Privacy Policy

1. INTRODUCTION​​

1.1 Gfactor Technologies Limited (“we” or “us”) is committed to respecting your privacy at all times. This Privacy Policy describes what personal information or data we collect, and how we use, store and disclose the personal information we collect, to ensure we comply with our obligations under the Privacy Act 2020 (the “Act”). 

​

1.2 By providing your personal information or using our products/services, you agree to this Privacy Policy. If you provide information about any other person, then you must have authorisation from that person to provide such data to us. We urge you to read our Privacy Policy carefully.

​

1.3 Our Privacy Policy outlines what personal data we collect, how we collect it, and how we process, use and disclose personal data. 

​

1.4 This Privacy Policy may change at any time and we will tell you about any changes by posting an updated policy on our website. These changes will take effect from the date we post it, so please ensure you review our Privacy Policy from time to time. By using our website or any product/service offered by us, you will be accepting these changes.

​

 

2. WHAT INFORMATION WE COLLECT

2.1 We may obtain information about you from various sources, including through your general interactions with us and through your use of our products/services and website. 

​

2.2  The types of personal information we may collect through your general interactions with us include your:

a) name, contact details, date of birth and other contact information;

b) driver licence type/status;

c) IP address, device ID, memory information, browser type and version, connection speed, network information, geographical location, device identifiers and cookie identifiers;

d) virtual reality experience, progress, decision making and driving behaviour;

e) biometric data collected from our simulators - including eye tracking;

f) in-app and/or website activities via log data;

g) billing and address information;

h) conversations with our staff, agents or other persons;

i) email communications, and your written or verbal interactions with us or our agents;

j) number of visits to our websites;

k) use of our social media platforms; 

l) product and service preferences; and 

m) any other information that is reasonably necessary for us to run our business and provide our services.

​

2.3 When you use our website, the data we collect depends on the authentication method used but may include, without limitation, profile information (e.g. from your Facebook profile, Twitter profile, or other social media profiles) and information voluntarily entered by you on our website (e.g. name, gender, birthdate, email address, phone number).

2.4 We will take reasonable steps to ensure the personal information we hold is accurate.

 

​

2.5 HOW WE COLLECT INFORMATION

We will usually collect personal information in a number of ways, including directly from you or from your nominated agent when you or your nominated agent:  

a) interact with us over the phone, via email or letter, via our website or social media channels;

b) meet with our staff or agents; 

c) use our products/services. 

​

2.6 We also use cookies and similar tracking technologies to track the activity on our website and hold certain information. You may disable cookies by changing the settings on your browser, although this may mean that you cannot use all of the features of the website.

​

2.7 We (and any authorised third parties in accordance with this Privacy Policy) may also collect personal information:

a) when you apply for employment or contracting opportunities with us;

b) when you submit your personal details to participate in competitions and promotions or to subscribe to any of our communications;

c) through the use of cookies, web beacons and usage monitoring software when you use our website;

d) from a school, local or national government department, or law enforcement agency (in relation to security matters);

e) from our business partners that sell you products or services; and

f) from publicly available sources of information, such as telephone directories and websites.

 

2.8 When we receive personal information from a third party, we will process that data in accordance with this Privacy Policy.

​

2.9 Where required by law, we obtain your prior opt-in consent at the time of collection for the processing of:

a) personal information for marketing purposes; and

b) personal information that is “sensitive” under any applicable laws.

​

2.10 If you choose not to provide your personal information to us, we may not be able to:

a) provide you with the product or service you want;

b) respond to your requests;

c) manage or administer your product or service;

d) personalise your experience with us; or

e) verify your identity or protect against fraud.

​

3. WHY WE COLLECT THE INFORMATION 

3.1 We, and any third parties in accordance with this Privacy Policy, may use your personal information for any one or more of the following purposes, to pursue our legitimate interests: 

a) to provide, administer and communicate with you on our products, services and promotions;

b) to tailor experiences to you and report back to you on your experience;

c) to help us develop, market, improve, manage or review our products and services;

d) to conduct client surveys in order to improve our products and services;

e) to enforce our terms and conditions;

f) to comply with applicable legal requirements, industry standards and our policies, and as part of the investigation and analysis of incidents;

g) to respond to queries, complaints or to provide you with our general customer service;

h) to comply with requests made by a court or governmental or other public authority, for example, in connection with legal proceedings or the prevention or detection of fraud and crime;

i) to notify you of services, special offers, opportunities, products or benefits that are being offered by us; and

j) to generate statistical information and reports on the use of our products and services.

​

3.2 We may use your personal information for additional purposes related to the purposes listed above and will provide specific notice at the time of collection. We will not, however, use your personal information other than for a purpose that:

a) you would reasonably expect; 

b) is made known to you;

c) is required or permitted by law; or

d) is otherwise authorised by you.

​

3.3 By providing your email address, you consent to us sending you information connected with the above collection and use purposes via email.

​

3.4 If data is aggregated or de-identified so it cannot identify you or any other individual, we may use it for any business purpose.

