EUROPEAN UNION GENERAL DATA PROTECTION REGULATION (GDPR)
This Privacy Statement only applies to the collection and processing of ‘EU personal data’. ‘EU personal data’ means any personal information of an individual who is located in the European Union (‘EU’) (whether the individual is a citizen of an EU country or otherwise). This section will apply to you and the processing of your EU personal data if you are located in an EU country. This section does not apply with respect to your personal information if you are located outside of the EU countries, even though you may be a citizen of an EU country.
For the purposes of this Privacy Statement, the term ‘process’ has the same meaning given to it under the GDPR and may include any operation or a series of operations performed on EU personal data, including collection, recording, organisation, structuring, storage, adaptation, retrieval, consultation, use, disclosure, by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
This Privacy Statement was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of our collection and use of personal data. However, we are happy to provide any additional information or explanation needed. For further information, please contact us through the ‘Contact Details’.
Any EU personal data will be:
Lawful basis for processing
We will only collect and process EU personal data where we have lawful bases. This may include where:
Where we rely on your consent to process personal data, you have the right to withdraw, restrict or decline your consent at any time and where we rely on legitimate interests, you have the right to object. If you have any questions about the lawful bases upon which we collect and process EU personal data you should contact us.
We do not use automatic decision making, such as profiling, to make a decision that may produce a legal effect concerning a data subject of EU personal data.
Rights of EU personal data subjects
b. Restrictions and Objections: You may request that we limit our use of your EU personal data or processing by requesting that we no longer use your EU personal data or limit how we use your data, this may include where you believe it is not lawful for us to hold your EU personal data or instances where your EU personal data was provided for direct marketing purposes and you no longer want us to contact you. We will do so, if we are:
Our responsibilities as a ‘data controller’ and ‘data processor’
We may act as the ‘data controller’, the ‘data processor’ or in some instances both the data collector and data processor simultaneously in relation to EU personal data. We will be a data controller where we determine the purposes and means of the processing of EU personal data alone or jointly with others. To the extent that we are a data controller with respect to EU personal data, we:
If a third party discloses EU personal data to us for a specific purpose, we will be acting as a data processor in processing the EU personal data for that purpose. Where we act as a data processor, we will:
Disclosure to third parties
If we are required to disclose your EU personal data to third parties, including data processors or sub-processors, we will notify the third party that it has an obligation to handle any EU personal data in accordance with the GDPR.
In the event we are responsible for a transfer of EU personal data outside of the EU, such transfer will be for the necessary and lawful performance of our services, including the establishment, exercise or defence of a legal right.
Express consent to transfer
By providing us with your EU personal data, you are consenting to the disclosure of your EU personal data to third parties outside of the EU. You also acknowledge that we are not required to ensure that those third parties comply with their obligations under the GDPR.
If you have any questions, comments or complaints about our handling of your EU personal data, or wish to contact us regarding your EU personal data, please use the contact details set out below in the ‘Contact details’ section.
How do you make a complaint?
If you have a complaint about how we handle your EU personal data, you can contact us: info @ recoveredlivingnz [dot] com
Phone: +64 [27 314 5306], Mon – Fri, 9am – 5pm NZT
If you still feel your issue or request hasn’t been resolved to your satisfaction, then you can escalate your privacy concern to the relevant data protection authority (for example in the place you reside or where you believe we breached your rights). If your complaint relates to how we handled your access and correction requests you may take your complaint directly to the New Zealand Privacy Commissioner or the authority in which you are located.
Contact details for escalating complaints
Office of the New Zealand Privacy Commissioner