The kōura KiwiSaver Scheme is issued and managed by kōura Wealth Limited (kōura). kōura is committed to ensuring the privacy of your personal information. Any information that you provide us is held in accordance with all relevant privacy laws, including, without limitation, the Privacy Act 2020.
We gather your personal data for the following purposes, and we will only use it for the purpose it was collected.
You can unsubscribe from email marketing communication by clicking the link provided in relevant emails.
kōura is required, in accordance with the Privacy Act 2020 to have a purpose and a legal basis for processing your personal data.
We collect this information primarily to enable us to provide the services required by you.
In particular, in order to provide you with a recommended portfolio and risk profile for your KiwiSaver investment, we are required to collect responses to the risk questionnaire. We also always provide you with additional information explaining the advice and your options. If you are not satisfied with the result of this process, you may contact us at email@example.com or by telephone.
Where explicit consent is required, we will seek this from you, for example, with respect to marketing preferences. However, in most cases, explicit consent is not required, and implicit consent is inferred such that we may perform our responsibilities under the Agreement. Where explicit consent is required and not provided or withdrawn, it may result in non-benefit of service, or the inability to open an account with Kōura.
To process your personal data, we will rely on several different legal bases depending on the purpose of the processing, such as where:
kōura will only send you marketing communications where you have given us your explicit consent. This can be managed through our preference centre (the link is provided in relevant emails) where you may withdraw this consent at any time. If you have any questions, please contact firstname.lastname@example.org.
You may seek to exercise any of these rights by emailing us at email@example.com.
kōura is required to retain certain data records to comply with the Financial Markets Authority (FMA) general recording keeping requirements. In general, we are required to retain data for at least seven years.
Your personal information may be transferred or disclosed to third parties.
This enables us to provide services to you and to discharge our obligations to third parties, including relevant government agencies and regulators. Such third parties may also have their own data retention periods.
For the purposes of the Agreement, we are required to share your information with third parties, the situations in which we share this information are detailed below:
In particular, Public Trust, as our Supervisor lawfully receives customers personal information to perform their Supervisor functions.
We may also share your personal information with certain suppliers when we have a legitimate interest to do so, or your explicit consent, as detailed below:
We will endeavour to anonymise your data and minimise the amount of your data we share with these third parties, where possible. Prior to sharing any of your personal information with these suppliers we will ensure the appropriate contractual, technical and organisational measures are in place to safeguard your personal information.
All of our suppliers and partners who we may share your data with are compliant with the New Zealand Privacy Act, or an equivalent international standard.
We will not sell or lease your personal information to third parties.
We are committed to ensuring that your data is retained securely by us. In order to prevent unauthorised access to or disclosure of your data, we have put in place physical, electronic and managerial procedures to safeguard and secure the information we collect.
Using the internet comes with risks, we cannot guarantee that any information sent to us by email or via our website will not be intercepted or tampered with. Any communications are sent at your own risk.
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites, and such sites are not governed by this privacy statement. You should exercise caution and review the privacy statement applicable to the relevant website.
We have a Privacy Officer. Our Privacy Officer is responsible for ensuring the organisation complies with the Privacy Act, dealing with any complaints about possible privacy breaches and requests for personal information, or correction of personal information. If you believe your privacy has been compromised or we’ve breached the Privacy Act or a Code of Conduct and you would like to make a complaint, you can complain to our Privacy Officer via email (firstname.lastname@example.org), and we will do our best to help resolve any issue you may have.
Kōura must report any serious privacy breaches to the Office of the Privacy Commissioner. A serious breach is one that poses a risk of harm (e.g. leaked personal information is published online or used to facilitate identity theft). Where a serious breach occurs, we will also notify the people whose information was affected.
Breach notifications to the Office of the Privacy Commissioner can be made by email, telephone or by using their online enquiry form: https://www.privacy.org.nz/privacy-for-agencies/privacy-breaches/