Privacy Policy

MANAGING DIRECTOR
Anesh Chand
LAST UPDATED
April 26, 2026
DOCUMMENT

Purpose

We know that how we collect, use, disclose and protect your information is important to you, and we value your trust. That’s why protecting your information and being clear about what we do with it is a vital part of our relationship with you.

Buzz Financial Services Limited is committed to protecting your privacy. This privacy statement outlines how we collect, store, use and share your personal information.

By submitting your details on this website, you consent to the use of your personal information in accordance with this privacy statement

The purpose of this Privacy Policy is to inform our clients and any users of our digital platforms (i.e. our website, social media pages and app) about how we comply with the requirements of the New Zealand Privacy Act 2020 (“the Privacy Act”) in managing personal information.

This policy does not limit or exclude any of your rights under the Act. If you wish to seek further information on the Act, you can contact our Privacy Officer by email at anesh@buzzfinance.co.nz. Or visit www.privacy.org.nz for further information.

Changes to this policy

We may change this policy by uploading a revised policy onto the website. The change will apply from the date that we upload the revised policy.

Consent to Privacy Policy

Please note that when you contact us through our website, social media pages or our app, you are agreeing to this Privacy Policy. If you do not agree with this Privacy Policy, please do not contact us through any of our digital platforms, but call us on 0274 920 171

What is personal information?

Personal information is information about an identifiable individual. It includes (but is not limited to) name, address, contact details, date of birth, occupations, payment details, employment history and/or details, education and qualifications, financial information, testimonials and feedback, evidence of source of funds or source of wealth (in some cases) and other information

Collection of Personal Information

Personal Information is defined in the Privacy Act as information about an identifiable individual (a natural person as opposed to a company or other legal entity).

Third party collection of information

Where we collect your personal information from someone other than you, we will take reasonable steps to notify you that we have collected your personal information, the purpose of the collection, the intended recipients of the information, the name and address of the agency collecting and holding the information, whether the collection is authorised or required by law and, if so, the law that authorises or requires the collection, and your right to access and request correction of that information, unless an exception applies under the Privacy Act 2020.

We will use your personal information:

  • to verify your identity
  • to provide services and products to you
  • to market our services and products to you, including contacting you electronically (e.g. by call, text, or email for this purpose)
  • to improve the services and products that we provide to you
  • to improve the services and products that we provide to you
  • to protect and/or enforce our legal rights and interests, including defending any claim.
  • for any other purpose authorised by you or the Act.

Types of Personal Information we collect

The types of personal information we collect will vary depending on the nature of your dealings with us. We only collect personal information that is necessary. Where reasonable and practicable, we will collect your personal information directly from you and inform you that we are collecting it.

We mainly collect personal information directly from you, for example:

  • Over the telephone or a video call (such as over Microsoft Teams, Zoom or Skype) e.g. when you contact our staff;
  • Through one of our digital platforms like our website, social media pages and app (including through any online chat, virtual assistant or bots);
  • When you email or write to us; or
  • When you participate in a marketing campaign, competition or promotion (or a similar event) administered by us or our representatives.

If it is not obvious that we are collecting personal information from you, we will do our best to make it clear to you so that you are always aware when information is being collected.

Generally, the types of personal information we collect and hold include your:

  • Name
  • Date of birth
  • Contact details (such as your email address, postal address, phone number)
  • Details relating to your use of any product and/or service offered by us
  • Details of your enquiry
  • Details of any preferences you tell us about (such as subscription preferences).

We may also collect personal information about you from:

  • Publicly available sources e.g. via the internet;
  • Your professional advisers e.g. KiwiSaver Provider, Professional Financial Planner, Accountants, Solicitors, Registered Insurance Advisor;

We collect your personal information from the above parties (other than publicly available sources) where we have received your express consent to do so. We are not responsible for the privacy or security practices of the above parties and the parties described above are not covered by this Privacy Policy.

Who do we share it with?

Besides our staff and our related companies (Trail Limited/KAN and Newpark Financial Services Limited) we may share this information with third parties who enable us to provide you with our services.

These include:

Disclosing your personal information

We may disclose your personal information to:

  • Other companies or individuals who assist us in providing services or who perform functions on our behalf (such as mailing houses, hosting and data storage providers, specialist consultants, and legal advisers);
  • Product providers (such as but not limited to lenders and insurance companies);
  • Financial advisers and financial advice providers who may use our services;
  • Other companies or individuals who perform checks (such as but not limited to compliance reviews and audits) that are necessary or desirable under the law on our behalf;
  • Other companies, agencies, or individuals that maintain databases against which your identity may be verified, which may include (but are not limited to) the New Zealand Department of Internal Affairs, and New Zealand Transport Agency;
  • Social media sites on which we may have a presence;
  • Courts, tribunals, and regulatory authorities (such as the Financial Markets Authority, and the Ministry of Justice in New Zealand);
  • Office of the Ombudsman, where a complaint relates to official information;
  • Any person or agency we believe could assist in responding to a serious privacy breach.
  • Office of the New Zealand Privacy Commissioner, where a complaint relates to breach of the Privacy Act 2020;
  • Human Rights Commission, where a complaint relates to discrimination;
  • CERT NZ, where appropriate to assist with the management of a voluntarily notified privacy breach
  • Overseas privacy regulator, where a complaint relates to the actions of an overseas agency; and
  • Anyone else to whom you authorise us to disclose it.

