POLICIES: PRIVACY, DATA, REFUND & ANTI-CORRUPTION
On this page we list our policies for how we use your personal data, as well as policies for refunds, our anti-corruption policy and our risk-management policy. These policies apply to the EpsomTax.com Group i.e. EpsomTax.com Limited, Property Accountants Auckland Limited and Outsourced etc NZ Limited.
PRIVACY POLICY
This privacy policy gives a general overview of how EpsomTax.com Group use and protect any information that you provide when you visit their websites or those of their subsidiaries or divisions.
EpsomTax.com Group is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be certain that it will only be used in accordance with this privacy statement.
EpsomTax.com Group may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes.*
Who is our Privacy Officer?
What we collect
We may collect the following information:
- name and job title
- contact information including email address
- demographic information such as postcode, preferences and interests
- other information relevant to customer surveys and/or offers
Please note that when completing the following forms (and other forms on our website that are similar), then highly detailed and private financial and personal information is requested, including (on some forms) proof of identity (Driver's Licence) and bank account:
- authorisation form,
- identity form for AML purposes
- company incorporation form,
- company authorisation form
- trust authorisation form
- partnership authorisation form
- GST questionnaire or,
- annual tax return questionnaire
Our site is https (not just plain old http) so we do our best to make sure this is transmitted securely to us.
What we do with the information we gather
We require this information to understand your needs and provide you with a better service, and in particular for the following reasons:
- Identity verification purposes as required by the Income Tax Act or other New Zealand legislation e.g. Anti-Money Laundering laws
- Preparation of financial statements and submission of tax returns to Inland Revenue
- To answer your queries
- Internal record keeping
- We may use the information to improve our products and services
- We may use the information to customise the website according to your interests
- From time to time, we may also use your information to contact you for market research purposes
Why we might contact you
In addition to the reasons listed above, we may also contact you about the following:
- We may email you occasionally to update you on a tax or legal development which will impact your investments
- We will contact you each year about AuditShield and your Companies Office obligations
- Reminders about tax or GST payments which are due or overdue
- Reminders about other legal obligations e.g. NZ Companies Office annual returns
- Other similar matters not listed here
We may contact you by email, phone, fax or mail.
Security
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures and policies to safeguard and secure the information we collect, whether online, via courier or in person.
Data breaches are possible, due to activity such as hacking or simple human error. Please scroll down for more detailed information on the this including our policy on reporting data breaches.
For security reasons, we have chosen not to publish the names of our storage providers, nor their type or location. However, we have confirmed that they meet the requirements of the NZ Privacy Act.
How we use cookies
We sometimes use cookies when we have a cup of coffee. Mmm, that sweet taste against the bitterness of the coffee is amazing.
But what you are more likely wondering about is website cookies. What is a cookie? A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about webpage traffic and improve our website in order to tailor it to customer needs. At least, that's the plan. We are not that sophisticated yet but we will get there. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, presumably cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website, but hey! We respect your choices.
How else might cookies affect you? Well, if you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select "Remember Me", your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Links to other websites and embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
Controlling your personal information
We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so. We may use your personal information to send you promotional information about third parties which we think you may find interesting if you tell us that you wish this to happen. There is an opt-in box on the authorisation form for this purpose.
If you don't want us to contact you about:
- improving our products and services
- new products, special offers or other information which we think you may find interesting using the email address which you have provided
- market research purposes
please let us know by contacting us, either by phone or by email.
You may request details of personal information which we hold about you under the Data Protection Act 1998. A small fee may be payable to cover our costs in providing it to you. If you would like a copy of the information held on you please contact us.
If you believe that any information we are holding on you is incorrect or incomplete, please write to or email us as soon as possible, at the above address. We will promptly correct any information found to be incorrect or incomplete.
For more detailed information on privacy, including compliance with the NZ Privacy Act and GDPR, please scroll down.
DATA /INFORMATION SECURITY POLICY
VALUE
What will my data be used for?
What are the benefits and who will benefit?
Who will be using my data?
Do you obtain data about me from anywhere else?
Well yes. At times a friend of yours, or a mortgage broker, a financial advisor, a risk advisor etc may send us your details.We also receive data from third parties such as Inland Revenue, Companies Office, ACC, Xero.com, MYOB and similar. All this sort of data can only be shared with us with your permission.
Can I refuse to provide some types of personal information?
PROTECTION
Is my data secure?
As far as it is possible, we believe so. To the extent necessary to ensure that our services to the client are completed and in accordance with the law, we make every reasonable effort to protect the confidential information from misuse or unauthorised disclosure.
