1. Introduction
The New Zealand Institute of Private Investigators (NZIPI) respects your privacy and is committed to protecting your personal information.
This Privacy Policy explains how we collect, use, store, and protect personal information in accordance with the Privacy Act 2020, the 13 Information Privacy Principles (IPPs), and the guidance of the Office of the Privacy Commissioner (OPC) and Digital Government NZ.
By engaging with NZIPI—through our website(nzipi.org.nz), membership, events, or communications—you acknowledge and agree to this Privacy Policy.
2. Scope & Applicability
This Policy applies to all personal information collected by NZIPI, including information received via:
• Our website and online forms
• Membership and renewal applications
• Event registrations and training activities
• Email or telephone correspondence
• Surveys, newsletters, or marketing communications
It applies to members, applicants, event participants, partners, and members of the public who interact with NZIPI.
3. What Personal Information We Collect
We may collect the following types of information:
• Identity & Contact: name, address, email, phone, professional affiliation
• Membership: qualifications, licensing details, professional history
• Event & Training: registration and participation information
• Financial: payment details processed securely via authorised third-party providers
• Communications: correspondence, feedback, or complaints
• Website & Analytics: IP addresses, browser type, cookies, device data
We collect only the information necessary for lawful and legitimate NZIPI activities.
4. Collection Notice (Aligned with IPPs 3 & 4)
When collecting personal information, NZIPI will inform you of:
• Our identity and contact details
• The purpose for which your information is being collected
• How the information will be used
• Who will have access to it
• The consequences (if any) of not providing the information
• Your rights to access and correct your information
This notice appears at the point of collection (e.g., on membership, contact, and event forms).
5. How We Collect Information
We collect information:
• Directly from you when you provide it (membership forms, contact forms, event registration)
• From publicly available sources, such as the Private Security Personnel Licensing Authority (PSPLA) register, where relevant to professional verification
• From third parties, with your consent or where authorised by law
We do not collect information by unlawful or unfair means.
6. Purpose of Collection and Use (Aligned with IPP 1)
We collect and use personal information to:
• Manage membership, renewals, and verifications
• Administer events, education, and professional development
• Communicate updates, newsletters, and opportunities
• Respond to enquiries or complaints
• Process payments and maintain financial records
• Meet legal and governance obligations
• Support professional standards and accountability
Personal information will only be used for the purpose for which it was collected, or for a directly related lawfulpurpose.
7. Disclosure of Personal Information (Aligned with IPPs 11 & 12)
We may disclose personal information:
• To service providers acting on our behalf (e.g., IT hosting, email, payment processors)
• To the PSPLA or relevant authorities for licensing verification When required by law (e.g., enforcement or compliance obligations)
• With your consent
• To prevent or mitigate serious harm
Overseas Disclosure:
If information is transferred or stored outside New Zealand, NZIPI ensures that the receiving organisation provides privacy protections comparable to those in New Zealand, consistent with IPP 12.
8. Information Sharing Arrangements
NZIPI does not engage in systematic information-sharing agreements.
Should this ever occur (e.g., joint training or cross-agency collaboration),NZIPI will:
• Disclose the existence and purpose of the arrangement publicly, and
• Ensure all sharing complies with the Privacy Act 2020 and relevant codes of practice.
9. Retention and Accuracy of Information (Aligned with IPPs 7 – 9)
NZIPI retains personal information only foras long as it is needed for its lawful purpose or as required by legislation.
Retention criteria:
• Membership records: 7 years after lapse or termination
• Event and training records: 2 years after completion
• Financial transaction records: 7 years for tax compliance
• Complaint and disciplinary files: as required under governance obligations
We take reasonable steps to ensure all information is accurate, complete, and up-to-date. Members are encouraged to advise us of any changes promptly.
10. Security of Information (Aligned with IPP 5)
We apply strong technical, physical, and administrative safeguards, including:
• Encryption of sensitive data
• Access restrictions to authorised personnel only
• Secure third-party data hosting within New Zealand where practicable
• Regular security reviews and updates
Despite these safeguards, no system is completely secure. You provide information at your discretion and risk.
11. Access and Correction Rights (Aligned with IPPs 6 & 7)
You have the right to:
• Request access to the personal information NZIPI holds about you
• Request correction of any inaccurate or outdated information
Requests must be submitted in writing to the Privacy Officer (see Section 17).
We will respond within 20 working days, as required under the Privacy Act 2020.
If correction cannot be made, a statement noting your request will be attached to your record.
12. Unique Identifiers (Aligned with IPP 13)
Where NZIPI assigns unique identifiers(e.g., membership or registration numbers), we ensure:
• Identifiers are used only for their intended administrative purpose
• They are not disclosed to unauthorised persons
• They are not used in combination with other identifiers without lawful reason
13. Privacy Breach Management
If NZIPI experiences a privacy breach likely to cause serious harm, we will:
1. Immediately contain and assess the breach
2. Notify affected individuals as soon as practicable
3. Notify the Office of the Privacy Commissioner under section 114 of the Privacy Act 2020
4. Review internal processes to prevent recurrence
All privacy breaches are recorded and audited.
14. Cookies and Analytics
NZIPI uses cookies and similar technologies for website functionality and analytics.
• Essential cookies are required for secure site operation.
•Analytics cookies collect anonymised usage data to improve content and design.
You may decline non-essential cookies by adjusting browser settings.
NZIPI follows Digital Government NZ guidance on responsible analytics and dataminimisation.
15. Governance, Accessibility, and Digital Compliance
NZIPI upholds New Zealand Government standards for privacy, accessibility, and transparency.
We ensure that:
• This policy and related forms meet NZ Web Accessibility Standards 1.1
• Information is available in alternative formats upon request
• Our digital systems are governed under “Privacy by Design” and “Security by Default” principles
• Staff and contractors receive ongoing privacy training
16. Effective Date, Version, and Review
This policy is reviewed annually or sooner if legal or operational changes occur.
• Effective Date: 10 November 2025
• Version: 1.0
• Next Scheduled Review: 10 November 2026
Previous versions are archived for audit and governance purposes.
17. Privacy Officer
NZIPI has appointed a Privacy Officer responsible for ensuring compliance with this Policy and the Privacy Act 2020.
Contact:
Privacy Officer – NZIPI
📧 admin@nzipi.org.nz
18. Contact and Complaints
If you have a question, request, or complaint about privacy, please contact our Privacy Officer in the first instance.
If you are not satisfied with our response, you may contact the Office of the Privacy Commissioner:
Office of the Privacy Commissioner
📞 0800803 909
🌐 www.privacy.org.nz
📍 PO Box 10094, Wellington 6143, New Zealand