Privacy Policy

Privacy Policy

The use of Arise Software Limited database systems are subject to our terms and conditions. If there is any conflict between this Privacy Policy and our terms and conditions, the terms and conditions will prevail. 1 Collection of information

(a) Information collected through our services may include personal information (including identifiers, as set out in section 2 below). For example, personal information may be:

– Provided by your clients through registration on our database systems;

– Provided to us by you through any other method (such as by email and through discussions);

– Collected by us in relation to your use of our database systems, including the tracking of the content you access and any of our services you utilize; and

– Collected through log files or cookies (as set out in sections 3 and 4).

(b) We may also collect aggregated information generated by our systems, which tracks traffic to our database systems but does not relate to you personally (see section 5 below). 2 Identifiers

Information about your client’s computer and about visits to and use of the database systems (such as IP address, location, browser type and user name) will be recorded when logged in. We may use this information to identify you or your client. We will treat this information as personal information.

Parents and caregivers may provide personal information of children and dependents under the age of 16 through our services. This information entered will be recorded and is subject to the rights provided in this privacy policy. 3 Log files

We use log files in order to enhance user experience when using our database systems and to analyse trends. Log files gather information, such as which URL you or your client just came from, which URL is visited next, what browser is used, and the IP address. We use this information to analyse trends and to administer and operate our database systems and services.

Users who log into the database systems and services also have their IP address recorded. An IP address can be used to identify a user, and we will treat this information as personal information. 4 Cookies

Our database systems uses temporary cookies to keep a session open after a user logs in. We may use the information we obtain from the cookies in the administration of our services and to improve the usability of the database systems. These cookies help us recognise previous visitors and also identify the route history of users. We cannot identify any personal information stored in these cookies, nor can we gain access to any information stored on your hard drive.

In addition, we cannot access information from cookies sent from other database systems. Information collected will only be used as described above, and also to improve our database systems. Some browsers allow you to refuse to accept cookies but this may have a negative impact on the usability of our database systems we provide to you. 5 Other information

We will have access to and may use other information, such as number of users, traffic patterns and demand for the service, to monitor server and database systems performance as well as for other security purposes. We may also collect information about all system interaction with users while they are logged in. This information is owned by us and may be used to verify actions taken by a user or for security purposes. 6 Use of information

We (and our employees, officers, agents, contractors and affiliates as defined below) may use the personal information you and your clients provide to:

(a) To allow us to run our business and perform administrative and operational tasks (such as training staff, risk management; undertaking planning, research and statistical analysis; and systems development and testing, keeping our records up to date, being efficient about how we fulfil our legal and contractual duties);

(b) To comply with legal and regulatory requirements;

(c) To detect any fraud or crime, or money laundering and counter financing of terrorism in connection with any laws, rules or regulations in New Zealand or overseas for analysis in aggregate form (with identifiable characteristics removed so that you will remain anonymous); and

(d) For any other purpose which is stated to you at the time of collection or that you otherwise authorise. 7 Information sharing and disclosure

(a) We will not disclose personal information we collect from you or your clients through our database systems or services provided to you other than as set out in this privacy policy or as otherwise agreed with you or as required by law;

(b) At your request, we will share your personal data with your representative or any person acting on your behalf (for example, financial advisers, lawyers, attorneys, accountants, executors, administrators, trustees or auditors).

(c) In certain instances we may need to share some of the personal information we collect about you with other organisations as required by law or for law enforcement purposes, or if we determine in good faith that disclosure is reasonably necessary to investigate fraud, enforce our terms and conditions, protect our rights and pursue available remedies or protect our operations or users. 8 Security of your personal information

We will take reasonable technical and organisational precautions to prevent the loss, misuse or unauthorised alteration of your personal information. However, due to the nature of email and the internet, we cannot guarantee the privacy or confidentiality of your personal information. We may store your information in cloud or other types of networked or electronic storage.

Sensitive information, such as data entered during the registration process, is encrypted. 9 Your Rights

Without limitation, you and your clients that use our database systems on your database systems have the following rights:

(a) The right to be provided full information about your personal data that we hold.

(b) The right to require that we correct any incorrect information we hold about you.

(c) The right to ask that we delete or destroy your personal data. Please note that certain conditions may apply to the exercise of this right.

(d) The right to ask that we restrict the use of your personal data. Please note that certain conditions may apply to the exercise of this right.

(e) The right to object to the use of your personal data by us. Please note that certain conditions may apply to the exercise of this right.

(f) The right to receive your personal data in a structured and commonly used format. Please note that certain conditions may apply to the exercise of this right.

To exercise your rights, or if you require further information about how your personal data is used, you can contact us at: [email protected]

You can also contact us if you have any questions or complaints about, or if you wish to restrict or object to how we manage or store your personal information. We will respond to your request, where required by law, within one (1) calendar month from the date your request is received. We will inform you if this timeframe is not achievable and extend this timeframe as permitted by applicable law. We may charge a fee to cover the costs of meeting your request if your request is unfounded or excessive.

If we do not agree to provide you with access to, or to amend or erase, your personal information as requested or otherwise meet your requests, we will notify you accordingly. Where appropriate, we will provide you with the reason(s) for our decision and the mechanisms available to complain about the refusal. If the rejection relates to a request to change your personal information you may make a statement about the requested change and we will attach this to your record.

In some circumstances, and subject always to legal obligations to the contrary, we may not be in a position to grant access to your personal information or otherwise meet your requests with respect to your personal information.

We are required to keep your information for so long as is required by you or by applicable laws. 10 Business transitions

If in the ownership of all or a portion of Arise Software Limited or our database systems or service changes, your user information may be transferred to the new owner so that the database systems can continue operations. In this event, your information will remain subject to this privacy policy. 11 Users outside New Zealand

The information we collect may be processed in and transferred between your location and New Zealand. New Zealand may not have equivalent data protection laws to those in force in your location. 12 Changes in privacy policy

We may occasionally make changes to our privacy policy, or alter database systems and service functionality. We encourage you to review the policy regularly for the latest information on our privacy practices. 13 Contact details

If you have any questions about our privacy policy, or any other matter (including a complaint), please feel free to contact us. You can reach us through our email: [email protected]