Privacy and Data Policy

Last updated: 1 August 2023


We’ve updated our Privacy and Data Policy to ensure that we communicate to Users, in the clearest way possible, how we comply with these legal requirements, how we collect, use, disclose or transfer Personal Information supplied by Users or collected by us and the ways in which Users can protect their privacy.
Our Privacy and Data Policy also specifies other requirements, such as how Users may access, correct and delete information held about them.
By interacting with us or accessing our Website, Users agree to comply with the terms and conditions of this Privacy and Data Policy and agree that PSP may process (i.e. collect, use, store, transfer, disclose or otherwise process) User’s Personal Information in accordance with this Privacy and Data Policy (as well as for any other use authorised by the User).
Our Privacy and Data Policy explains:
(1)      Consent;
(2)      What information we collect and how;
(3)      How we use Personal Information;
(4)      Who we share Personal Information with and why;
(5)      The steps taken to protect Personal Information under our control;
(6)      Users’ data protection rights;
(7)      Communications;
(8)      Links and connections to third party services;
(9)      International data transfers;
(10)   How PSP retains and deletes Personal Information;
(11)   How to access and update Personal Information; and
(12)   How to contact us.

1. USER CONSENT
PSP provides signage, display and building solutions which includes the supply of products and support services, as well as supplying products and services which may be provided to Users by third party providers (together, “our products”). We collect Personal Information in order to be able to provide and improve our products, and for the other uses described below.
By acquiring or using our products, accessing our Website or providing Personal Information to us, Users consent to our collection, storage, use and disclosure of Personal Information (including any sensitive information provided) in accordance with this Privacy and Data Policy.

2. INFORMATION WE COLLECT
There are three ways we collect information:
(1)      Information Users give us.
(2)      Information we collect when Users interact with us.
(3)      Information we collect from third parties.

(a) Information Users Give Us
In order to purchase our products, a User must provide us with certain contact details and other Personal Information including name, address, phone number and email address. When purchasing or attempting to purchase our products from our Website, Users must also provide us with payment information (including credit card numbers). Users may also at times provide industry specific and company information, and billing and financial information.
‍PSP Limited (“PSP”) is committed to respecting the privacy and security of information received from User(s) of our Website or products. This Privacy and Data Policy sets out our compliance with both New Zealand privacy laws (including the Privacy Act 2020) and the European Union General Data Protection Regulations (“GDPR”).

Users can always choose not to provide us with Personal Information, however this may mean that we are unable to supply our products effectively, or at all.

(b) Information We Collect When Users Interact With Us
We may automatically collect information (which may include Personal Information) when Users interact with us by visiting our Website or communicating with us. This information may include:

Consent to Disclosure/Collection: By using our website or otherwise interacting with us, you:

(c)    Information We Collect from Third
Parties

We work closely with third parties (for example, our service providers) in order to be able to develop and supply our products, and provide them to Users.
We may receive the same kinds of information described in (a) and (b) above from third parties.

Personal Information Received from Users about Others
When acquiring or using our products, Users may disclose, and we may collect, Personal Information about someone else. For example, data supplied by Users may contain Personal Information relating to the customers or employees of Users.
Before disclosing Personal Information to us about someone else, Users must ensure that they have obtained sufficient consent to disclose that information to us, and that, without taking any further steps required by applicable data protection or privacy laws, we may collect, use, transfer and disclose such information for the purposes described in this Policy.
Users shall remain responsible for all Personal Information collected and processed by the User, and for compliance with applicable privacy and data protection laws.

3.    HOW WE USE PERSONAL INFORMATION
We collect and use Personal Information in order to be able to provide and improve our products.
We also use Personal Information to:

For these purposes we may receive, use, store, share, send, combine, transform, reformat, encrypt, mask, organise, geomap, update and delete Personal Information (and undertake any further processing activities expressed or implied in this Policy). The Personal Information that we collect will not be further processed in ways that are incompatible with the initial purposes for which the data was collected.

4.    WHO WE SHARE INFORMATION WITH
We share information, including Personal Information, as necessary to provide Users the products requested or authorised. For example, we may share information with:

Unless the User agrees otherwise, our data processors will:From time to time we may use third-party data processors to provide elements of services for us, which may be located outside of New Zealand. We will have contracts in place with all of our data processors, to prevent them from doing anything with Users’ Personal Information unless we or the User has instructed them to do so.

