- This policy is about the way we look after your personal information.
- We want to make sure we comply with the Privacy Act 1993.
HRNZ is the administrative body for Harness Racing. Its purposes are:
- To contribute to and drive growth within the harness industry;
- To provide effective and efficient support services; and
- To regulate the harness industry
HRNZ’s functions include:
- Registration of horses and licence holders within the industry
- Distributions of winnings to owners, trainers and drivers
- IT support for a harness industry computer system and software programmes
- Analysis of industry data
- Provision of information for research purposes
- Grading/handicapping horses in a race
We will only collect personal information from you for the abovementioned purposes and functions.
When collecting personal information, we will let you know:
- any particular purposes;
- who has access to the information and where the information is held;
- information which must be provided either by law or otherwise;
- information which is optional; and
- you have a right to request access and to request correction of your personal information.
We will collect information from you in a fair manner:
- Unless required for a specified and necessary purpose, you will not be electronically recorded including not being photographed, videotaped or audiotaped without your knowledge and, if necessary, consent
- If you wish to discuss anything in private, then we will provide opportunity for such a discussion, subject to the personal safety requirements of any other policy.
You may choose to control or remove cookies through the settings in your web browser. However, please note that, if you choose to disable all cookies, this may affect your ability to use some features on our website.
Storage and Security of Personal Information
We will take reasonable steps:
- to protect personal information from loss, unauthorised access, use, modification and disclosure
- to ensure that prior to use, personal information is accurate, up to date, complete, relevant and not misleading.
We keep personal information either on a secure server or in a secure physical location. Personal information is accessed only by authorised staff. If personal information is not in use then we close the electronic file or put the physical file away.
If we need to work away from the office then we ensure that any personal information travels securely (it is on a password protected computer or device, in a briefcase or fully enclosed envelope, file or folder) and is not left unattended or visible from the outside of a motor vehicle. We also take all reasonable steps to ensure personal information is not accessed by unauthorised people away from work.
We do not send out your personal information unless we are reasonably confident it will get to you or to a person who is allowed to receive the information. We use encryption if necessary.
It is unacceptable for any of us to intentionally breach the Privacy Act, read or copy personal information when unauthorised to do so, or use personal information for a purpose other than HRNZ purposes and functions without consent.
If we have a security breach, we will follow the Privacy Commissioner’s guidelines.
Access to and Correction of Personal Information by you
You or your authorised agent (in writing) may ask us whether personal information is held about you and have access to such information if it exists subject to the exceptions contained in the Privacy Act. Access is not limited to “the file” and may include diary notes and/or other material in separate files.
In these circumstances we will:
- Check your identity,
- Provide assistance to you if necessary,
- Transfer the request if personal information is not held by us and we are aware of another agency holding your personal information,
- Identify if personal information is held and identify if any personal information is to be withheld pursuant to sections 27-29 of the Privacy Act,
- Respond to your request as soon as practical but no later than 20 working days after the request is made (unless it is necessary to seek an extension),
- Provide information in the way asked by you unless to do so would impair efficient administration. This can include providing an opportunity to inspect a file (under supervision to protect the integrity of the file and to provide explanations if necessary), providing you with a copy of any document, furnishing oral information about a file’s contents and giving a summary of the contents,
- If the request for access is declined, we will explain why the request is declined and advise you of your right to complain to the Office of the Privacy Commissioner.
If you say that information held is incorrect (and we agree) or a staff member is aware that incorrect information is held, we will take all practicable steps to have the file corrected immediately with any change noted carefully to ensure that an adequate audit trail of changes exists.
If we do not agree with a request for correction, then you will be given an opportunity to have a statement of correction held with the information. The information and correction will be held in such a way so that anyone accessing the file will see both the information and the correction.
Retention and Disposal of Personal Information
We do not keep personal information for longer than is necessary without consent from you, unless required by law.
If your personal information is to be destroyed then documents will be destroyed in a confidential and secure manner; and with expert assistance if disposing of computer based material.
Disclosure of Personal Information to Third Parties
We do not disclose personal information to third parties except that we may do so in the following circumstances:
- it is for one of our purposes;
- the situation is covered by one of the exceptions set out in the Privacy Act;
- if there is another legal requirement to release the information.
We use electronic images for our newsletters and/or website if the image is taken in a public area or with the consent of the person/s in the image.
We do not give personal information out over the phone or send out personal information by email/post unless we are reasonably satisfied that the receiver is a person to whom personal information may be disclosed.
We will ensure any complaints or disciplinary processes will also include a consideration of privacy. This may mean that a complainant may not know of action taken against another person (if any) as a result of an investigation into a complaint.
If we receive an enquiry from the Police, process servers, bailiffs or other Government Officials then the request will be managed by our privacy officer or their delegate.