We have a strict cyber-security policy, that all staff have agreed to. We review our privacy policy every year or sooner as needs be.* Information can only be accessed with a username and password. We delete your financial information after approximately seven years. At times clients have asked us for data that is older than seven years so we are not strict about that timeframe. That's proven helpful when IRD have decided to dig up something in the distant past, and the only people who might have the records so that a client can defend themselves is us!
We also annually review our PCI DSS compliance status. We use internet security products on all computers. All users have also signed a contract with confidentiality and non-disclosure clauses. As data is stored online, we take care to only use reputable and reliable commercial providers for electronic transmission and storage purposes. Sensitive ID data is stored with a separate provider to financial data.#
To the best of our knowledge, at the time of writing none of our online service providers have experienced a major hack apart from our previous website host (this occurred in 2016; see this article for more information); we believe that no client data was compromised, and we changed our passwords afterwards as per instructions from the host.
If there is a data or privacy breach, what happens?
Will my data be anonymous?
Can I see and correct data about me?
CHOICE
Will I be asked for consent?
Could my data be sold?
MORE INFORMATION
Please also see our terms and conditions and disclaimer, which contain further information as well as the Word document below. Feel free to contact us with any questions or to file a complaint.
We do not have a Data Protection Officer, but the closest thing to that would be our Privacy Officer, Garreth Collard. Garreth has previously qualified as a OneTrust Certified Privacy Management Professional. You can contact him using the form here or by phone on 099730706 line 2. Our Anti-Money Laundering Compliance Officer, Asher Crossman, can be contacted on 0993069901 or by using the form on this page.
NZ PRIVACY ACT 2020 & GDPR
privacy-policy (April 2024).pdf |
PCI DSS
CCPA
LGPD
# This data has been separated out and is stored with a separate provider. There is extremely limited access to this data, by design.
REFUND POLICY
Company Incorporation
Other accounting services e.g. annual accounts preparation:
ANTI-CORRUPTION POLICY
1. Purpose We are committed to upholding the highest standards of integrity, honesty, and transparency in all aspects of our operations. Corruption undermines trust, damages reputation, and erodes the foundation of our profession. This Anti-Corruption Policy outlines our firm stance against corruption and serves as a guide for all employees, contractors and stakeholders in maintaining ethical conduct.
2. Scope This policy applies to all employees, contractors, agents, and representatives of Epsomtax.com Limited and associated companies, including partners, managers, staff accountants, administrative personnel, and interns.
3. Definition of Corruption Corruption refers to any act of dishonesty, fraud, bribery, embezzlement, or abuse of power for personal or corporate gain. This includes, but is not limited to, offering, giving, receiving, or soliciting anything of value to influence a decision or action.
4. Compliance with Laws and Regulations We are committed to complying with all applicable laws and regulations related to anti-corruption, including but not limited to the New Zealand Crimes Act 1961 and the Foreign Corrupt Practices Act (FCPA). Employees are expected to be familiar with these laws and regulations and adhere to them at all times.
5. Prohibited Conduct The following activities are strictly prohibited and will not be tolerated:
- Offering, giving, receiving, or soliciting bribes, kickbacks, or any other form of improper payment or inducement.
- Making facilitation payments to expedite routine government actions.
- Engaging in conflicts of interest without proper disclosure and approval.
- Misusing company funds or assets for personal gain.
- Falsifying records or engaging in any form of accounting fraud.
- Offering or accepting gifts, hospitality, or entertainment that could reasonably be perceived as an attempt to improperly influence business decisions.
6. Reporting Procedures Employees are encouraged to report any suspected or actual instances of corruption or unethical conduct promptly. Reports can be made to the Executive Director, Garreth Collard. All reports will be treated with confidentiality, and no retaliatory action will be taken against individuals who make good faith reports.
7. Consequences of Non-Compliance Violations of this policy will result in disciplinary action, up to and including termination of employment or contract. Additionally, individuals found to have engaged in corrupt activities may be subject to civil or criminal prosecution.
8. Training and Awareness Regular training sessions will be conducted to ensure that all employees understand their obligations under this policy and are equipped to identify and report potential instances of corruption. Additionally, this policy will be communicated to all stakeholders and made available on our internal communication channels.
9. Review and Revision This policy will be reviewed periodically to ensure its effectiveness and relevance in addressing emerging risks and changing regulatory requirements. Any revisions will be communicated to all employees and stakeholders.
10. Conclusion We are committed to fostering a culture of integrity, accountability, and ethical behavior. By adhering to the principles outlined in this Anti-Corruption Policy, we demonstrate our dedication to upholding the highest standards of professionalism and serving the best interests of our clients, employees, and society as a whole.