We require that our service providers and suppliers (data processors) agree to keep all User information we share with them confidential. While we provide these third parties with no more information than is necessary to perform the function for which we engaged them, Users should be aware that any information provided by the User to these third parties independently/directly is subject to the third parties' respective privacy policies and practices.

We may also share or use non-Personal Information (i.e. information that is related to a Person but does not personally identify that individual, such as aggregated, anonymised or de-identified data) publically or with third parties, such as our third party suppliers. For example, we may share or use information publically to show trends about our products. This data or information will in no way identify Users or any other individual.

5.    STEPS TAKEN TO PROTECT PERSONAL INFORMATION
Protecting the security of User Personal Information is of the utmost importance to PSP. We maintain a variety of safeguards and procedures in order to protect Personal Information from unauthorised access, use, interference, modification or disclosure.

For example, Users’ Personal Information is kept securely in our database, and is protected by SSL encryption. Users’ Personal Information will only be accessed by people at PSP who need to use the information for the purposes discussed above. We also store Personal Information on computer systems that have password-controlled access and firewalls. We use a SSL VPN (Secure Sockets Layer Virtual Private Network) to ensure that only authorised people at PSP are given remote access to our computer systems.

In order to acquire or use our products, or interact with us, use of the internet is sometimes required, and the internet is not itself a secure environment. We therefore cannot give an absolute assurance or guarantee that User information will be secure at all times. Transmission of information over the internet or third-party networks is at the User’s own risk. We will notify Users at the first reasonable opportunity if we discover or are advised of a material security breach which has resulted in unauthorised access, disclosure or loss of User Personal Information.
To help maintain the security of information, Users agree to keep their passwords and account details private and confidential.

6.    USERS’ DATA PROTECTION RIGHTS
Under data protection and privacy laws, Users have rights regarding the Personal Information that we hold/collect. The rights available to Users depend on our reason for processing Users’ Personal information. These rights include:

All requests should be sent to us at info@psp.co.nz, and include the words 'Attention: The Privacy Officer'. User choices in relation to Personal Information may affect our ability to provide our products. We will respond to Users as soon as reasonably practicable regarding the impact of the User’s requests on the products, any other issues arising and to confirm the User’s intention to proceed. If we are unable to comply with the request, we will give the User reasons for this decision when we respond (for example, the information may not be readily retrievable and it may not be reasonable or practicable for us to process the request in the manner sought. In some instances, it may also be necessary for us to arrange access to User Personal Information through a third party e.g. a third party service provider).

7.    COMMUNICATIONS
We are committed to full compliance with the Unsolicited Electronic Messages Act 2007.

By subscribing to email communications, or otherwise providing an email address, Users consent to receiving emails which promote and market our products, or the products and services of others, from time to time.

Users can unsubscribe from our email communications at any time by clicking the "Unsubscribe" link in any promotional or marketing email, or by emailing info@psp.co.nz, and include the words 'Attention: The Privacy Officer’.

Once a User has unsubscribed from the email communications, the User will be removed from the corresponding email/distribution list as soon as is reasonably practicable.

8.    LINKS AND CONNECTIONS TO THIRD PARTY SERVICES
Our website contains links to (and may be used by Users in conjunction with) third-party services, tools, and websites that are not controlled or managed by us. This Privacy and Data Policy does not cover how these organisations process Personal Information. These websites may use cookies. It is the responsibility of those third parties to collect appropriate consents from Users in order to permit their own cookies (to the extent this is required by law) and to inform Users about the cookies they use. Users should check the privacy policy on all third-party websites to ensure they are comfortable with third party cookies.

We have no responsibility for linked websites, and provide them solely for Users’ information and convenience. We specifically disclaim responsibility for their content, privacy practices and terms of use, and we make no endorsements, representations or warranties about their accuracy, content or thoroughness.

Disclosure of Personal Information by Users to third party service providers is at the User’s own risk, and we encourage Users to read the privacy policies applicable to these third-party services. We are not responsible for the security or privacy of any information collected by these third-parties.

