Direct Couriers is committed to protecting your privacy and respects and upholds your rights to privacy under the Privacy Act 2020 NZ.

Direct Couriers follows the Privacy Principals that regulate how private sector organisations manage personal information.

The 13 New Zealand privacy principles are as follows:

Principle 1: Purpose of collection of personal information.
Direct Couriers may only collect personal information where it is needed to perform a function or activity of the agency.

Principle 2: Source of personal information.
Direct Couriers must collect the information directly from the person concerned. There are exceptions: for example, where the person agrees otherwise, or where the information is publicly available.

Principle 3: What to tell the person about the collection
Direct Couriers must take all reasonable efforts to ensure the person is aware that the information is being collected, what it will be used for, the recipients of the information, whether the supply of the information is voluntary or mandatory, the consequences of not providing the information and the person’s rights of access to and correction of the information. Example

When an organisation collects personal information, it must take reasonable steps to make sure that the person knows:

• why it’s being collected
• who will receive it
• whether giving it is compulsory or voluntary
• what will happen if the information isn’t provided.

Principle 4: Manner of collection of personal information.
Personal information must not be collected in an unlawful, unfair or intrusive fashion.

Principle 5: Storage and security of personal information.
Direct Couriers must ensure the information is protected against loss, misuse, or unauthorised disclosure.

Principle 6: Access to personal information.
Where the information can be readily retrieved, the employee is entitled to confirmation of whether the information is held, and to have access to it. There are exceptions, for example, where disclosure would prevent detection of a criminal offence, or would involve a breach of someone else’s privacy.

Principle 7: Correction of personal information.
Employees may request correction of information held. Where this is not agreed to by Direct Couriers, the employee may request that the information is tagged with a statement that the correction was sought and was refused.

Principle 8: Accuracy of personal information to be checked before use.
Direct Couriers must not use the information without taking reasonable steps to ensure it is accurate, up-to-date, complete, relevant and not misleading.

Principle 9: Limits on use of personal information.

Direct Couriers must not keep the information for any longer than it is needed for the purposes for which it was collected.
Information collected for one purpose must not be used for any other purpose. There are exceptions: for example, where Direct Couriers reasonably believes the employee has authorised the further use, or that the information was from a publicly available publication.

Principle 10: Use of Personal Information.

Direct Couriers can generally only use personal information for the purpose it was collected, and there are limits using personal information for different purposes. Sometimes other uses are allowed, such as use that is directly related to the original purpose, or if the person in question gives their permission for their information to be used in a different way

Principle 11: Disclosing Personal Information.

Direct Couriers may generally only disclose personal information for the purpose for which it was originally collected or obtained. Sometimes other reasons for disclosure are allowed, such as disclosure for a directly related purpose, or if the person in question gives their permission for the disclosure.

For instance, an organisation may disclose personal information when:

• disclosure is one of the purposes for which the organisation got the information
• the person concerned authorises the disclosure
• the information is to be used in a way that does not identify the person concerned
• disclosure is necessary to avoid endangering someone’s health or safety
• disclosure is necessary to uphold or enforce the law.

Principle 12: Disclosing Outside New Zealand

Principle 12 is a new principle in the Privacy Act 2020.

A business or organisation may only disclose personal information to another organisation outside New Zealand if they check that the receiving organisation:

• is subject to the Privacy Act because they do business in New Zealand
• will adequately protect the information, e.g. by using model contract clauses, or
•  is subject to privacy laws that provide comparable safeguards to the Privacy Act

If none of the above criteria apply, a business or organisation may only make a cross-border disclosure with the permission of the person concerned. The person must be expressly informed that their information may not be given the same protection as provided by the New Zealand Privacy Act.

The goal is to make sure that the privacy protections that individuals can reasonably expect under New Zealand’s Privacy Act continue to apply when their information is disclosed and used in a different country.

Principle 13: Unique Identifiers

Principle 13 sets restrictions on assigning identifying numbers and other unique identifiers to individuals. The principle states that an organisation can only assign unique identifiers to people when it is necessary for its functions.

Unique identifiers are individual numbers, references, or other forms of identification allocated to people by organisations as a way to uniquely identify the person to the organisation assigning the identifier.  Examples include driver’s licence numbers, passport numbers, IRD numbers, or National Health Index (NHI) numbers. 

Direct Couriers must also take reasonable steps to protect unique identifiers from misuse and make sure they verify someone’s identity before assigning a unique identifier. 

