Security & privacy
Moose Mortgages & Insurance (“we”, “us”, “our”) is committed to protecting your privacy and complying with the New Zealand Privacy Act 2020. This policy outlines how we collect, use, disclose, and protect your personal information. Last updated: 06 May 2026.
1. Collection of Personal Information
We collect personal information necessary for providing our financial services. This may include:
Contact Information: Your full name, address, email address, and phone number.
Identity and Financial Information: Date of birth, proof of identity, financial details, employment information, and other data required to assess your application for mortgage and insurance products.
Marketing Responses: Information you provide when responding to our marketing campaigns.
We collect this information directly from you (e.g., via forms, emails, or meetings). There may also be times when we collect personal information about you from third parties or other sources, such as credit reporting agencies, banks, product providers, your other advisers, publicly available records, or information required for compliance with anti-money laundering and other regulatory requirements.
When we collect information about you indirectly from these sources, the Privacy Act 2020 (including Information Privacy Principle 3A) requires us to take reasonable steps to ensure you are aware of the collection. We will notify you of the fact that the information was collected, its purpose, and the intended recipients as soon as reasonably practicable. You may not receive a separate notification if you have already been made aware of these details—for example, through our terms of engagement, adviser and client declaration, application forms, or other prior disclosures.
2. How We Use Your Information (Purpose)
We will use your personal information only for the purposes for which it was collected. These purposes include:
To assess your eligibility and provide you with quotes, advice, and processing for mortgage and insurance products.
To administer and manage our ongoing relationship with you, including policy and loan servicing.
To communicate with you, including for the purpose of reviewing your existing mortgages and insurances.
To comply with our legal and regulatory obligations.
For internal business purposes such as analytics and improving our services.
- We may use secure AI tools (such as Gemini for Google Workspace) to assist with administrative tasks, such as summarising meeting notes, drafting correspondence, and organising data to improve our service delivery to you.
3. Disclosure of Your Information
We will not disclose your personal information to any third party except in the following circumstances:
With Your Consent: Where you have requested a referral or service, we may share your information with relevant professionals (e.g., lawyers, accountants, property valuers, referral partners).
For Service Provision: To insurance underwriters, claims investigators, reinsurers, banks, and credit reporting agencies to facilitate the products and services you have requested.
As Required by Law: Where we are obliged or permitted to disclose information by law (e.g., under Court Orders or statutory notices, FMA, and any third party auditors).
Business Transfer: In connection with a prospective sale or transfer of our business, under strict confidentiality agreements.
We will only disclose the minimum amount of information necessary for the specific purpose.
4. Storage and Security
We take the security of your information seriously. Your information is stored securely on Google Workspace, which utilises robust cloud security measures. Our specific safeguards include:
Encryption of data in transit and at rest.
- Use of Gemini for Google Workspace, ensuring your data is kept private and is not used to train AI models.
Multi-factor authentication on all accounts with access to personal information.
Anti-virus and firewall protection on our devices.
Use of a Virtual Private Network (VPN) for secure remote access.
- We utilise an open-source password manager for all business credentials; no login information or passwords are stored in writing within our infrastructure.
- We abide by a clear desk and screen policy by making sure work spaces never have unattended sensitive items including unlocked computers, phones, USB drives or keys.
While we take these steps, please be aware that no online transmission method is 100% secure.
5. Cookies and Website Tracking
Our website uses cookies and similar technologies to improve your experience. Cookies help us understand how our site is used and allow us to remember your preferences.
We use third-party analytics services (like Google Analytics) which use cookies to collect anonymous, aggregated data about website traffic. This data does not identify you personally.
You can modify your browser settings to decline cookies, but this may affect your experience on our site.
6. Your Rights Under the NZ Privacy Act 2020
You have the right to:
Access: Ask for a copy of the personal information we hold about you.
Correction: Request correction of any inaccurate or incomplete information.
Restriction: Object to or limit how we use your information in certain circumstances.
To exercise any of these rights, or to unsubscribe from our marketing communications, please contact us at info@moosemortgages.co.nz. We will respond to your request in accordance with our obligations under the Act.
7. Data Retention
We will only retain your personal information for as long as necessary to fulfil the purposes for which it was collected, and to comply with our legal obligations (e.g., under the Financial Markets Conduct Act 2013)
8. Data Breach Protocol We maintain an internal incident response plan to manage any security issues in accordance with our legal obligations. In the event of a suspected or actual privacy breach, we will follow these protocols:
- Serious Harm: If we believe a breach has caused (or is likely to cause) serious harm to any individual, we will notify the Office of the Privacy Commissioner and the affected individuals as soon as practicable.
- Material Incident: If a security event materially impacts our critical technology systems or our ability to provide financial advice services, we will notify the Financial Markets Authority (FMA) in accordance with our licensing conditions.
9. Changes to This Policy
We may update this Privacy Policy from time to time. The updated version will be posted on our website with a new “Last Updated” date. If the changes are significant, we will provide a more prominent notice on our website.
10. Questions and Complaints
If you have any questions about this policy or how we handle your personal information, please contact us at info@moosemortgages.co.nz.
If you are not satisfied with our response, you have the right to make a complaint to the New Zealand Privacy Commissioner: www.privacy.org.nz.