Privacy Policy

Introduction

We are Horizon Mortgages Limited. Our website address is: www.horizonmortgages.co.nz.

Horizon Mortgages Limited (we, us, our) complies with the New Zealand Privacy Act 2020 (the Act) when dealing with personal information. Personal information is information about an identifiable individual (a natural person). This policy sets out how we will collect, use, disclose, and protect your personal information.

This policy does not limit or exclude any of your rights under the Act. If you wish to seek further information on the Act, you can contact our Privacy Officer by email at florence@horizonmortgages.co.nz or visit www.privacy.org.nz for further information.

 

Changes to this policy

We may change this policy by uploading a revised policy onto the website. The change will apply from the date that we upload the revised policy.

 
What is personal information?

Personal information is information about an identifiable individual. It includes (but is not limited to) name, address, contact details, date of birth, occupations, payment details, employment history and/or details, education and qualifications, financial information, testimonials and feedback, evidence of source of funds or source of wealth (in some cases) and other information.

 

We will use your personal information:
  • to verify your identity
  • to provide services and products to you
  • to market our services and products to you, including contacting you electronically (e.g. by call, text, or email for this purpose)
  • to improve the services and products that we provide to you
  • to respond to communications from you, including a complaint
  • to protect and/or enforce our legal rights and interests, including defending any claim
  • for any other purpose authorised by you or the Act.

Disclosing your personal information
  • We may disclose your personal information to:
  • Other companies or individuals who assist us in providing services or who perform functions on our behalf (such as mailing houses, hosting and data storage providers, specialist consultants, and legal advisers);
  • Product providers (such as but not limited to lenders and insurance companies);
  • Financial advisers and financial advice providers who may use our services;
  • Other companies or individuals who perform checks (such as but not limited to compliance reviews and audits) that are necessary or desirable under the law on our behalf;
  • Other companies, agencies, or individuals that maintain databases against which your identity may be verified, which may include (but are not limited to) the New Zealand Department of Internal Affairs, and New Zealand Transport Agency;
  • Social media sites on which we may have a presence;
  • Courts, tribunals, and regulatory authorities (such as the Financial Markets Authority, and the Ministry of Justice in New Zealand);
  • Office of the Ombudsman, where a complaint relates to official information;
  • Any person or agency we believe could assist in responding to a serious privacy breach.
  • Office of the New Zealand Privacy Commissioner, where a complaint relates to breach of the Privacy Act 2020;
  • Human Rights Commission, where a complaint relates to discrimination;
  • CERT NZ, where appropriate to assist with the management of a voluntarily notified privacy breach
  • Overseas privacy regulator, where a complaint relates to the actions of an overseas agency; and
  • Anyone else to whom you authorise us to disclose it.

Except as described above, we will not disclose your personal information without your written or oral consent, unless we are required to do so by applicable law.

 

Protecting your personal information

We will take reasonable steps to keep your personal information safe from loss, unauthorised activity, or other misuse. Our software is subject to audits to ensure it is continuing to meet security requirements. All data handled in our software is encrypted in transit and during storage and can only be accessed over secure network connections.

 

Storing your personal information

We will only retain personal information as long as it is required for the purposes for which the information may lawfully be used. All data stored online is backed up and can be retrieved in the event of data loss or corruption.

Data will sometimes be held on-premise at 20 Augustus Terrace, Parnell, Auckland if it is provided to us outside of our software.

 

Accessing and correcting your personal information

Subject to certain grounds for refusal set out in the Act, you have the right to access your readily retrievable personal information that we hold and to request a correction to your personal information. Before you exercise this right, we will need evidence to confirm that you are the individual to whom the personal information relates.

In respect of a request for correction, if we think the correction is reasonable and we are reasonably able to change the personal information, we will make the correction. If we do not make the correction, we will take reasonable steps to note the personal information that you requested the correction.

If you want to exercise either of the above rights, email us at florence@horizonmortgages.co.nz. Your email should provide evidence of who you are and set out the details of your request (e.g. the personal information, or the correction, that you are requesting).

 

Data Breaches

Our Privacy Officer has processes and systems in place in the unfortunate event of a data breach. If such an event occurs, we will promptly identify, report and examine a personal data breach.

 

Internet use

While we take reasonable steps to maintain secure internet connections, if you provide us with personal information over the internet, the provision of that information is at your own risk.

If you follow a link on our website to another site, the owner of that site will have its own privacy policy relating to your personal information. We suggest you review that site’s privacy policy before you provide personal information.

We use cookies (an alphanumeric identifier that we transfer to your computer’s hard drive so that we can recognise your browser) to monitor your use of the website. You may disable cookies by changing the settings on your browser, although this may mean that you cannot use all of the features of the website.

We may use information about your use of our websites and other IT systems to prevent unauthorised access or attacks on our software. We may utilise services from one or more third-party suppliers to monitor the use of our systems. These third-party suppliers will have access to monitoring and logging information as well as information processed on our websites and other IT systems.

 

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

 

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

 

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after one day.

 

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

 

Who we share your data with

If you request a password reset, your IP address will be included in the reset email.

 

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

 

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

 

Where your data is sent

Visitor comments may be checked through an automated spam detection service.