When you supply stock or other goods to us, purchase our products, use our services, or interact with us, you may share some personal data with us.
Types of Data: Personal data that we may collect include (the list is not exhaustive):
• Contact information: your name, position, role, organisation, telephone number, email and postal address;
• Business information: data identifying you in relation to matters in which you are involved;
• Your logon ID and password: for access to our website, apps or other platforms;
• Attendance records: to record your attendance at our offices for security purposes;
• Subscriptions/preferences: when you subscribe to receive marketing materials, other updates, briefs, newsletters or other information as well as consent preferences to help us identify which materials you are interested in receiving;
• Events data: attendance at and provision of feedback forms in relation to our events;
• Supplier data: contact details and other information about you or your organisation where you supply stock/goods and/or services to us;
• Customer data: contact details and other information about you or your organisation where you purchase or receive stock/goods and/or services from us;
• Social media: posts, Likes, tweets and other interactions with our social media presence;
• Information from public sources: e.g. Linked in and similar professional networks, directories or internet publications;
• Online data: when you access this website and our technology services, information about your visit including URL clickstream to, through and from our website (including date and time), information about your network as such as information about devices, nodes, configurations, connection speeds and network application performance; pages viewed or searched for, page response times, download errors, length of visits and interaction information (such as scrolling, clicks, mouse-overs) and whether you click on particular links or open our emails;
• Special categories of personal data: such as dietary, disability or similar requirements for events and meetings only to the extent necessary for a specific purpose. If you do not provide this information, we may not be able to respond to your particular needs or preferences;
• Criminal record data: where permitted by national law and appropriate to do so, such as existence of prior criminal offences (or confirmation of clean criminal record)
How we collect: We may collect information directly from you when you do business or interact with us or through third parties such as your employer or organisation. The personal data we collect may be provided in forms/documents that you have completed (including contracts), face to face meetings, email messages, telephone conversations, or when you use our websites, apps or our social media platforms or other platforms.
Legal reasons for processing your personal data
We will process your personal data if:
• You have given us your explicit consent to process your personal data for a particular purpose (s); or
• It is necessary to perform our obligations under a contractual relationship with you; or
• It is necessary to comply with legal or regulatory obligation; or
• It is necessary to deal with legal claim; or
• It is necessary for our legitimate business interests or those of a third party provided (provided these do not interfere with your fundamental rights)
Why we need to process your personal data
We process your personal data for any or all of the following purposes:
• Buying, selling or supplying services and/or goods and managing suppliers and customers.
• Business relationship: managing and administering our relationship with you, your company or organisation including keeping records about business contacts, services and payments so we can customise our offerings/products and/or services for you, develop our relationship and target our marketing and promotional campaigns.
• Communication: sending emails, newsletters and other messages to keep you informed of market insights and of our product offerings and services.
• Events: running briefings, roundtables and other events.
• Customers surveys and feedback.
• Know-Your-Client (KYC): carrying out KYC due diligence under anti-money laundering, sanctions screening and other crime prevention and detection laws and regulatory requirements.
• Website monitoring: checking our website, appl, platforms and other technology services are being used appropriately and to optimise their functionality.
• Site security: providing security to our offices and other premises (normally collecting your name and contact details on entry to our buildings).
• Online security: protecting our information assets and technology platforms from unauthorised access or usage and to monitor for malware and other security threats.
• Compliance: complying with our legal and regulatory obligations (as applicable).
• Legitimate interests: pursuing our legitimate business interests which may include (the list is not exhaustive):
- Operating, developing and improving our businesses, offerings and operations (provided these do not interfere with your fundamental rights);
- Maintaining the security of our and our customers’ and suppliers’ data and in ensuring the quality of our products and services;
- Purchasing and receiving stock and services;
- Processing, marketing and supplying meat product and other offerings;
- Providing services associated with the above businesses;
- Managing our business and relationship with you or your company or organisation;
- Understanding and responding to inquiries and client feedback;
- Understanding how our customers use our services and websites;
- Identifying what our clients want and developing our relationship with you, your company or organisation;
- Improving our services and product offerings;
- Enforcing our terms of business and website and other terms and conditions;
- Ensuring our systems and premises are secure;
- Managing our supply chain;
- Developing relationships with suppliers, customers and business partners;
- Ensuring debts are paid;
- Sharing data in connection with acquisitions and transfers of our business.
Who can we share your personal data with?
