Contagion (we, us, our) takes its responsibility for your personal information very seriously and is committed to managing personal information in accordance with the Privacy Act 2020 (the Act).

Personal information is any information about an identifiable individual (a natural person).

This policy does not limit or exclude any of your rights under the Act. If you wish to seek further information about the Act, or about privacy in general, visit www.privacy.org.nz.

Scope and purpose

This privacy policy applies to any personal information we collect or obtain about you when you interact with us (or one of our business units), including through this website.

The purpose of this policy is to set out the basis upon which we collect, store, manage and disclose personal information and your rights in respect of that information.

We may make changes to this privacy policy from time to time, with or without notice to you. When we do so we will publish an updated version on our Website and update the “last updated” notice on this page. We recommend that you visit our Website regularly to keep up to date with any changes.

What personal information we collect

The types of personal information we collect will vary depending on the circumstances of collection and the kind of interaction you have with us, but could include:

  • personal details such as your name, email, postal address and other contact details like phone numbers
  • any additional personal information you provide to us, or authorise us to collect, as part of your interaction with us. This might include your date of birth, qualifications or work history if you are applying for a job with us or your tax number and superannuation information if we employ you
  • any other personal information you provide to us, or authorise us to collect, as part of your interaction with us.

When we collect personal information

We collect personal information from you:

  • when you enter into discussions with us in relation to potentially becoming a client, customer, supplier or employee of Contagion.
  • when you enter into any document or contract with us including under any of our various programmes or services
  • when you apply for employment with us
  • when you contact or interact with us including through our social media channels.

Why we collect personal information and what we use it for

We collect and use your personal information as reasonably necessary to carry out our business and our functions as a New Zealand Crown Entity, and to assess and manage our clients’ needs and provide services.  We may also collect information to fulfil administrative functions associated with these services, like billing, for example.

The purposes for which we collect and use personal information depend on the nature of your interaction with us, but may include:

  • to assist in providing services that you request from us or to receive services that we request from you
  • to provide information that you subscribe to via our Website or that may be of interest to you
  • to manage our relationship with you
  • to respond to your email or enquiry
  • to register you for an event or training session that you attend or otherwise provide related services or information to you
  • to investigate a complaint or request that you lodge with us
  • to progress or process your application if you apply for a job with us
  • to let you know about events, surveys, promotions or marketing we may undertake from time to time
  • to facilitate your involvement in our research, development or other services or programmes
  • to manage our debt recovery efforts
  • to gain insights and facilitate quality improvement activities for our Website
  • to provide services to different entities within or related to Contagion
  • for sharing with third parties (such as other Government agencies) that have similar objectives to us where the sharing is for a not-for-profit purpose
  • for the purposes and uses described in applicable terms and conditions between you and us.

Disclosure of personal information

We will only share personal information with other organisations or individuals as authorised by law which includes the following circumstances:

  • to third parties to achieve the purposes listed above on our behalf
  • where Contagion has your prior authorisation, or as instructed by you.
  • to improve our cyber security measures or systems
  • if we believe that giving the information will help prevent or resolve fraud, money laundering, unauthorised access to or attacks on our information technology systems or other crimes. We may do this even if the person whose personal information is disclosed is not involved in any malicious or suspected activity
  • to comply with the law in New Zealand or in any relevant overseas jurisdiction
  • to enforce or apply our rights or protect our organisation, staff or clients.

How we hold and store personal information

We will take all reasonable steps, and maintain all necessary processes and systems, to prevent unauthorised access to, or use of, personal information we collect.

Any personal information provided to us will be collected and held by, or on behalf of, Contagion at 84-86 Franklin Rd, Freemans Bay, 1010 and/or at cloud providers or data centres we use.

Where Contagion transfers personal information outside of New Zealand (to offshore data centres, for example) we take steps to ensure that such transfers are to third parties and/or countries with adequate safeguards in place and in accordance with the Act and any other applicable privacy laws.

We will keep your personal information for as long as necessary for the purpose for which the information may lawfully be used.

Website analytics

Contagion also collects non-identifiable information through your interactions with our information technology systems. This includes through use of the Website.

We use analytics to analyse web traffic based on specific behaviour, demographic, and interest data. These analytics collect statistical information about visits to the Website, including:

  • IP addresses (which are masked)
  • search terms used
  • pages accessed from the Website and clicks on links
  • dates and times at which the Website is accessed
  • the referring site (if any) through which the Website is accessed
  • operating systems (e.g. Windows, Mac OS X) used to access the Website
  • web browsers used (e.g. Microsoft Internet Explorer or Edge, Google Chrome or Apple Safari).

The data collected is aggregated and IP addresses are masked so that they cannot be used to identify specific individuals or their particular analytics. Analytics will also respect any “do not track” settings on user’s web browsers.

Use of cookies

A cookie is a piece of data stored on a user’s computer or other device tied to non-personal information about the user. We use cookies to refine and improve the way we provide information and services (for example, the layout of our Website or the types of information we provide to our clients). Users can disable cookies in their web browser settings and/or delete them from their computer’s hard drive. Users do not need to have cookies turned on to use our Website, but some online services, features or functions of the Website may not function properly if the cookies are turned off.

Social Media 

We use social media websites, like Facebook and LinkedIn, to communicate with the public about our work. If you interact with us on social media (for example, by posting on our Facebook page or liking our posts), you share your social media profile with us.  We only use this information to interact with you on social media. This information is collected from you by the relevant social media service and is governed by that service’s terms and privacy policy.

Right to access or seek correction of your personal information

To find out what personal information we hold about you, to get a copy of that information, and/or request corrections to that information as outlined in the Act, or for any further information about this privacy policy, please contact us at .

We will take reasonable steps to ensure that the personal information we collect, use or disclose is accurate, complete and up to date. You can help us to do this by letting us know if you notice errors or discrepancies in information we hold about you and letting us know if your personal details change.

Complaints about the handling of your personal information

You may contact us at any time if you have any questions or concerns about this privacy policy or about the way in which your personal information has been handled.

You may make a complaint about privacy to Contagion’s Privacy Officer via the email address set out below.

The Privacy Officer will first consider your complaint to determine whether there are simple or immediate steps which can be taken to resolve the complaint. We will generally respond to your complaint within a week.

If your complaint requires more detailed consideration or investigation, we will acknowledge receipt of your complaint within a week and endeavour to complete our investigation into your complaint promptly. We may ask you to provide further information about your complaint and the outcome you are seeking. We will then typically gather relevant facts, locate and review relevant documents and speak with individuals involved.

In most cases, we will investigate and respond to a complaint within 30 days. If the matter is more complex or our investigation may take longer, we will let you know.

If you are not satisfied with our response to your complaint, or you consider that we may have breached the Act, you can make a complaint to the Office of the Privacy Commissioner by telephone on 0800 803 909 or by using the contact details on their website.

How you can contact us

You can contact Contagion’s Privacy Officer by email at 

Last updated: 18 Aug 2023