Skip to page content 0800 300 299

New Zealand Guardian Trust ("Guardian Trust", "we", "us", "our") complies with the Privacy Act 2020 when dealing with personal information. Personal information means information about an identifiable individual.

Guardian Trust recognises the importance of protecting personal information and handling it in an open and transparent manner. This Privacy Policy explains how we collect, use, disclose, store and protect personal information.

The collection of personal information is necessary to enable us to offer, provide, administer and supervise our products and services, and to meet our legal, contractual and regulatory obligations. Some of the personal information we collect may be confidential or sensitive.

Please read this Privacy Policy together with our terms of use so that you understand how we collect, use, disclose, store and protect personal information.

Why we collect personal information

Guardian Trust is a regulated supervisor and trustee. We collect personal information for lawful purposes connected with our functions and activities, including to carry out our statutory, contractual and regulatory obligations in relation to:

  • KiwiSaver schemes (including Serious Financial Hardship and Significant Injury withdrawals);
  • Superannuation, managed investment schemes and other supervised arrangements;
  • Identity verification, compliance, and regulatory reporting requirements.

Some of the personal information we collect may be sensitive in nature.

What information does Guardian Trust collect?

In order to provide our services and carry out our functions, we collect and process personal information that is reasonably necessary for those purposes.

The information we collect can include:

  • Information you provide when using our Services. This includes information provided at the time of registering or utilising any of our Services or interacting with our staff.
  • Correspondence or contact information collected during our interaction.
  • Identity and identity verification information. 
  • Financial, employment, hardship or medical‑related information where relevant (for example, in connection with a KiwiSaver withdrawal application);
  • Details of transactions carried out with our team or using our technology, including the fulfilment of these transactions.

Collection from other sources (IPP 3A)

In limited circumstances, we may collect personal information about you from a licensed manager or administrator of an investment product of which you are a member, rather than directly from you. This may occur where collection from that source is authorised or required by law, is necessary for us to carry out our functions as a licensed supervisor or trustee, or where another exception under the Privacy Act 2020 applies.

Where personal information is provided to us by a licensed manager or administrator, that entity is responsible for its own collection of the information from you and for providing any privacy notifications that it is required to provide.

We do not generally collect personal information about you from unrelated third parties. Where we receive personal information from a licensed manager or administrator, we expect that information to have been collected from you or otherwise lawfully obtained.

Where we collect personal information from another source, we will take reasonable steps, where required by the Privacy Act 2020, to ensure that you are notified of the matters required by law unless an exception applies.

  • it is authorised or required by law;
  • it is necessary to carry out our functions or duties; or
  • another exception under the Privacy Act 2020 applies.

IP Addresses

We may collect information about your computer, including, where available, your IP address, operating system and browser type, for system administration.

Cookies

To provide the Services, we may ask you to access websites operated by Guardian Trust. These websites use cookies to improve and personalise your user experience. Cookies are small text files placed on your device when you access a website or application. They are commonly used to support website functionality, authentication, analytics and user preferences. Most browsers allow you to disable or reject cookies; however, doing so may affect the functionality of our websites.

How does Guardian Trust use your information?

We may use your personal information for the following purposes:

  • To set up, administer and manage our Services;
  • For the security of our staff and clients;
  • For any other use you authorise;
  • To ensure the secure and proper operation of our websites;
  • To protect our rights;
  • To communicate with you;
  • To verify your identity;
  • In any other way, set out in this Privacy Policy.

We may be required by law, including under the Anti-Money Laundering and Countering Financing of Terrorism Act 2009, the Foreign Account Tax Compliance Act, and the OECD Common Reporting Standard, to collect, verify, use, and disclose certain personal information.

Accordingly, providing certain personal information may be mandatory for certain services or transactions.

Sharing your information

We use and disclose personal information for the purposes for which it was collected, and as otherwise permitted or required by law.

