Privacy statement
We are Snapper Services Limited (‘we’, ‘us’,‘our’), a company incorporated in New Zealand (company number 1891262), and we operate the website mosaiq.co, and offer the Mosaiq Transit Intelligence Suite (‘Mosaiq’).
Our registered office is Level 9, 1 Willis Street, Wellington, 6011, New Zealand.
This privacy statement sets out:
- what information we might collect about you whenyou use our website at mosaiq.co orotherwise in connection with our dealings with you;
- how we might use that information;
- where we store that information;
- who we might share that information with; and
- your rights in connection with that information.
When we refer to:
- ‘New Zealand privacy law’ in this privacy statement, we’re referring to the law that applies to our collection, use, storage, and disclosure of personal data, including the Privacy Act 2020.
- ‘other applicable privacy law’, we mean legislation in other jurisdictions that may apply to our provision of the services to you, such as (where applicable):
- the Australian Privacy Act 1988 (Cth) (the Australian Privacy Act);
- the California Consumer Privacy Act of 2018.
- the European Union General Data Protection Regulation (EU) 2016/279 (the EU GDPR); and/or
- the UK Data Protection Act 2018 (and the legislation falling within the definition of ‘applicable data protection legislation’ under the UK Data Protection Act 2018 (together, the UK GDPR)).
- ‘personal data’, we mean data about, or relating to, an identified or identifiable individual, and otherwise the meaning given to the term ‘personal information or to the term ‘personal data’ by New Zealand privacy law and/or other applicable privacy law; and
- ‘processing’, we mean any operation or set of operations that is used or personal data, whether or not be automated means.
We are the ‘controller’ of the personal information thatwe collect from you when you interact with us, including when you use ourservices or access our website.
We may collect the following information from you when you interact with us, including when you use our services or access our website
When collected
When you provide it to us over the course of our interactions with you, including through the contact form on our website.
Why collected/Legal basis for processing
So that we can identify you and communicate with you.
We have a legitimate interest in doing so, to enable us to offer our services to you in a secure and consistent manner.
When collected
When you provide it to us over the course of our interactions with you, including through the contact form on our website.
Why collected/Legal basis for processing
So that we can identify our services and offerings that are likely to be of relevance and interest of you and your business.
We have a legitimate interest in doing so, to enable us to offer our services to you in a secure and consistent manner.
When collected
The circumstances described above, and otherwise during your interaction with us.
Why collected/Legal basis for processing
For the purposes set out in paragraph 8 (Other use of your information).
You don’t have to give us your information. But if you do not provide us with information, we may not be able to provide you with our services or information about our services.
We may receive your personal information from third-party websites or services, including through our use of Google Analytics, and/or PostHog.
The collection and use of your information, and disclosure of your information to us by a third party will be subject to that third party’s terms and policies.
We may collect information about someone else from you.
If you do provide us with someone else’s personal information, you must make sure you have that person’s authority to do so and you must make sure that person knows that their information may be used by us in the circumstances set out in this privacy statement.
Cookies are pieces of information that are automatically downloaded to your computer or mobile device when you use our web application.
We use cookies in our web application to identify you automatically, as well as to help us understand general behaviour and traffic in our web application.
We may gather more extensive information about your interactions with Mosaiq Insights, if we are concerned about abnormal web application usage patterns or security breaches.
As we have described above in paragraph 3, we may use personal information we hold about you to send you emails and other electronic messages about our services and other business opportunities that we consider may be of interest to you.
If you do not wish to receive promotional or marketing communications from us, you can opt-out by using the unsubscribe facility on the messages that we send you, or by contacting us using the details in paragraph 16.
We only use your information in the way described in this privacy statement, or if we’re permitted or required to do so under New Zealand privacy law and/or other applicable privacy law.
In addition to the specific ways that we use your personal data outlined above in paragraph 3, we may also use your personal data to:
- respond to your enquiries and communicate with you;
- support you in using our services;
- provide you with important notices and information about Mosaiq Insights and other services we offer;
- improve the functionality of our services, including testing new or modified functionality and to better understand how our services can help you.
We might also combine information that we have collected about you, with the information we collect from others, for the purposes described in this privacy statement.
Our service providers may store your information on our behalf (for instance, the service providers described in paragraph 11 (Sharing your information).
We may also hold your personal information ourselves – for instance, on servers or in physical files located on our premises in New Zealand.
Wherever your personal information is transferred, stored, or processed by us, we will take reasonable steps to safeguard the privacy of your personal information. These steps may include implementing standard contractual clauses where recognised by law, obtaining your consent, or other lawful means of transferring personal information.
New Zealand is a ‘white list’ country for the purposes of the UK GDPR, which means the privacy protections provided by New Zealand law have been assessed as providing ‘adequate’ protections for personal information transferred to New Zealand.
In addition to the specific ways that we have described throughout this privacy statement, we may also transfer the personal information we hold about you for the purposes contemplated by this privacy statement or as otherwise permitted by New Zealand privacy law.
In particular, we may share your personal information with the following persons:
- providers that offer digital marketing solutions, such as SQC Digital, to help us market our services.
- providers that offer analytics solutions, such as PostHog, to help us understand user behaviour on our website, and traffic sources;
- providers that offer database solutions, such as Hubspot CRM, to help us manage the information that we hold about our customers or people that we’ve interacted with in the past;
- our professional advisors, contractors, service providers, business associates, and others who have agreed to treat your personal information in accordance with this privacy statement;
- our service providers (for example, Google reCAPTCHA for user authentication, providers that help us with information hosting and processing, software development, and managing our communications with you and others) for the purposes of delivering our platform, website, and services;
- any person considering acquiring an interest in our business and/or assets; and/or
- any other person where we are permitted or required to do so by New Zealand law, and/or other applicable privacy law.
We may also share your information with our related companies for the purposes described in this privacy statement.
You have the right to request access to, and correction of, the personal information that we hold about you.
In addition to the other rights granted to you, if the EU GDPR or the UK GDPR applies to our collection of personal information from you, then you have the right to:
- obtain the rectification of inaccurate personal information concerning you and, taking into account the purposes of our processing, the completion of any incomplete personal information;
- receive access to your personal information that you have provided to us in a commonly-used machine-readable format;
- restrict processing of your personal information if a basis for doing so exists under the EU GDPR or the UK GDPR;
- have any personal information about you erased upon request if it is no longer relevant (the ‘right to be forgotten’);
- not be subject to a decision based solely on automated processing, including profiling;
- withdraw your consent to the processing of you personal information, where such consent forms the basis for the processing;
- lodge a complaint with the appropriate data protection authority.
We will retain your personal information for the length oftime necessary to fulfil the purposes that we have described in this privacy statementunless a longer retention period is required or permitted by law.
It is important to us that the personal information that we hold about you is accurate and complete. Please let us know as soon as possible if you think we may need to make changes to that information.
We may make changes to this privacy statement from time totime by publishing an updated version of this statement on our website.
If you would like to exercise your rights, or otherwise contact us in relation to our privacy practices, please contact our privacy officer:
- By post, at:
Attention: Privacy Officer
Snapper Services Limited
PO Box 11454
Manners Street
Wellington 6142
New Zealand - By email, at [email protected]