Except as described above, we will not disclose your personal information without your written or oral consent, unless we are required to do so by applicable law.

We require these third parties to adhere to our strict confidentiality requirements for handling personal information, and we seek to ensure that they comply with the Privacy Act 2020.

Protecting your personal information

We will take reasonable steps to keep your personal information safe from loss, unauthorised activity, or other misuse. Our software is subject to audits to ensure it is continuing to meet security requirements. All data handled in our software is encrypted in transit and during storage and can only be accessed over secure network connections

Where do we store it?

We use third party service providers to store and process most of the information we collect. All data entered in Trail is encrypted both in transit and at rest, so in the incredibly unlikely event the database was to be accessed by an unauthorised entity, the data would be unusable. We may use cloud storage to store the personal information we hold about you. The cloud storage and the IT servers may be located outside New Zealand. We may also disclose personal information to Newpark Financial Services Limited and KAN/Trail; its related bodies companies and third-party suppliers and service providers located overseas for some of the purposes listed above. We ensure that our cloud-based service providers are subject to appropriate security and information handling arrangements and that the information stored or processed by them remains subject to confidentiality obligations.

Storing your personal information

We will only retain personal information if it is required for the purposes for which the information may lawfully be used. All data stored online is backed up and can be retrieved in the event of data loss or corruption.

Data will sometimes be held on premises at 25 Macleans Road, Bucklands Beach, Auckland if it is provided to us outside of our software

Accessing and correcting your personal information

Subject to certain grounds for refusal set out in the Act, you have the right to access your readily retrievable personal information that we hold and to request a correction to your personal information. Before you exercise this right, we will need evidence to confirm that you are the individual to whom the personal information relates.

In respect of a request for correction, if we think the correction is reasonable and we are reasonably able to change the personal information, we will make the correction. If we do not make the correction, we will take reasonable steps to note the personal information that you requested the correction.

If you want to exercise either of the above rights, email us at anesh@buzzfinance.co.nz. Your email should provide evidence of who you are and set out the details of your request (e.g. the personal information, or the correction, that you are requesting).

Anesh Chand
25 Macleans Road
Bucklands Beach
Auckland 2014
New Zealand;

Or via email at anesh@buzzfinance.co.nz
Or via phone 0274 920 171

Online Device Information and Cookies

If you are visiting us through our website, social media pages or app, then we collect information about your use and experience on these by using cookies. Cookies are small pieces of information stored on your hard drive or on your mobile browser. They can record information about your visit to the site, allowing it to remember you the next time you visit and provide a more meaningful experience.

The cookies we send to your computer, mobile phone or other device cannot read your hard drive, obtain any information from your browser or command your device to perform any action. They are designed so that they cannot be sent to another site or be retrieved by any non-Buzz Financial Services Limited website or app.

When you interact with us through our website, social media pages or app, the information collected through the cookies may include:

  • The date and time of visits;
  • Website page (or pages) viewed;
  • The website or app from which you accessed the internet and our website or other digital platform;
  • How you navigate through the website and interact with pages (including any fields completed in forms and applications completed (where applicable));
  • Information about your location;
  • Information about the device used to visit our digital platform; and
  • IP address (or addresses), and the type of web browser used.

We will not ask you to supply personal information publicly over Facebook, Twitter, or any other social media platform that we use. Sometimes we may invite you to send your details to us through a private message, for example, to answer a question. You may also be invited to share your personal information through secure channels to participate in other activities, such as competitions, but we would require your express consent prior to us including you in such activities.

Bots

A bot is a piece of software that is programmed to do certain tasks, such as responding to certain phrases with programmed responses. A bot acts in accordance with its instructions, imitating a human user’s behaviours, but without a human behind it. When you talk to a bot from a third party platform such as Facebook Messenger, our third party service provider (Google) will temporarily store and analyse your conversation so that the bot can talk back to you. You can read Google’s privacy policy here

The third party platform provider (i.e. Facebook Messenger) may also store your bot conversation. You can read Facebook’s privacy policy here. We recommend that you do not share sensitive personal information, such as bank account details, with a bot.

Purpose of Collection and Use of your Personal Information

Any personal information you provide to us may be used to:

  • Check whether you are eligible for the product or services offered by us;
  • Facilitate those services;
  • Provide information that you request; and/or
  • Provide you with further information about our other products and services.

