NFA Logo see through

Home

NFA Logo see through

Privacy Policy

Privacy Policy


Last updated: 23 October 2025

Who we are:
Neufeld Aotearoa Charitable Trust (“we”, “us”, “our”) is a New Zealand registered charity (Charities Services registration CC63223) offering consulting, counselling, and events (seminars, workshops, courses) for parents, educators, and professionals. Our website is neufeldaotearoa.org.

If you have questions, contact us via our contact us page on this website.

1) What this policy covers

This policy explains how we collect, use, disclose, and protect personal information when you use our website, sign up for our newsletter, register for events, make payments, or otherwise engage our services. It applies to everyone who interacts with us, including people in New Zealand and overseas.

This policy reflects the Privacy Act 2020 and its Information Privacy Principles (including notifiable privacy breaches) and describes additional rights for people in the EU/EEA under the GDPR.

2) The information we collect

We only collect information reasonably necessary for our work. This may include:

  • Contact details: name, email address, phone number (e.g., to send our newsletter or communicate about services and events).
  • Service information: details you provide when enquiring about or receiving consulting or counselling (e.g., goals, context you choose to share). Counselling can involve sensitive information; we collect such information only with your consent and use it solely to provide our services.
  • Event information: registrations, attendance, preferences (e.g., accessibility or dietary needs if provided).
  • Payment information: online payments are handled by third-party providers (e.g., Eventbrite/Stripe/bank merchant facilities). We do not store full card numbers on our systems, nor do we receive or store full card details. Providers must comply with applicable security standards (e.g., PCI DSS).
  • Website usage data: cookies/analytics (pages visited, device/browser, approximate location, referrers). See Cookies below.

Where practical, we collect information directly from you. If we need information from someone else, we’ll tell you where possible.

3) How we use your information

We use your information to:

  • Provide and support our services (consulting, counselling, events).
  • Manage event registrations, ticketing, and attendance (including third-party platforms, such as Eventbrite).
  • Send our newsletter and relevant updates when you’ve subscribed/consented (you can unsubscribe at any time).
  • Respond to enquiries and provide customer support.
  • Improve our website and services (analytics, troubleshooting, safety and security).
  • Comply with our legal obligations (e.g., record-keeping, responding to lawful requests, managing reportable privacy breaches).

For people in the EU/EEA, our legal bases may include consent, contract, legitimate interests, and legal obligation.

4) Newsletters and anti-spam

We send newsletters and promotional emails only with consent or where permitted by law. Every message clearly identifies us and includes an unsubscribe link. If you unsubscribe, we stop sending within a reasonable period in line with the Unsolicited Electronic Messages Act 2007 (NZ).

5) Disclosing your information

We may share personal information with:

  • Service providers/“processors” who help us operate (e.g., email newsletter platforms, payment processors, event/ticketing platforms, IT hosting, analytics). They must protect your information and use it only on our instructions.
  • Professional advisers (lawyers, insurers) and government agencies if legally required.
  • Another organisation in the event of a restructuring, merger, or similar change, where permitted by law.

We do not sell personal information.

6) International transfers

Our providers may store or process information outside New Zealand (e.g., Australia, EU, UK, US, Canada). We take reasonable steps to ensure comparable safeguards. For EU/EEA residents, we rely on appropriate transfer mechanisms (e.g., Standard Contractual Clauses) when required by the GDPR.

7) Cookies and analytics

We use cookies and similar technologies to run the site, remember preferences, understand usage, and improve services. You can control cookies through your browser and (if available) our cookie banner/settings. Disabling certain cookies may affect site functionality.

8) Retention

We keep personal information only as long as needed for the purpose collected (and for a reasonable period to meet legal, accounting, or reporting requirements), then we securely delete or anonymise it.

9) Security

We take reasonable steps to protect information from loss, unauthorised access, use, modification, or disclosure (e.g., access controls, encryption in transit, limited staff access, secure disposal). For card payments handled by third parties, PCI DSS standards apply; we do not store full card numbers.

10) Your rights

In New Zealand: You can ask for access to your personal information and request correction if it’s wrong. We’ll respond as soon as reasonably practicable. If we refuse a request (e.g., for legal reasons), we’ll explain why and tell you how to complain to the Office of the Privacy Commissioner.

In the EU/EEA (GDPR): You may have additional rights, including erasure, restriction, data portability, and objection to certain processing. We’ll honour these where they apply and as required by law.

To exercise your rights, contact [insert email]. If you’re not satisfied, you can complain to the Office of the Privacy Commissioner (NZ).

11) Children and young people

Our services support parents, educators, and professionals. We do not knowingly collect children’s personal information online without the consent of a parent or guardian. If you believe a child has provided personal information without appropriate consent, please contact us so we can delete it.

12) Data breaches

If a privacy breach occurs that has caused or is likely to cause serious harm, we will notify the NZ Privacy Commissioner and affected individuals as soon as reasonably practicable, and take steps to reduce risk and prevent recurrence, as required by the Privacy Act 2020.

13) Third-party links and platforms

Our website may link to third-party sites (e.g., Eventbrite pages for ticketing). Those sites have their own privacy policies and security practices. Please review them before providing personal or payment information.

14) Changes to this policy

We may update this policy from time to time to reflect changes to our practices or the law. The “Last updated” date shows the latest version. If changes are significant, we’ll take reasonable steps to notify you.