Security & Privacy
This policy is about how we collect, use, disclose and protect your personal information. We take our responsibility to protect your personal information very seriously. We collect and use your personal information to deliver our services. We're committed to following four principles in relation to your information:
- We will respect your privacy—our brand is built on trust and integrity.
- We're committed to being transparent and honest, so you know what we do with your personal information (including if something goes wrong).
- We use personal information to add value to your life.
- We avoid getting involved in anything that could breach your trust.
1. What does this policy do?
1.1 This policy covers our "Services", meaning services or products by LifeDirect.
1.2 We are committed to your privacy and will comply with applicable privacy laws,
including the Privacy Act 2020, any applicable Privacy Codes and other laws when dealing with your information.
We will also comply with the European Union's General Data Protection Regulation to the extent that this applies to information we collect under a particular Service (e.g., if we target a particular Service at individuals living in the European Union). If you are an individual based in the European Union, you can email us to clarify how we treat your information.2. What information do we collect?
We collect information so that we can provide you with our Services, and so that we can build new Services. We may collect the following information, some of which is personal information:
2.1 Information you give us, such as:
Account information. When you sign up for a Service, we may require your name, username, password, email address, date of birth, demographic information or other personal information.
Application forms. We collect information when you complete an application for any of our Services or for services that we connect to. Some information on application forms is particularly sensitive, for example health information provided as part of an application for life insurance.
Authentication information. To help create and maintain a trusted environment, we may collect identification (like a photo of your government-issued ID, such as a firearms licence) or other authentication information. You will be told at the time of collection when this applies.
Payment information. We may collect your financial information (like your bank account or credit card information) when you make payments to third parties using our Services (see below for how we use and hold this).
Communications and phone calls. When you communicate with us in relation to a Service, we may collect information about your communication and any other information you provide. This includes when you call us, in which case we may retain your call for fraud prevention, internal training and quality assurance purposes.
Other information. You may otherwise provide us information directly (by email or in other formats), such as when you provide feedback, fill in a form, conduct a search, update or add information to our Services, respond to surveys or other research activities, participate in promotions or use other features of our Services.
2.2 Information we automatically collect, such as:
Usage information. We collect information about your interactions with our Services and emails and messages generated through your use of the Services.
Location information. When you use certain features of our Services, we may collect different types of information about your general location (e.g. your physical or postal address or your device's IP address).
Analytics. We automatically collect analytics information when you use our Services, even if you have not created an account or logged in. We may use third party providers (such as Google Analytics) to help us with this. Information collected includes, among other things: details about how you've used our Services (including links to third party applications), your IP address, access times, hardware and software information, device information, device event information (e.g. crashes, browser type), and the pages, applications or services you've viewed or engaged with before or after using our Services.
2.3 Information from third parties or external sources, such as:
Information from third party services you use. If you link, connect, or log in to your account with a third party service (e.g. Facebook or Trade Me), the third party service may send us information such as your registration and profile information from that service. This information varies and is controlled by that service or as authorised by you via your privacy settings at that service.
Analytics information. We may collect analytics information from third parties (e.g. we may use Google Analytics, Google Analytics Demographics and Interest, Google AdWords, Flurry, and Nielsen//Online counting system). Analytics information is generally anonymised, but may include the device you're using, the applications you use, your operating system, your IP address, and your geo-demographic information.
Information from public sources. To the extent permitted by applicable law, we may receive additional information about you that is publicly available.
3. How do we use your information?
We use your personal information to provide you with Services. We also use your personal information with information from others so that we can analyse patterns across our data and improve our Services. For example, we can look across our Services to make sure we invest in product improvements that deliver benefits.
We understand that personal information in your insurance application forms or which you disclose on phone calls (such as health information about you or your dependents or beneficiaries) may be particularly sensitive. We will only use or disclose this information for purposes related to the relevant Service (e.g. providing this information securely to your chosen insurers or their third-party insurance software providers, or contacting you about annual insurance reviews). We won't use this information for purposes unrelated to LifeDirect, or your insurance needs, without your permission unless this is required for fraud prevention, law enforcement purposes or by law. However, we may still use and share this information where it is in anonymised form (e.g., aggregated information that no longer identifies or references an individual User), as described in clause 4.8.
