top of page

Privacy Statement

Please read our privacy statement.

Last Updated, 22 January 2024


The Anglican Diocese of Waiapu (We) complies with the New Zealand Privacy Act 2020 (the Act) when dealing with personal information.  Personal information is information about an identifiable individual (a natural person).

This statement sets out how we will collect, use, disclose and protect your personal information.

This statement does not limit or exclude any of your rights under the Act.  If you wish to seek further information on the Act, see

Changes to this statement

We may change this statement by uploading a revised statement onto the website.  The change will apply from the date that we upload the revised statement.

Collection of personal information 

We do not collect personal information unless it is for a lawful purpose connected with a function or activity of the Diocese enabling a service to be provided or allowing us to engage with you, as necessary. This collection can include information about personal contacts (e.g. name, address etc) , unique identifiers (e.g. drivers’ licence), employment, finance, and items of a more sensitive nature (e.g. medical or criminal history).


We collect personal information about you from:

  • you, when you provide that personal information to us, including via the website and any related service, through any registration or subscription process, through any contact with us (e.g. telephone call or email), or when you use our services

  • third parties where you have authorised this or the information is publicly available. 


If possible, we will collect personal information from you directly. 

How we use your personal information

We will use your personal information:

  • to verify your identity

  • to provide services to you across our whole organisation

  • to market our services to you, including contacting you electronically (e.g. by text or email for this purpose)

  • to improve the services that we provide to you

  • to communicate news and developments, including contacting you electronically (e.g. text, email, or other virtual means)

  • to respond to communications from you, including a complaint

  • to conduct research and statistical analysis (on an anonymised basis)

  • to protect and/or enforce our legal rights and interests, including defending any claim

  • for any other purpose authorised by you or the Act.

Disclosing your personal information

To comply with Privacy Principle 11 of the Privacy Act 2020, we may disclose your personal information:

  • to achieve the purpose for which the information was collected in the first place, this may include disclosure to another entity within our group

  • for instances where you have authorised this disclosure

  • to a person who can require us to supply your personal information (e.g. a regulatory authority)

  • to any other person authorised by the Act or other legislation (e.g. law enforcement agency)

  • to be used in instances where public health or safety is at stake, or criminal or other unlawful activity is suspected

  • to any business that supports our organisation, including any person that hosts or maintains any underlying IT system or data centre that we use to provide the website or other services with confidentiality clauses included in any contracts

  • to other third parties (for anonymised statistical information)


A business that supports our services may be located outside New Zealand.  This may mean your personal information is held and processed outside New Zealand.


We may transfer your information in the case of a sale, merger, consolidation, liquidation, reorganisation or acquisition.

Retention and protection of your personal information

We will hold personal information until we no longer have a lawful (including canonical) purpose for doing so.


We will take reasonable steps to keep your personal information safe from loss, unauthorised access or activity, or other misuse. We will not be held responsible for such actions where the security of the personal information is not within our control, or we cannot reasonably prevent such an incident.

Safeguards will include but are not limited to, physically securing hard copy documents, utilising password security for data storage devices (e.g. laptops, tablets, smart phones), secured access to our building(s) and software applications, and security measures for our internal and external websites. Data is stored on a secure cloud platform and is protected with reasonable technical and process controls.

Accuracy, accessing and correcting your personal information

We will take all reasonable steps to ensure that all personal information we collect, use, or disclose is accurate, complete, and up to date.


Subject to certain grounds for refusal set out in the Act, you have the right to access your readily retrievable personal information that we hold and to request a correction to your personal information.  Before you exercise this right, we will need evidence to confirm that you are the individual to whom the personal information relates.

In respect of a request for correction, if we think the correction is reasonable and we are reasonably able to change the personal information, we will make the correction.  If we do not make the correction, we will take reasonable steps to note on the personal information that you requested the correction.

We may withhold information pursuant to Part 4 of the Privacy Act 2020. Circumstances can include giving disclosure of personal information about another person or employee, where the information is protected by legal professional privilege, or where the information could hinder an investigation into a criminal offence.


If you want to exercise either of the above rights, email us at  Your email should be addressed to the Privacy Officer and should provide evidence of who you are and set out the details of your request (e.g. the personal information, or the correction, that you are requesting).

Internet Use

Our website address is: This website is owned by the Anglican Diocese of Waiapu.


While we take reasonable steps to maintain secure internet connections, if you provide us with personal information over the internet, the provision of that information is at your own risk.

If you post your personal information on any website, you acknowledge and agree that the information you post is publicly available.


If you follow a link on our website to another site, the owner of that site will have its own privacy policy relating to your personal information.  We suggest you review that site’s privacy policy before you provide personal information.


We use cookies (an alphanumeric identifier that we transfer to your computer’s hard drive so that we can recognise your browser) to monitor your use of the website. 


You may disable cookies by changing the settings on your browser, although this may mean that you cannot use all of the features of the website.

You represent and warrant that (i) You are not located in a country that is subject to the United States government embargo, or that has been designated by the United States government as a "terrorist supporting" country, and (ii) You are not listed on any United States government list of prohibited or restricted parties.

Contact Us

If you have any questions about this privacy statement, our privacy practices, or if you would like to request access to, or correction of, your personal information, you can contact us at

If an individual considers there has been a breach of the Act they are entitled to complain to the Diocese. All complaints should be in writing and addressed to the attention of the Privacy Office at

bottom of page