FSCL is an independent and fair dispute resolution service. We resolve complaints about financial service providers that are members of our service (participants).

We treat all personal information with care and respect. We actively protect the privacy of everyone we hold information about in the same way as we would expect our own information to be protected. In doing this, we ensure we comply with the Privacy Act 2020 and any other obligations we have relating to personal information.

Scope of this policy

Personal information is any information about, or related to, a person.

This privacy policy covers how we look after the personal information we collect, use, share, disclose, store, and dispose of. This includes personal information about:

• consumers that use our service and their representatives
• participants (including their agents)
• members of the public that engage with us (including through our website).

This policy also covers how we look after confidential and commercially sensitive information participants give us.

Our policies

We have separated our policy into sections to make it easier for you to find the information most relevant to you.

We set out the general policies that apply to all personal information. We then set out specific information about how we collect and use information about people who:

• make general enquiries to us and use our website
• make enquiries or complaints to us about participants
• are participants or they have signed up to receive our newsletters. 

1. General policies

Collection

We will only collect personal information necessary for us to deliver and administer our service, with your consent or where required by law. Additional personal information may be collected under specific circumstances. 

We will ensure any personal information about you is collected only from you or your authorised representative or agent, or from other individuals or organisations you have authorised us to collect the information from. This includes the participant you have made an enquiry or complaint about. 

Where you provide us with information about someone else, you confirm you have the authority or approval to provide the information to us or that it is relevant to our service.

Use and disclosure

We will use personal information to enable us to deliver and administer our service and, where we are required to, for law enforcement purposes. 

We will use personal information only for the purposes for which it was collected, unless there is good reason to use it for other purposes and this is allowed by the Privacy Act.

Storage and Security

We will store all personal information with reasonable safeguards against misuse, interference, loss, and from unauthorised access, modification, and disclosure.

Only approved FSCL staff and contractors will have access to case files and to any other personal information we hold.

We store personal information physically and digitally. Physical files are held securely in our offices or off-site in internationally certified document storage facilities. Digital files are stored in secure cloud-based computer systems connected to our network. Our case management system is located in New Zealand and our participant database is located in Australia. We use a secure document storage system located in North America.

Our information communications systems are supported by experts and protected by technical security mechanisms to guard against unauthorised access and theft. All our security mechanisms are regularly reviewed.

We keep personal information only for as long as it is needed and in accordance with the law and will destroy it securely when it is no longer needed.

Access and correction

Anyone may ask us for access to the personal information we hold about them. We will make this information available as quickly as possible. 

We will ensure that personal information about you is provided only to you or to other individuals or organisations you have authorised us to provide your information to.

Any incorrect information we hold will be corrected as soon as we are made aware of an inaccuracy, including where information is out-of-date.

Accountability and responsibility

All FSCL staff and contractors are responsible for treating all personal information with care and respect, and actively protecting the privacy of everyone we hold information about and complying with the Privacy Act. All staff and contractors are responsible for reporting anything that is not consistent with this to FSCL’s Privacy Officer.

The Privacy Officer is responsible for supporting staff and contractors to understand and deliver good privacy practice and how to comply with the Privacy Act.

We have privacy training programmes, policies and supporting procedures, and monitoring processes to assist our staff and contractors to actively protect the privacy of everyone we hold information about in the same way as we would expect our own information to be protected.

2. General enquiries – calls, emails, and website browsing

Collection

If you contact us by phone for information about our service or general information about how to complain about a financial service provider, we will not collect or retain any personal information. We do not record phone calls.

If your phone call relates to a financial service provider that is not a participant of our service, we will keep a record of the enquiry. This is used to identify trends or issues and informs any proactive steps we may need to take with other dispute resolution services or their participants.

If you make an enquiry by email, we will keep a record of our correspondence.

Where your call relates to a financial services provider who is not a member of our scheme, we will keep a record of an enquiry related to that provider. This is used to identify trends or issues and informs any proactive steps we may need to take with other dispute resolution schemes and/or their participants.

If you make an enquiry by email, we will keep a record of our correspondence.

Website browsing

We use cookies on our website that collect information about how you use our website. You can disable cookies in your browser, but this may affect your experience with our website.

We use cookies to collect the following information.  

• Analytics – to track which pages are visited, to help us identify the most popular areas of our website. The information we access is aggregated and we cannot identify individual visitors.
• Function – identify and facilitate participants to log into the participant only areas of our website.

We use Google Analytics for our cookies. We do not use other third-party tracking services.

We use Google Ads (sponsored search results) to raise awareness of FSCL and to direct traffic to our website. We can access some data that Google collect to help us measure the effectiveness of Google Ads, such as the advert clicked and the time it was clicked.

You can find Google’s privacy policy here.

