Perry Outdoor Education Trust

Privacy Policy

1. What this policy is about

POET collects and holds personal information about the people we work with. This policy explains what we collect, why we collect it, how we keep it safe, and what your rights are.

Who this policy covers: everyone who interacts with POET – programme participants, schools, teachers, donors, supporters, volunteers, staff and trustees.

What ‘personal information’ means: any information that identifies you or could reasonably be used to identify you. This includes your name, contact details, financial information and any other details that are about you personally – even if your name isn’t attached.

We follow the Privacy Act 2020, New Zealand’s main privacy law.

2. Our Privacy Officer

POET has a Privacy Officer who makes sure we handle personal information correctly and legally. If you have a question about your information — or a complaint — contact them first.

The Privacy Officer:  [email protected]

Post:  Perry Outdoor Education Trust, 8 Peake Road, RD 3, Hamilton 3283

The Privacy Officer is responsible for:

  • answering questions and complaints about privacy
  • handling requests to access or correct your personal information
  • training staff and volunteers on privacy
  • making sure POET’s practices comply with the Privacy Act 2020
  • acting as POET’s contact with the Office of the Privacy Commissioner
  • keeping the Board informed of any privacy breaches or issues

3. What we collect and why

We collect information when you:

  • take part in or ask about our programmes
  • contact us as a school, teacher, partner or supporter
  • make a donation or sign up to regular giving
  • buy something from our online shop
  • attend one of our events
  • subscribe to our newsletter
  • contact us by email, phone or social media
  • visit our website

The information we hold can include your name, contact details, school or organisation, donation or purchase records, and communication preferences.

We collect information directly from you wherever possible. Sometimes schools or partner organisations give us information about participants when that is needed to deliver a programme.

We use your information only to:

  • run and improve our outdoor education programmes
  • communicate with you about our work
  • process donations, purchases and receipts
  • send newsletters and updates (you can unsubscribe at any time)
  • meet our legal and reporting obligations
  • manage the general running of POET

We will not use your information for any other purpose without your consent.

4. How we keep your information safe

We store your information in secure digital systems, cloud platforms and, occasionally, physical records. We:

  • protect it from loss, unauthorised access and misuse
  • limit access to staff, trustees, contractors and volunteers who need it to do their job — and only to the parts they need
  • require passwords, access controls and secure platforms
  • keep it accurate and up to date

5. Information about our staff, trustees and volunteers

POET holds personal information about the people who work for and with us. We use it to manage employment, governance and volunteer relationships. Here is how we handle it:

  • We only collect what we need. We hold information about you only for a reason connected to your role — for example, to pay you, manage your leave, or reappoint you as a trustee.
  • Access is restricted. Only the people who need your information to do their job can see it — for example, the Manager for payroll, or legal advisers for employment matters.
  • We protect it. We take active steps to prevent your information from being accessed, used or disclosed without authorisation.
  • You can see and correct it. You have the right to see the personal information we hold about you and ask us to correct anything wrong. We will respond within 20 working days.
  • We dispose of it securely. When we no longer need your information, we delete or destroy it safely — whether it is stored digitally or on paper.
  • We don’t share it without your permission. We will not give your information to anyone outside POET without your permission, unless we are required or permitted to by law (for example, for tax or employment obligations).
  • Monitoring notice. Email and internet access on POET systems is not private. POET may monitor the use of its systems. Staff and trustees will be informed of any monitoring in accordance with their employment agreements.

 6. How long we keep your information

We keep your information only as long as we need it. Here are our standard timeframes:

What we keep How long
Programme and participant records 7 years after the programme ends
Donation and financial records 7 years (tax law requirement)
General correspondence 7 years
Newsletter / marketing preferences Until you unsubscribe or ask us to remove you

If you want us to delete your information sooner, you can ask us. We will do so unless we are legally required to keep it (for example, for tax records).

7. Who we share your information with

We do not sell your information. We share it only when necessary — and only with:

  • Our service providers — for example, payment processors (for donations and shop purchases), our email platform, our database system, and our website host
  • Partner organisations — who help us deliver programmes
  • Professional advisers — such as our accountant or legal adviser
  • Government agencies — when the law requires it (for example, the IRD)

Every service provider we use must keep your information secure and use it only for the purpose we have engaged them for. We do not allow them to use it for their own purposes.

8. Overseas storage

Some of the tools we use — such as cloud storage, our email platform and payment processors — may store data on servers outside New Zealand.

We only use overseas providers that have strong privacy protections equivalent to New Zealand’s Privacy Act 2020, or where you have agreed to the transfer.

9. Our website and cookies

When you visit our website, it automatically collects some basic information — such as your browser type, device, and which pages you visit. We use this to understand how people use our site and how to improve it.

We use Google Analytics to help with this. The data is collected in summary form and does not usually identify you personally.

To opt out of Google Analytics: install the Google Analytics Opt-out Browser Add-on at tools.google.com/dlpage/gaoptout

We also use cookies (small files stored on your device). You can block or delete cookies through your browser settings, but this may affect how some parts of our site work.

10. Social media

We use social media to share news about our programmes and work. If you like, comment on or share our posts, your name and profile may be visible to others according to the platform’s own settings.

Important: don’t share personal or sensitive information in public comments or messages on social media — POET cannot control how platforms handle that information.

11. Your rights

You have the right to:

  • See your information — ask us to show you the personal information we hold about you
  • Fix your information — ask us to correct anything that is wrong, incomplete or misleading

How to ask: email [email protected]. We will respond within 20 working days (as required by the Privacy Act 2020).

In limited circumstances, we may need to decline a request — for example, if providing access would affect someone else’s privacy. If we do decline, we will tell you why and advise you of your right to complain to the Office of the Privacy Commissioner.

12. If something goes wrong — privacy breaches

A privacy breach is when personal information is accessed, shared, changed, lost or destroyed without authorisation — whether by accident or deliberately.

If a breach happens, POET will:

  • Act immediately — contain the breach and assess whether anyone is likely to be seriously harmed
  • Tell the Privacy Commissioner — report to the Office of the Privacy Commissioner within 72 hours if the breach is serious enough to require notification under the Privacy Act 2020. This step is independent of any internal reporting to the Board
  • Tell you — contact anyone who is at real risk of harm as soon as we reasonably can
  • Report internally — inform the POET Manager/Privacy Officer immediately, who will in turn advise the Board as soon as practicable
  • Fix the problem — take steps to stop it happening again
Think your information has been affected?

Contact the Privacy Officer: [email protected]

Postal address: Perry Outdoor Education Trust, 8 Peake Road, RD 3, Hamilton 3283

13. Complaints

If you think POET has mishandled your personal information:

  • Step 1 — Contact us first: email [email protected]. We will investigate and respond within 20 working days.
  • Step 2 — Escalate if needed: if you are not satisfied with our response, you can make a complaint to the Office of the Privacy Commissioner.

Privacy Commissioner:  www.privacy.org.nz  |  0800 803 909

14. Links to other websites

Our website may link to other organisations’ websites. Those sites have their own privacy policies — POET is not responsible for how they handle your information.

15. Changes to this policy

We may update this policy when our practices change or when the law requires it. The current version is always on our website at www.poet.org.nz.

Contact us

For any privacy questions, contact:

Perry Outdoor Education Trust
Email:  [email protected]
Website:  www.poet.org.nz
Post:  8 Peake Road, RD 3, Hamilton 3283

Pin It on Pinterest