We may also use or disclose personal information where you have authorised us to do so, where the use or disclosure is necessary for the purposes for which the information was obtained, or where otherwise permitted or required by the Privacy Act 2020 or other applicable law.

When necessary and in connection with the purposes listed above, we may disclose your personal information to:

  • Subsidiaries, related companies or joint venture companies where required or authorised under our relationship;
  • Information technology providers, including hardware and software vendors and consultants such as programmers, for the development or delivery of our Services only;
  • Accounting and financial specialists, trustees associated with superannuation funds, government, law enforcement or statutory bodies, professional advisors, administration or business management services;
  • Printers and mail service and delivery providers for the mailing of statements;
  • Imaging and document management services;
  • Electronic Verification: if you choose to have your identity and address verified by electronic verification, we will share your personal information with our Electronic Identity Verification service provider;
  • Regulators including the Financial Markets Authority, Reserve Bank of New Zealand and the Registrar of Retirement Villages. When disclosing personal information to regulators, Guardian Trust staff must disclose under the relevant legislation giving Guardian Trust protected disclosure;
  • External dispute resolution providers or complaints bodies, including FSCL, where relevant.

 Disclosure overseas

There are also instances where we may have to send your personal information overseas or collect personal information from overseas. These instances include:

  • When you have asked us to do so;
  • When we are authorised or required by law to do so, including in response to any order from any regulator or court in any jurisdiction;
  • When we have outsourced a business activity or function to an overseas provider with whom we have a contractual arrangement;
  • Certain electronic transactions;
  • When it is necessary to facilitate a transaction on your behalf.

Where we disclose personal information to an overseas person or entity, we will do so only in accordance with the Privacy Act 2020, including where the recipient is subject to privacy protections that, overall, provide comparable safeguards to those in New Zealand, where an exception applies, or where you have otherwise authorised the disclosure.

We will only send personal information overseas, or collect personal information from overseas, for the purposes set out in this Privacy Policy and in accordance with applicable law.

Access

You are entitled to request confirmation of whether we hold personal information about you and to request access to that information by contacting us. We will respond to your request in accordance with the timeframes and requirements of the Privacy Act 2020.

Correction

If you believe the personal information, we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, you may request correction of that information. If we do not agree to make the requested correction, you may ask us to attach a statement of correction to the information.

Personal Information Storage

We take reasonable steps to protect personal information we hold against loss, unauthorised access, use, modification, disclosure and other misuse. We also take reasonable steps to ensure that personal information is accurate, up to date, complete, relevant and not misleading before we use or disclose it.

We retain personal information only for as long as it is required for the purposes for which it was collected, and as necessary to comply with legal, regulatory, business and record-keeping obligations.

We use security measures that are reasonably available to us to help protect personal information. However, there are risks inherent in transmitting and storing information electronically, and we cannot guarantee the security of information transmitted to us or stored electronically.

If we become aware of a privacy breach involving personal information, we will assess the breach in accordance with the Privacy Act 2020 and, where required, notify the Office of the Privacy Commissioner and affected individuals.

General

Third parties and external links may appear on our website. This Privacy Policy does not govern them, and we are not responsible for them. You should check the Privacy Policies of the relevant third party.

If you have a privacy concern or complaint, you can contact our Privacy Officer using the details below. If you are not satisfied with our response, you may make a complaint to the Office of the Privacy Commissioner.

This Privacy Policy is governed by New Zealand law, and the New Zealand courts have jurisdiction. You can contact us using the details below:

  1. Email on privacyofficer@nzgt.co.nz;
  2. Telephoning us on 0800 300 299; or,
  3. Writing to us at Guardian Trust, PO Box 1934, Auckland 1140.

Changes to our Privacy Policy

Changes in legislation, industry codes, the business environment, or the addition of new products and services may result in changes to this Privacy Policy. We encourage you to review this Privacy Policy regularly to stay informed of any updates. The updated Privacy Policy will apply from the date it is published on our website or otherwise made available by us.