Last Updated: 2 June 2022
1. ThroughLine Limited (we, us, our), is a company based in New Zealand. Our primary goal is to support people experiencing an emotional crisis throughout the world.
2. In the provision of our Services, we endeavour to comply with the New Zealand Privacy Act 1993 (Act) and the European Union's General Data Protection Regulation (GDPR) when dealing with personally identifiable information.
3. This policy sets out how we will collect, use, disclose and protect your information for each of our Services. It also sets out how you can get access to or request a correction of the personally identifiable information we hold about you.
4. This policy does not limit or exclude any of your rights under the Act or the GDPR. If you wish to seek further information on the Act, see https://www.privacy.org.nz/the-privacy-act-and-codes/the-privacy-act/ and for more information on the GDPR, please see https://ec.europa.eu/info/law/law-topic/data-protection/eu-data-protection-rules_en.
1. We may change this policy by uploading a revised policy onto our Websites. The change will apply from the date that we upload the revised policy.
2. This policy was last updated on 2 June 2022.
1. In this policy:
Personally Identifiable Information means information that could be used on its own to directly identify, contact, or precisely locate an individual. This includes:
We interpret Personally Identifiable Information to exclude, for example:
Services means https://www.throughlinecare.com, https://www.findahelpline.com, partner-branded websites at https://[companyname].findahelpline.com, and the Find A Helpline embeddable widget that provides Find A Helpline on third party websites
We, us or our means ThroughLine Limited
You or your refers to you, the individual using our Services
1. We may collect Personally Identifiable Information about you in the following ways:
2. In the provision of our Services to users located in the European Union our basis for collecting and processing the personally identifiable information provided to us is consent under the GDPR. If you are under the relevant legal age at which you can provide consent to the collection of your personal data, then this consent must have been provided by your parent or guardian. Upon giving this consent, you have consented to the collection and use of the personally identifiable information you provide in the ways described in clause 5 of this policy.
3. You are entitled to withdraw this consent at any time. To do so, please contact us by email to firstname.lastname@example.org
In the provision of our Services the Personally Identifiable Information you provide will be used:
1. to provide our Services to you;
2. engage in and respond to communications with you;
3. to protect and / or enforce our legal rights and interests, including defending any claim; and
3. for any other purpose authorised by you or the Act.
In the provision of our Services we collect aggregated data, which does not include personally identifiable information, for analytical purposes. This aggregated will be used:
1. to provide our Services to you;
2. to share this aggregated and anonymized information with the service providers who are linked on our Services; partners who use the embeddable widget or partner-branded website; or with the underlying IT support providers whose system are used in the operation of our Services;
3. to conduct research and statistical analysis on an anonymised basis;
4. to share aggregated and anonymized versions of this information, for example, in website and customer usage trend reports, and in conjunction with our development processes;
5. to understand generally who the users of our Services are, how they use our Services, and how we may improve their experience of our Services in the future; and
6. to protect and / or enforce our legal rights and interests, including defending any claim.
We keep the information provided through our Services until it is no longer necessary for the purposes it was obtained for.
We will only disclose Personally Identifiable Information collected through our Services to third parties in the following circumstances:
1. to a person who can require us to supply your personally identifiable information (e.g. a regulatory authority);
2. to any other person authorised by the Act or another law (e.g. a law enforcement agency); and / or
3. to any other person authorised by you.
We will only disclose the aggregated information collected through our Services to third parties in the following circumstances:
1. to any business that supports our services and products, including those service providers linked on the site or to any person that hosts or maintains any underlying IT system or data centre that we use to provide the Services;
2. to a person who can require us to supply your personally identifiable information (e.g. a regulatory authority);
3. to any other person authorised by the Act or another law (e.g. a law enforcement agency); and / or
4. to any other person authorised by you.
Please note that a business that supports our services and products may be located outside New Zealand. This may mean that the aggregated information collected is held and processed outside New Zealand.
1. We will take reasonable steps to keep your personally identifiable information obtained through any of our Services safe from loss, unauthorised activity, or other misuse.
2. While we take reasonable steps to maintain secure internet connections, if you provide us with personally identifiable information over the internet, the provision of that information is at your own risk.
3. We may share a link to a third-parties' websites, services or other platform on our Websites, or through any other communication by us to you. In addition, our Services use Google Analytics, HotJar and the reCaptcha software system. These third-party websites, services, platforms and software, may have their own privacy policies relating to the use of your personally identifiable information. We suggest you review the privacy policies of these third parties before you provide personally identifiable information.
1. EU Users
If you are a user of our Services located in the European Union, then you have a right under the GDPR to access your personally identifiable information, ask for a correction of, or to erase that information.
2. New Zealand Users
If you are a user of our Services located in New Zealand, then subject to certain grounds for refusal set out in the Act, you have the right to access your readily retrievable personally identifiable information that we hold and to request a correction to your personally identifiable information. Before you exercise this right, we will need evidence to confirm that you are the individual to whom the personally identifiable information relates. In respect of a request for correction, if we think the correction is reasonable and we are reasonably able to change the personally identifiable information, we will make the correction as soon as reasonably possible. If we do not make the correction, we will take reasonable steps to note on the personally identifiable information that you requested the correction.
3. If you wish to exercise any of the above rights to which you are entitled, email us at email@example.com. Your email should provide evidence of who you are and set out the details of your request (e.g. the personally identifiable information, or the correction, that you are requesting).
4. We may charge you our reasonable costs of providing to you copies of your personally identifiable information or correcting that information.