Privacy Policy
Effective: 01 May 2025
This Privacy Policy outlines how Commercial Collections Limited ("we," "us," or "our"), a commercial debt collection company operating in New Zealand (Company Number: 9283382, NZBN: 9429052403897), collects, uses, stores, and discloses your personal information.
We are committed to protecting your privacy and handling your personal information in accordance with the New Zealand Privacy Act 2020 and other applicable laws.
By interacting with us, you agree to the terms of this Privacy Policy.
1. Information We Collect
We collect personal information that is necessary for us to perform our debt collection services and operate our business.
This may include:
Contact Information: Name, address, phone number, email address.
Identification Information: Date of birth, driver's license number, passport number, or other identification details necessary for verification.
Financial Information: Details about the debt, payment history, bank account details (for payment processing or verification), and credit history information (where lawfully obtained).
Communication Records: Records of correspondence, including emails, letters, and recordings of voice calls and video calls to and from our company.
Publicly Available Information: Information obtained from public registers or sources (e.g., Companies Office, PPSR).
Technical Information: IP address, browser type, and operating system when you visit our website.
Information from Third Parties: Information provided to us by our clients (the creditors) or other third parties involved in the debt recovery process (e.g., credit reporting agencies, legal representatives).
2. How We Collect Information
We collect information in various ways, including:
Directly from You: When you communicate with us by phone, email, mail, or through our website.
From Our Clients: The individuals or businesses who have engaged us to collect a debt.
From Third Parties: Such as credit reporting agencies, financial institutions, government agencies, or public registers.
Automatically: Through website technologies (like cookies) or when you make a phone call or video call to us.
3. Purpose of Collection and Use of Information
We collect and use your personal information for the following purposes:
To provide our debt collection services to our clients.
To verify your identity.
To communicate with you regarding the debt.
To negotiate payment arrangements and process payments.
To locate you if necessary.
To comply with our legal and regulatory obligations.
To manage and resolve disputes.
To improve our services and internal processes.
For internal record-keeping and administrative purposes.
For quality assurance, training, and compliance purposes, we record all voice calls and video calls made to and from our company.
To enhance the efficiency and and effectiveness of our operations, we utilise artificial intelligence (AI) in our work. This may involve AI assisting with data analysis, communication strategies, process optimisation, and document workflows.
4. Disclosure of Information
We may disclose your personal information to:
Our Clients: The individuals or businesses to whom the debt is owed.
Service Providers: Third-party service providers who assist us in our operations (e.g., IT support, payment processors, mailing services, legal advisors, process servers). These providers are bound by confidentiality agreements.
Credit Reporting Agencies: In accordance with the Privacy Act 2020 and relevant credit reporting codes.
Financial Institutions: For payment processing or verification.
Regulatory Bodies and Law Enforcement: Where required by law or to comply with a court order.
Other Parties: With your consent or as otherwise permitted by law.
We may also transfer your information in the case of a sale, merger, consolidation, liquidation, reorganisation or acquisition.
We will not sell, rent, or lease your personal information to third parties.
5. Cross-Border Data Transfers
In order to provide our services, your personal information may be transferred to, and stored on, our collections management platform hosted in Australia.
Australia has privacy laws that are comparable to those in New Zealand. Our collections management platform is certified as ISO27001 & SOC2 compliant, demonstrating a commitment to robust information security management systems.
We take reasonable steps to ensure that any overseas recipient of your personal information is subject to privacy obligations that are substantially similar to those in the Privacy Act 2020.
6. Storage and Security of Information:
We take reasonable steps to protect your personal information from loss, unauthorised access, modification, or disclosure.
This includes:
Implementing physical, electronic, and procedural safeguards.
Using secure servers and encryption where appropriate.
Restricting access to personal information to authorised personnel only.
While we take reasonable steps to maintain secure internet connections, if you provide us with personal information over the internet, the provision of that information is at your own risk.
Voice call and video call recordings are stored securely and are automatically deleted after a period of no more than 6 months from the date of recording.
7. Your Rights
Subject to certain grounds for refusal set out in the Act, you have the right to access your readily retrievable personal information that we hold and to request a correction to your personal information.
Before you exercise this right, we will need evidence to confirm that you are the individual to whom the personal information relates.
In respect of a request for correction, if we think the correction is reasonable and we are reasonably able to change the personal information, we will make the correction.
If we do not make the correction, we will take reasonable steps to note on the personal information that you requested the correction.
If you want to exercise either of the above rights, email us at info@commcoll.co.nz.
Your email should provide evidence of who you are and set out the details of your request (e.g. the personal information, or the correction, that you are requesting).
We may charge you our reasonable costs of providing to you copies of your personal information or correcting that information.
8. Complaints
If you have a concern about how we have handled your personal information, please contact us in the first instance.
We will investigate your complaint and endeavour to resolve it promptly.
If you are not satisfied with our response, you have the right to make a complaint to the Office of the Privacy Commissioner in New Zealand.
9. Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements.
We will notify you of any significant changes by posting the updated policy on our website.
We encourage you to review this policy periodically.
