header background image

Privacy Policy

REACH Distribution Privacy Policy

  1. Privacy Statement
    REACH MEDIA NEW ZEALAND LIMITED (NZBN 9429033082783) and its related bodies corporate (“REACH”, “we”, “our”, “us”) recognises the importance of protecting the privacy and the rights of individuals in relation to their personal information. This includes personal information collected by or provided to REACH by existing and prospective clients and the customers of our clients, and potential and existing employees, suppliers and independent contractors. This document is our Privacy Policy and it tells you how we collect and manage your personal information.

    We respect your rights to privacy under the New Zealand Privacy Act 2020, as applicable (the “Act”) and we comply with all of the Act’s requirements in respect of the collection, use, management, disclosure, quality, security, access to and correction of your personal information.

  2. What is personal information?
    When used in this Privacy Policy, the term “personal information” has the meaning given to it in the applicable Act. In general terms, “personal information” means any information about an identified individual or an individual who can be reasonably identified from the information or opinion. This may include an individual’s name, address, telephone number, email address, credit card details, account number, and profession or occupation. If the information we collect personally identifies you, or you are reasonably identifiable from it, the information will be considered personal information.

  3. What personal information do we collect?
    We may collect the following types of personal information, including but not limited to:

    • name;
    • mailing or street address;
    • email address and telephone and facsimile number;
    • age or birth date;
    • system access passwords;
    • profession, occupation or job title;
    • information relating to your eligibility to work in New Zealand;
    • credit card or bank account details;
    • details of your credit worthiness and credit history;
    • insurance or licensing information, such as vehicle insurance or registration details, driver’s license or forklift licenses;
    • where you are our employee, your personnel records including your employment agreement, pay records, leave records, tax status, criminal record checks, Kiwisaver records, training records, and performance and disciplinary records;
    • where you are our client, details of the products and services you have purchased from us or our customers (on whose behalf we may provide products or services and may administer or host websites) or which you have enquired about, and any additional information necessary to deliver those products and services and to respond to your enquiries;
    • in the case of REACH websites or mobile applications (for example: REACH TEAM) details around how you use the website, and information regarding your browsing activity when you visit the website, in-app chat messages, statistical information, user profile history, location and GPS recordings, information about your mobile device &/or system application software and peripherals;
    • any additional information relating to you that you provide to us directly through our websites or indirectly through use of our websites or online presence, through our representatives or otherwise;
    • any other information you provide to us through our service centre, forms or enquiries, customer surveys or visits by our representatives from time to time.

    It is important to appreciate that some of the personal information we collect and hold is done so by us when we are acting as the service provider of our client.

    We may also collect some information that is not personal information because it does not identify you or anyone else. For example, we may collect anonymous data or aggregated information about how users use our websites. We do not re- identify this information to turn it into personal information

  4. How do we collect your personal information?
    Personal information is only collected by lawful and fair means in accordance with the Act. We collect your personal information directly from you unless it is unreasonable or impracticable to do so. When collecting personal information from you, we may collect in ways including:

    • through your access and use of our website, or websites hosted by us;
    • through your access and use of our REACH websites hosted by us;
    • through your use of telephone and mobile communication (including but not limited to fixed line IVR services, SMS/MMS);
    • through your use of electronic devices including tablets, supplied by us to you, or otherwise connecting to our systems in order to facilitate and enable you to perform your duties or to provide services to us;
    • during conversations between you and our representatives;
    • during correspondence between you and our representatives, including electronic correspondence; or
    • when you complete an application, contract or purchase order.

    Some of the personal information REACH holds or deals with is not actually collected by REACH. Because REACH is an outsourced service provider, much of the data and personnel information it deals with is provided to it by its clients, and has not actually been directly collected by REACH from the individual concerned.

    It is impracticable for us to collect information directly from you when we are acting as the service provider of our client, as our client has already collected the relevant information from you (or another third party), and our client has provided it to us for our use in providing services to or on behalf of our client. For example, we act on behalf of many customers in sending email communications. To enable us to do so we may use our client’s database of personal information which our client has supplied to us. It is impracticable for us to “recollect” this information from you directly before we use as requested by our client.

