to you, and/or reduce the areas of our website that you will be able to access.
You have the option of not identifying yourself or of using a pseudonym when dealing with us, unless the use of your true identity is a legal requirement or necessary to complete the enquiry or transaction.
When using our reporting services such as our case management system EthicsPro (Reporting Services), no personal information is automatically collected from you. Personal information is only collected and stored when you voluntarily give such information to us.
We collect personal information as part of our ordinary business operations and through our Reporting Services. Personal information that we collect from you or about you where you have been named though our Reporting Services may include:
• information relating to your identity, such as your full name, date of birth and address;
• your contact information, including your residential address, work address, postal address, email address and phone numbers;
• your employment information;
• information obtained from you when submitting enquiries to us, or providing requests for us to provide services;
• billing and payment information;
• cookies (as explained below), computer and/or network IP address, and website usage information;
• various other personal information that you provide to us as part of our business; and
• other personal information that we are required to collect pursuant to applicable law and pursuant to our internal policies and procedures.
Generally, we do not collect sensitive or health information. However, we may collect sensitive information from you or about you where there is a legal requirement to do so (eg. as part of our employment relationship), where you submit it as part of the incident you are reporting through our Reporting Services, or where we are otherwise permitted by law (for example, where we have received your consent).
We will notify you whether the giving of personal information is compulsory or voluntary for our primary purpose for collection.
When and how we collect personal information from you
We collect personal information from you when you interact with us, or we interact with you. The personal information we collect will depend on the nature and purpose of the interaction with us. We will generally collect your personal information when you:
• make a report through our Reporting Services including via our website, email or telephone;
• contact us, whether via our website, telephone, text message, email and/or post for any reason;
• enquire about or purchase our services;
• agree to do business with us;
• visit our website or websites operated by our affiliates;
• sign up to our mailing lists; and
• engage with our social media platforms.
By providing us with your personal information, you consent to our collection, storage, use, sharing of your personal information and using it in accordance with this Policy and applicable law.
Why we collect, hold, use and disclose personal information
We collect, hold, use and disclose personal information where it is reasonably necessary to perform our services, including our Reporting Services, where it is necessary to respond to your request, or to otherwise manage your interaction with us.
When we obtain your personal information, we will only use that personal information for the purpose for which it is collected, as set out in this Policy or as permitted by law. Generally, we will collect and use personal information from you for the following purposes:
• to undertake our Reporting Services;
• receiving and responding to your enquiries in relation to our services;
• to allow us to perform a contract we have with you;
• to act on your requests and reports;
• for analysis purposes;
• to update, modify and improve our website;
• marketing our services to you, including contacting you by phone, text message, post or email;
• for our general business processes, management and the improvement of our services;
|• for any other purpose for which the personal information was collected; and
• to allow us to comply with applicable law and our internal policies and procedures.
We also collect, hold, use and disclose your personal information for related purposes that you would reasonably expect, such as our administrative and accounting functions, fraud checks, payment gateways, providing you with information about other services offered by us, market research, statistical collation, and website traffic analysis.
Where we wish to disclose your personal information for other purposes, we will obtain your consent. We may also collect, hold, use and disclose your personal information in circumstances that are required or permitted by law, where that is necessary for us to comply with our legal obligations.
We may collect personal information from third parties
In most instances we will collect personal information directly from you. However, there may be instances where we need to collect information from third parties, or where personal information about you is provided to us by third parties (e.g., as part of an incident report being made using our Reporting Services) such as under the Corporations Act 2001 Whistleblower regime.
We will only collect personal information about you from third parties as set out in this Policy, where it is reasonably necessary in the circumstances, where it relates to our Reporting Services, where we are obtaining such personal information from a publicly available source, or where you have provided your express or implied consent.
Examples of where we collect personal information about you from third parties include:
• where you are named in a report submitted under our Reporting Services; and
• publicly available sources;
Who we may share your personal information with
We may need to share your personal information with third parties from time to time. We will only share personal information with third parties where we are permitted under this Policy, where you have specifically authorised us to do so, as part of the Reporting Services and other services we are providing or where we are permitted or required to in accordance with applicable law. For example, we may share your personal information with:
• your employer where you have provided your consent for us to do so;
• an employer where you are named in a report submitted under our Reporting Services;
• third parties that help us to provide the services you have enquired about, or purchased, including our subcontractors and service providers;
• a third party in accordance with the Australian Corporations Act 2001 (Cth) Whistleblower regime; and
• our IT service providers, and data storage providers, who may be located outside of New Zealand and Australia.
If our business is acquired or merged with another company, your personal information may be transferred to the new owners so that our business may continue to supply its services.
Cookies
At times, cookies may be used to help us serve you better when you use our website. A cookie is a small element of data sent by a website to your browser, which may then be stored on your hard drive so we can recognise you when you return. You may set your browser to notify you when you receive a cookie and, if you wish, to reject it, or clear cookies by using your browsers options.
We may use cookies in connection with your use of our website. If you choose not to have your browser accept cookies from our website you will be able to view text on screens, however you may not experience a personalised visit.
