Megabyte New Zeland Limited Privacy Statement

We collect personal information from you, including information about your:

  • name
  • contact information
  • location
  • computer or network
  • interactions with us
  • billing or purchase information

We collect your personal information in order to:

  • provide timely and effective IT services

Providing some information is optional however if you choose not to enter requested information, we will be unable to provide IT support and services.

We keep your information safe by storing it within encrypted and secure services and only allowing staff with the clearance level and strong two factor authentication to access it.

You have the right to ask for a copy of any personal information we hold about you, and to ask for it to be corrected if you think it is wrong. If you’d like to ask for a copy of your information, or to have it corrected, please contact us at privacy@megabyte.co.nz, or 044711288, or PO Box 24540, Wellington 6140.

 

Megabyte New Zealand Limited Privacy Principles

  • Personal information must only be collected when:
    • The collection is for a lawful purpose
    • The purpose is connected with the functions for Megabyte AND
    • It is necessary to collect the information for that purpose
  • Personal information must be collected from the person who the information is about. However you may collect information from other people when:
    • The person concerned authorises collection from someone else
    • Getting in from the person concerned would undermine the purpose of the collection
    • It is necessary for court or tribunal proceedings
  • When collecting information, Megabyte take reasonable steps to make sure that person concerned knows things like
    • Why it is being collected
    • Who will get the information
    • That they have the right to request access to and correction of the information
    • Directing them to our privacy statement in our signatures for the above detail
  • Individuals are entitled to know whether an agency holds information about them and request access to it. If this instance arose, the query will be directed to the privacy office or director of Megabyte
    • Megabyte can refuse to give access in some limited situations whereby it would;
      • Endanger a person’s safety
      • Prevent detection and investigation of criminal offences
      • Involve an unwanted breach of someone else’s privacy
    • Megabyte will assist the individual making the request which may include redirecting the individual to the appropriate agency
    • If Megabyte do not hold the information requested but believe it to be held by another agency, Megabyte must transfer the request within 10 working days from receipt and inform the individual
    • Megabyte will inform the individual of our decision to provide information within 20 working days of receiving the request
      • This may be extended if:
        • It is for a significant amount of information or requires searching through large amounts of information
        • Megabyte need to consult with someone before making the decision
      • If the timeframe is extended Megabyte will tell the individual within 20 working days and let them know:
        • The length of the extension
        • The reasons for the extension
        • Their right to make a complaint to the OPC about the extension
      • If the decision is to withhold any or all information, Megabyte will inform the individual of their right to have the decision reviewed by the Privacy Commissioner
  • Individuals have the right to ask Megabyte to correct information about themselves if they think the information is wrong
    • If Megabyte do not want to correct the information Megabyte are not legally obliged too, however if Megabyte do not, Megabyte must give the individual the opportunity to add their views about what the correct information is. In this event Megabyte must inform the individual of three things:
      • The reason for refusal
      • Their right to request a statement of correction to be attached to the disputed information
      • Their right to complain to the Privacy Commissioner
    • Megabyte have an obligation to assist the person making the request
    • Megabyte must inform the individual of our decision within 20 working days of receiving the request
    • If Megabyte make the requested correction or attach a statement of correction, Megabyte are obliged to:
      • Inform any other agency who has received the old information of any changes made, AND
      • Ensure that the statement will be read in conjunction with the disputed information
    • Megabyte must take reasonable steps to make sure the information Megabyte hold is accurate before using the information. Megabyte must take reasonable steps to check the information is:
      • Accurate
      • Complete
      • Relevant
      • Up to date
      • Not misleading
  • Megabyte will only keep personal information for as long as necessary to carry out the purpose for which Megabyte got the information in the first place
  • Megabyte must use personal information for the same purpose for which we obtained that information
  • Megabyte will not disclose personal information, unless an exception applies. Megabyte can disclose information if Megabyte reasonably believe that:
    • Disclosure is one of the purposes for which we got the information
    • Disclosure is necessary to uphold or enforce the law
    • Disclosure is necessary for court proceedings
    • The person concerned authorized the disclosure
    • The information is going to be used in a form that does not identify the person concerned
  • Megabyte will only use unique identifiers if it is necessary to carry out a core function of IT Support and whereby the person’s identity is clearly established
    • Megabyte will not use a unique identifier that has been assigned by another agency