Privacy Policy

Revised 24 May 2018

General

Naverisk takes privacy very seriously and respects the integrity of personal information provided to us by partners and users of Naverisk. With our Head Office based in Auckland, New Zealand, we hold and use information provided by users in accordance with the principles of the Privacy Act 1993 (NZ), and as set out in our Privacy Policy below.

This Privacy Policy describes how we collect, use, share and store personal information, and applies to all our websites and applications.  By visiting and using our websites you accept our policy as outlined.

Updates in this policy reflect recent changes in data protection law and we have endeavored to provide clarity on privacy for our users.  You can also read our GDPR statement here 

What information we collect

We collect information about you when you provide it to us, when you use our services, or when other sources provide it to us. We may collect the following types of information from Naverisk users:

Personally identifiable information

This information may include account and profile information such as first and last names, email, telephone, billing address and communications sent to us by email or is provided when registering for, or using Naverisk or receiving support from the Naverisk team. Failure to provide necessary personal information may result in some services not being available for use.

Non-personal / aggregated information

We may collect non-personal information whenever users interact with Naverisk, such as browser name, device type and other information. This data may be generated by our systems to track information about Naverisk usage. This information does not identify individuals personally and is not linked to any personally identifiable information.

Consent must be obtained for any third person whose personal information is provided to us.

Cookies

Naverisk uses cookies to recognise devices, and to personalise and improve the user experience. Cookies are small files that are passed to a user’s device when that user visits a website. Cookies are widely used by websites and online service providers to store and track information about the user’s use of the website.

Naverisk uses first and 3rd party cookies. First-party cookies are owned and placed by Naverisk. 3rd party cookies are from another organisation we have partnered with (such as the Google Analytics cookie)  to deliver our service, provide specific features or functionality and to make our sites easier to use. These cookies are also used to personalize our advertising messages

Naverisk ‘essential’ first-party session-based cookies are used to:

  • Identify you when you sign-in to our site.
  • Keep track of your specified Naverisk preferences. These include UI (skin) preferences, web application preferences (Tab)
  • Conduct research and diagnostics to improve the Naverisk web application.
  • Prevent fraudulent activity and improve security.

We also use 3rd party cookies to compile anonymous aggregated usage statistics to assist us in our marketing. We cannot identify users personally from this information, and we are selective about the organisations we choose to partner with.

Please read our full Cookie Policy here

Partner data processing

Naverisk’s hosted solutions may be used for the collection, processing, and storage of personal data by Partners. This data may include information from end points, event logs, and other systems and tools that partners use to manage, monitor and provide services for their clients. In such cases, Naverisk acts as data ‘processor’. Naverisk Partners generally act as the data ‘controller’ determining what data to collect, how long it is stored and how it is used.

How we use information

We use your data only in compliance with this Privacy Policy. We may use your data to provide you with the services you have requested, to improve your experience, to support you and to manage our relationship with you.

We may use the information we collect:

  • to verify a user’s identity, retrieve a password or for support with your Naverisk account or services;
  • to administer your Naverisk account and to communicate with you about queries or comments you may have;
  • to supply, promote and market our products and services to you (or those of our business partners);
  • for research to further develop our services
  • for internal purposes (e.g. procedures, risk management, staff training, reviews, billing);
  • to send you emails, marketing material or notifications;
  • for reporting and analysis in aggregate form;
  • for any other purpose for which permission has been given.
  • Some personal information may be seen by others e.g. if you provide us with a testimonial we use on our website, or if you comment on our website or forum or in social media pages.

We will never sell your personal information to any third party

Sharing & disclosure of information

Naverisk will treat all personal information collected in confidence, and will not in any way disclose the information we collect other than in the following circumstances:

  • on your request: Naverisk will share all user data based on user’s request and instructions, provided that identity has been verified.
  • to our related / affiliate companies or in business transfer, to organisations that provide us with professional advice such as lawyers, accountants and business advisers, and to our suppliers and business partners. These organisations will treat your personal information securely, and are subject to privacy policies and procedures equivalent to this Privacy Policy;
  • where we reasonably believe there has been an infringement of your rights or those of a third party and disclosure of your information may remedy or assist in the remedy of the infringement;
  • to third parties where we believe in good faith we are required to do so by law or with your consent.
  • community forums.  We provide a Naverisk community forum for our customers to collaborate.  Any information that is shared in here may be read, collected, and used by others. It is important not to divulge sensitive information through the forum.
  • Notwithstanding the above, we may disclose aggregate information and other information that does not personally identify users to such third parties as we may see fit.
  • To third party service providers and partners. These providers may provide services that integrate with Naverisk, in which case by connecting the software together, the user is agreeing to share information, or operational partners (such as software vendors)

Note: We do not control the practices of content providers, partners and advertisers connected with Naverisk and to whom you provide personal information whilst using the Services. Our website may contain links to other sites, which may not follow the same privacy policies as us. We recommend that you check any relevant privacy policies before providing your personal information to any third party.

How we store & secure information

When we collect personal data we take reasonable steps to keep that information secure and to protect it from misuse or loss and from unauthorised access, modification or disclosure. Personal information provided to us is stored on secure servers with secure firewalls and encryption in place.  Read more about our security summary here.

Please note however that total security of data transmission over the internet cannot be guaranteed as being completely secure. Hence, we cannot guarantee and we do not warrant the security of information transmitted to us over the internet and users acknowledge that they use the Services and provide information at their own risk.

We work hard to ensure all customer data is kept safe and we follow industry best practice in this regard. If we become aware of a data breach that we consider could compromise customer security, our policy is to report this to the affected customers at the earliest opportunity. We may also report the breach publicly, where we consider it is appropriate to do so.

User rights

Any personal information provided will be held by us, or our agent. Naverisk gives everyone the right to access and correct their personal information in accordance with The Privacy Act 1993 (NZ).

Naverisk will make every effort to resolve any complaints about user privacy or personal information.

Opt-out of marketing communications. You may choose to stop receiving promotional email communication from Naverisk at any time by clicking on the ‘unsubscribe’ link in the bottom of the email. However, you will continue to receive transactional messages from us

International data transfer

We collect information from our partners globally and may store data in any of our localized servers.  We are likely to transfer, process, store and access your data outside the country you live in to provide our service to you (unless otherwise noted).  When data is transferred we take steps and put safeguards in place to protect it.

Deletion of Data

Users may, at any time request access to their personal data and may update, correct or request for their information to be removed by emailing security@naverisk.com

Following termination of services, we may continue to retain data for to fulfill the requirements of the business in accordance with our data policies and practises.

Please note that we may need to retain certain information for the purposes of record keeping, or to comply with legal obligations

Age Limitation

Naverisk services are not offered for us to individuals younger than 16 years.  Should we learn that anyone under 16 has provided us with personal information, we will undertake to delete and remove all information.

Updates to our Privacy Policy

We reserve the right to change this Privacy Policy at any time. Law regulations and industry standards evolve, or we may have business changes which may make a change necessary. We will make every effort to communicate these changes to you via email or via the website. Your continued use of our service will be deemed acceptance of an amended policy.

Queries or Complaints Contact

For any queries or complaints relating to the Naverisk Privacy Policy or how data is being handled, please contact security@naverisk.com, or at our mailing address below

Naverisk
Attn: Security Officer
PO Box 831, Shortland Street
Auckland 1040
New Zealand