    In respect of personal information which is provided to us by our clients, we do seek client assurances that all such personal information has been collected lawfully and in compliance with the Act and that all required consents have been obtained for, and disclosure statements made in respect of, the intended use of that personal information. REACH however will not be responsible for, and accepts no liability in respect of, any failure by a client to do so.
    We may also collect personal information from third parties who are not our clients including for example, from third party companies such as data providers and brokers, credit reporting bodies, law enforcement agencies and other government entities.

  5. Cookies and digital services
    We provide information and services ourselves and on behalf of our clients through a range of digital and online services including websites, apps, email, online advertisements, and social media profiles (“Digital Services”). These services may be operated by us to provide a consistent experience, personalise your use of each of those services and to provide targeted marketing.
    In some cases we may also collect your personal information through the use of cookies. A cookie is a piece of information that allows the server to identify and interact more effectively with your device. The cookie assists us in maintaining the continuity of your browsing session (e.g. to maintain a shopping cart) and remembering your details and preferences when you return. It also enables us to keep track of products or services you view so that, if you consent, we can send you news about those products or services. We also use cookies to measure traffic patterns, to determine which areas of our website have been visited and to measure transaction patterns in the aggregate. We use this to research our users’ habits so that we can improve our online products and services. Other technologies that may be used with Digital Services include web beacons (which may operate in conjunction with cookies), Flash local stored objects and JavaScript. Some of these cookies and other technologies are consistent across our digital services, allowing us and the other providers of these services to understand you better and provide a more consistent experience across these services. You can configure your web browser to reject and delete cookies and block JavaScript but you may limit functionality of our services.

    Our systems record a variety of information in relation to interactions with our Digital Services. This can include information about software versions used, device identifiers (like IP address), location data (where available and not disabled by the user), dates, times, file metadata, referring website, data entered and user activity such as links clicked.

    In some instances, we may use third-party advertising companies to serve ads when you visit our websites. These companies may use information (not including your name, address, email address, or telephone number) about your visits to our websites and other websites in order to provide advertisements about goods and services of interest to you.

  6. What happens if we can’t collect your personal information?
    If you do not provide us with the personal information described above, some or all of the following may happen:

    • we may not be able to provide the requested products or services to you, either to the same standard or at all, or we may not be able to supply services to our clients which will enable our clients to do the same; or
    • we may not be able to provide you with information about products and services that you may want, including information about discounts, sales or special promotions, or we may not be able to supply services to our clients which will enable our clients to do the same; or
    • we may be unable to tailor the content of our websites to your preferences, or we may not be able to supply services to our clients which will enable our clients to do the same; or
    • if you are a client of ours, we may not be able to provide you with the products and services you require; or
    • if you are a prospective employee, we may not be able to hire you; or
    • if you are our employee, it may be a breach of your employment conditions to not provide us with the information; or
    • if you are a prospective or existing supplier to us, you may not be able to provide or continue to provide services to us; or
    • if you are a prospective or existing independent contractor to us, you may not be able to provide or continue to provide your services to us.
  7. For what purposes do we collect, hold, use & disclose your personal information?
    We collect personal information about you so that we can perform our business activities and functions and to provide best possible quality of customer service to you and to enable us to provide products and services to our clients.
    We collect, hold, use and disclose your personal information for the following purposes, in each case, either on our own behalf or when acting on behalf of a client:

    • to provide products and services to you and our clients and to send communications requested by you and/ or our clients;
    • to answer enquiries and provide information or advice about existing and new products or services;
    • to provide you with access to protected areas of our websites;
    • to assess the performance of our websites and to improve the operation of our websites;
    • to conduct business processing functions including providing personal information to our related bodies corporate, clients, contractors, service providers or other third parties;
    • to assess the provision of, and provide credit, to you;
    • for the administrative, marketing (including direct marketing), planning, product or service development, quality control and research purposes of REACH, its related bodies corporate, clients, contractors or service providers;
    • to provide your updated personal information to our related bodies corporate, clients, contractors or service providers;
    • to update our records and keep your contact details up to date;
    • to process and respond to any complaint made by you; and
    • to comply with any law, rule, regulation, lawful and binding determination, decision or direction of a regulator, or in co- operation with any governmental authority of any country (or political subdivision of a country).