​

4. WHO WE SHARE INFORMATION WITH

4.1 We may share information with our staff, advisers or third parties contracted to us, however personal information will only be shared with our personnel if it is necessary for them to carry out their work for us and to meet your request for goods and services. We may also disclose information to our service providers where permitted under this Privacy Policy.

​

4.2 We may have to disclose information about you to law enforcement authorities or other government officials only: 

a) if we are required to do so by law;

b) if we believe disclosure is necessary or appropriate to prevent physical harm or financial loss; or 

c) in connection with an investigation of suspected fraudulent or illegal activity.

​

4.3 We also reserve the right to disclose personal information we have about you in the event we sell or transfer all, or a portion of, our business or assets or subsidiaries or related companies. If such a sale or transfer occurs:

a) we will use reasonable efforts to direct the purchaser to use personal information you have provided to us in a manner that is consistent with our Privacy Policy; and 

b) following such a sale or transfer, you may contact the entity to which we transferred your personal information with any enquiries concerning the processing of that information.

​

4.4 Your personal information may be disclosed offshore where this is necessary for us to run our business and provide our services. For example, we may use third party data managers based here or overseas (such as cloud-based database companies). However, your personal information will only be disclosed offshore where we reasonably believe the protections that apply to your information will be as good as the protection that applies in New Zealand, or where we obtain your express permission.

​

4.5 In all other cases, we will not disclose personal information we collect about you, except as disclosed to you, and authorised by you, at the time the information is collected.

​

​

5. HOW WE PROTECT AND RETAIN INFORMATION

5.1 We implement and maintain appropriate administrative, technical and physical safeguards designed to protect the personal information you provide against accidental, unlawful or unauthorised destruction, loss, alteration, access, disclosure or use. We use encryption on our websites from which we transfer certain personal information.

​

5.2 We will take reasonable steps to ensure that where we use unique identifiers (i.e. individual numbers, references or other forms of identification in relation to an identifiable individual), the risk of misuse is minimised. 

​

5.3 We generally store the personal information we collect in New Zealand. The European Commission has decided that New Zealand has an adequate level of data protection. 

​

5.4 If needed to provide our services, we may potentially store your data securely on servers owned by other technology providers. 

​

5.5 Communications over the internet are not secure unless they have been encrypted. We cannot guarantee the security of any transmission to us by email or our online customer response form.

​

5.6 We only keep your identifiable personal information for as long as and to the extent that we need it to reasonably meet the purposes for which we collect it (as set out in this Privacy Policy). The length of time we retain your identifiable personal information is also affected by:

a) any legal requirements we are subject to with respect to your personal information; and

b) any consent given by you to retain such personal information.

​

When we no longer require your personal information for the reasons outlined above, we will destroy, delete or permanently anonymise it. We review the personal information we have collected at least every 24 months. 

​

​

6. YOUR RIGHTS AND CHOICES 

6.1 We offer you certain choices about what personal information we collect from you, how we use that information, and how we communicate with you. You also have certain rights, including the rights to: 

a) not provide personal information to us;

b) refrain from submitting information directly to us;

c) ask us not to share your personal information with third parties;

d) request that we edit any personal information we hold about you;

e) request that we correct any personal information we hold about you;

f) request access to your personal information;

g) withdraw any consent you previously provided to us; or

h) object at any time on legitimate grounds to the processing of your personal information.

​

6.2 In some circumstances, taking these actions may mean that you cannot take advantage of our products and services. You do not need to provide us with some information that we automatically collect (e.g. some cookies), but we may need this information to provide you with full functionality of our products and services.

​

6.3 You can request access to, and correction or deletion of, your personal information held by us. We will process all requests for access, correction or deletion within a reasonable time. If you would like to ask for a copy of your information, or to have it corrected, please contact us at support@codrivr.com.

​

6.4 The right to access personal information may be limited in some circumstances by legal requirements. In order for us to process your request, we will need to verify your identity. In the event that we refuse you access to your personal information, we will provide you with an explanation for that refusal. These reasons may include where:

a) access would have an unreasonable impact on the privacy of other individuals;

b) the information relates to legal proceedings relating to you;

c) the information would reveal our commercially-sensitive trade secrets; or

d) we are prevented by law from disclosing the information or providing access.

​

6.5 Subject to the provisions of the Act, we will notify you as soon as practicable if there is a privacy breach which involves your personal information, and where we believe that breach is likely to cause you serious harm. We will also notify the Privacy Commissioner in accordance with the requirements of the Act.

​

7. QUESTIONS AND COMPLAINTS

7.1 If, at any time, you have questions, concerns or comments about this Privacy Policy or our privacy practices, please contact us by e-mail at support@codrivr.com.

​

7.2 If you wish to complain about any breach or potential breach of this Privacy Policy, please contact us at support@codrivr.com,  and we will make every effort to resolve your complaint internally. If we do not resolve the complaint to your satisfaction, you may apply to the Privacy Commissioner. 

​

7.3 For more information on how you may lodge a complaint with the Privacy Commissioner, please contact the Commissioner on 04-474-7590 or at https://www.privacy.org.nz/about-us/contact/.