Web beacons, also known as clear gif technology, or action tags, assist in delivering the cookie. This technology tells us how many visitors clicked on key elements (such as links or graphics) on our website. We do not use this technology to access your personal information. It is a tool we use to compile aggregated statistics about the website’s usage. We may share this tracking information with third parties.
Direct Marketing
Where you opt in to receive commercial messages and advertising from us, you agree to receive our marketing and other communications (including commercial electronic messages) electronically (via email or text message) and by post. If you decide that you no longer wish to receive commercial electronic messages from us you can unsubscribe by using the unsubscribe feature in any commercial electronic message, or notifying us by email at [email protected] or by contacting us directly by telephone or post.
Links to other websites
Our website or other material may contain links to other websites that we may believe to be useful and informative for you. However, please be aware that we do not endorse or recommend the content of these business or websites and are not responsible for the privacy practices of these businesses or their websites. Please ensure you understand and read the privacy policy and terms of use of each site that you choose to visit.
How we protect, hold and store your information
We are committed to using industry standard practices to keep the personal information you provide to us safe against loss, unauthorised access, unauthorised modification and unauthorised disclosure.
We will not retain your personal information for longer than reasonably necessary or longer than required by law. However, aggregated or anonymised data may be retained for longer.
We have implemented a variety of security measures in relation to the protection of personal information.
In some cases, we may use technology such as file encryption when we are transmitting personal information from time to time. Where personal information transmission is taking place by unencrypted email, we cannot guarantee that your personal information will remain secure during transmission.
Where we are sharing your personal information with third parties, other than the police or regulatory authorities, we will use reasonable endeavours to require the third party to maintain confidentiality of your personal information.
If we are sharing your personal information with a third party that is not located in New Zealand and Australia, a data storage provider or otherwise subject to the Privacy Acts, we shall ensure that such entities are subject to similar levels of privacy protection as New Zealand and Australia, alternatively we will require the third party to protect your personal information in a way that provides comparable safeguards to those in the Privacy Acts.
Overseas Disclosure
Our business operations in Australia and New Zealand are part of the Report It Now Global group of companies, headquartered in New Zealand. The systems that run and administer our Reporting Services are currently located in a Microsoft Azure Warehouse in Australia East. Our business is also affiliated with other businesses located overseas. In the course of doing business with you, we may disclose some of your personal information to overseas recipients, particularly where we have identified commercial opportunities that may benefit you. However, we will only do so where:
• it is necessary to complete the transaction you have entered into; and
• you have provided consent; or
• we believe on reasonable grounds that the overseas recipient is required to deal with your personal information by enforceable laws which are similar to the requirements under the APPs; or
• it is otherwise permitted by law.
Our overseas affiliates are located in New Zealand, Australia, Malaysia, USA, Canada and The Pacific Islands.
Data Breaches
If we believe that there has been a privacy breach, then we will identify the breach and take reasonable steps to minimise any harm caused by the breach. Where we believe any breach of privacy poses a risk of serious harm, or is likely to cause serious harm, then we are required to notify the Privacy Commissioner and affected parties.
In Australia – we will conduct this assessment within 30 days after the suspected breach has occurred, and where it is ascertained that a breach has actually occurred and where required by law, we will notify the Australian Privacy Commissioner and affected individuals as soon as reasonably practicable after becoming aware that a data breach has occurred.
In New Zealand, we will conduct this assessment expeditiously, and where it is ascertained that a breach has actually occurred and where required by law, we will notify the New Zealand Privacy Commissioner within 72 hours of the data breach occurring.
Where you believe that there has been a breach in relation to your privacy, then please contact us as soon as possible. Our Privacy Officer’s contact details are set out at the end of this Policy.
If you are not satisfied with the way we have dealt with or resolved your complaint then you can escalate this by contacting the Privacy Commissioner at any time:
In New Zealand:
Office of the New Zealand Privacy Commissioner
Website: www.privacy.org.nz
Phone: 0800 803 909
Email: [email protected]
In Australia:
Office of the Australian Information Commissioner
Website: https://www.oaic.gov.au/
Phone: 1300 363 992
Data quality, requests for access and correction
You are entitled to ask whether we hold any personal information about you, access any personal information that we hold about you and to request the correction of any personal information held by us.
If you wish to access or correct personal information held by us, then please contact our Privacy Officer on the details set out below.
Complaints and concerns
We have procedures in place for dealing with complaints and concerns in relation to the Privacy Acts, the APPs and the IPPs. We will respond to your complaint in accordance with the relevant provisions of the APPs and IPPs. For further information, please contact us.
Changes to our Privacy Policy
We reserve the right to change this Policy from time to time as we see appropriate. In the event we do amend this Policy, we will post the revised version on our website and use reasonable endeavours to draw your attention to the amended policy. The most recent version of this Policy will apply from its effective date.
How to get in touch with us
Your privacy is important to us, if you have a general privacy enquiry or complaint about a privacy breach then please contact our Privacy Officer Greg Dunn at:
Report It Now Global Limited
13 Te Ngaio Road
Mount Maunganui 3116 New Zealand
T: 0508 ETHICAL (or 0508 3844225) – Free Call globally
E: [email protected]
Last updated: December 2024