We are committed to protecting your privacy and the security of your information.
When we collect, store, use, and disclose your personal information, we do so in accordance with the rules set out in the New Zealand Privacy Act 2020 (‘NZ Privacy Act’) and, to the extent applicable:
- the European Union General Data Protection Regulation (EU) 2016/279 (the ‘EU GDPR’); and
- the UK Data Protection Act 2018 and the legislation falling within the definition of ‘applicable data protection legislation’ under the UK Data Protection Act 2018 (together, the ‘UK GDPR’).
If you have any questions, please contact us at email@example.com.
Our App helps public transport network operators to keep track of vehicles on their network, including the operator of the network who has engaged you to operate a public transport vehicle (‘Your Organisation’). Your use of our App, in the context of your role, may be subject to additional policies and procedures in place at Your Organisation.
- ‘applicable privacy law’, we mean the privacy law applicable to our processing of your personal data;
- 'personal information’, we mean information about, or relating to, an identified or identifiable individual, as well as the meaning given to the term ‘personal information’ or to the term ‘personal data’ by applicable privacy law;
- ‘processing’, we mean any operation or set of operations that is used in respect of personal information, whether or not by automated means;
- ‘Snapper’, ‘we’, ‘us’, and ‘our’, we mean Snapper Services Limited, a company incorporated in New Zealand (company number 1891262), having its registered office at Level 9, 1 Willis Street, Wellington 6011, New Zealand.
We may collect, store, use, and disclose the categories of personal information described in the table below:
Collecting your personal information is necessary so that you are able to access and use our App and services. If you do not provide us with your personal information, we may be unable to provide you with access to our App and services. If you do not wish to use our App or services, you should discuss this with Your Organisation.
Where we collect, hold, use and disclose your personal information to provide any services directly to you (including to administer your login and/or personal user account), we do so on our own account (in other words, as a ‘controller’).’
The purposes for which we collect and use your personal information are set out in section 2 (Information we collect).
For our EU-based and UK-based users, we have to tell you about the reasons that we collect and use your personal information – this is called the ‘lawful basis for processing’.
Sometimes, we will ask you for permission to process your personal information in a certain way, including to send you marketing communications. When we process your personal information on the basis of your consent, you have the right to withdraw your consent. You can do so by contacting us at firstname.lastname@example.org or by using the unsubscribe facilities in our communications to you.
We may also receive information about you from third parties who are permitted to disclose your personal information to us, including Your Organisation.
The collection, use, and disclosure of your personal information by a third party, including Your Organisation, will be governed by the terms and policies that those third parties have in place.
We only use your information in the way described in this notice, or in accordance with applicable privacy law.
- to respond to your enquiries and communicate with you;
- to conduct research and statistical analysis on an anonymised basis;
- to provide you with important notices about our App; and
- for any other purposes for which you have given us your permission.
We access and store our data, including any personal information we hold about you, through our systems and servers located in the UK, EU, and our head office in New Zealand.
New Zealand is a ‘white list’ country for the purposes of both the EU GDPR and the UK GDPR, which means that the privacy protections provided by New Zealand law have been assessed as providing ‘adequate’ protections for personal information that is transferred to New Zealand.
Wherever your personal information is transferred, stored, or processed by us, we take reasonable steps to safeguard the privacy and security of your personal information. These steps may include implementing standard contractual clauses where recognised by applicable privacy law, obtaining your consent, or other lawful means of transferring your persona information.
- Snapper Services Limited, which provides data storage and processing services, product development services to us, and any of or other affiliates;
- service providers who assist and enable us to use information that we hold, for example, to support and improve the functionality of our App, or to help us to communicate with you and other users;
- regulators, law enforcement bodies, government agencies, courts or other third parties where we think it is necessary to share your information to comply with applicable laws, regulations, orders, or to exercise, establish, or defend our legal rights;
- other people with whom you have permitted, or Your Organisation has permitted on your behalf, us to share you information.
You have the right to:
- request access to personal information that we hold about you; and
- request that we correct personal information.
In addition to the other rights granted to you, if the EU GDPR or the UK GDPR applies to our collection of personal information from you, then you have the right:
- to receive access to your personal information that you have provided to us in a commonly-used machine-readable format;
- to restrict processing of your personal information if a basis for doing so exists under the EU GDPR or the UK GDPR;
- to have any personal information about you erased upon request if it is no longer relevant (the ‘right to be forgotten’);
- to not be subject to a decision based solely on automated processing, including profiling;
- to withdraw your consent to the processing of your personal information, where such consent forms the basis for the processing;
- to lodge a complaint with the appropriate data protection authority.
The security and integrity of your personal information is important to us. We have implemented technical, administrative, and physical security measures that are designed to protect your personal information from unauthorised access, disclosure, use, and modification.
To prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures such as the pseudonymisation and encryption of personal data, to safeguard and secure personal information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.
If you have any questions, please contact our privacy office:
- By email, at email@example.com
- By post, at: Level 9, 1 Willis Street, Wellington 6011, New Zealand.