Cargill Enterprises (CE) complies with the New Zealand Privacy Act 2020 when dealing with personal information. This policy sets out how Cargill Enterprises will collect, use, disclose and protect personal information of customers and partners.
This policy is intended to apply to all CE activities.
- Roles and Responsibilities
It is the responsibility of CE directors and CEO to ensure that CE takes every precaution to protect the privacy of every person that we serve and encounter in the course of our work.
Personal information is information about an identifiable individual (a natural person).
A Privacy breach is where there has been unauthorised or accidental access to personal information, or disclosure, alteration, loss, or destruction of personal information. It can also include a situation where CE is stopped from accessing information – either on a temporary or permanent basis.
- Collection of Personal Information
- CE collects personal information from customers and partners when it is provided through our websites or through personal contact. The type of information we collect is name, address, email, phone number and any other information that is provided to us during our interactions. This personal information is held in electronic form in our computer systems and databases.
- CE uses the personal information which is provided to communicate with customers and partners in the following ways:
- Send updates, documents, or reports relating to CE activities
- To make requests or inquiries concerning CE
- To answer questions or provide information about CE
- To undertake administrative and operational functions regarding CE
- To comply with laws or regulations
- CE does not disclose personal information of customers and partners to third parties and takes reasonable steps to keep all personal information safe from loss, unauthorised activity, or other misuse.
- Under no circumstances are staff or contractors of CE permitted to use personal information to make contact or communicate with other customers or partners for any reason other than those described in clause 5(b).
- Any customer or partner (upon confirmation of identity) may request access to their own personal information or request a correction to the personal information being held about them by contacting the Privacy Officer of CE (Geoff Kemp).
- While CE takes reasonable steps to maintain secure internet connections, any personal information that is provided over the internet is done so at the customer own risk.
- Privacy Officer
The board of CE has appointed one person to fulfil the role of Privacy Officer.
The duties of the Privacy Officer are to:
- be familiar with the privacy principles in the Privacy Act
- work to make sure CE complies with the Privacy Act
- deal with any complaints regarding CE including possible privacy breaches
- deal with requests for access to personal information, or correction of personal information
- act as CE liaison with the Office of the Privacy Commissioner.
The Privacy Officer may also:
- train other personnel to deal with privacy matters
- advise on compliance with privacy requirements
- advise on the potential privacy impacts of changes to CE practices
- advise if improving privacy practices might improve CE
- be familiar with any other legislation governing what CE can and cannot do with personal information.
- Privacy Breach
If CE has a privacy breach that has caused serious harm to someone (or is likely to do so), the Privacy Officer will notify the Office of the Privacy Commissioner as soon as possible using the online tool, NotifyUs, for lodging notifications.
If a notifiable privacy breach occurs, the Privacy Officer will also notify affected individuals, (unless there are valid reasons not to notify affected individuals) as soon as possible.
This Policy will be reviewed as follows:
- In accordance with changes in legislation, particularly the Privacy Act 2020
- Following any issues or concerns raised about privacy by the Directors of CSP
- In all other circumstances, at least every three years.