CCH Learning is owned and operated by CCH New Zealand Limited.

CCH New Zealand Limited of 129 Hurstmere Road, Takapuna, Auckland 0622 and its related bodies corporate (“we”, “our”, “us”) are committed to providing you with the highest level of customer service. This includes protecting your privacy. This Privacy Policy sets out how we handle personal information and how we comply with our obligations under the Privacy Act 1993.

This Privacy Policy explains how and why we collect your personal information, how we may use and disclose it, how we keep it secure, how you can access or correct your personal information and how to make a complaint relating to your privacy.

What is personal information?
This Privacy Policy applies to “personal information” as defined in the Privacy Act and includes any information that can be used to identify you. This may include your name, address, telephone number, email address and profession or occupation. If the information we collect personally identifies you or you are reasonably identifiable from it, the information will be considered to be personal information.

Collecting personal information
We may collect the following types of personal information about you:
• Your name and the name of your employer
• Mailing or street address
• Email address
• Telephone number
• Facsimile number
• Profession, occupation or job title
• Credit card details
• Details of the products or services you have purchased from us or which you have enquired about, together with any additional information necessary to deliver those products and services or to respond to your enquiries
• Any additional information relating to you that you provide to us directly through our websites or indirectly through use of our websites or online presence
• Information you provide to us through customer surveys or through conversations with us
• Any information that is provided to us by or that we have collected on behalf of you in the course of our provision of ongoing services to you such as software support.  This may include information relating to your staff or your own clients where you operate a business.

How we collect personal information

Where reasonable and practicable, we will collect personal information directly from you and inform you that this is being done. We may collect personal information in a number of ways including:
• Through your access and use of our websites
• During our conversations with you
• When you or your organisation submits to us a document containing personal information.

However, in some circumstances it is necessary for us to collect personal information from third parties including:
• From credit reporting agencies
• From law enforcement agencies and other government entities
• From agents, dealers and subcontractors that form part of our sales and/or service network
• From our customers that have outsourced a function to us (such as hosting software)
• From our related bodies corporate and service providers that collect information on our behalf.

If we receive personal information that we have not requested (unsolicited information) and we determine that we could not have collected that information under the Privacy Act if we had requested it, we will destroy or de-identify that information if it is lawful and reasonable to do so.

Purposes for which we collect, hold, use and disclose personal information
We collect, hold, use and disclose your personal information for the following purposes:
• To provide products and services to you and/or your organisation and to send communications requested by you or your organisation including to inform you of updates or changes to the products or services you have acquired
• To answer enquiries and provide information or advice about existing and new products and services
• To assess and improve the performance, operation and relevance of our websites, products and services
• To facilitate and process your orders and payments
• To perform functions outsourced to us (such as hosting services) which may require us to provide personal information to our related bodies corporate, contractors, service providers or other third parties
• To process and respond to any complaint made by you
• For direct marketing of promotions, products or services that we think may be of interest to you, including adding you to a database compiled by us for this purpose
• To our related bodies corporate and third party service providers for use in direct marketing of promotions, services or products that our related bodies corporate or third party service providers think may be of interest to you, including adding you to a database compiled for this purpose
• For our internal planning, including product or service development, quality control and research purposes and those of our related bodies corporate, contractors or service providers
• For internal accounting and administration purposes
• To update our records and keep your contact details up to date
• For regulatory reporting and compliance with our legal obligations
• To various regulatory bodies and law enforcement officials and agencies to protect against fraud and for related security purposes
• To facilitate product reviews and to seek your feedback in relation to particular products and services in order to improve customer satisfaction and our relationship with you.

Disclosure of personal information by us
We may disclose your personal information to related bodies corporate or to third party organisations. Your personal information is only disclosed to these organisations for the purposes set out in this Privacy Policy. These third party organisations include those that carry out our:
• Customer enquiries
• Mailing operations
• Billing and debt-recovery functions
• Information technology services
• Marketing and telemarketing services
• Market research
• Website usage analysis
• Sales and support for our products and services.

In addition, we may disclose personal information to other third parties such as:
• Third party professional advisers such as accountants, solicitors, business advisers, consultants
• Credit-reporting and fraud-checking agencies
• Government and regulatory authorities and other organisations, as required or authorised by law.

We take reasonable steps to ensure that these organisations are bound by confidentiality and privacy obligations in relation to the protection of your personal information.

