Privacy policy.

Cross Group Services Limited (trading as Cross Group) respects your privacy and is commited to protecting your personal information. Please read on for more information about our Privacy Policy.

Purpose  

This privacy policy applies to Cross Group Services Limited and any entity owned or controlled by Cross Group Services Limited ("Related Entity") in relation to Cross Group and its Related Entities' operations in New Zealand. This policy explains how Cross Group handles personal information and complies with the requirements of the New Zealand Privacy Act 2020 ("Privacy Act"). If you have any further questions in relation to this policy, please contact our Privacy Officer at customerservice@crossgroup.co.nz

Exclusions

This policy relates to Cross Group Services' collection and handling of personal information that is covered by the Privacy Act. It is not intended to cover categories of personal information that are not covered by the Privacy Act.

Collection of personal information 

Cross Group Services collects and holds personal information from clients, suppliers, candidates, employees, contractors and other individuals. We collect and hold this information when it is necessary for business purposes.

Typically, the personal information we hold includes names, addresses, telephone numbers, email addresses and job titles. While providing professional services to our clients, we may collect and hold more detailed personal information (for instance financial details if we are engaged to perform financial services, or credit information); and when recruiting employees, we will collect and hold CVs and other evaluative information.

We collect most information directly from individuals when we deal with them. The personal information we collect may be provided in forms filled out by individuals, face to face meetings, email messages, telephone conversations or by third parties. If you contact us, we may keep a record of that contact.

Use of personal information

The main purposes for which we collect, hold and use personal information are:

  • to provide our services;

  • to respond to an individual's request;

  • to maintain contact with clients;

  • to keep clients and other contacts informed of the services we offer and industry developments that may be of interest to them, and to notify them of service offerings, seminars and other events we are holding;

  • for general management and reporting purposes, such as invoicing and account management;

  • for recruitment purposes;

  • purposes related to the employment of our personnel and providing internal services to our staff. 

If you choose not to provide us with personal information, we may be unable to do such things.

We may collect, hold and use personal information about individuals to market our services, including by email. However, individuals can elect not to receive further marketing information from us by writing to us at customerservice@crossgroup.co.nz.

If we collect, hold or use personal information in ways other than as stated in this policy, we will ensure we do so pursuant to the requirements of the Privacy Act.

Employee records are not generally subject to the Privacy Act and therefore this policy may not apply to the handling of information about employees by Cross Group Services. For information about our practices relating to employee information, please contact us directly.

Disclosure of personal information

Cross Group Services does not routinely disclose personal information to other organisations unless:

  • use or disclosure is permitted by this policy;

  • we believe it is necessary to provide you with a product or service which you have requested (or, in the case of a partner, employee or contractor of Cross Group Services, it is necessary for maintaining or related to your role at Cross Group Services):

  • to protect the rights, property or personal safety of any member of the public or a customer of Cross Group Services or the interests of Cross Group Services;

  • some or all of the assets or operations of Cross Group Services are transferred to another party as part of the sale of some or all of Cross Group Services' business;

  • you give your consent; or

  • such disclosure is otherwise required or permitted by law, regulation, rule or professional standard.

We may also share non-personal, de-identified and aggregated information for research or promotional purposes. Except as set out in this policy, we do not sell or trade personal information with third parties.

Cross Group Services uses a range of service providers to help us maximise the quality and efficiency of our services and our business operations (including internal business requirements, such as recruitment and human capital requirements). This means that individuals and organisations outside of Cross Group Services will sometimes have access to personal information held by Cross Group Services and may collect or use it from or on behalf of Cross Group Services. This may include, but is not limited to, independent contractors and consultants, travel service providers, mail houses, off-site security storage providers, information technology providers, event managers, credit managers and debt collecting agencies. We require our service providers to adhere to our privacy guidelines and not to keep, use or disclose personal information we provide to them for any unauthorised purposes.

If Cross Group Services staff obtain products or services offered by a third party pursuant to an agreement or arrangement between that third party and Cross Group Services, such as a credit card provider, we may provide your personal information to that third party, including information that relates to your use of such services.