We may use your personal information in the following ways:
3.1 To contact you about your account or use.
We may contact you by phone, email or text message in relation to your account or use. You can unsubscribe from emailed newsletters and advertising materials.
3.2 To help provide our Services, for example:
To enable your use of our Services. We may enable you to make payments on our Services, verify your address (and we may use third parties to help enable your use of our Services – see clause 4.3 below).
To personalise or enrich our Services. We may personalise, improve or enrich your experience by, among other things:
- assisting with annual insurance reviews and keeping your client record;
- not asking you to log in unnecessarily (i.e. we may save your credentials for you);
- ranking search results
To manage our Services. We may provide, operate, protect, improve, optimise and otherwise manage our Services, including by using analytics, accounting and customer relationship management tools.
To conduct research. We may conduct internal research in relation to Users' demographics, interests, and behaviour to better understand and serve our community.
For training purposes. We may use your personal information to help train and improve our staff who help provide or support the Services (e.g. customer support staff may have access to calls for training purposes).
3.3 For trust, safety and assurance, for example to:
Prevent harm to us or others. We may use your information to detect and prevent fraud, security incidents, and other harmful activity (e.g. if we believe you have used another person's payment card or payment details without their permission or knowledge, we may disclose your personal information relating to the transaction to that person or their bank).
Ensure we comply with our obligations. We will use information to ensure we comply with the law, including disclosures authorised under the Privacy Act 2020.
Allow our business to be audited. We may use your information to allow for auditing of our Services and businesses.
Verify the identity of users or third parties. We may verify your identity or authenticate information provided by you, including information relating to others.
3.4 For advertising and marketing, for example to:
Send you promotional messages, marketing or advertising about our Services, including customised promotions, marketing or advertising. We may send or show you promotional messages, marketing, advertising, and other information about our Services including information that we think may be of interest to you. You authorise us to use your listing content for such purposes, including through display advertising, electronic direct mail or on social media.
Send you customised third-party advertising (unless you opt out). We may send or show you third-party promotional messages, marketing, advertising (including on-site display advertising), and other information that may be of interest to you based on your communication preferences (including information about and campaigns of our business partners).
Run promotions. We may use your information to administer referral programmes, rewards, surveys, sweepstakes, contests, or other promotional activities or events sponsored or managed by us or our business partners.
Measure and improve our advertising. We may use your information to measure the effectiveness of our advertising and make improvements.
3.5 For other things, with your express consent.
We may disclose your information at your direction, or otherwise as you agree with us. Please note that we:
Do not have access to your passwords.
Only use your credit card details for purposes related to your transactions and for fraud prevention or law enforcement purposes.
4. Who do we disclose your information to?
We may need to disclose your personal information to others to provide you with our Services, to improve our Services or uphold the law or our terms. We may also disclose your personal information in the following ways:
4.1 To others with your consent, for example when you:
Ask us or authorise us. We'll share your information when you authorise us to send this to a third party.
4.2 To our service providers, to provide and manage our Services.
4.3 To other third parties, such as:
Insurers and advisers. We may give your insurance application form and other personal information to your chosen insurer so that they can facilitate your insurance.
4.4 To authorities or other entities to uphold the law or our terms, for example:
For legal compliance or law enforcement purposes. We may disclose your personal information to courts, law enforcement or government agencies, or third parties, to the extent we believe that disclosure is appropriate or permitted by the Privacy Act.
4.5 To our other Services.
4.6 To others where necessary to reorganise or sell our business.
4.7 To other third parties, where your identity is anonymised.
We may share non-personally identifiable information (e.g., aggregated information about our Users that we combine together so that it no longer identifies or references an individual User), for industry and market analysis, demographic profiling, marketing and advertising, and other business purposes.
