This Privacy Policy applies only to the information collected by Innovative Securities Ltd. (“Innovative Securities”, “we,” “us” or “our”) from visitors (i.e. guests) of our Site. We provide certain products and services that may have supplementary privacy policies which explain in more detail our specific privacy practices in relation to those products and services. Unless otherwise noted, the Site and our products and services are provided by Innovative Securities inside and outside of the New Zealand.
This Privacy Policy applies to personal information collected by Innovative Securities and sets out how we collect, store, use, and disclose personal information that you provide to us. This Policy explains how you can access and update your personal information or make a complaint. If you are a natural person, Innovative Securities is the personal data processor and controller of your personal data in relation to the processing activities, which your personal data undergo as stated further below. Innovative Securities is committed to protect your privacy and handling your data through a transparent manner. We understand the importance of maintaining the confidentiality and privacy of your personal data, and we manage your personal information in accordance with the principles of the New Zealand’s Privacy Act 1993 and European’s General Data Protection Regulation (EU) 2016/679.
By entrusting us with your information, we would like to assure you of our commitment to keep such information private. We have taken measurable steps to protect the confidentiality, security, and integrity of your Information.
Unless otherwise notified to you, that your personal information will be used in a more limited way, all personal information collected by Innovative Securities is held and used in accordance with this Privacy Policy.
We understand that the confidentiality, integrity, and availability of our members' information are vital to their business operations and our own success. We use a multi-layered approach to protect key information by constantly monitoring and improving our applications, systems, site, and processes to meet the growing demands and challenges of dynamic security threats. In recognition of our security efforts, Innovative Securities Ltd. has received ISO 27001:2013 security standards registration.
Innovative Securities only collects personal information directly from you. This Privacy Policy applies to personal information of individuals that Innovative Securities collects via the following:
Innovative Securities site – We collect information directly from you. When you use our site we will ask you for your consent to collect your personal information (for example, your IP address).
Data from third parties – Innovative Securities only collects personal information directly from individuals. We do not collect personal information about our customers and partners from third parties.
You may decide not to provide your personal information to Innovative Securities. Please note that in such case, we may not be able to provide you with the services or with the access to certain information you seek.
Innovative Securities only collects personal information that is necessary for one or more of its business functions. We do this to ensure privacy of our customers. When you are a visitor of our site, the kind of Personal Information that we collect is your IP address. We need that information to identify the country that you come from. We use a local database to identify the country, but it is also possible that we may use an external database.
You may hide or refuse to give consent to use your IP address to any site, including Innovative Securities site. Please note that some of our services, may not work if we can't see or use your IP address. In order to be able to give you accurate and relevant information, we need your consent to collect the specified information.
Innovative Securities considers a child to be anyone under the age of eighteen (18). We do not knowingly seek or collect personal information from or about children. If we discover that we’ve accidentally collected information from a child, we will remove that child's information from our records as soon as feasibly possible.
To provide you with our services, Innovative Securities may collect and use your personal information for some or all of the following purposes. Please note that not all of the uses below will be relevant to every individual.
Consumer/customer service - We may collect and use your personal information to provide you accurate and relevant information about our products. Some of our products may be limited in some countries so we need that information to be able to provide you relevant information.
Product improvement and customization - We may collect and use your personal information so we can constantly improve our products, tailor them to your needs, and come up with new product ideas and inform you of any changes to our products.
Other general purposes (e.g., security, internal research, surveys) - We may collect and use your personal information for other general business purposes, such as to maintain the day-to-day operation and security of our site.
Innovative Securities will not share, sell, trade, rent or otherwise disclose information about you to third parties unless we have specifically informed you and you have given us specific permission to do this.
However, there are exceptions and we may share your personal information with third parties, but only in the following circumstances:
Service Providers - We may use third parties, like service providers located in EU, to provide support for our business functions. We may need such providers in case that we can't identify your country.
Legal requirements – We may disclose your personal information if we are required to do so by law, or if in our good faith judgment, such action is reasonably necessary to comply with legal processes, to respond to any claims, or to protect the safety or rights of Innovative Securities, its customers, or if the source of the information is publicly available, or if you authorized us to do so.
We take all reasonable technical and organizational measures to protect the personal information we hold against loss, unauthorized access, use, modification or disclosure, and against other misuse. The ways we do this, include:
Using Secure Sockets Layer (SSL) encryption when collecting or transferring information (SSL encryption is designed to make the data unreadable by anyone but us);
Limiting physical access to our premises;
Limiting access to the information we collect about you for instance, only those of our personnel who need your information to carry out our business activities are allowed access;
Putting in place physical, electronic, and procedural safeguards in line with industry standards, we will only keep your personal information for as long as it is reasonably necessary taking into consideration our need to answer queries or resolve problems, provide improved and new services and comply with legal requirements under applicable laws.
We hold your personal information only as long as necessary. Innovative Securities shall keep your personal data for as long as you use our site. Once you ended using our site, we may keep your data for up to five (5) years in accordance with the Laws governing the Innovative Securities. We may keep your personal data for longer than five (5) years for legal, regulatory and/or any other obligatory reason.
We hold your personal information in:
Computer systems;
Electronic databases;
Digital archives.
These storage mechanisms may be managed in a number of ways. These may be managed or administered internally by Innovative Securities and may be held by a third party contracted by us for storage services in EU.
