New Zealand Privacy Policies – Little Company of Mary

NEW ZEALAND PERSONAL INFORMATION PRIVACY POLICY

Introduction

This Privacy Policy is issued by the Little Company of Mary – New Zealand (herein called the “Little Company of Mary“, “LCM“, “we“, “us” or “our“). This Privacy Policy applies to the Sisters of the Little Company of Mary.

The activities, care and functions LCM provides and perform for the sisters necessitate the handling of personal information.

The LCM regards its privacy obligations as extremely important, and this policy is directed at complying with the laws to which it is subject. The Privacy Policy details what information is collected, why it is collected and how it is used, stored and retained.

The LCM complies with the Privacy Act 2020 (Privacy Act), and the Health Information Code 2020 when dealing with your personal and health information. In this policy we set out how we use, collect, disclose and protect your personal and health information. This Privacy Policy does not limit your existing rights under, the Act relevant privacy and data protection laws.

This policy seeks to ensure that the information held by the Little Company of Mary is accurate, complete and up to date.

Purpose for Collecting Personal Information and Personal Information Collected

The personal information collected is necessary for the activities and functions the Little Company of Mary performs for the sisters. The personal information may comprise: a sisters’ name, address, former occupation, age, contact details, family background and contact details, next of kin details, place of birth, country of citizenship, photographs, religious details and practices, health information including physical and psychological medical information and criminal charges. This list is not exhaustive. The Little Company of Mary collects this information to care, assist and administer the sisters’ care.

If LCM wishes to collect government records, LCM will ask the sister to sign a release form authorizing the search. Such information may be retained by the LCM in a file.

Where personal information is obtained from a third party, reasonable steps will be taken to ensure the subject person is made aware of the matter.

A personal file of a sister may also include general correspondence to and from the LCM, material that is in the public domain and academic records and qualifications

Use and Disclosure of Personal Information

Personal information collected may be accessible by the Region Leadership Members on the basis that it will remain confidential. It is accessible by a limited and defined number of people.

If a sister applies to another religious institute or diocese, the Little Company of Mary may be required in accordance with Canon Law, to provide a report to such institute or diocese. If we are required to provide such a report or other information, we will seek your prior written consent before disclosing your personal information.

Personal information will not be released to third parties unless:

You have consented.
The release is the purpose for which the personal information was collected; or
The Little Company of Mary is required or authorised by law to do so.

If your personal information is sent overseas the Little Company of Mary will use reasonable endeavours to ensure that the overseas recipient will either handle the personal information in accordance with the Privacy Act or in accordance with an enforceable law that protects personal information in a way similar to the Privacy Act.

Quality of Personal Information

If any of your personal information you have provided us has changed or is considered incorrect, please contact the Privacy Officer in writing so it can be updated.

Security of Personal Information

The Region Administration Centre and the houses of the Congregation have secure central storage units with defined limited access.

The Little Company of Mary maintains physical security, such as locks and security systems, over its electronic data servers, computers and premises. The Little Company of Mary also maintains computer and network security, for example firewalls (security measures for the Internet), anti-virus software, identification codes and passwords and other security measures, to control access to computer systems. Electronic data is also regularly backed up to minimize loss of data in the event of system failures.

The purpose of these systems and features is to protect your personal information from misuse, loss, unauthorized access, modification or disclosure.

Access to your Information

The Privacy Act gives you a general right to access your personal information, when you request it, except where the law allows us to refuse your request if:

giving you access would unreasonably affect someone else’s privacy or poses a serious threat to someone’s life, health or safety.
The request for access is frivolous or vexatious; and
The request relates to an existing or anticipated legal proceeding.

If we declined your request for information we will explain our reason for the refusal.

Subject to this:

The Little Company of Mary will provide access to your personal information that has been compiled after 21 December 2001.
Where the information has been compiled prior to 21 December 2001 an accurate summary will be provided.
Health information collected after 1 September 2004 will be provided to the person, or a health professional nominated by them.
An accurate summary of health information will be provided if the information was collected prior to 1 September 2004.

A request for access to information should be made in writing to the Privacy Officer at the contact details below.

Destroying Personal Information

Personal information will be retained for the period specified in the Region’s Retention Schedule.

All information is destroyed by a secure means.