What is Personal Information?
Personal Information is any information that can be used to identify you.

Examples of personal information include, but are not limited to: Your name, address, phone & fax numbers, email address, services and associated details that you have provided when booking jobs with Direct Couriers. 

Direct Couriers collects personal information to conduct its business, to provide and market our services and to meet our legal obligations. The information collected varies depending on your relationship with Direct Couriers.

 

How we collect personal information:

Direct Couriers only collects information that is required to complete the business transaction such as the employment contract between both parties. Personal Information will only be collected in a fair, lawful and non-intrusive manner.

We collect personal information about our employees for employment eg banking, tax, kiwi saver, address. We collect personal information about clients for business purposes eg addresses, contact details

 

When we use and disclose personal information:

Direct Couriers will only use your personal information for the purpose it was collected or reasonably related purposes. Direct Couriers may disclose your personal information to third party organisations in order to deliver the services you require eg taxation department. The information disclosed will only be in relation to purpose it was collected.

We will not disclose your personal information without your consent unless the disclosure is either necessary to prevent a threat to an individual’s life, health or safety, serious threat to public health or safety, or if the disclosure is required and authorised by the law. 

 Maintain accurate information:

Direct Couriers will take all reasonable steps to ensure the personal information it collects, uses or discloses is accurate, complete and up-to-date. If the personal information we have collected about you is inaccurate, incomplete or out-of-date, please contact us.

 Keeping information secure:

Direct Couriers will take all reasonable steps to protect your personal information from misuse, loss or unauthorised access, modification or disclosure.

 Managing personal information:

When requested, Direct Couriers will take all reasonable steps to inform you of the type of personal information we hold, its purpose, how it is collected, stored, used and to whom we disclose the information.

 Accessing and correcting personal information:

Direct Couriers will, upon written request, provide you with access to the information we hold about you, unless there is an exception which applies under the Privacy Principals. To protect your privacy, Direct Couriers may require a proof of identity check before acting upon your request.

Direct Couriers will take all reasonable steps to correct the information if an individual is able to establish that the information held is not accurate, complete or up-to-date,

 

Use of identifiers:

Direct Couriers will not adopt, use or disclose as its own identifier of an individual, an identifier that has been assigned to them by a government agency (Such as an IRD tax file number)

Dealing with you anonymously:

Direct Couriers will allow an individual to interact with us anonymously whenever is it lawful and practicable to do so.

 Transfer of personal information outside of New Zealand

Direct Couriers will only transfer personal information to a recipient outside of New Zealand when it is required to complete the services requested by the individual, is for the benefit of the individual, by consent or in circumstances where the information will have appropriate protection.  All NZ personnel employee files will be securely stored in the Human Resources and Finance Departments located at Direct Couriers Head Office in Sydney, Australia.

New Zealand customer and suppliers’ information will be held and stored securely in our head office.

 Handling sensitive information

Direct Couriers will not collect sensitive information without the individuals consent or if the collection is required by law. Sensitive information includes issues unrelated to employment and business transactions such as race, ethnic background or political opinion.

 Changes to our Privacy Policy

We may amend this Privacy Policy from time to time. Any updated versions of this privacy policy will be posted on our website. As the Policy may be amended from time to time, you should review it regularly.

What is the Process for Complaining about a Breach of Privacy?

If you believe that your privacy has been breached, please contact Direct Couriers using the contact information listed below and provide details of the privacy concern so that we can investigate it. We will treat your complaint confidentially, investigate your complaint and aim to ensure that we contact you and your complaint is resolved within 20 days.

If you have any questions about this privacy policy, any concerns or a complaint regarding the treatment of your privacy or a possible breach of your privacy, please contact our Privacy Officer using the details set out below. We will treat your requests or complaints confidentially. Our representative will contact you within a reasonable time after receipt of your complaint to discuss your concerns and outline options regarding how they may be resolved. We will aim to ensure that your complaint is resolved in timely and appropriate manner. Please contact our company Privacy Officer at:   

Direct Couriers Privacy Officer
PO Box 324
Matraville NSW 2036

email: privacy@directcouriers.com.au.

If you are dissatisfied with the response of our Privacy Contact Officer you may make a complaint to the NZ Privacy Commissioner which can be contacted via the Office of the New Zealand Privacy Commission https://www.privacy.org.nz (enquiries@privacy.org.nz) or on 0800803909.

Version 3, January 5, 2021