Privacy Policy

Our Commitment to Privacy

Evolutionary Limited t/a Evolutionary Advice is committed to protecting your personal information in full compliance with the Privacy Act 2020. We define personal information as any data that relates to an identifiable living individual.

While providing personal information is voluntary, please be aware that choosing not to provide necessary data may limit our ability to deliver our services to you.

Purpose of this Policy

This policy establishes a robust framework for how we manage data, ensuring we:

  • Clearly identify what constitutes private information.
  • Meet all regulatory obligations and best-practice standards.
  • Maintain a transparent process for recording and resolving privacy-related concerns.

1. Data Collection
We collect personal information through several channels:

    • Direct Interaction: Information provided during meetings, emails, website inquiries, or during the delivery of our services.
    • Third-Party Sources: With your prior knowledge and consent, we may gather information from accountants, employers, or financial institutions (lenders and KiwiSaver providers).
    • Specialised Agencies: We may access data from credit reporting bureaus.
    • Digital Data: When visiting our website, we may collect technical data such as traffic patterns, location details, and analytics via cookies.

Note: If we receive information about you from a third party indirectly, we will take reasonable steps to notify you.

2. How We Use Your Information
Your data is used to support our business operations, specifically:

    • Providing, improving, and marketing our professional services.
    • Communicating with you and sending relevant updates or opportunities.
    • Protecting our legal rights, including the defence of any claims or complaints.
    • Conducting internal research and anonymised statistical analysis.
    • Performing credit checks where necessary.
    • Meeting legal and regulatory reporting requirements.

3. Information Sharing and Disclosure
We may share your information with trusted partners and entities, including:

    • Service Providers: IT specialists, lawyers, accountants, and related companies that support our operations.
    • Financial Partners: Product providers involved in your applications
    • Compliance Support Businesses and Regulatory Bodies: Including the Financial Markets Authority (FMA) and compliance officers.
    • Legal Professionals: Insurers and debt collection agencies when protecting our business interests.
    • Locum Support: Our licensed Locum Adviser

Note: Some service providers may operate outside of New Zealand, meaning your information may be processed or stored in international jurisdictions.

4. Security and Retention
We take all reasonable precautions to protect your data from loss, unauthorised access, or misuse.

    • Access Control: Only employees requiring data for standard business processes are permitted access.
    • Retention: We securely retain client records for seven years following the conclusion of our professional relationship, after which files are permanently deleted.

5. Your Rights: Access and Correction
Under the Privacy Act, you have the right to request access to the personal information we hold about you and to ask for corrections if that information is inaccurate.

6. Online Security
While we utilise secure internet connections, transmitting information online always carries an inherent risk. If you follow links from our website to external sites, please review their specific privacy policies, as we do not govern their data practices.

7. Privacy Breaches
A breach occurs if personal information is accessed, lost, altered, or disclosed without authorisation.

    • Notification: If a breach occurs that results in (or is likely to result in) serious harm, we will notify the Privacy Commissioner and all affected individuals as soon as practicable.
    •  Analysis: We investigate all privacy complaints to determine if they indicate systemic issues.

8. Information Requests
If you request your personal data, we will:
1.     Provide all relevant data (from physical files, CRM records, digital notes, and communications) within 20 working days.
2.     Confirm if no relevant information is held.

9. Staff Training
To ensure ongoing compliance, we undergo regular training on privacy obligations, utilising the official resources provided by the Privacy Commissioner.