CLOUD BASED ACCOUNTANTS LIMITED DATA PROTECTION & PRIVACY POLICY
Cloud Based Accountants Limited
Data Protection & Privacy Policy
Introduction
This document outlines the procedures and policies adopted by Cloud Based Accountants Limited to ensure compliance with the New Zealand Privacy Act 2020. It is designed to protect personal information collected, used, and stored by our business, which provides accountancy and electronic communication services.
Purpose
The purpose of this document is to:
- Ensure compliance with the New Zealand Privacy Act 2020.
- Protect the privacy of individuals whose personal information we collect.
- Provide guidelines for the handling of personal information.
Scope
This policy applies to all employees, contractors, and third parties who handle personal information on behalf of Cloud Based Accountants Limited.
Definitions
- Personal Information: Any information about an identifiable individual.
- Data Subject: The individual to whom the personal information relates.
- Data Controller: Cloud Based Accountants Limited, responsible for determining the purpose and means of processing personal information.
- Data Processor: Any person or organization that processes data on behalf of the Data Controller.
Collection of Personal Information
Purpose of Collection
We collect personal information to:
- Provide accountancy and electronic communication services.
- Comply with legal and regulatory obligations.
- Communicate with clients and stakeholders.
Types of Personal Information
- Name, address, and contact details.
- Financial information, including tax records, proof of identity records and accounting data.
- Communication records, including emails and other electronic messages.
Method of Collection
Personal information is collected through:
- Direct interactions with clients (e.g., emails, phone calls, meetings).
- Electronic communications (e.g., website forms, online portals).
Use of Personal Information
Purpose Limitation
Personal information will only be used for the purposes for which it was collected unless the individual has consented to a different use or it is required by law.
Data Minimization
We will only collect and use the minimum amount of personal information necessary to fulfill the intended purpose.
Storage and Security of Personal Information
Data Storage
Personal information is stored securely in:
- Electronic databases with restricted access.
- Physical files in locked cabinets for paper records.
Data Security
We employ the following security measures:
- Encryption of electronic data.
- Regular security audits and risk assessments.
- Employee training on data protection and privacy.
Access and Correction of Personal Information
Access Requests
Individuals have the right to request access to their personal information. Requests should be made in writing to Ziegfried Kritzinger email: info@cbservices.co.nz.
Correction Requests
Individuals can request corrections to their personal information if it is inaccurate or incomplete. Requests should be made in writing to Ziegfried Kritzinger email: info@cbservices.co.nz.
Disclosure of Personal Information
Third-Party Disclosure
Personal information will only be disclosed to third parties:
- With the individual’s consent.
- If required by law.
- To fulfill the purpose for which it was collected.
International Transfers
Personal information will not be transferred outside New Zealand without ensuring adequate protection measures are in place.
Breach Notification
In the event of a data breach, we will:
- Notify the affected individuals as soon as possible.
- Report the breach to the Privacy Commissioner if it poses a risk of serious harm.
Privacy Officer
Appointment
Cloud Based Accountants Limited appoints a Privacy Officer responsible for:
- Ensuring compliance with the Privacy Act 2020.
- Handling privacy-related queries and complaints.
- Conducting privacy impact assessments.
Contact Information
Privacy Officer: Ziegfried Kritzinger
Email: info@cbservices.co.nz
Phone: 07 883 3510
Review and Update of Procedures
This document will be reviewed and updated annually or as required to ensure ongoing compliance with the Privacy Act 2020.
Training
All employees and contractors will receive training on these procedures and their responsibilities under the Privacy Act 2020.
Complaints
Individuals can lodge complaints regarding the handling of their personal information with the Privacy Officer at info@cbservices.co.nz. If not satisfied, they can contact the Office of the Privacy Commissioner.