top of page

ZAAK PRIVACY POLICY

Welcome to Zaak’s Privacy Policy. Zaak (we, us, our) is committed to respecting your privacy and managing your personal information in accordance with the New Zealand Privacy Act 2020, the Australian Privacy Act 1988 (Cth) and any other applicable privacy and data protection laws.

This privacy policy sets out how we collect, use, store, share and protect your personal information in the provision of our personal finance platform and all other related services (Services). Please read this privacy policy alongside our Terms of Use as the defined terms all share the same meaning.

This policy was last updated on August 27, 2022.

1. WHAT IS YOUR PERSONAL INFORMATION?

“Personal Information” is a term defined in the New Zealand Privacy Act 2020 and the Australian Privacy Act 1988 (Cth). Personal information is any information about an identifiable individual and includes personal data and personally identifiable information, such as your name, email address, feedback, comments, photos, and financial account information.

2. PERSONAL INFORMATION WE COLLECT

When you visit our website or use our Services, we collect personal information. Your personal information may be collected from you directly, automatically or from third parties.

 

  • Information you provide to us directly, including:

    • your Account information, such as your name, email address and login credentials; 

    •  your profile photo, which you may provide to us by giving us access to your camera and files in your device if you grant permission in your device settings;

    • your country of residence; 

    •  your Account Credentials;

    • your financial account information and transactions that are manually or automatically  imported into the Services; 

    •  information related to your financial goals; 

    • your communication with us via social media, text, phone or email; and 

    •   any personal information you voluntarily provide us during interacting with us.

 

  • Information we collect automatically, including:

    • information when you navigate through our website or App (such as geography/region, operating systems, session duration, unique device identifiers and usage data).

Some of this information is collected using cookies and similar web-tracking systems. If you want to know more about the types of cookies and web-tracking systems we use and how you can control them, please read section 7 of this policy.

 

Information we get from third parties, including:

YOUR FINANCIAL ACCOUNT DETAILS, INCLUDING:

  •  your bank or other financial services provider;

  •  your account type, including credit, current, savings and investment accounts;

  •  your available credit; and

  •  your account balances (such as your available balance and current balance),

YOUR TRANSACTION DETAILS, INCLUDING:

  • the transaction dates;

  • the transaction amount;

  • the transaction description and category; and

  • the merchant details involving your transaction.

We access and retrieve this information through a secure platform provided by Akahu, a New Zealand financial and technology services provider. To receive our Services and as part of the registration process, you will be asked to enter your Account Credentials on Akahu’s platform to allow Akahu, on our behalf, to collect your Financial Information by linking with your financial account. We do not have access to, use or hold your Account Credentials. Akahu also masks any account numbers associated with your chosen financial institutions, so we do not use, store, or hold your account numbers. Please refer to clause 3 of our Terms for further information and www.akahu.nz to obtain more information about Akahu.

 

3. HOW WE USE YOUR PERSONAL INFORMATION

We collect the personal information to provide you with the Services that you have registered for, requested, or otherwise accessed. The information may be used for the following purposes:

 

  • verify your identity;

  • provide our Services to you;

  • to allow connection of third-party financial institution accounts to the service and gather Financial Information via our third-party bank feed provider;

  • market our Services and products relating to these Services, including sending you newsletters and up to date information on changes via text, email or other electronic means;

  • assess and analyse the effectiveness and your use of our Services and other similar purposes;

  • maintain and improve Services that we provide to you, including by training and improving any artificial intelligence features;

  • creating aggregated and anonymised data that does not identify you nor any other individual for the purposes of product development, research and advocacy;

  • notify you about changes to our Services or terms;

  • for internal record keeping purposes;

  • communicating with you, including responding to a support request or a complaint;

  • ensure our compliance with applicable laws and regulations;

  • ensure your compliance with our Terms; and

  • any other use that is authorised by you or relevant privacy laws.

By using or asking us to provide you with our Services, you consent to your personal information being collected, held and used in this way and for any other use you authorise. We will only use your personal information in the ways outlined in this privacy policy or otherwise if we have your express permission.

If you choose not to provide personal information that we request in connection with our Services, we may not be able to provide some or all of our Services to you. For example, you may not be able to access certain features on our mobile application or we may be unable to provide you with information about our Services that you may want.

4. HOW WE HOLD YOUR PERSONAL INFORMATION

We are committed to keeping your personal information as safe and secure as possible. We use reasonable care including physical, electronic, and procedural safeguards to protect your personal information.  We hold information that you provide to us directly such as your Account information. Additionally we only store or hold Financial Information (as defined in our Terms) that we retrieve from third parties such as your transaction data which is anonymised.

 

  • Service providers

Information that we hold is stored through our service providers, including MongoDB. They store your data securely and protect it through a variety of industry-standard authentication and access controls such as encryption, access control (such as using HTTP bearer tokens) and configuration management.

 

  • Retention

We will only keep your personal information for as long as it is required in connection with its original purpose or to allow us to comply with legal and reporting obligations.  Where you close your Account or your Account is terminated, for security purposes, we will not delete your Account or the then-current information related to your Account immediately, and unless we are required otherwise under law, all information related to your Account will be permanently deleted after 90 days. After your Account is permanently deleted, you will not be able to recover your Account or any information related to your Account.