3. Enquiries and complaints about participants

Collection

When you make an enquiry or a complaint about a financial services provider that is a participant, we will collect the following information:

• Identifying and contact details (such as name, address, phone number, and email address), and details of any authorised representatives (people acting on your behalf or supporting you)
• Details of your enquiry or complaint, including the financial service provider (the participant), details of your interactions with the participant, and any unique identifier (such as customer number or loan reference number) used by the participant to identify you.
• Financial information (such as your loan or investment details) to provide context to your enquiry or complaint.
• Details of other people involved in your complaint, including individuals contacted or corresponded with at the participant, their contact details, and their actions.
• Any other information relevant to the enquiry or complaint.
• Data about your enquiry or complaint, including product categories (the type of financial service enquired or complained about), problem categories (what the enquiry or complaint was about), and the outcome of the enquiry or complaint.
• Demographic information you agree to give us, including your age (to the nearest decade), ethnicity, employment status, the region you live in, and how you found out about our service. You do not have to give us demographic information.

We also collect feedback from some consumers to help us improve our service. You do not have to complete any survey that we may send you.

We use SurveyMonkey to send and manage our surveys. SurveyMonkey’s privacy notice and information about cookies they use is on their website. 

Use and disclosure

If you make a complaint about a participant, we will use the information you give us and we will collect information from the participant so we can facilitate a resolution to your complaint or to decide it. This will be done in accordance with our rules, known as our terms of reference.

We use aggregated information to report on the performance of our service and may provide participants, industry bodies, consumer groups, and government authorities with trends, insights, and common concerns raised by consumers. We only use demographic information for statistics and reporting purposes.

We will provide personal information to other people or organisations if we need to do so to deliver or administer our service. We will seek consent to share personal information with others or to use the information for any other purpose, unless we are required or authorised by law to share or use the information without consent.

We may disclose your personal information to:

• your authorised representatives
• the participant complained about, except information we have agreed to keep confidential from the participant  
• our business and service providers (such as IT providers)
• our professional advisers (such as insurers, auditors, and lawyers)
• government authorities, including regulators and law enforcement agencies, where required or authorised by law.

We will take all reasonable steps to ensure third parties protect your personal information with the same care and respect we do.

Case notes

We publish anonymised case notes on our website to give consumers and participants guidance about the approach we are likely to take in a particular type of case or to highlight some of the different ways that a complaint can be resolved.

We also use case notes in our:

• annual reports
• newsletters to participants and other stakeholders
• outreach programmes, such as presentations to consumer groups and participants
• media releases
• social media posts, such as Facebook and LinkedIn.

Case notes will never identify the individual making the complaint. If you have concerns about being identifiable in a case note, please talk to us. We will consider your concerns when deciding whether to publish a case note or how the case note is presented.

4. Participants and people that sign up to receive newsletters

Collection

When you register as a participant of our service, we will collect:

• identifying and contact details, including the details of individuals notified as key contacts for communications about complaints and other communications.
• professional memberships
• business information, including trading structure and type of financial services offered.

We may also collect feedback from participants about our service. You do not have to complete any survey that we may send you.

We use SurveyMonkey to send and manage our surveys. SurveyMonkey’s privacy notice and information about cookies they use is on their website. 

Participant and other stakeholder communications

We use MailChimp to manage and distribute our email newsletters and other bulk email communications. MailChimp is based in the United States of America. MailChimp manages your information in accordance with its privacy policy.  

Each email distribution uses up-to-date contact details for our participants and people that have signed up to receive our newsletters.

We monitor the effectiveness of our newsletters using the analytical tools offered by MailChimp about the following.

• Unique opens – The number and email addresses of subscribers that have opened the email.
• Email client usage – which email account (such as Gmail, Outlook, Hotmail) was used to open the email.
• Regions – Where the email was opened.
• Bounced – The number of emails that weren’t successful due to an inactive address, domain name system (DNS) failure, or because the recipient’s mailbox was full.
• Not opened – The number and email addresses of subscribers that didn’t open the email.
• Shares – The number of times the newsletter has been shared via email or social media, such as Facebook and X (formerly called Twitter).
• Most popular links – The most clicks on any links directing to other websites or information not contained in the email.

There is no ability to collect information beyond this, or to track the recipient outside of a specific newsletter. Once the recipient has closed the newsletter, no further information can be collected.

Use and disclosure

We will use the information we collect about you to:

• administer our service 
• communicate with you about enquiries and complaints from your customers
• give you news and information about our service, industry trends and issues, and other information at our discretion.

We may publish case notes relating to a complaint about your financial service. Case notes are anonymised and do not identify the participant (or their staff) by name.

FSCL contact information

Please contact us if you:

• want to talk to us about privacy or your personal information, or
• have a complaint about the way we have treated your personal information.

We will respond to you as soon as possible.

We also welcome any questions and comments you may have about our privacy practices.

You can contact us at:

Email:

Phone: 0800 347 257

Post: Privacy Officer
Financial Services Complaints Limited
PO Box 5967
Wellington 6140

If you are not satisfied with our response, you can contact the Office of the Privacy Commissioner by clicking here.