PRIVACY POLICY

PRIVACY POLICY

General Statement This policy explains how Spirit of Adventure Trust (SOAT) collects, uses, stores, and shares your information, and your rights under the Privacy Act 2020. This policy applies to the collection, use, retention and disclosure of personal information we hold about participants, friends and family, donors, supporters, clients, partners, contractors, employees and prospective employees, volunteers, other individuals we deal with in the course of carrying on our business, and all other individuals we deal with who come into contact with us. We value your privacy. We will never give, lease, sell, or otherwise disclose your personal information. Any information given to us will be held with the utmost care. A more detailed explanation about how we safeguard your personal information is described below. If you have any questions at all about our privacy or the storage of your information please contact either the General Manager or CEO of the Spirit of Adventure Trust.

Storage of Information This policy is to ensure that people who connect with us and are asked to or provide personal information, are assured that this information is gathered in line with the Privacy Act 2020 and its principles. We will gather, store and release personal information in line with the 13 Privacy Principles of the Privacy Act 2020.

Types of Information Collected We collects non-personally identifiable information via Google Analytics and personally identifiable information from our online forms. Non-personally identifiable information might include your IP address, your browser type or operating system, the domain name from which you linked to our site, your city, and other general demographic information. We use this information to help diagnose problems with our server and to administer our website. We may share it with our affiliates or business partners at an aggregated level. Personally, identifiable information from our merchandise transactions and donation, registration, contact, booking, and survey forms could include your name, telephone number, home address and e-mail address. We may use this information to contact you (you can opt-out of receiving future information from us). We will keep your personal information confidential, in accordance with the Privacy Act (2020), for the purposes of Voyages, administration, and promotional activities.

Resale or Disclosure of Information to Third Parties We do not sell, rent, loan, trade or lease any personal information collected by our website, including contact forms, download requests or email lists.

Usage Information Collected By Our Website We do collect information about how people are using our website in order to improve the value of our website and the materials available on the website.

Unsubscribe We strive to only send email to those who want to receive it. If you do not want to receive future emails from us, please use the “unsubscribe” link located at the bottom of our email communications or advise us to remove you from our email list.

Privacy of our Email Lists Individuals join our mailing lists and are added to our database using the forms provided on this website. We do not sell, rent, loan, trade or lease the addresses on our lists to anyone. In addition, we configure our email software to refuse to divulge the email addresses of our list subscribers to anyone but authorised Staff, including other list subscribers.

Email Communications Email communications to and from you to our Staff emails addresses are company information, are retained on the our companies email server and can be reviewed by approved staff where there is a need to verify or confirm information supplied or provided.

Credit card details If you pay for items on our site using a Credit Card, your card details are not stored by us and cannot be used by our staff. Our shop uses a secure transaction system.

CCTV For security reasons, some areas of the operation have or could have CCTV in operation. The video files are only accessed for legal and security reasons. If required the CEO or other designated staff may review these and should there be a legal reason, then the video or pictures can be are released to relevant authorities in order for them to complete their investigations.

Promotional Material Once you have booked on a Voyage, you authorise SOAT the right to use your name, comments and images obtained in relation to your Voyage / participation, and to disclose this information to third parties for promotional purposes; these materials will remain the property of SOAT.

You grant SOAT permission to contact you by email, including a regular e-newsletter and other updates.

Medical Information If you intend to undertake a voyage with the us, we will need you to supply your background medical information, details of medications you may be on and other relevant information to ensure it is safe and suitable for you to participate. We will also require emergency contact details in case of a medical emergency along with your consent to allow the approved SOAT staff member to discuss your medical condition with the emergency contacts. Your medical information is held securely and is only available to selected SOAT staff who need to be aware of your medical background for your well-being and safety.

Phone Conversations SoAT does have the ability to record conversations on the phone. This is only done when the content of the call may be needed to be retained for future reference and confirmation of information. Callers shall be advised before the recording is activated. Callers can request a copy of the recording.

Storage of Records Where information is of a sensitive nature, such as medical records, then this information will be stored if in hard copy in a locked cabinet with controlled access, or if electronic, on password protected files, only accessible by approved staff. Individuals have the right to request access to personal information held about them and to request corrections if it is inaccurate, incomplete, or outdated. Requests can be sent to info@soat.org.nz, for the attention of the CEO. We will respond in accordance with the Privacy Act 2020.

Regular Review of User Accounts, Passwords, and System Access

We regularly review user accounts, passwords, and access permissions to our electronic information systems, including our CRM, and other platforms containing personal information. Access is limited to authorised staff only and is reviewed periodically to ensure that only those who require access for their roles have it. Passwords must meet minimum security standards.

Secure Disposal of Records When personal information is no longer required, we securely dispose of physical records by shredding and destroy electronic records permanently, ensuring information cannot be reconstructed or retrieved.

Privacy Breach Notification

In the event of a privacy breach that has caused, or is likely to cause, serious harm to any individual, we are obligated to notify both the Privacy Commissioner and the affected individuals promptly.