Privacy Policy

Arc Automation, Security & Electrical Ltd – Privacy Policy

The Privacy Act 2020 governs how as a business we can collect, store, use and share personal information. Personal information is defined as any information that could identify a person.

AIM OF THE POLICY

Arc is committed to protecting the privacy of the personal information of individuals we deal with. This includes the privacy of our clients, suppliers, and our employees.

OBJECTIVE OF THE POLICY

The overall objective of this policy is to provide clear guidelines for employees on collecting, storing, using, and sharing personal information.

PERSONAL INFORMATION DEFINITION

Personal information is any information that can be used to identify a specific person.

TYPES OF PERSONAL INFORMATION WE MAY COLLECT INCLUDES:

Basic contact, payment, or billing details necessary for us to deliver services.

Your name, address, telephone number, email address and job title
Demographic information, such as your age, gender, and interests
Credit related information such as payment information and credit history
Security information, such as passwords, usernames, and alarm codes
Information and photos about related Computer, IT network systems, Security systems, CCTV systems, Gate, Automation Systems or, Electrical systems
Information about what goods you purchase at Arc
Payment and Billing information e.g. how much you spend with Arc, bank account details
On-line interaction information, such as how often you use our website, branch Wi-Fi service, apps or other online platforms or services, what pages on our website were visited or service components used and (in connection with our branch Wi Fi service only) the location at which you connected to the service and how much data was used

COMPLY WITH LEGAL OBLIGATIONS

This policy will be reviewed on an annual basis to ensure that it is up-to-date and reflects the latest changes in legislation, regulations and, security measures.

ENSURE EMPLOYEES ARE TRAINED IN NZ PRIVACY LAW AND OUR PRIVACY PROCESSES.

All Arc staff during onboarding read through the Arc Privacy Policy and can ask questions of the Arc Privacy Officer or Privacy Commissioner for clarification
Regular staff wide policy discussion at quality control meetings are used to remind staff and discuss privacy and possible improvements

PRIVACY OFFICER

Have a privacy officer available for staff and clients who is kept up to date with our legal privacy obligations as a company.

KEEP INFORMED ON THE LEGAL PRIVACY OBLIGATIONS.

Comply with legal privacy requirements on all client sites
If requested to do work that does not comply with our policy or breeches NZ Privacy Law, notify your manager or privacy officer of the request so suitable action can be arranged

HOW WE PROTECT YOUR DATA

We protect your data by storing it on encrypted cloud servers and password-protected servers managed by our IT team
Access is restricted to authorized staff on a need-to-know basis
User accounts are secured with username and password protection
Security measures are tested quarterly and reviewed annually

READ FULL POLICY

Read full policy
Learn who the Arc Privacy Officer is and how they can be contacted
Learn what the procedures are for a breach
Comply with legal privacy requirements on all client sites

WEB LINKS

ARC cannot provide any assurances or take any responsibility for any personal information you disclose to external websites to which we may provide links
It is the employee’s responsibility to check the privacy practices for each website the employee chooses to disclose information to
The employee cannot disclose client information to any third-party website without client authorisation

PROTECT CUSTOMERS PERSONAL INFORMATION

Remove identifying information from documents/ data where possible
Delete or remove identifying information off USB Storage, portable devices such as laptops and Hard disks, as soon as information is no longer required
Clear personal identifying information off desks, and into a locked drawer/ cupboard at the end of each day
Ensure information that identifies a person is never left unattended or accessible to others outside the Arc office. This includes when working from home or in vehicles

WHAT RIGHTS YOU HAVE OVER YOUR PERSONAL INFORMATION

You may ask to see any personal information we hold about you and we will provide it so long as we have such information and can readily retrieve it, subject to some exceptions provided for in the law.

You may also ask us to correct any incorrect personal information we hold about you. In rare cases, there may be a charge associated with providing you with copies of your personal information and we will advise you of these charges before providing you with the information.

If you would like to ask for a copy of your information, or to have it corrected, please contact us at , 078490901, or PO Box 7035, Hamilton East Box Lobby Hamilton 3247

You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

COMPLY WITH OUR PRIVACY RETENTION TIMES SHOWN IN THIS POLICY

Arc employee information will be kept securely as explained in this policy
The data retention schedule applies to all personal information held by Arc which could be in the form of paper documents, email, electronic documents, various databases, phone calls, and surveillance camera footage

Upon your instruction to cease business with Arc the stored data will be anonymised and archived or securely disposed of according to the following schedule:

Customer Name and contact information in relation to financial records shall be kept for a minimum of 7 years and then archived securely
Any employee financial records shall be kept for a minimum of 7 years then disposed of securely
Information relating to hardware on installed sites after any warranties have expired will be anonymised and stored indefinitely
Personal records of employees shall be kept for a maximum of 1 year then disposed of securely except where long term storage is required by the Health and Safety at Work (General Risk and Workplace Management) Regulations 2016
Video surveillance footage shall be kept for twelve months then overwritten with newer footage
Phone calls made on the Arc system are stored for up to a maximum of twelve months then overwritten with newer calls
All emails shall be stored for 2 years then archived offline securely

Any breach of this policy may result in disciplinary action being taken, up to and including dismissal for serious misconduct.

Employees must adhere to all applicable laws and regulations related to their use or protection of personally identifying information.

The Employee shall indemnify the Employer from all actions, claims, damages, and expenses that may be brought against, made or incurred by the Employer because of any breach by the Employee of this policy.