top of page

Privacy Policy

Last Updated: 2026

Purpose

The purpose of this Policy is to:

  1. ensure that personal information collected and held by the Organisation is managed in accordance with the requirements of the Privacy Act 2020, the Privacy Principles, and all relevant legislation;

  2. ensure that individuals have trust and confidence in the Organisation’s ability to manage and protect their personal information;

  3. educate people within the Organisation on the collection, use, storage, sharing, and disposal of personal information; and

  4. promote a culture that protects and respects personal information.

 

Scope

This Policy applies to all staff members, interns, contractors, and volunteers of the Organisation.​

​

Policy Statement

The Organisation is committed to respecting, managing, and protecting personal information. To support this commitment, the Organisation will comply with the provisions of the Privacy Act 2020 and all relevant legislation, and will put in place the required procedures, resources, and training.

 

Guidelines and Expectations

1. Breach of Security
If a privacy breach is notifiable, the Organisation must inform the Office of the Privacy Commissioner. The online tool NotifyUs may be used to assess whether a privacy breach is serious and requires notification.
 

2. Privacy Officer
The Group General Manager acts as the Privacy Officer and is responsible for ensuring that the Organisation complies with the Privacy Act 2020. All privacy complaints may be directed to privacy@activatefaithgroup.nz.
 

3. All staff members, interns, contractors, and volunteers are required to:

  • comply with this Policy;

  • treat any personal information disclosed within the Organisation with a high degree of respect and confidentiality;

  • complete any privacy-related training required by the Organisation; and

  • comply with the Privacy Act 2020 and the Privacy Principles.
     

4. The Organisation will protect and secure personal information and documentation in accordance with the Privacy Act 2020.

​

All staff members, interns, contractors, and volunteers are required to read and acknowledge this Privacy Policy.

​

The Privacy Principles

The Privacy Act 2020 contains thirteen (13) Privacy Principles that govern how personal information is collected, used, handled, and disclosed.​

 

1. Purpose for Collection

The Organisation collects personal information only for lawful purposes. These purposes may include, but are not limited to:

  • informing individuals about services, events, and activities;

  • providing pastoral care;

  • complying with legal requirements;

  • connecting and communicating with individuals;

  • protecting children and young people;

  • completing registration and management requirements for conferences and events;

  • improving the delivery of services; and

  • completing internal analysis and reporting.

​

2. Source of Information

Personal information is collected directly from the individual concerned wherever possible. In certain circumstances, information may be collected from another source, for example where:

  • the individual has provided consent;

  • collection from another source would not prejudice the individual’s interests;

  • collection directly from the individual would undermine the purpose of collection; or

  • the information is obtained from a publicly available source.

 

3. What to Tell an Individual

When collecting personal information, the Organisation takes reasonable steps to ensure that individuals are informed about:

  • the purpose for which the information is being collected;

  • who will receive the information;

  • whether providing the information is compulsory or voluntary; and

  • the consequences of not providing the information.

 

Providing personal information is optional. However, if requested information is not provided, the Organisation may be unable to effectively deliver services or fulfil its role.

 

4. Manner of Collection

Personal information is collected in a manner that is fair and does not unreasonably intrude on an individual’s privacy. Particular care is taken when collecting information relating to children or young people, including liaising with parents or caregivers as appropriate.

​

5. Storage and Security

Personal information is stored in secure electronic systems to prevent loss, misuse, or unauthorised disclosure. Paper-based records are kept in lockable storage or secured access areas when not in use.

​

6. Access

Individuals have the right to request access to their personal information. Access will be provided where possible, subject to legal and privacy considerations, including situations where release of information could:

  • endanger someone’s health or safety; or

  • create a significant likelihood of serious harassment.

  • prevent the detection or investigation of a crime.

 

7. Correction

Individuals have the right to request correction of personal information if it is inaccurate.

 

8. Accuracy

The Organisation takes reasonable steps to ensure that personal information is accurate, complete, relevant, up to date, and not misleading.

 

9. Retention

Personal information is not retained for longer than necessary. Information will be securely deleted or destroyed when it is no longer required.

 

10. Use

Personal information is used only for the purpose for which it was collected, or for a directly related purpose, unless consent has been provided or another lawful exception applies.

 

11. Disclosure

Personal information may be disclosed in limited circumstances, including where:

  • disclosure was one of the purposes for which the information was provided;

  • the individual has authorised the disclosure;

  • the information is disclosed in an anonymised form;

  • disclosure is necessary to prevent a serious threat to health or safety; or

  • disclosure is required to maintain the law.

