Privacy Policy

EasyStreet Mortgages Limited

5A/166 Moorhouse Avenue www.easystreet.nz FSP711051

Purpose:

This policy outlines the approach of EasyStreet Financial Advice Provider (FAP) to protecting the privacy and confidentiality of personal information in compliance with the Privacy Act 2020 and other applicable New Zealand laws. Ensuring transparency and integrity in all dealings is paramount to maintaining trust with our clients and upholding our reputation in the financial services industry.

Scope:

This policy applies to all personal information collected by EasyStreet from clients, employees, and third parties in connection with our services.

Information Collection:
  • Personal Information: We collect personal information necessary for providing financial services, including names, addresses, contact details, financial information, and identification documents.
  • Methods of Collection: Information is collected through various methods, including direct interactions, online forms, emails, phone calls, and third-party sources.

Use of Information:
  • Primary Purpose: Personal information is used primarily to provide financial advice, mortgage brokering, insurance services, and KiwiSaver advice.
  • Secondary Purposes: Information may also be used for internal purposes such as compliance, auditing, and improving our services.

Disclosure of Information:
  • Third-Party Disclosure: We may disclose personal information to third parties, including financial institutions, insurers, and regulatory bodies, as required to provide our services.
  • Legal Obligations: Information may be disclosed to comply with legal obligations, such as responding to court orders or regulatory requirements.

Data Protection:
  • Security Measures: We implement appropriate technical and organisational measures to protect personal information against unauthorized access, alteration, disclosure, or destruction.
  • Access Control: Access to personal information is restricted to authorized personnel only, based on role and necessity.
  • Reporting Methods: Any breaches or suspected breaches of data privacy must be reported immediately to the Compliance Manager using the established reporting methods outlined in the EasyStreet Governance Process.

Retention and Disposal:
  • Security Measures: We implement appropriate technical and organisational measures to protect personal information against unauthorized access, alteration, disclosure, or destruction.

Rights of Individuals:
  • Access and Correction: Individuals have the right to access and request correction of their personal information held by EasyStreet.
  • Withdrawal of Consent: Individuals may withdraw their consent to the use of their personal information at any ;me, subject to legal and contractual restrictions.

Complaints and Inquiries:
  • Contact Information: Complaints and inquiries regarding privacy practices should be directed to the Compliance Manager at compliance@easystreet.nz

Policy Review:
  • Regular Review: This policy is reviewed regularly to ensure compliance with legal requirements and best practices. Updates to the policy will be communicated to relevant stakeholders.
Staff and Adviser Expectations and Conduct:
  • Professional Conduct: All staff and advisers are expected to handle personal information with the highest level of professionalism and integrity, ensuring that client data is always treated with respect and confidentiality.
  • Training and Awareness: EasyStreet is committed to providing regular training on privacy and data protection to all staff and advisers. This includes training on the identification and management of privacy risks, as well as the proper handling of personal information.
  • Compliance Obligations: Staff and advisers must comply with all aspects of this Privacy Policy, including the immediate reporting of any suspected breaches of privacy to the Compliance Manager.
  • Use of Personal Information: Staff and advisers may only use personal information for the purposes for which it was collected, and must ensure that any use of personal information is consistent with the client’s consent and expectations.
  • Access and Security: Staff and advisers must ensure that personal information is only accessed by those with a legitimate need and that it is securely stored at all times. This includes implementing strong passwords, encryption, and other security measures as appropriate.
  • Reporting Breaches: Any breaches or suspected breaches of privacy must be reported immediately to the Compliance Manager. The report should include details of the breach, the information affected, and any actions taken.