Direct marketing material
We may collect, hold, use and/or disclose your personal information to send you direct marketing communications and information about our products and services that we believe may be of interest to you. These communications may be sent in various forms including mail, SMS, fax and email, in accordance with applicable laws governing the sending of marketing materials.

At any time you may opt-out of receiving marketing communications from us, by using the opt-out facilities specified in our direct marketing communications or by using the contact details set out below under “How to contact us”. We will then ensure that your details are removed from the relevant marketing contact list you have elected to opt-out of.

Web site collection
We collect information from our web sites during the optional web site registration process and during your use of our web sites. More specifically, information is collected in the following ways:

Registration process
During our one-off registration process, the following information is collected: your email address, name, organisation (if any), address, telephone number, facsimile number (optional), where you heard about our websites (optional), your ship-to number (optional), your areas of interest for our daily email alerting service (optional), the type of information to be included in those email alerts, your username and password.

Purchase Process
When you purchase goods from us online, we (either directly or through our service providers) need to collect the following information from you: Your username, password (if you want us to automatically enter existing contact details), name, organisation, email address, telephone number, facsimile number (optional), mailing address, cardholder name, credit card type, credit card number and credit card expiry date.

Our web servers
When you browse our web sites, our web servers, which may be controlled by us directly or indirectly through our service providers, make a record of your visit and log the following information, mainly for statistical analysis or system administration purposes:
• Your Internet protocol (IP) address and/or fully qualified domain name
• The date and time of your visit to the web site
• The web pages which you accessed, the files you downloaded and the size of those pages/files
• If you followed a link to our web site, the name of the previous web page and the name of the web site you visited
• The type and version of your web browser (for example, MS Explorer, Firefox or Chrome)
• The name of your operating system (for example Windows 7 or 8, Apple or Linux)
• The protocols used (for example http, https, ftp).

Search terms
Search terms that you provide when you search our web sites are collected for statistical analysis, to understand what users are looking for on our web sites and to improve the products and services which we provide.

Cookies
We use cookies to better tailor our information and services to meet your needs. A cookie is a small summary file containing a unique ID which is sent to your internet enabled device, such as your computer.

Our web servers generate a single cookie which is used to let us know who you are, to deliver information, publications and services to you based on your account information and to keep track of the web pages you visit while you are using our web sites. The cookie contains an organisation identity number (if any), user type, group identity number (if any), user identity number and the browser session identity number.

If you do not wish to receive cookies, you can set your browser so that your internet enabled device does not accept them. However your browser must have cookies enabled for you to be able to use our web sites.

Third parties
Our Internet Service Provider (ISP) and your ISP may make a record of your visit to our web sites and collect some or all of the same or similar information as referred to above under Web site collection.

Our web sites work with a third party service provider that collects anonymous data relating to web site traffic referred by external search engines. This third party may use cookies and other anonymous identifiers and may create anonymous profiles associated with cookies or other anonymous identifiers, but will not associate any data gathered with any personally identifiable information from any source.

We may from time to time use third party services for the serving or targeting of advertisements, promotions or other marketing information on our web sites.

When you follow a link from our web sites to a third party web site, that web site may make a record of your visit and collect some or all of the same or similar information that we collect as referred to above under Web site collection. We are not responsible for the privacy practices or the content of any third party web sites.

Consequences if we cannot collect personal information
If you do not provide us with personal information some or all of the following may occur:
• We may not be able to provide requested products or services to you. If for instance you do not complete an on-line registration process, then you will not have access to our free Web Guide reviews and links to online information, news and events in your area(s) of interest, our opt-in daily email alerting service or a range of other free services. Where purchasing goods from us online, a failure to provide the required personal information will mean we will be unable to process your order
• We may not be able to provide you with information about products or services
• We may be unable to tailor the content of our websites to your preferences and your experience of our web sites will not be as enjoyable or useful.

Accessing and correcting personal information
If you wish to access, correct or update any personal information we may hold about you, please contact us as set out below under “How to contact us”. We may charge you for our reasonably incurred costs in providing access to this information. We will not charge you for correcting information. We may refuse access in certain instances, where for example, granting access would interfere with others’ privacy. Where we are unable to provide access to your personal information we will give you a written notice setting out:
• the reasons for the refusal (to the extent it is reasonable to do so); and
• the steps that can be taken to lodge a complaint in respect of our refusal.

