Dunedin Botanic Garden website privacy statement
Information we collect
Information you give us:
When you subscribe to our newsletter we collect and store the information you provide us so that we can get the newsletter to you.
We collect device specific information – such as whether you were accessing this webpage using a mobile device, device model, network and IP address. This information is captured by Google Analytics.
When you access our site or subscribe to our services we collect, process and store information about how you used our site such as your search queries, and IP addresses, and the actual location from which you are accessing website content. This information is captured by Google Analytics.
We may collect and store information including your personal information using browser web storage and application data caches, for example, if you fill out a form to request a booking.
Information we share
We do not share personal information with companies, organisations or individuals unless one of the following circumstances applies:
You give your consent
We will share information with companies, organisations or individuals where you opt-in to sharing of personal information.
For external processing
We may submit the site information for submission to an external agency to analyse site data (such as traffic trends) and ask them to report to us.
For legal reasons
We will share personal information with companies, organizations or individuals outside of Google if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to:
- meet any applicable law, regulation, legal process or enforceable government request.
- enforce applicable Terms of Service, including investigation of potential violations.
- detect, prevent, or otherwise address fraud, security or technical issues.
- protect against harm to the rights, property or safety of <organisation name> our users or the public as required or permitted by law.
We may publish information that does not personally identify anyone with the public or other businesses like publishers, advertisers or web-developers. For example, we may share information publicly to show trends about the general use of our services.
Security of personal information
A secure method using SSL (secure socket layer) encryption is used in the event of customers providing personal information to use online services such as eshop.
Changing or updating your personal information
You can change or update your personal information by sending an email to: email@example.com.
If you believe your privacy has been breached, please notify us at: firstname.lastname@example.org so that we can put this right. You can call the Privacy Commissioner's privacy hotline: 0800 803 909.
For more detailed information please refer to The Privacy Act 1993 and its amendments.
The Privacy Act sets out 12 information privacy principles dealing with the collection, holding, use and disclosure of personal information, and the assigning of unique identifiers.
The principles also give you a right to access information about yourself and to ask for it to be corrected. In outline the 12 principles are:
- Purpose of collection of personal information.
- Source of personal information.
- Collection of information from subject.
- Manner of collection of personal information.
- Storage and Security of personal information.
- Access to personal information.
- Correction of personal information.
- Accuracy, etc., of personal information to be checked before use.
- Agency not to keep personal information for longer than necessary.
- Limits on use of personal information.
- Limits on disclosure of personal information.
- Unique identifiers.
The Act applies to the Dunedin City Council in its role as an agency.
In compliance with The Act the Dunedin City Council holds certain information about rate-payers and residents of Dunedin City.
This information is required for lawful purposes used in the functioning of the Dunedin City Council.
Personal information you provide on the DCC website will be kept securely and will not be disclosed to any third parties, in accordance with the New Zealand Privacy Act 1993.
In addition, if you have rights under the European Union General Data Protection Regulation (in effect on 25 May 2018) you have the following additional rights in relation to your personal data:
- Right to withdraw consent. You have the right to notify the DCC that you no longer want us to process or use your personal data. You can do that by contacting DCC on +643 477 4000 or email@example.com
- Right to data portability. You have the right to obtain a copy of any personal data stored and processed by DCC and you may direct DCC to transfer your personal data to another controller via csv format.
- Right to erasure/Right to be forgotten. You have the right to request that any of your personal data being stored or processed by DCC is deleted from our records. However, while we can delete your Personal Data from our current records, copies of your data may be stored in DCC inactive and archived records and will be deleted in accordance with DCC's then-current document management policy. In some cases, your personal data may be continued to be stored in archived records of transactions or activities where DCC is required by law to retain such records.
- Right to restriction of processing. You may request that DCC restrict the processing of your personal data. In such this case, this may affect your ability to use or navigate some of our customer services.
If you think that we have breached our obligations, you may make a complaint to our Privacy Officer by writing to firstname.lastname@example.org