Complaints Procedure

If a sister is unhappy with how their personal information is handled, accessed, stored, or disseminated, they can make a complaint in the following manner:

Set out the complaint in writing to the Privacy Officer, who will deal with the complaint in accordance with the Act.
If a sister is not satisfied with how the complaint has been dealt with, they may appeal to the Privacy Sub-Committee of the Little Company of Mary.
If the sister is still not satisfied with how the complaint has been dealt with, they may appeal to the Region Leader for a review of the Committee’s decision.
If your complaint is not resolved to your satisfaction, you are able to apply to the Office of the New Zealand Privacy Commissioner to see what courses of action may be available to you. For more information, you can contact the Commissioner’s hot line service on 0800 803 909, or by email at enquiries@privacy.org.nz.

Notifiable Data Breaches

If there is a notifiable data breach, the Little Company of Mary will notify the affected individual and the Office of the Privacy Commissioner if required by the Act.

Changes to the Privacy Policy

We may make changes to this Privacy Policy at any time. We will notify you of any such changes and will also publicise it to the Region by the Region Business Manager.

Guidelines

Guidelines for the implementation of this Privacy Policy may be made by the Region Leader/ Region Council.

Further Information

If you have any enquiries, questions or concerns about our privacy policy or practices, or if you would like more information, please contact:

Privacy Officer/Business Manager

Little Company of Mary

442 Durham Street North

St Albans, Christchurch, 8014

Email: nzadmin@lcm.org.au

NEW ZEALAND WEBSITE PRIVACY POLICY

Introduction

This Privacy Policy is issued by the Little Company of Mary – New Zealand (herein called the “Little Company of Mary“, “LCM“, “we“, “us” or “our“).

This Privacy Policy applies to you when you access the website: www.lcmchristchurch.org.nz sign up to our newsletter and when you use our services.

The services, activities and functions of the Little Company of Mary necessitate the handling of personal information of members.

The Little Company of Mary regards its privacy obligations as extremely important, and its privacy policies are directed at complying with the laws to which it is subject. The Privacy Policy details what information is collected, why it is collected and how it is used, stored and retained.

We comply with the New Zealand Privacy Act 2020 (Privacy Act) when dealing with your personal information. In this policy we set out how we use, collect, disclose and protect your personal information. This Privacy Policy does not limit your existing rights under, the Privacy Act and data protection laws.

We strongly encourage you to go through this Privacy Policy carefully. A thorough understanding will help you make an informed decision when giving us your personal and health information. This Privacy Policy applies to you when you access our website and/or engage us to provide any service, including web services. By accessing and engaging with our website and services you automatically consent to the terms of this Privacy Policy and agree to be bound by it.

Your Personal Information

The LCM will collect and maintain.in our database and file certain personally identifiable information from you only when you provide it to use on a voluntary basis, for example, when you make an enquiry, contact us, subscribe to publications, use an opt-in mailing list, or agree to be interviewed or photographed.

You can choose not to provide your personal information, or you may just want to deal with us anonymously or by using a pseudonym. If this happens, we may not be able to provide you with the product you asked for or give you the level of service you expect.

Use of Information

The LCM may use your personal identifiable information for the purpose of IT mailing, to improve our website, for providing a service to you and for system administration.

We will take reasonable steps to ensure that all the information we collect, or use is accurate, complete, up to date, stored in a secure environment and accessible only by authorized people.

No data transmission over the Internet can be guaranteed to be 100% secure. While we strive to protect your personal information from misuse, loss or unauthorized access, we cannot guarantee the security of any information you transmit or receive from our online service. These activities are conducted at your own risk. As soon as we receive your transmission, we will make our best efforts to ensure its security.

Personal information will not be released to third parties unless:

You have consented
The release is the purpose for which the personal information was collected; or
The Little Company of Mary is required or authorised by law to do so.

If personal information is sent overseas the Little Company of Mary will use reasonable endeavours to ensure that the overseas recipient will either handle the personal information in accordance with the Privacy Act or in accordance with an enforceable law that protects personal information in a way similar to the Privacy Act.

Quality of Personal Information

This Policy seeks to ensure the information held by the Little Company of Mary is accurate, complete and up to date.

If any information provided has changed or is considered incorrect, the person concerned should contact the Privacy Officer in writing.

Security of Personal Information

The purpose is to protect personal information from misuse, loss, unauthorized access, modification or disclosure.

Your Rights

If you do not want your personally identifiable information to be published or used for promotional purposes, you may contact the Privacy Officer.

You may always review your personally identifiable information and may change, update or correct it as needed in line with legislation. To do this you should email the Privacy Officer.

Children

The safety of children is very important to us.