We also have an obligation to maintain personal information to disclose to regulatory and similar bodies - see Disclosure of your personal information below. These bodies have a legal right to such information.

Storage and Protection of your Personal Information

We may electronically record and store personal information which we collect from you. When we do so, we will take all reasonable steps to keep it secure and prevent unauthorised disclosure.

However, we cannot promise that your personal information will not be accessed by an unauthorised person (e.g. a hacker) or that unauthorised disclosures will not occur. If we provide you with any passwords or other security devices, it is important that you keep these confidential and do not allow them to be used by any other person. You should notify us immediately if the security of your password or security device is breached, this will help prevent the unauthorised disclosure of your personal information.

Some information we hold about you will be stored in paper files, but most of your information will be stored electronically on physical hard drives and/or on the cloud, by cloud service providers – see Cloud-based service providers below.

We use a range of physical and electronic security measures to protect the security of the personal information we hold, including:

  • Access to information systems is controlled through identity and access management;
  • Our buildings are secured with a combination of locks, monitored alarms and cameras to prevent unauthorised access;
  • Employees are bound by internal information security policies and are required to keep information secure;
  • Employees are required to complete training about information security and privacy;
  • When we send information overseas or use service providers to process or store information, we put arrangements in place to protect your information;
  • We regularly monitor and review our compliance (and our service providers’ compliance) with internal policies and industry best practice.
  • We only keep information for as long as we need it, or as long as the law requires us to. We have a records management policy that governs how we manage our information and records to make sure we destroy any information that is outdated, irrelevant or unnecessary.

Cloud-based Service Providers

We use third party service providers to store and process most of the information we collect. All data entered in Trail is encrypted both in transit and at rest, so in the incredibly unlikely event the database was to be accessed by an unauthorised entity, the data would be unusable. We may use cloud storage to store the personal information we hold about you. The cloud storage and the IT servers may be located outside New Zealand. We may also disclose personal information to Newpark Financial Services Limited and Trail, its related bodies companies and third party suppliers and service providers located overseas for some of the purposes listed above. We ensure that our cloud-based service providers are subject to appropriate security and information handling arrangements and that the information stored or processed by them remains subject to confidentiality obligations.

Timeframes for Keeping Personal Information

We take reasonable steps to destroy or permanently de-identify any personal information as soon as practicable after the date of which it has no legal or regulatory purpose, or we have no legitimate business purpose with it.

In the case of information that relates to our advice services or products or services we have provided, we are required by law to hold this information for seven years. After this time, provided that the personal information is no longer relevant to any service we are providing you, we will take reasonable steps to safely destroy or de-identify any personal information.

We have a records management policy that governs how we manage our information and records to enable us to destroy any information that is outdated, irrelevant or no longer necessary.

If there is a Privacy Breach

Data Breaches

Our Privacy Officer has processes and systems in place in the unfortunate event of a data breach. If such an event occurs, we will promptly identify, report and examine a personal data breach.

We work hard to keep your personal information safe. However, despite applying strict security measures and following industry standards to protect your personal information, there is still a possibility that our security could be breached. If we experience a privacy breach, where there is a loss or unauthorised access or disclosure of your personal information that is likely to cause you serious harm, we will, as soon as we become aware of the breach:

  • Seek to quickly identify and secure the breach to prevent any further breaches and reduce the harm caused;
  • Assess the nature and severity of the breach, including the type of personal information involved and the risk of harm to affected individuals;
  • Advise and involve the appropriate authorities where criminal activity is suspected;
  • Where appropriate, notify any individuals who are affected by the breach (where possible, directly);
  • Where appropriate, put a notice on our website advising our clients of the breach; and
  • Notify the Privacy Commissioner.

Internet use

  • While we take reasonable steps to maintain secure internet connections, if you provide us with personal information over the internet, the provision of that information is at your own risk.
  • If you follow a link on our website to another site, the owner of that site will have its own privacy policy relating to your personal information. We suggest you review that site’s privacy policy before you provide personal information.
  • We use cookies (an alphanumeric identifier that we transfer to your computer’s hard drive so that we can recognise your browser) to monitor your use of the website. You may disable cookies by changing the settings on your browser, although this may mean that you cannot use all the features of the website.
  • We may use information about your use of our websites and other IT systems to prevent unauthorised access or attacks on our software. We may utilise services from one or more third-party suppliers to monitor the use of our systems. These third-party suppliers will have access to monitoring and logging information as well as information processed on our websites and other IT systems.

Disclosure of your Personal Information

We may disclose your personal information to others outside Buzz Financial Services Limited where:

  • It is necessary to enable us to achieve the purpose that we collected the information for;
  • We are required or authorised by law or where we have a public duty to do so;
  • You have expressly consented to the disclosure or your consent can be reasonably inferred from the circumstances; or
  • We are permitted to disclose the information under the Privacy Act 2020.