    Where you are our employee, we may collect, hold, use and disclose your personal information for all purposes connected with our employment relationship. This includes hiring you, training you, administering your personnel records (including pay and leave records), and managing your performance.

    We may also use your personal information for other purposes related to those described above, and/or for a purpose for which you would reasonably expect it to be used, as permitted by the applicable Act.
    Except as provided below, your personal information will not be shared, sold, rented or disclosed other than as described in this Privacy Policy. We do not disclose personal information we obtain when acting on behalf of one client, to any other client, unless directed by the client.

    REACH sometimes handles personal information relying on exemptions under the applicable Act. Under the New Zealand Privacy Act 2020, these include exemptions in relation to (i) employee records; (ii) related bodies corporate; (iii) provision of services to Country or Territory authorities; and (iv) overseas operations relating to personal information of non-New Zealanders. Any permitted handling of personal information under such exemptions will take priority over this Privacy Policy to the extent of any inconsistency.

  8. To whom may we disclose your personal information?
    We may disclose your personal information to:

    • our employees, related bodies corporate, clients, contractors or service providers for the purposes of operation of our websites or our businesses, fulfilling requests by you, and to otherwise providing products and services to you and our clients including, without limitation, web hosting providers, IT systems administrators, mailing houses, couriers, payment processors, data entry service providers, electronic network administrators, debt collectors, and professional advisors such as accountants, solicitors, business advisors and consultants;
    • suppliers, clients and other third parties with whom we have commercial relationships, for business, marketing, credit reporting and related purposes;
    • some websites, including www.lasoo.co.nz use third party advertising companies to serve advertisements to you when you visit the site. These companies may use information about your visits to the website and other unrelated websites in order to provide advertisements and goods and services of possible interest to you. For example, Lasoo enables Google as a third party vendor. Google uses cookies to serve advertisements on Lasoo by its use of DART cookies; and
    • any organisation for any authorised purpose with your express consent.

    We may combine or share any information that we collect from you with information collected by any of our related bodies corporate. Our clients may do likewise.

  9. Direct marketing materials
    We may send you direct marketing communications and information about our products and services that we, or our clients, consider may be of interest to you. These communications may be sent in various forms, including mail, SMS, fax and email, in accordance with applicable marketing laws, such as the Unsolicited Electronic Messages Act 2007 (NZ).

    At any time you may opt-out of receiving marketing communications from us by contacting us (see the details below) or by using opt-out facilities provided in the marketing communications and we will then ensure that your name is removed from our mailing list (or where are using a mailing list provided by our client, we will pass your request on to our client).

    We do not provide your personal information to other organisations for the purposes of direct marketing (see also our use of cookies). However, where we are engaged by our clients to act on their behalf in collecting personal information then we will pass that personal information on to our client.

  10. How can you access and request correction of your personal information?
    You may request access to any personal information we hold about you at any time by contacting us (see the details below). Where we hold information that you are entitled to access, we will try to provide you with suitable means of accessing it (for example, by mailing or emailing it to you).

    A request for access to the personal information held by REACH concerning an individual can be made by that individual to REACH's Privacy Officer on the numbers or address mentioned below or, in cases where REACH is acting on behalf of a client, to REACH's client. A fee may apply, the amount of which will be advised at the time of application. We will not charge for simply making the request and will not charge for making any corrections to your personal information.

    There may be instances where we cannot grant you access to the personal information we hold. For example, we may need to refuse access if granting access would unreasonably interfere with the privacy of others or would result in a breach of confidentiality. If that happens, we will give you written reasons for any refusal.

    If you believe that personal information we hold about you is incorrect, incomplete or inaccurate, then you may request us in writing to correct it. We will consider if the information requires correction. If we do not agree that there are grounds for correction then as required by the applicable Act we will, where requested by you, take reasonable steps to attach to or associate with the information a statement of the correction sought but not made, or a statement that the information is inaccurate, out-of-date, incomplete, irrelevant or misleading.