We ask that children under the age of 18 have a parent or guardian verify their contact with us. Whilst we make every reasonable effort to ensure that children’s privacy and other rights are not compromised, it is ultimately the responsibility of parents to monitor their children’s internet usage.

Cookies

Our website does not currently use cookies. However, at some future date we may use cookies to allow you to use our services with greater ease and efficiency.

Cookies contain no personally identifiable information but are small alphanumeric text files transferred from our website to your hard drive to facilitate access to and use of our site. They may also provide us with aggregate statistical information about site usage.

You may configure your browser so that you are notified before a cookie is downloaded or so that your browser does not accept cookies.

To disable or clear your cookies, please refer to the help menu within your Internet browser.

Your Consent

By using our www.lcmchristchurch.org.nz website, you are consenting to this Privacy Policy.

The Little Company of Mary periodically reviews this Privacy Policy, and if we ever change our Privacy Policy, we shall post any changes on this page so that you are always kept informed of the information we collect, how we use it and the circumstances under which we disclose it, if at all.

Access to your Information

The Privacy Act gives you a general right to access your personal information, when you request it, except where the law allows us to refuse your request:

LCM cannot give access if it would unreasonably affect someone else’s privacy if giving the individual access poses a serious threat to someone’s life, health or safety.
The request for access is frivolous or vexatious; and
The request relates to an existing or anticipated legal proceeding.

If we declined your request for information we will explain our reason for the refusal.

You can request access to your own information by contacting out Privacy Officer at the contact details below.

Notifiable Data Breaches

If there is a notifiable data breach, the Little Company of Mary will notify the affected individual and the Office of the Privacy Commissioner.

If You Have a Complaint

If you are unhappy with how your personal information is handled, accessed, stored, or disseminated, you can make a complaint in the following manner:

Set out the complaint in writing to the Privacy Officer, who will deal with the complaint in accordance with the relevant legislation.
If you are not satisfied you may appeal to the Privacy Sub-Committee of the Little Company of Mary.
If you are still not satisfied, you may appeal to the Region Leader for a review of the Committee’s decision.
If your complaint is not resolved to your satisfaction, you are able to apply to the Office of the New Zealand Privacy Commissioner to see what courses of action may be available to you. For more information, you can contact the Commissioner’s hot line service on 0800 803 909, or website at enquiries@privacy.org.nz.

Changes to the Privacy Policy

LCM reserves the right to change this Privacy Policy at any time. The amended Privacy Policy will be considered effective as soon as it is posted to this website. If you continue to access and use our website and/or receive our services, you will be considered to have accepted the amended Privacy Policy.

Enquiries

If you have any enquiries, questions or concerns about our privacy policy or practices, or if you would like more information, please contact:

Privacy Officer/Business Manager

Little Company of Mary

442 Durham Street North

St Albans, Christchurch, 8014

Email: nzadmin@lcm.org.au

NEW ZEALAND EMPLOYEE AND VOLUNTEER INFORMATION PRIVACY POLICY

Introduction

This Privacy Policy is issued by the Little Company of Mary – New Zealand (herein called the “Little Company of Mary“, “LCM“, “we“, “us” or “our“).

This Privacy Policy Statement applies to employees (where applicable), contractors, consultants, volunteers, secondees, job applicants, those on a “call” agreement, as well as other individuals.

Your privacy is important to us, and we are committed to ensuring your personal information remains protected. This Policy explains how we manage your personal information when you interact with us. It also informs you of the information we collect, why we collect that information and your privacy rights and the protections you have under New Zealand law.

We comply with the New Zealand Privacy Act 2020 (Privacy Act) when dealing with your personal information. In this policy we set out how we use, collect, disclose and protect your personal. This Privacy Policy does not limit your existing rights under, the Privacy Act and data protection laws.

We strongly encourage you to go through this Privacy Policy carefully. A thorough understanding will help you make an informed decision when giving us your personal and health information.

Personal Information Collected

Over the course of your employment, engagement, or while you engage with us, we may collect, use, store and transfer different sorts of personal information about you that we have summarised as follows:

identity information, including your first name, maiden name, last name, employee number, display name, marital status, title, date of birth, gender, nationality, role and position information
identity documents, when necessary for identity verification purposes, such as your driver’s licence, passport or other identification
financial or payment information, including remuneration information, bank account details, superannuation and tax information.
contact information, this includes emergency contacts, home address, email address and phone numbers
health information, such as any pre-existing injuries relevant to your employment capabilities and specific information when necessary for job positions where it is relevant to your employment.
for existing contractors, volunteers, employees and those on a “call” arrangement (where applicable):
- personal information (including ‘identity information’ see above);
- employment information (including organisational information, job information, employment details, including terms and conditions of employment and salary or wages)
- appraisal information, criminal record, career history, reference information, contractual information, affiliated company information; and
- other employment related information and as otherwise set out in our policies.