Parties we may Disclose your Information to

Your personal information may be used by us for the purpose of providing advice and services to you and may also be used by agencies such as, but not limited to:

  • Any out-sourced service provider who assists in the services we are required to carry out such as auditors and external compliance reviewers;
  • Our external dispute resolution service;
  • The Regulator;
  • Credit reporting and debt collecting organisations;
  • Buzz Financial Services Limited’s related companies, such as Newpark Financial Services Limited, Trail including the Financial Advice Provider licence holder BUZZ FINANCIAL SERVICES LIMITED (FSP756111) and/or Authorised Body [Newpark Financial Services Limited].

If we don’t need to share your information with a third party in order to provide advice and services to you, we will not pass on your information to them without your consent. Under no circumstances will we sell or receive payment for disclosing your personal information.

Sending your Information Overseas

We may send your personal information outside New Zealand, including to overseas members of Buzz Financial Services Limited’s related companies and overseas service providers or other third parties who process or store our information, or provide certain services to us.

Where we do this, it does not change any of our commitments to you to safeguard your privacy. We make sure that appropriate security and information handling arrangements are in place and the information remains subject to confidentiality obligations.

All countries have different privacy laws and information protection standards. If we need to send your personal information to a country that has lower standards of information protection than in New Zealand, we will take appropriate measures to protect your personal information. Where it is not possible to ensure that appropriate security and information handling arrangements are in place, we will let you know and gain your consent prior to sending your personal information overseas.

Third Party Websites

Through our website or our other social media pages, you may be able to link to other websites which are not under our control. We are not responsible for the privacy or security practices of those third-party websites and the sites are not covered by this Privacy Policy. Third party websites should have their own privacy and security policies and we encourage you to read them.

In addition, we have no knowledge of (or control over) the nature, content, and availability of those websites. We do not sponsor, recommend, or endorse anything contained on these linked websites. We do not accept any liability of any description for any loss suffered by you by relying on anything contained or not contained on these linked websites.

Right to Access, Correct and Delete Personal Information

You have the right to request access to, correct and, in some circumstances, delete your personal information. You can do so by contacting us at:

Anesh Chand
25 Macleans Road
Bucklands Beach
Auckland 2014, New Zealand
Or via email at anesh@buzzfinance.co.nz

When you contact us with such a request, we will take steps to update or delete your personal information, provide you with access to your personal information and/or otherwise address your query within a reasonable period after we receive your request. To protect the security of your personal information, you may be required to provide identification before we update or provide you with access to your personal information.

We are only able to delete your personal information to the extent that it is not required to be held by us to satisfy any legal, regulatory, or similar requirements.

There is no fee for requesting that your personal information is corrected or deleted or for us to make corrections or deletions. In processing your request for access to your personal information, a reasonable cost may be charged. This charge covers such things as locating the information and supplying it to you.

There are some circumstances in which we are not required to give you access to your personal information. If we refuse to give you access or to correct or delete your personal information, we will let you know our reasons, except if the law prevents us from doing so.

If we refuse your request to correct or delete your personal information, you also have the right to request that a statement be associated with your personal information noting that you disagree with its accuracy.

If we refuse your request to access, correct or delete your personal information, we will also provide you with information on how you can complain about the refusal.

What happens if you Do Not Provide us with your Information

If you do not provide information we have requested, you may be unable to obtain or access our services for which the information is required. Please ask us if you are unsure what information is important and how this might affect you.

Changes to this Privacy Policy

We review this Privacy Policy periodically to keep it current and available on our website. If the changes are significant, we may advise you directly. You may also obtain a copy of the latest version by calling us on 0274 920 171.

Privacy Policy Queries and Concerns

If you are concerned about how your personal information is being handled or if you feel that we have compromised your privacy in some way, please contact us at:

Anesh Chand
25 Macleans Road
Bucklands Beach
Auckland 2014, New Zealand

Or via email at anesh@buzzfinance.co.nz
Or via phone 0274 920 171

We will acknowledge your complaint within two working days of its receipt. We will let you know if we need any further information from you to investigate your complaint.

We aim to resolve complaints as quickly as possible. We strive to resolve complaints within ten working days, but some complaints take longer to resolve. If your complaint is taking longer, we will let you know what is happening and a date by which you can reasonably expect a response.

If you are not satisfied with our response to any privacy related concern you may lodge a complaint on the Financial Services Complaints website www.fscl.org.nz/complaints/complaint-form or send a complaint form to Financial Services Complaints Limited at:

Financial Services Complaints Limited
PO Box 5967
Wellington 6145, New Zealand
Email: complaints@fscl.org.nz

Telephone: 0800 347 257
Website: www.fscl.org.nz