The Tōtara for Tōtaranui Project wants to ensure your experience with our website and our digital platforms is safe, transparent, and understandable, and protects your rights to privacy.
What this policy covers:
It also applies to personal information collected by us through other channels or sources, such as face to face or telephone discussions.
This policy explains how the Tōtara for Tōtaranui Project collects ‘personal information’, how that information is stored, secured, and handled, and what rights you have in relation to that information, and retrieving or deleting your information.
This policy does not apply to pages or sites hosted by other organisations whom the Tōtara for Tōtaranui Project might work with, or that our site may link to. It only applies directly to properties owned or run by the Tōtara for Tōtaranui Project.
“Tōtara for Tōtaranui Project” refers to the Tōtara for Tōtaranui Project which is a community initiative based on the desire to conserve the Marlborough Sounds by protecting, restoring, and enhancing the land and the sea for future generations and educating people why this is important.
What is ‘Personal information’:
‘Personal information’ is information about an identifiable individual, company, or business.
Personal information that the Tōtara for Tōtaranui Project might collect from you includes your name, address, contact details (such as telephone number and email address) and, if you are a donor, your payment details and banking details.
Collection and use of personal information:
Personal information is generally collected directly from you.
Other than the updating of information referred to above, the Tōtara for Tōtaranui Project does not collect personal information from you unless you voluntarily choose to give it to us via our website, over email, a phone call, by signing up as a supporter or volunteer or another face-to-face communication, or by post.
We use personal information provided to us for the purposes for which it is provided, and for related purposes relevant to our activities or our branches activities. This might include (but is not limited to):
• Processing donations and regular giving transactions.
• Maintaining and administering your membership with us.
• Organising volunteer activities.
• Event administration, functions, and activities.
• To communicate our news and important items of interest to you (if you have elected to hear from us. You can opt out at any time).
• We do not sell, publicly disclose, or rent your personal information to any person or entity.
How we store personal information:
The Tōtara for Tōtaranui Project houses information on databases, web servers, local devices, computers and on cloud storage services.
Some of these are within New Zealand and some provided by overseas entities, or copies are stored on overseas services.
These may be provided by partner providers who operate their own privacy policies and data security policies that the Tōtara for Tōtaranui Project has decided is sufficiently adequate and reliable as an enterprise class data storage facility. The Tōtara for Tōtaranui Project however accepts no liability for the performance, security, and reliability of such entities.
Our partner providers at any time may include Google, Microsoft, Facebook, Instagram, YouTube, Dropbox, AWS (Amazon web services) and Mailchimp.
Social marketing and web analytics:
The Tōtara for Tōtaranui Project utilises technology for marketing and promotion activities that may anonymously make use of personal data to deliver ads or social content. This may include Google and Facebook re-marketing services that can identify a person by their email or social login data.
Additionally, we make use of Google Analytics for web statistics that provides anonymous web usage data and web interaction analysis to us.
The Tōtara for Tōtaranui Project suggests users of such channels are always familiar and satisfied with the individual data and privacy policies put out by these organisations.
Cookies and automatic recall of web data:
Pages and services that handle credit cards:
The Tōtara for Tōtaranui Project does not permanently store your credit card details.
Our donation page uses a third-party payment processors supplied by Stripe, one of the world’s leading payment handling services (see https://stripe.com/nz/privacy). Stripe processes payments using Secure Sockets Layer (SSL), a security protocol that provides communications privacy over the internet in a way that is designed to prevent unauthorised parties from intercepting data communications.
Payment Card Industry Data Security Standards (PCI DSS) define industry best practices for handling and protecting credit card details. All storage and transferal of your financial details by the Tōtara for Tōtaranui Project and our payment processors is PCI compliant and is routinely reviewed and improved to ensure compliance.
We protect your information online and offline:
While we use SSL encryption to protect sensitive information online, we also protect user-information that may be stored locally or on a hard copy. All your information, not just the sensitive information like a credit card number, is restricted in whom can access it. Only employees who need the information to perform a specific job (for example, our membership and fundraising officers) are granted access to personally identifiable information or information that might be sensitive in nature.
Your rights; updating, requesting, or deleting information:
You have the right to know what information the Tōtara for Tōtaranui Project holds about you, and to correct it in case of error or to have it erased if you wish. These obligations are provided in line with the Privacy Act 1993, but do not supersede our obligations for information retention in line with other applicable New Zealand legislation, such as the Financial Reporting Act.
If you have any questions about the information, we maintain about you, or your membership details please contact firstname.lastname@example.org.
The Tōtara for Tōtaranui Project update this policy from time to time or as may be required. We do not generally advise our website users or members of updates to this policy; therefore, we encourage you to revisit this page periodically to ensure you are comfortable with our current policy.
The policy was last updated on 22 June 2021.