New Zealand info@businessshine.co.nz +64212820006

Privacy Policy

Business Shine Services

Protecting your privacy and personal information in compliance with New Zealand law

Business Shine Services is committed to protecting the privacy of individuals with whom we interact, including employees, contractors, clients, and prospective employees. This policy is designed to ensure we comply with the Privacy Act 2020 (NZ) and the 13 Information Privacy Principles (IPPs) it sets out.

Effective: 20/08/2025 Review: 31/12/2025

Controlled copy available electronically. Printed copy is current on date of printing only.

Table of Contents

  1. Purpose & Legal Basis
  2. What Information We Collect
  3. How We Collect, Use, Store and Share Information
  4. Overseas Disclosure of Information
  5. Security, Accuracy & Retention
  6. Access and Correction Rights
  7. Notifiable Privacy Breaches
  8. Privacy Officer / Contact Details
  9. Complaints Procedure
  10. Policy Review

1. Purpose & Legal Basis

Business Shine Services ("we", "our", "us") is committed to protecting the privacy of individuals with whom we interact, including employees, contractors, clients, and prospective employees (collectively "you", "your").

This policy is designed to ensure we comply with the Privacy Act 2020 (NZ) and the 13 Information Privacy Principles (IPPs) it sets out.

The purpose of this policy is to explain:

  • what personal information we collect and why;
  • how we use, store, disclose, and secure that information;
  • your rights to access and correct your information;
  • how to make complaints;
  • how we respond to privacy breaches.

2. What Information We Collect

We may collect the following types of personal information, as reasonably necessary for our operations:

Clients / Prospective Clients

  • Name, address, contact phone number and email
  • Building, site access, security or emergency contact details
  • Cleaning requirements, schedules, preferences

Employees / Contractors / Prospective Staff

  • Identity information (name, date of birth, address)
  • Contact details (phone, email)
  • Employment history, qualifications, references
  • Criminal conviction history (only where legally required or relevant to the role)
  • Emergency contact information
  • Bank account and tax/PAYE information for payroll
  • Other lawful data needed for legal compliance (e.g. health & safety, insurance)

3. How We Collect, Use, Store and Share Information

Collection

We collect personal information directly from you where possible (e.g. job applications, onboarding, client contracts). We only collect information necessary for the purposes which are lawful and connected to our functions or activities. We will tell you what we are collecting, why, and with whom the information may be shared. This satisfies the IPP 1, 2, 3 of the Privacy Act.

Use

We use personal information for purposes including:

  • Providing cleaning and related services to clients;
  • Managing employment / contractor relationships;
  • Payroll, tax and legal compliance;
  • Health & safety and emergency management;
  • Communicating with you, scheduling, or responding to your inquiries.

We will not use your information for purposes other than those for which it was collected, unless you consent, or as permitted by law. (IPP 8–10)

Storage & Security

We store information securely, both electronically and physically:

  • Electronic data is protected by access controls, passwords, secure backups;
  • Physical records are kept in locked filing systems where appropriate;
  • Access is limited to those who need the information to perform their job;
  • We take reasonable steps to ensure the information is accurate, up-to-date, and complete. (IPP 5, 8)

Sharing / Disclosure

We generally will not disclose your personal information to third parties except:

  • with your consent;
  • where required for delivering our services (for example to site security, to arrange access);
  • where required by law (e.g. for audits, legal compliance);
  • to protect someone's safety (if required by law).

We will always ensure that any third parties we share information with are bound by confidentiality obligations and suitable safeguards.

4. Overseas Disclosure of Information

If we need to send or store personal data overseas, we will only do so if:

  • the overseas recipient is subject to privacy protections at least as strong as those under the NZ Privacy Act; or
  • we obtain your informed consent; or
  • it is otherwise permitted by law.

We will advise you when this is the case. (IPP 12)

5. Security, Accuracy & Retention

  • We take reasonable steps to ensure that personal information is accurate, complete, and up-to-date before we use it. You can help by letting us know if your details change. (IPP 8)
  • Retention: we keep personal information only as long as needed for the purposes for which it was collected or required by law. Once no longer needed, we securely destroy or de-identify it. (IPP 9)

6. Access and Correction Rights

You have the right to:

  • ask whether we hold personal information about you, and request access to it;
  • request that we correct any inaccuracies or incomplete information.

We will respond to any access or correction requests within a reasonable timeframe (usually within 20 working days) unless lawfully permitted to decline. If we refuse, we will provide written reasons and inform you of your right to complain. (IPP 6 & 7)

7. Notifiable Privacy Breaches

Under the Privacy Act 2020, we are required to notify:

  • affected individuals; and
  • the Office of the Privacy Commissioner

as soon as practicable, if a privacy breach occurs that we believe has caused, or is likely to cause, serious harm. "Serious harm" includes things like identity theft, financial loss, serious emotional or physical harm.

We will investigate and take steps to contain and remedy the breach.

8. Privacy Officer / Contact Details

We will appoint or identify a Privacy Officer who is responsible for ensuring compliance with this policy and with the Privacy Act 2020.

Name: Navjot Singh

Position: Managing Director

Contact Number: +64 212820006

Email Address: Navjot@businessshine.co.nz

9. Complaints Procedure

If you believe we have breached this policy or the Privacy Act, you may:

  1. Contact our Privacy Officer with your complaint in writing (email or letter).
  2. We will acknowledge receipt within 2 business days, investigate, and aim to resolve promptly.
  3. If you are not satisfied with the outcome, you may contact the Office of the Privacy Commissioner:

Website: privacy.org.nz

Phone: 0800 803 909

10. Policy Review

We will review this policy at least annually or more often if required (for example changes to the law, or if we become aware of a privacy risk). Employees, contractors, and clients may provide feedback at any time.

Contact Us

If you have questions or concerns about our privacy practices, please contact us at:

📧
Email
Navjot@businessshine.co.nz
📞
Phone
+64212820006

Privacy Policy Approval

Navjot Singh

Owner / Manager

Business Shine Services

Date: 13/09/2025

Back to Home