 

  • Your responsibility

Despite our best efforts, the internet cannot be trusted as a secure environment. We cannot provide any assurance regarding the security of transmission of information you communicate to us or authorise that we retrieve online. We also cannot guarantee that the information you supply will not be intercepted while being transmitted over the internet. Accordingly, any personal information or other information which you transmit to us, or authorise be transmitted to us, online is transmitted at your own risk. You are also responsible for helping to protect the security of your personal information and of any device on which you access the Services. Please do not enter any credit card details or sensitive personal information when contacting us via email.

If we believe there has been a privacy breach, we will promptly identify the issues and take steps to minimise any harm. We will notify you and any applicable regulator of an actual or suspected data security breach where we are legally required to do so.

5. TRANSFERRING OR SHARING YOUR PERSONAL INFORMATION

We may transfer or share your personal information to others under the following limited circumstances for the purposes described in this privacy policy.

 

  • With our service providers, contractors and agents

We may share your personal information with those who assist and enable us to use and store the information. This is mainly to operate and deliver our Services for the purposes specified in this privacy policy. These service providers are required to use it solely as we direct to provide our requested service and we remain responsible for the information they handle on our behalf.

 

  • For security and legal compliance

Your personal information may be shared with the regulators, law enforcement bodies, government agencies courts or other third parties where we think it is necessary to comply with applicable laws or regulations, or to protect and defend our legal rights. Where possible and appropriate, we will endeavour to notify you to let you know this has occurred.

 

  • During a change in ownership

In the event of a change of ownership of Zaak or the website, your personal information may be transferred to the new owner(s) so that we or our Services can continue operations.

 

  • With your permission

We may share data with third parties outside the scope of this privacy policy with your consent.

Some of these recipients may be located in overseas countries, which may have privacy or data protection rules different to those that apply in New Zealand and Australia. Where we transfer personal information abroad, we will ensure we take appropriate measures to comply with applicable privacy laws related to such transfer in line with our obligations, such as taking such steps as are reasonable in the circumstances to ensure that the recipients are subject to privacy laws that provide comparable protection to those under relevant legislation.

6. YOUR RIGHTS

You must ensure that the personal information that you provide to us is accurate, complete and up-to-date. Unless there are certain legal grounds for refusing, you may request access to your personal information we have that is readily available or ask us to update or correct your personal information.

We will process your request as soon as reasonably practicable, or we will explain why if we are unable to do so under legal grounds. If appropriate, we may charge you our reasonable costs of providing and/or correcting your personal information. However, we will not charge you for simply making a request.

If you want to exercise your rights above, please contact us using the details provided below in section 10 of this policy. We may require some proof of identity before we provide you with access to or correct your personal information. If you wish to complain about any outcome or to attach a statement of correction to your record, please see our complaints procedure below in section 8.

You have the right to remain anonymous or to use a pseudonym when making inquiries through our website or social media pages or by calling us and do not require a further response from us. However, we may not be able to provide you with some or all of our services if you do not disclose your personal details to us for us to respond to your inquiries.

7. COOKIES AND ANALYTICS

Our website uses cookies and similar technologies, which are a small amount of data, which often includes an anonymous unique identifier that is sent to your browser and stored on your device. Through our service providers, we may use commonly used tools such as cookies, web beacons, pixels, and similar technologies, identifiers for mobile devices, to collect information about you to provide the experiences you request, administer our Services, track your interactions, and analyse trends. If you reject all cookies, you can still access our website, but you may not be able to take full advantage of all other offerings. You can configure your browser to accept all cookies, reject all cookies or notify you when a cookie is set.

We use Google Analytics for Firebase or Firebase Analytics (Firebase), which is an analytics service provided by Google. By enabling this tool, we enable the collection of data about your use of our Services, via unique device identifiers for mobiledevices, and other technologies similar to cookies. On our behalf, Firebase evaluates the data the way you use our mobile application and Services provided on it (App), as this data is important for us to maintain and further improve the stability and security of the App.  The type of information collected through Firebase may include:  device information; first launches; geography/region; number of users and sessions; application opens; application updates; operating systems; session duration; unique device identifiers and data related to your usage.

You may opt out of certain Firebase features through your mobile device settings, such as your device advertising settings or by following the instructions provided by Google in their Privacy Policy. We also encourage you to review the Google policy for safeguarding your data and how Google uses data when you use our App.

8. COMPLAINTS

You may request further information about the way we manage your personal information or lodge a complaint by contacting us using the contact details below in section 10.

If you would like any further information about our handling of personal information or to make a

complaint about something you believe breaches the New Zealand Privacy Act 2020, the Australian Privacy Act 1988 (Cth) or any other applicable privacy and data protection laws, please lodge a written complaint using the email address below. Once we receive your complaint, we will respond to your complaint within a reasonable period of time, usually within 20 working days.

While we always try to work with you to solve your issue, if you consider your privacy concerns have not been resolved satisfactorily by us, or you wish to obtain more information on privacy requirements, you can contact:                      

  • New Zealand: New Zealand Privacy Commissioner on 0800 803 909 or visit their website.

  • Australia: Office of the Australian Information Commissioner by following their complaints procedure on their website.

9.  Amendments

We may update this policy to reflect changes to how we collect, store and manage your information at any time, including where we decide to deal with information under the Australian consumer data rights regime. When we update this policy, we will revise the “Last updated” date at the top of the policy. If the changes are significant, we may also notify you on our website, application or via email before the changes become effective.

10. CONTACTING US

If you have any questions about this privacy policy, any concerns or a complaint regarding how your personal information has been collected or handled by us, or a possible breach of your privacy, please contact us at aashiq@getzaak.com.

bottom of page