  11. What is the process for complaining about a breach of privacy?
    If you believe that your privacy has been breached, please contact us using the contact information below and provide details of the incident so that we can investigate it.

    Our procedure for investigating and dealing with privacy breaches is to ascertain all relevant facts and correspond with those involved (including where relevant our clients), reach a view as to the existence, scope and cause of the issue, and where relevant and appropriate, implement corrective or rectification measures.

  12. Do we disclose your personal information to anyone overseas?
    We may disclose personal information to our related bodies corporate and third party suppliers and service providers located overseas for some of the purposes listed above. Some of our employees are located overseas.

    Except where specific individual consent has been obtained, we take reasonable steps to ensure that the overseas recipients of your personal information do not breach the privacy obligations relating to your personal information.

    We may disclose your personal information to entities located overseas, including the following:

    • our related bodies corporate located in Australia and New Zealand;
    • our data hosting and other IT service providers, located in United States of America, Australia, New Zealand, Philippines, Hong Kong, Singapore, Japan, India and the European Economic Union;
    • our clients and their related entities located in foreign countries, to the extent that we are acting on their behalf or at their direction in using, storing, or collecting your personal information. Applicable foreign countries include United States of America, Australia, Canada, New Zealand, Philippines, Hong Kong, Great Britain, Singapore, Japan and India.

    Except where specific individual consent has been obtained, we take reasonable steps to ensure that the overseas recipients of your personal information do not breach the privacy obligations relating to your personal information.

  13. Deletion of Personal Data upon Request
    At REACH, we are committed to respecting the rights of individuals to control their personal data. If you wish to request the deletion of your personal data that we hold:

    • Request via Email or Phone: You can submit a deletion request by contacting us directly via the email address or phone number provided on our website at https://www.reach.nz

    • Confirmation: Once we receive your request, we will confirm its receipt and begin the process of data deletion.

    • Timeframe: Please be aware that the deletion process may take up to one month to complete. You will be notified once your data has been successfully deleted.

    • End of Contractual Relationship: You agree that requesting REACH to delete all your personal data means we have no ability to supply any records of your contract with REACH for any Tax or service length etc.

    • Responsibility: In instances where REACH has been provided with your personal data by a client or a third party, while we will endeavour to process your deletion request, we cannot guarantee the deletion of data that may be held by those third parties. We advise reaching out to the respective party for complete deletion.

  14. Security
    We take reasonable steps to ensure your personal information is protected from misuse and loss and from unauthorised access, modification or disclosure. We may hold your information in either electronic or hard copy form. Personal information is destroyed or de-identified when no longer required for any of the purposes for which it may be lawfully used or disclosed.

    As our website is linked to the internet, and the internet is inherently insecure, we cannot provide any assurance regarding the security of transmission of information you communicate to us online. We also cannot guarantee that the information you supply will not be intercepted while being transmitted over the internet. Accordingly, any personal information or other information which you transmit to us online is transmitted at your own risk.

  15. Links
    Our website may contain links to other websites operated by third parties. We make no representations or warranties in relation to the privacy practices of any third party website and we are not responsible for the privacy policies or the content of any third party website. Third party websites are responsible for informing you about their own privacy practices.

  16. Changes to our Privacy Policy
    We reserve the right to change this Privacy Policy from time to time.

  17. Contacting us
    If you have any questions about this Privacy Policy, any concerns or a complaint regarding the treatment of your privacy or a possible breach of your privacy, please use the contact link on our website or contact the applicable Privacy Officer using the details set out below.

    We will treat your requests or complaints confidentially. Our representative will contact you within a reasonable time after receipt of your complaint to discuss your concerns and outline options regarding how they may be resolved. We will aim to ensure that your complaint is resolved in timely and appropriate manner.

    Please contact our New Zealand-based Privacy Officer at:

    Attn: Privacy Officer
    REACH
    PO Box 132065
    Sylvia Park
    Auckland 1644

    Or by email to: privacy@reach.nz