Third party data security – Where Innovative Securities does disclose personal information to a third party as specified in point six (6) above, any such third party must at all times provide the same levels of security for your personal information as Innovative Securities does, and, where required, are bound by a legal agreement to keep your personal information private, secure and to process it only on the specific instructions of Innovative Securities.
We do not assign unique identifiers to your personal information unless it is necessary to provide you with the requested services.
Innovative Securities has taken all the appropriate organisational measures to ensure that your personal data are secured. Moreover, Innovative Securities has established an internal educational training for its employees so as to mitigate any risks that may affect your data. The employees that are processing your data are being trained to respect the confidentiality of customer information and the privacy of individuals. We consider breaches of your privacy as top priority and Innovative Securities will enhance its internal procedures to prevent any such event. However, in the event of breach Innovative Securities, as soon as possible within 72 hours of becoming aware of it, will notify the breach to the supervisory authority. In that case we will provide the nature of the personal data breach, the number of people concerned, the name and contact details of the data protection officer, the likely consequences of the data breach, and any measures (to be) taken to address the breach and mitigate any adverse effects.
ISO 27001 registration – Innovative Securities has been assessed and certified as meeting the requirements of ISO/IEC 27001:2013 for the following activities – security of information is handled in course of found management, portfolio management, customer account ad securities account management.
Prior to any use of your personal information Innovative Securities checks its accuracy and compliance with the details you have provided to us. You can request access to the personal information Innovative Securities holds about you, or to delete such information, by contacting us at any of the following methods here. If Innovative Securities cannot provide access to your personal information, it will provide you with the reasons why. Depending on the nature of the request, Innovative Securities may charge for providing access to your personal information, however such charge will not be excessive.
If the personal information Innovative Securities holds about you is inaccurate, incomplete or not up to date you may request Innovative Securities to correct or delete the information here. The visitors of our site has rights to access and correct any information held by Innovative Securities. Where available, you can review or update any personal information that we may have collected about you for our site. To do this, please contact us.
Innovative Securities is using "cookies".
The main function of the "cookie" is to allow us to determine which server you are connecting to, and to recognize which language you use. We need that information to offer you a complete service.
You can block or restrict cookies set by any site, including Innovative Securities sites, through the browser settings of each browser you use on each device you use to access the Internet.
Please note that some of our services, may not work if your browser does not support cookies.
Innovative Securities site does not contain links to other sites that are not operated by us.
We are a New Zealand company registered in New Zealand and governed by New Zealand law. We comply with New Zealand’s Privacy Act 1993 and also with European’s General Data Protection Regulation (EU) 2016/679, both in letter and in spirit, and uphold the privacy protection principles.
That means we take care to keep any personal information we hold confidential, complete and accurate, and we try not to collect any more information than we need for our legitimate business purposes nor do we keep it longer than necessary. We comply with other laws relating to information security and of course applicable laws and regulations relating to corporate governance, financial control and so forth.
If you are concerned about a possible interference with your privacy or misuse of your personal information by Innovative Securities, please contact the Innovative Securities at any of the following methods here.
Your complaint will be sent to Innovative Securities privacy officer. It is Innovative Securities policy to handle complaints in a timely, effective, fair and consistent manner. On making a privacy complaint to Innovative Securities, you will receive an acknowledgment letter or email within 5 business days. This communication will be set out by our privacy officer, you will receive the name of the person and the expected response time for the complaint. Innovative Securities endeavours to make a decision on all written complaints within 20 business days after a complaint is received. If we need more time to respond to your complaint we will notify you as to the delay, the reasons for it and seek your agreement to a longer period.
If you are not satisfied with Innovative Securities response you can contact the Office of the Privacy Commissioner at https://privacy.org.nz/.
While we try our best to use plain and simple language, we recognize that there will be some specific terminology. This section aims to provide simple definitions for some of the common privacy terminology.
| Applicable law | The legislation with which any personal information processing must comply. |
| Cookies | These are small pieces of data that are placed on your device (e.g. your browser when you access a site). Cookies are used for a variety of purposes, including enabling features on a site, helping us to understand which parts of our sites are the most popular, where site visitors are going, and how much time they spend there. |
| Encryption | Encryption, such as Secure Sockets Layer (SSL) encryption, is a system for protecting data, used when collecting or transferring sensitive data, such as credit card details or other personal information. Encryption is designed to make the data unreadable by anyone but the intended recipients. |
| Personal Information | Personal information or data shall mean any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person |
| Processing | Processing shall mean any operation or set of operations, which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction |
| Controller | Controller shall mean the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law |
| Processor | Processor shall mean a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller |
| Personal Information Management | or PIM, is the set of processes and controls used to ensure that personal information is handled appropriately, to meet our internal and legal requirements. |
| Privacy Act | means the Privacy Act 1993 (New Zealand). |
| Privacy policy | is a statement or a legal document that discloses how a company gathers, uses, discloses and manages the personal information provided by an individual (such as a customer, partner, employee or potential employee). While this is a legal document, a privacy policy aims to provide transparency about these information handling practices, so should ideally be written in clear and simple language. |
| Technological device | is a machine designed for a purpose. In a general context, a smartphone can be considered a device. |
| Third parties | These are non-Innovative Securities companies contracted to perform functions on our behalf, such as fulfilling orders, delivering packages, sending postal mail and e-mails, sending text messages (SMS), providing marketing assistance, etc. |
This Policy is reviewed annually.
© 2008 - 2024 Innovative Securities Limited. All rights reserved.