Storage of information in Cloud systems

Cross Group Services may store personal information within services provided by offshore cloud service providers (CSP). Currently, Cross Group Services only utilises the services of CSP who can provide a guarantee that information remains within a specific geographic location within the CSP infrastructure.  Cross Group utilises cloud services from a CSP who has met the data sovereignty and data privacy framework stipulated by the New Zealand Government.

Privacy on our Websites and Applications

This policy also applies to any personal information we collect via our websites, including crossgroup.co.nz and applications including mobile applications. In addition to personal information you provide to us directly (such as where you make a request or complete a registration form), Cross Group Services may also collect personal information from you via its applications and websites.

Cookies are small text files that are placed on your computer by the websites that you visit. They are widely used to make websites work, or work more efficiently, as well as to provide information to the owners of the site. The use of cookies is now standard for most websites. If you are uncomfortable with the use of cookies, you can manage and control them through your browser, including removing cookies by deleting them from your ‘browser history’ (cache) when you leave the site. In most cases, you can refuse a cookie and still fully navigate the Cross Group websites.

To properly manage our websites and applications, we may log certain statistics about the users of the facilities, for example the users' domains and browser types. None of this information specifically identifies an individual and it is used solely to ensure that our websites and applications present the best possible navigational experience for users.

If you have registered an account with us, you will be identified by a user name and password when you log into our website or applications. The information we collect about members' use of our websites may be used for measuring use and performance and in assisting to resolve any technical difficulties.

Because Cross Group wants your user experience to be as informative and resourceful as possible, we provide several links to websites and embedded content operated by third parties that may also set cookies. Cross Group Services is not responsible for the privacy practices or policies of those sites. We encourage you to review each website's privacy policy, especially if you intend to disclose any personal information via that site. A link to another non-Cross Group Services website is not an express or implied endorsement, promotion or warranty of the products or services offered by or accessible through that site or advertised on that site.

Security of Personal Information

Depending on the purpose for which we have collected personal information (for example, registration for a Cross Group Services event or a request for particular information or material), we may store some of the information electronically in Cross Group Services' customer relationship management system. Some or all of this personal information may be available to partners and authorised staff of Cross Group Services for use in accordance with this policy.

Cross Group Services will endeavour to take all reasonable steps to keep secure any information which we hold about you, whether electronically or in hard-copy, and to keep this information accurate and up to date. We also require our employees and data processors to respect the confidentiality of any personal information held by Cross Group Services.

Cross Group Services aims to achieve industry best practice in the security of personal information which it holds. It is our policy not to retain personal information once there is no longer a legal or business need for us to do so.

Access to Information

We will provide access to personal information upon request by an individual, except in the limited circumstances in which it is permitted for us to withhold this information (for instance, where granting access would infringe another person's privacy).

When you make a request to access personal information, we will require you to provide some form of identification (such as a driver's licence or passport) so we can verify that you are the person to whom the information relates. In some cases we may also request an administrative fee to cover the cost of access.

If at any time you want to know what personal information we hold about you, you may contact us by emailing customerservice@crossgroup.co.nz.

Corrections and Concerns

If you believe that the information we hold about you is incorrect or out of date, or if you have concerns about how we are handling your personal information, please contact us and we will try to resolve those concerns.

If you wish to have your personal information deleted, please let us know and we will take reasonable steps to delete it (unless we need to keep it for legal, auditing or internal risk management reasons).

If Cross Group Services becomes aware of any ongoing concerns or problems concerning our privacy practices, we will take these issues seriously and work to address these concerns. If you have any further queries relating to our privacy policy, or you have a problem or complaint, please contact us at customerservice@crossgroup.co.nz. If you are not satisfied with our handling of your problem or complaint you may make a complaint to the Office of the Privacy Commissioner. 

Effect of Policy

Cross Group Services operates in a dynamic business environment and we aim to review this policy annually to keep it current.

Cross Group Services may update this privacy policy at any time by publishing an updated version on this website.