Privacy Policy

Purpose 

This Policy has been written to help GROWSAFE customers understand how GROWSAFE collects, uses and protects their information when they visit our website and use our products and services.

Definitions and background

GROWSAFE collects private data from individuals and so is subject to the requirements of the Privacy Act 1993.  Principle 3 of the Act requires GROWSAFE to ensure that the individuals are aware that information is being collected, the purpose for which it is collected and the intended recipients of the information. 

This policy is provided for information and doesn’t limit or exclude the rights of an individual under the Privacy Act 1993.

This Privacy Policy covers the following topics: 
1. What information does GROWSAFE collect?
2. How does GROWSAFE use personal information?
3. Sharing personal information
4. Protecting personal information
5. Accessing personal information
6. Internet use
7. Changes to this Privacy Policy

Policy

1. What information does GROWSAFE collect?
GROWSAFE collects information relating to individuals that they have provided (for example, on an application or registration form) or that GROWSAFE may have obtained from another source (such as our trainers, training providers, employers or industry organisations).

This information may include: name, date of birth, address(es), email, telephone number(s), training records, employer details, the industry(ies) that an individual works in and other relevant information.

2. How does GROWSAFE use personal information?
The information that GROWSAFE collects from an individual may be used by GROWSAFE for a number of purposes connected with its business such as:
2.1 issuing certificates; 
2.2 issuing reminders about certificate expiry date; 
2.3 providing the individual with relevant products and/or services such as technical updates or details of upcoming courses; 
2.4 billing the individual (unless s/he pays by another agreed method) and collecting any debt owed to GROWSAFE by an individual;
2.5 settling accounts with those who provide related services to GROWSAFE;
2.6 dealing with requests, enquiries or complaints from the individual and other customer related activities;
2.7 carrying out market and product analysis and marketing GROWSAFE’s products and services generally; 
2.8 contacting individuals about our products and services and the products and services of carefully selected third parties which GROWSAFE thinks may be of interest to the individual (unless the individual asks GROWSAFE in writing not to);
2.9 inclusion, subject to any objection or preference the individual may have indicated to GROWSAFE in writing, in any directory or register operated by GROWSAFE or by a third party on GROWSAFE’s behalf (unless otherwise approved by the individual such information will be limited to name, company/employer, industry sector, certificate type, expiry date and status);
2.10 carrying out any activity in connection with a legal, governmental or regulatory requirement on GROWSAFE or in connection with legal proceedings, crime or fraud prevention, detection or prosecution;
2.11 carrying out activities connected with the running of GROWSAFE’s business such as personnel training, quality control, network monitoring, testing and maintenance of computer and other systems and in connection with the transfer of any part of GROWSAFE’s business in respect of which the individual is a customer or a potential customer;
2.12 for general administrative and business purposes.

3. Sharing personal information
There may be times when GROWSAFE needs to disclose an individual’s personal information to third parties. If GROWSAFE does this, it will only disclose information to:
3.1 Those who provide products or services to GROWSAFE or support the services that GROWSAFE provides, such as resource developers, trainers and training providers (unless otherwise approved by the individual such information will be limited to the information required to carry out the business activity); 
3.2 Those who require information about the certification status of individuals such as employers, industry organisations, regional councils or quality assurance programmes (unless otherwise approved by the individual such information will be limited to name, company/employer, industry sector, certificate type, date of original issue, expiry date and status);
3.3 Anyone who hosts or maintains data centres, service platforms and other infrastructure and systems on behalf of GROWSAFE, where information is processed;
3.4 Anyone GROWSAFE transfers its business to in respect of which the individual is a customer or a potential customer;
3.5 Persons to whom GROWSAFE may be required to pass an individual’s information by reason of legal, governmental or regulatory authority including law enforcement agencies and emergency services;
3.6 Any person or organisation as authorised by the Privacy Act 1993.

4. Protecting personal information
GROWSAFE will take reasonable steps to ensure that the personal information it collects, uses or discloses is accurate, complete, up-to-date and stored in a secure environment protected from unauthorised access, modification or disclosure.

5. Accessing personal information
Individuals have the right to access their own personal information, if GROWSAFE holds that personal information in a way that it can be readily retrieved. Individuals can initiate a request for access to the personal information GROWSAFE holds about them by sending an email to info@growsafe.co.nz.

In some cases, there may be a charge associated with providing copies of personal information to an individual. If so, GROWSAFE will advise the individual of this prior to sending the information.

6. Internet use
GROWSAFE will make every effort to maintain the security of its internet connections.  However for reasons outside of its control, security risks may still arise. Any personal information transmitted to GROWSAFE or from our online services will therefore be at the individual’s own risk.  However, GROWSAFE will use its best efforts to ensure that any such information remains secure. GROWSAFE cannot protect any information that an individual makes available to the general public – for example, on message boards or in chat rooms.

GROWSAFE may use cookies and other interactive techniques to collect non-personal information about how individuals interact with its website, and web-related products and services, to:
6.1 understand what an individual likes and uses about our website; 
6.2 understand what an individual does not like and does not use on the GROWSAFE website; 
6.3 provide a more enjoyable, customised service and experience, and 
6.4 help GROWSAFE develop and deliver better products and services tailored to our customers’ interests and needs.

GROWSAFE may use a persistent cookie to record details such as a unique user identity and general registration details on an individual’s PC. This helps GROWSAFE to recognise individuals on subsequent visits to its website so that individuals don’t have to re-enter their registration details each time they visit the GROWSAFE website and allows GROWSAFE to carry out the activities mentioned above.

Most browser technology (such as Internet Explorer, Firefox, Google Chrome etc) allows individuals to choose whether to accept cookies or not – an individual can either refuse all cookies or set their browser to alert them each time that a website tries to set a cookie.

7. Breach of Privacy
In the event of a privacy breach, GROWSAFE has a process in place to manage the breach and minimise harm to the affected individual. These steps include:
7.1 Stop the practice that caused the breach 
7.2 Retrieve the information or ensure that the unauthorised recipient destroys the information
7.3 If appropriate, inform the individual whose privacy has been breached
7.4 Identify the cause of the breach and take any actions needed to ensure it does not re-occur.

8. Changes to our Privacy Policy
GROWSAFE may change this Privacy Policy from time to time.