Privacy Policy
We care about your privacy and are committed to protecting your personal information you have entrusted with us.
This policy gives details of how we collect, use, share and protect your information. It also explains your rights and how to contact us if you have any questions.
Our Privacy Policy should be read in conjunction with our Website terms of use.
Types of information we collect, how it is collected, and why we collect it
We usually collect your personal information directly from you. However, in some cases, we may need to collect it from other sources – for example, if it’s not practical to get it from you, if the information is publicly available, or if the Privacy Act allows us to do so.
You can choose not to provide certain information, but this may affect the services we can offer you.
Type of information | When we collect it | Why we collect it |
Your name, address, phone number, email, date of birth and whether you have any criminal convictions. | When you join us, request or provide services or information, or update your contact details. | To identify you, ensure you meet the criteria for membership, and communicate with you, including inviting you to participate in research. |
Details about your directorships, including financial information. | When you provide this information at our request. | To conduct industry surveys, statistical research, and manage your membership. |
Your CV and related appointment information (e.g. qualification and criminal conviction checks etc). | When you apply for a board role through our board appointment service, register for our Director Search service, or apply for one of our Development Programmes (e.g. Future Directors, Mentoring for Diversity, Tautua Pasifika Mentoring Programme). | To help match you with directorship opportunities and appointments (including probity checks), assess applications for development programmes, and connect you with mentors. |
Records of event and course registrations. | When you sign up for and attend our events or courses. | To manage events, improve future courses, and keep in touch with you. |
Your photo | When taken at our events or courses (you can ask not to be photographed). | To use in marketing, communications, and promoting events or development programme appointments. |
We may also use your information to support your membership or other interactions with us.
If we want to use your information for any other purpose, we will ask for your consent first, unless the Privacy Act allows us to use it without consent.
We may also use non-identifiable information (like demographic data) to improve our services and offerings.
Who we share your information with
We may share your information with our staff, board, branch committees, and councillors when needed to carry out the purpose for which you provided it and further the purposes set out in our Constitution.
We may also share your information (confidentially) with our suppliers, course facilitators, business partners, and other organisations or people after following an appropriate security process. This could include:
-
- Providing a service you’ve signed up for.
- Processing payments.
- Conducting market research and surveys to improve our services.
- Upgrading or replacing our membership system.
- If requested, confirming if you hold a current membership.
We only share the necessary information for the specific purpose.
We will not share or use your personal information for any other reason unless the Privacy Act allows it, or we are legally required to do so.
How we store and keep your information secure
We take the security of your information seriously and have measures in place to protect it from unauthorised access, loss, or misuse.
-
- Electronic storage – Your information is stored securely in our electronic systems.
- Cybersecurity protections – We use security measures such as firewalls, encryption, access controls, and regular security monitoring to keep your data safe. All staff are also required to undertake regular cyber security training.
- Restricted access – Only authorised staff and service providers who need the information to perform their work can access it.
How long we keep your information and when we delete it
We keep your information for only as long as necessary for the reason we collected it. However, in some cases, we may need to keep it for longer, including:
-
- Course and event records – so you can verify your attendance, and any qualifications or accreditations earned.
- Membership records – to help current and former members confirm their membership history and for archival purposes.
- Identity verification – to confirm past memberships or course participation when needed.
- Legal requirements – if the law requires us to keep certain information for a specific period.
You can ask us to delete your personal information by contacting membership@iod.org.nz or privacyofficer@iod.org.nz. We will review your request and remove any information we can. However, some information must be kept by law, even if you request deletion.
Please note that if we delete your information, we may no longer be able to provide certain services to you.
Your rights to access and correct your information
Under New Zealand privacy law, you have the right to:
-
- Ask us to confirm whether we hold any personal information about you.
- Access the personal information we have about you (with some exceptions under the Privacy Act).
- Request corrections to any personal information we hold about you.
To request access or a correction, please contact us using the details in this Privacy Policy.
When you make a request:
-
- We may ask you to confirm your identity and put your request in writing.
- In some cases, the law allows us to withhold certain information.
How to contact us
If you would like to exercise your privacy rights, or have a question or an issue about this Privacy Policy, you can reach our privacy officer by:
-
- Email – privacyofficer@iod.org.nz
- Phone – calling our free phone on 0800 846 369
- Post – Privacy Officer, PO Box 25253, Wellington 6140
Emails and marketing messages
You can unsubscribe from our emails at any time by clicking the unsubscribe link at the bottom of our emails. You can also ask us not to use your information for marketing by contacting us (see How to contact us).
If you're a member, you can also manage your email preferences through your member login on our website.
Please note that even if you unsubscribe from marketing emails, we may still send you important emails about your membership, course registrations, or event bookings.
Cookies and online tracking
Cookies are small text files that websites store on your computer to improve your experience and track how the site is used.
We use cookies to:
-
- Improve our website and services
- Track which parts of our website are most popular
- Understand user behaviour to enhance our products
- Show you relevant advertising.
Sometimes, cookies may also collect personal information. When you visit our website, we may send a cookie (a small file with a unique ID) to your device.
If you don’t want to receive cookies, you can change your browser settings to block them. However, this may affect how some parts of our website work.
We may also track IP addresses (the unique number assigned to your internet connection) to analyse trends, manage our website, and improve user experience.
For information on how to control your cookie settings and browser settings, and how to delete cookies from your computer, please visit www.aboutcookies.org.
If any data collected through cookies is considered personal information, we handle it according to this policy.
Updates to this Privacy Policy
We may update this Privacy Policy from time to time by posting the latest version on our website.
If the changes are significant, we will try to let you know, where possible, by emailing you at the address we have on file.
This policy was last updated in April 2025.