 

12. Cross-Border Disclosure

Personal information may be disclosed overseas only where adequate privacy protections are in place, or where express consent has been obtained, or where disclosure is required to uphold the law or prevent serious harm. For example:

  • the receiving person is subject to the Privacy Act 2020 because they do business in New Zealand

  • the information is going to a place with comparable privacy safeguards to New Zealand

  • the receiving person has agreed to adequately protect the information through an agreement with privacy clauses on information sharing.

 

If there are no adequate protections in place, the Organisation may send personal information overseas if the individual concerned gives express permission, unless the purpose is to uphold or enforce the law or to avoid endangering someone’s health or safety.

​

13. Unique Identifiers

Unique identifiers (such as IRD or driver licence numbers) are not used by the Organisation unless necessary. The Organisation may assign its own internal identifiers where required.

​

Personal Health Information

As part of our services, the Organisation may collect personal health information (such as your medical conditions or information relating to disability) to determine your eligibility to participate in our programmes. The Organisation will obtain consent to such collection and directly from the person/s concerned and explain to them how the information will be used and disclosed. Parents and caregivers will be contacted directly for personal health information regarding minors.

​

The Organisation will not use personal health information beyond the consent provided unless further consent is obtained or in accordance with one of the exceptions under the Privacy Act 2020 and the Health Information Privacy Code 2020.

​

Cookies

Visits to our websites are recorded and logged. The following data is collected anonymously and supplied by the Service User’s browser:

  • IP address and/or domain name

  • operating system (e.g., Windows 10)

  • The type of web browser used (e.g., Google Chrome, Microsoft Edge)

  • The date, time, and length of the visit to the website

  • The resources and pages accessed, and the documents downloaded

  • The search terms used

  • The referring site (if any) clicked to visit our website

 

This information is used to compile statistical information about the use of our website and not for any other purpose. If an individual does not want cookies to be used, the browser settings can be changed to disable them.

​​

Photography and Video

During activities and events, our team may take still photographs and video footage of various aspects, including shots where individuals and groups are identifiable. These shots may be used in social media and for promotional purposes and this purpose alone. As an organisation we take into consideration the general obligations around collection of personal information in Principles 1-4 of the Privacy Act 2020.

​

In accordance with the Child Safety and Wellbeing Policy, no photos or video are to be taken of a young person in a church programme or event without their permission, and the permission of their parent or guardian. At all times a young person (or their parent/guardian) has the right to request that photos or video not be taken that include them and that request must be complied with. Further guidelines are provided in the Child Safety and Wellbeing Policy.

 

Social Media

We use social media networking services such as Facebook, Instagram and YouTube to share content and promote our initiatives in a a public space. When an individual engages with us using these services, the social network may collect their personal information for its own purposes. These networks have their own privacy statements which are independent of ours. They do not have any access to the personal information that we hold.

​​

Security (CCTV)

We have CCTV devices installed across our locations. CCTV footage is recorded and retained for security purposes (e.g. if there was a theft or a break-in) and is only viewed by authorised staff. The footage will not be made public unless authorised by the individual(s) shown in the footage or in consultation with the New Zealand Police. The footage will be deleted after it is no longer required by us for security or operational reasons. There is signage at our locations advising of the presence of CCTV devices.

​​

Anonymity

An individual may request that they be dealt with anonymously, provided that is it lawful and practicable. We will try to accommodate a request for anonymity wherever possible, however we note that in some circumstances, this may prevent us from practically and effectively communicating with that individual.

​​

Confidentiality

All information collected will be treated with appropriate care to maintain confidentiality. The collection, use and storage of personal information will comply with the Privacy Act 2020. Information will only be shared where there is good reason to do so.

​

Legislation and References

  • Children’s Act 2014

  • Privacy Act 2020

  • Education and Training Act 2020

  • Health Information Privacy Code 2020

  • Oranga Tamariki Act 1989

  • Human Rights Act 1993

  • Acts Churches New Zealand Child Safety and Wellbeing Policy

​

Policy Document Storage

Policies will be kept in the appropriate storage location

​

Amendments

The Organisation reserves the right to amend this Policy from time to time.

 

Disclaimer

The Organisation reserves the right to change or replace this policy at any time. Where there is a dispute with regards to the interpretation of this policy or any part thereof, the Organisation reserves the right to clarify the intention and meaning of this policy. The clarification as provided by the Organisation will be seen as the final decision on the interpretation of this policy.

bottom of page