When information is obtained from a third party, reasonable steps are taken to ensure you are aware and consent to that.

The Use and Disclosure of Personal Information

The reason we collect personal information is usually obvious at the time of collection. We collect your personal information for the following reasons:

to verify your identity.
to administer and protect our business.
to ensure that you comply with your employment agreement and our policies and to manage your employment or engagement with us, including complaints or requests;
update you of changes to this Policy.
keep you up to date on our product and business;
responding to and processing your job application, including in relation to references;
disclosing information to law enforcement bodies or regulatory authorities for investigatory purposes or compliance with law;
as otherwise required or authorised by law, including but not limited to superannuation, tax purposes, occupational health and safety laws, insurance purposes and under our insurance policies, and laws regarding immigration and customs and other regulatory body requirements; and
to pass on information to a related company or a third party for any of the purposes set out in (1)-(8) above.

Personal information is only used for the purposes for which it was collected, unless it is reasonably considered that we require it to be used for another reason in line with these original purposes or as otherwise permitted by the law. We may handle your personal information without you knowing about it or consenting to it in accordance with the above-mentioned rules where this is legally required and permissible

Personal information is not disclosed to third parties unless:

You consent to disclosure; or
The release is the purpose for which the personal information was collected; or
The Little Company of Mary is required by law to do so.

Quality of Personal Information

This Policy is premised on ensuring the information held is accurate, complete and up to date. If any information provided has changed or is considered incorrect, please contact the Privacy Officer.

Security of Personal Information

The Little Company of Mary takes all reasonable steps to ensure the security of your information. We have secure storage units with defined limited access.

The Little Company of Mary maintains physical security, such as locks and security systems, overs its premises. The Little Company of Mary also maintains computer and network security, for example firewalls (security measures for the Internet), anti-virus software, identification codes and passwords and other security measures, in order to control access to computer systems. Electronic data is also regularly backed up to minimize loss of data in the event of system failures.

The purpose is to protect personal information from misuse, loss, unauthorized access, medication or disclosure.

Your personal information may be held by us for the period as reasonably required to fulfil the purposes in which we collected it for, this includes the purposes of meeting any legal, regulatory tax, accounting or reporting obligations.

In the event of a complaint or prospective litigation we may hold your personal information for longer than usual if we reasonably believe this is necessary.

Accessing Personal Information

There are circumstances where, by law, we may not give you access to the personal information we hold about you. For example, we cannot give you access if it would unreasonably affect someone else’s privacy or if giving you access poses a serious threat to someone’s life, health or safety.

If the LCM refuses access to personal information, the person making the request will be told why.

You can request access to your own information by contacting out Privacy Officer at the contact details below.

Destroying Personal Information

Personal information will be retained for an appropriate period as determined by the Region’s Retention Schedule and thereafter will be destroyed by a secure means.

Notifiable Data Breaches

If there is a notifiable data breach, the Little Company of Mary will notify the affected individual and the Office of the Privacy Commissioner.

If You Have a Complaint

If you are unhappy with how your personal information is handled, accessed, stored, or disseminated, you can make a complaint in the following manner:

Apply first to the Privacy Officer who will deal with the complaint
Appeal the matter to the Privacy Committee of the Little Company of Mary
Make further internal appeal to the Region Leader
If your complaint is not resolved to your satisfaction, you are able to apply to the Office of the New Zealand Privacy Commissioner to see what courses of action may be available to you. For more information, you can contact the Commissioner’s hot line service on 0800 803 909, or website at enquiries@privacy.org.nz.

Changes to the Privacy Policy

This policy may be reviewed periodically to ensure it remains aligned with legal requirements and operational needs. The Little Company of Mary will consult with you prior to making any substantive changes to this Policy and advise those persons of what the changes are. In all other cases, the most up-to-date policy can be found on our website: www.lcm.org.au

Enquiries

If you have any enquiries, questions or concerns about our privacy policy or practices, or if you would like more information, please contact:

Privacy Officer/Business Manager

Little Company of Mary

442 Durham Street North

St Albans, Christchurch, 8014

Email: nzadmin@lcm.org.au