10. Contact Us
If you have any questions about this Privacy Policy or our privacy practices, please contact us:
Commercial Collections Limited - info@commcoll.co.nz
Effective: 01 May 2025
This Privacy Policy outlines how Commercial Collections Limited ("we," "us," or "our"), a commercial debt collection company operating in New Zealand (Company Number: 9283382, NZBN: 9429052403897), collects, uses, stores, and discloses your personal information.
We are committed to protecting your privacy and handling your personal information in accordance with the New Zealand Privacy Act 2020 and other applicable laws.
By interacting with us, you agree to the terms of this Privacy Policy.
1. Information We Collect
We collect personal information that is necessary for us to perform our debt collection services and operate our business.
This may include:
Contact Information: Name, address, phone number, email address.
Identification Information: Date of birth, driver's license number, passport number, or other identification details necessary for verification.
Financial Information: Details about the debt, payment history, bank account details (for payment processing or verification), and credit history information (where lawfully obtained).
Communication Records: Records of correspondence, including emails, letters, and recordings of voice calls and video calls to and from our company.
Publicly Available Information: Information obtained from public registers or sources (e.g., Companies Office, PPSR).
Technical Information: IP address, browser type, and operating system when you visit our website.
Information from Third Parties: Information provided to us by our clients (the creditors) or other third parties involved in the debt recovery process (e.g., credit reporting agencies, legal representatives).
2. How We Collect Information
We collect information in various ways, including:
Directly from You: When you communicate with us by phone, email, mail, or through our website.
From Our Clients: The individuals or businesses who have engaged us to collect a debt.
From Third Parties: Such as credit reporting agencies, financial institutions, government agencies, or public registers.
Automatically: Through website technologies (like cookies) or when you make a phone call or video call to us.
3. Purpose of Collection and Use of Information
We collect and use your personal information for the following purposes:
To provide our debt collection services to our clients.
To verify your identity.
To communicate with you regarding the debt.
To negotiate payment arrangements and process payments.
To locate you if necessary.
To comply with our legal and regulatory obligations.
To manage and resolve disputes.
To improve our services and internal processes.
For internal record-keeping and administrative purposes.
For quality assurance, training, and compliance purposes, we record all voice calls and video calls made to and from our company.
To enhance the efficiency and and effectiveness of our operations, we utilise artificial intelligence (AI) in our work. This may involve AI assisting with data analysis, communication strategies, process optimisation, and document workflows.
4. Disclosure of Information
We may disclose your personal information to:
Our Clients: The individuals or businesses to whom the debt is owed.
Service Providers: Third-party service providers who assist us in our operations (e.g., IT support, payment processors, mailing services, legal advisors, process servers). These providers are bound by confidentiality agreements.
Credit Reporting Agencies: In accordance with the Privacy Act 2020 and relevant credit reporting codes.
Financial Institutions: For payment processing or verification.
Regulatory Bodies and Law Enforcement: Where required by law or to comply with a court order.
Other Parties: With your consent or as otherwise permitted by law.
We may also transfer your information in the case of a sale, merger, consolidation, liquidation, reorganisation or acquisition.
We will not sell, rent, or lease your personal information to third parties.
5. Cross-Border Data Transfers
In order to provide our services, your personal information may be transferred to, and stored on, our collections management platform hosted in Australia.
Australia has privacy laws that are comparable to those in New Zealand. Our collections management platform is certified as ISO27001 & SOC2 compliant, demonstrating a commitment to robust information security management systems.
We take reasonable steps to ensure that any overseas recipient of your personal information is subject to privacy obligations that are substantially similar to those in the Privacy Act 2020.
6. Storage and Security of Information:
We take reasonable steps to protect your personal information from loss, unauthorised access, modification, or disclosure.
This includes:
Implementing physical, electronic, and procedural safeguards.
Using secure servers and encryption where appropriate.
Restricting access to personal information to authorised personnel only.
While we take reasonable steps to maintain secure internet connections, if you provide us with personal information over the internet, the provision of that information is at your own risk.
Voice call and video call recordings are stored securely and are automatically deleted after a period of no more than 6 months from the date of recording.
7. Your Rights
Subject to certain grounds for refusal set out in the Act, you have the right to access your readily retrievable personal information that we hold and to request a correction to your personal information.
Before you exercise this right, we will need evidence to confirm that you are the individual to whom the personal information relates.
In respect of a request for correction, if we think the correction is reasonable and we are reasonably able to change the personal information, we will make the correction.
If we do not make the correction, we will take reasonable steps to note on the personal information that you requested the correction.
If you want to exercise either of the above rights, email us at info@commcoll.co.nz.
Your email should provide evidence of who you are and set out the details of your request (e.g. the personal information, or the correction, that you are requesting).
We may charge you our reasonable costs of providing to you copies of your personal information or correcting that information.
8. Complaints
If you have a concern about how we have handled your personal information, please contact us in the first instance.
We will investigate your complaint and endeavour to resolve it promptly.
If you are not satisfied with our response, you have the right to make a complaint to the Office of the Privacy Commissioner in New Zealand.
9. Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements.
We will notify you of any significant changes by posting the updated policy on our website.
We encourage you to review this policy periodically.
10. Contact Us
If you have any questions about this Privacy Policy or our privacy practices, please contact us:
Commercial Collections Limited - info@commcoll.co.nz