9.    INTERNATIONAL DATA TRANSFERS
When we disclose, use or store data, it may be transferred to and processed in, countries other than New Zealand. In those countries, there may be differences with New Zealand's privacy laws.
For example:

This means that Users’ Personal Information may be transferred outside of New Zealand. However, where we disclose Personal Information to a third party in another country, we place or obtain safeguards to ensure Users’ Personal Information is protected (except as expressly disclosed in this Policy). Where Users’ Personal Information is transferred outside New Zealand, it will (except as expressly disclosed in this Policy) only be transferred to:

For further information, please contact us using the details set out in the contact section below.

10.    RETENTION AND DELETION OF PERSONAL INFORMATION
The period of time for which we hold Personal Information that we have collected varies according to what the Personal Information is used or required for, and whether we have an ongoing need to retain it (for example, to provide Users with a product they have requested or to comply with applicable legal requirements such as financial record-keeping legislation).
Unless there is a legal requirement or justification for us to keep the Personal Information, we will retain it for no longer than is necessary:

Once Personal Information is no longer required, the Personal Information will be deleted, securely destroyed or anonymised.

11.    ACCESSING AND UPDATING USER PERSONAL INFORMATION
Users are responsible for ensuring that Personal Information provided to us is accurate, complete and up-to-date. This includes personal or sensitive information contained in their User account. We will also take reasonable steps to ensure that any Personal Information that we collect (i.e. information obtained from other sources) is accurate, up-to-date, complete and not misleading.

We endeavour to provide Users with reasonable access to Personal Information we hold about Users, and Users may request that we update, correct or delete any Personal Information that is inaccurate or inappropriate for the purposes for which it was collected.

Requests for access to, or the correction of, Personal Information should be emailed to info@psp.co.nz, and include the words 'Attention: The Privacy Officer’.

We will process requests as soon as reasonably practicable, provided we are not otherwise prevented from doing so by law. If we are unable to meet a User’s request, we will explain the reasons why when we respond to the User’s request. For example, the information may not be readily retrievable and it may not be reasonable or practicable for us to process the request in the manner requested.

12.    HOW TO CONTACT US
Please contact us if you have any questions or complaints about this Privacy and Data Policy, if you wish to access, update, erase and/or correct Personal Information, or if you otherwise have a question or complaint about the manner in which we or our service providers treat Personal Information.

Users may write to PSP’s Privacy Officer by email, including any supporting documentation, at info@psp.co.nz, and include the words 'Attention: The Privacy Officer’.

Alternatively, you can write to us at:

PSP Limited
Attention: Privacy Officer
320 Rosedale Road,
Albany, 0632
New Zealand

We will endeavour to respond within 30 days.

Application of this Privacy and Data Policy
Our Privacy and Data Policy applies to all of the products offered by us, and all Users who access our Website or interact with us. Our Privacy and Data Policy does not cover the information practices of other companies and organisations (such as our third party service providers) that supply, contract and advertise using our website.

Changes to this Privacy and Data Policy
We keep this Policy under regular review to make sure it is up to date and accurate. We also reserve the right to change this Policy from time to time, as our practices evolve to meet new requirements, standards, technologies and customer feedback. We will post any privacy policy changes on our website (https://www.psp.co.nz/privacy-policy) and will update the “last updated” date at the top of this Policy. Continued interaction with us by Users, including using our Website, will be deemed acceptance of any amended Policy.
We recommend that Users regularly review this Policy to learn how we protect Personal Information.

Definitions
In this Policy, unless the context requires otherwise:

Binding Scheme

means a binding scheme specified in regulations made under section 213 of the Privacy Act 2020 (NZ);

Person

means and includes any natural person, company, corporation, firm, partnership, joint venture, society, organisation or other group or association of Persons (whether incorporated or not), trust, state or agency of state, statutory or regulatory body, local authority, government or governmental or semi-governmental body or agency (in each case whether or not having separate legal personality);

Personal Information

means information about an identifiable individual and includes, without limitation, names, addresses, phone numbers, email addresses and IP addresses;

Prescribed Country

means a country specified in regulations made under section 214 of the Privacy Act 2020 (NZ);

User(s)

means all Persons accessing our Website, interacting with us and/or purchasing our products, including Persons that submit a request for our products, and/or any Persons providing Personal Information to us;

User account

means any User’s account with us;

Website

means any website or websites operated by us (including www.psp.co.nz and any websites on the root domain psp.co.nz); and

we, us, our, PSP

means PSP Limited, trading as “PSP”.