Alternatively, if you have registered to use our web sites, most of the information provided during registration may be corrected by you online through your personalised Membership Services pages. The information which you can correct includes your name, street address, contact details (telephone number, facsimile number, email address), password and your daily email alerting service profile.

Disclosure of personal information to overseas recipients
Your personal information may be disclosed to organisations located outside of New Zealand. This may occur for example, where we have a database or server hosted outside of New Zealand or where your personal information is disclosed to a related body corporate. We may for instance transfer personal information to related body corporates located in Australia and the United States of America.

Your personal information may also be transferred to organisations located outside of New Zealand for processing, storage or support services. The countries to which we are most likely to send your personal information for these services include Australia, India, Indonesia, Malaysia, Philippines or the United States of America. These countries may have different data protection laws. By using these services you consent to the transfer of information to organisations located outside of New Zealand.

Prior to us disclosing your personal information overseas we will take all reasonable steps to ensure that the overseas recipient does not breach our privacy obligations relating to your personal information and that the personal information is used for the same purposes for which we are authorised to use the personal information.

Protecting the security of personal information
We may hold your personal information in either electronic or hard copy form. We have security measures in place and take all reasonable steps to ensure that your personal information is stored in a secure environment and is protected from misuse, interference, loss, unauthorised access, modification and disclosure.

Whenever you register or purchase goods or services from our web sites, we use current technology to encrypt the information and online access to your information, products and services requires you to provide a username and password. The sections of our web sites dealing with credit card information are capable of working with browsers using high-security encryption.

Where we are not required or authorised by law to retain your personal information, it will be destroyed or de-identified when it is no longer required for any purpose for which we may lawfully use or disclose it.

Notification of collection of personal information
At or soon after the time when we collect your personal information, we will take reasonable steps to ensure that you are aware of the collection, the purpose(s) of the collection, the main consequences (if any) if the information is not collected, the types of organisations (if any) to which the information may be disclosed (including those located overseas), any law that required the information to be collected and the fact that this Privacy Policy contains details on access, correction and complaints.

The General Data Protection Regulation
To protect the personal data of individuals and customers in the European Union and to keep up with everchanging technology, as per the May 25, 2018 the General Data Protection Regulation (GDPR) came into effect. The GDPR impacts every organization which stores or processes personal data of individuals across the European Union. The GDPR aims to strengthen the rights of individuals over their personal data and creates a harmonized personal data protection standard.

Consistent with the Wolters Kluwer company values and business principles data privacy is also at the heart of our approach to the GDPR. We fully understand the importance of data privacy standards to our customers and we recognize the obligations that apply to managing, storing and processing personal data.

As a trusted partner to professionals, we want our customers to be confident that their personal data are protected. The Wolters Kluwer Corporate Privacy Office engaged in a cross-functional enterprise wide GDPR program. We have reviewed the data processes (policies, standards and documentation) and practices throughout our company and implemented processed to protect personal data. We trained our employees on their responsibilities and new ways of working related to GDPR; we partner with third parties and vendors to ensure their compliance; and we assessed customer contracts and continue to work with our customers to help to support them.

At Wolters Kluwer, we are committed to protecting our customers’ personal data. We deliver on this promise by striving to keep information secure and respecting the rights of individuals to protect their personal data and to support your commitments to your clients.

Complaints about a breach of privacy
If you have any concerns or questions about the way your personal information is managed and used by us, or are concerned that the Privacy Act or this Privacy Policy has been breached, please contact our Privacy Officer.

We take compliance with our privacy obligations seriously. We will ensure that your complaint is registered with us and may request that you provide the complaint in writing. The Privacy Officer will ensure that the complaint is referred to the correct persons within the organisation to investigate and respond to the complaint. Any response or action will be notified to you as soon as practicable.

The Privacy Officer’s details are set out below under “How to Contact Us”.

How to contact us
To contact us regarding any request to access or correct personal information, any complaint regarding the treatment of your personal information or if you have any queries regarding this Privacy Policy, please contact our Privacy Officer at au-privacy@wolterskluwer.com or using the contact details on our website.

Updates to this Privacy Policy
We may amend this Privacy Policy from time to time. Any updated versions will be effective from the date of posting on our website.

This Privacy Policy was last updated on 30 May 2018.

See also Terms and Conditions