4.8 Also, some interactions with our sites and Services may be subject to additional third party terms. For example
External links. Our Services may contain links to third party websites or services. We don't own or control those websites or services or endorse them in any way and, if you interact with them, you may be providing information directly to the third party concerned. The third parties will have their own rules about the collection, use, and disclosure of your personal information. We encourage you to review their privacy policies accordingly.
Information indexed by search engines. Information you share publicly on our Services may be indexed through third party search engines. We do not control the practices of third party search engines, and they may use caches containing your outdated information.
5. How do we hold and protect your information?
We work hard to ensure we keep your personal information safe and to avoid any harm to you or your personal information. We would notify you and the Office of the Privacy Commissioner if a potentially harmful data breach of your personal information did occur. We delete personal information after it is no longer reasonably necessary for us to use it. In particular:
5.1 We use industry recognised security practices and measures.
We are committed to keeping your personal information as safe and secure as possible and follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it.
We continuously implement and update our administrative, technical, and physical security measures to help protect your personal information against unauthorised access, loss, destruction, or alteration. However, despite all of our measures we can't 100% guarantee the security of the transmission or storage of your personal information.
5.2 We store your information in New Zealand or overseas subject to standards that will comply with our privacy obligations
You authorise us to transfer, store, and process your personal information in New Zealand and possibly other countries. Where we store information overseas, or a third party we use to provide our Services stores information overseas (e.g. Amazon Web Services, Microsoft Azure etc), we will ensure that the storage complies with New Zealand privacy obligations.
5.3 We retain your information as long as reasonably required, unless we are legally required to hold it longer.
We will keep your personal information for as long as is reasonably required for us to use it in accordance with this policy, unless we are required by law to hold it longer. In particular, we may retain:
Recordings of your phone calls, where necessary for business or compliance purposes, to help prevent fraud or facilitate legal processes).
Other personal information that is deleted by you may persist for a limited time in our backup systems.
5.4 Credit card Information is held subject to stringent standards.
Credit and debit card information is sensitive and we protect it to stringent security standards. We use a number of procedures and different technologies to help protect your credit and debit card information from unauthorised access, use and disclosure.
6. How can I manage my information?
We know your circumstances, details and preferences will change. So, we've built a number of tools for you to manage your personal information. You can:
6.1 Update your information by:
Updating your account information. In most cases, you may review and update the account information we hold about you (such as your email address, password and phone numbers) by logging into MyLifeDirect and updating the information in your account. If this isn't available and you want to update your information, please get in touch with us.
6.2 Ask us to update, provide or delete your information
If you wish to access or correct any of your personal information, you can contact us directly. We will respond to your request promptly, and always within 5 working days. If you want us to delete any personal information you have submitted to us, please contact us. We will consider each request for deletion on a case by case basis taking into account the terms and conditions of the particular Service(s) and our legal obligations to retain certain information. Note that information that you have shared with others may continue to be publicly visible on our Services in association with your first name, even after your account is cancelled.
If you want to cancel your account for any of our Services, please contact us.
7. How do we amend this policy?
We may make updates from time to time by a LifeDirect site announcement or other notice, usually with two weeks' notice or more.
Occasionally urgent changes will be required, but we will generally give you at least two weeks' notice by LifeDirect site announcement to review any changes, unless the Service-specific terms do not require notice of changes to them. For significant changes we may notify you directly via email. As we update this policy from time to time, we encourage you to periodically review this page for the latest information on our privacy practices.
8. What do the terms in this policy mean?
User means anyone using our Services.
8.2 "personal information"
Personal information means information about an identifiable individual, as defined by the Privacy Act 2020.
Services means our Services, as defined in clause 1.1.
8.4 "we", "us" or "our"
We, us, or our means: LifeDirect 2020 Limited
8.5 "you" or "your"
You or your, in relation to any personal information, means any individual who is identifiable from the personal information.