Transferring your personal data: As a global organisation, personal data we collect may be transferred internationally throughout our worldwide organisation. Your personal data may be exchanged within Silver Fern Farms and among its group entities. We exchange your data for administrative purposes and so that we can have a complete overview of your contacts and contracts with the Silver Fern Farms. We may also exchange your data to offer you a complete package of services and products.
If your personal data are transferred to a recipient in a country that does not provide the level of protection for personal data as New Zealand or the European Union do, we will take measures to ensure that your personal data are adequately protected in line with locally applicable data protection requirements. For example, for transfer of data out of the EU, we will bind our recipient to the Standard Contractual Clauses approved by the European Commission in accordance with Article 46(2)(c) of the General Data Protection Regulation.
Access to your personal data by external parties: The following types of external parties may have access to your personal data, where relevant:
• Partners, suppliers, distributors, vendors or agents involved in delivering the products and services you have ordered from us;
• Our customers;
• Companies who are engaged to perform services for, or on our behalf;
• Law enforcement bodies and our regulators: or other competent authorities in accordance with legal requirements or good practice;
• Debt-recovery organisations, credit reference, fraud-prevention or business-scoring agencies, or other credit scoring agencies;
• Third parties for joint promotions with that third party who will be responsible for their own compliance with applicable privacy laws;
• Third parties that we use for marketing, for example, approved media agencies, and third parties that we advertise with, such as Facebook, to serve you advertisements online.
• Third parties: in the context of the acquisition or transfer of any part of our business or in connection with the business reorganisation;
• Other delegates: where your name will appear on the attendee list for events where you have told us you plan to attend.
The use of your personal data by data processors: When we give third parties access to your personal data, we will take the reasonable measures to ensure that your personal data is only processed to the extent necessary. The external parties will only process your personal data as a data processor in accordance with applicable law. We will provide your personal data to regulatory bodies, tax authorities and/or investigating authorities only if we are obliged to do so by law or regulation, or if you have provided consent to us to allow this information to be disclosed.
Personal data about others
In some cases, you may provide personal data to us about other people (such as your customers, directors, officers, shareholders or beneficial owners). You must ensure that you have given those individuals an appropriate notice that you are providing their information to us and have obtained their consent to that disclosure.
We take the security of all the data we hold seriously will endeavour to take all reasonable steps to keep secure any information which we hold about you in line with best practice. Please note that the transmission of information via the internet is not completely secure. Although we will take reasonable measures to protect your personal information, we cannot guarantee the security of your information transmitted and any transmission is at your own risk.
Where will your information be held?
Because we have global business operations and interests, we may transfer your personal data out of your local jurisdiction or region. Privacy laws vary by country. We will take all reasonable steps to protect your information in line with locally applicable privacy or data protection requirements.
Storage of information in cloud systems
We may store your personal data within services provided by New Zealand or offshore cloud service providers.
How long do we keep your data?
We retain your personal data for as long as is necessary for the purpose for which it was collected. We may hold personal data for such longer periods as may be required by law or regulation or as may be necessary to defend our legal rights. When the personal data that we collect is no longer required by law or otherwise, we destroy, delete or permanently anonymise it.
You have the right to:
• Access: ask us if we are processing your data and, if we are, you can request access to your personal data. For your own privacy and security, at our discretion we may require you to prove your identity before providing the requested information.
• Rectification: request that any incomplete or inaccurate personal data we hold about you is rectified
• Deletion: ask us to delete or remove personal data in certain circumstances. There are also certain exceptions where we may refuse a request for erasure, for example, where the personal data is required for compliance with law or in connection with claims.
• Suspension: ask us to suspend the processing of certain of your personal data about you, for example if you want us to establish its accuracy or the reason for processing it.
• Transfer: ask us to help you request the transfer certain of your personal data to another party.
• Objection: where we are processing your personal data based on a legitimate interest (or those of a third party), challenge this. However, we may be entitled to continue processing your information. You also have the right to object where we are processing your personal information for direct marketing purposes.
• Withdraw consent: where you have consented to our processing your personal information, withdraw such consent at any time.
If you want to exercise any of these rights, please contact our Privacy Officer-refer to Contact us.
You also have a right to lodge a complaint with the Office of the Privacy Commissioner: https://www.privacy.org.nz/about-us/contact/.
We may use the information you give us on our website or other means for direct marketing purposes to provide emails, newsletters and other messages to keep you informed of legal developments, market insights and of our services including events that we think may interest you.
You can opt-out of receiving direct marketing from us at any time by changing your marketing preferences on your online accounts settings page, clicking on the "unsubscribe" link included at the end of any marketing email we send to you, or by contacting our Privacy Officer.