Updated: 24 February 2021
This plain English section is here to provide a simple explanation of the most important questions that you might have about Akahu. However this plain English section is not legally binding. The remaining sections of this Privacy Notice below are the legal terms that apply.
Welcome to Akahu. We take the privacy and protection of your data seriously. We want you to clearly understand how we collect, use, store, disclose, and otherwise process information about you. That's what this privacy notice is for, so please read it carefully and feel free to contact us if you have any questions - our contact details are at the end of this notice.
In this notice, 'Akahu', 'we', 'us' and 'our' is Akahu Technologies Limited and 'you' and 'your' is you - the person using an app that integrates with our services, or using our services directly.
You should also read our End User Terms, as they are an agreement between you and us, and include important information about your use of our services.
We may update this notice from time to time, and the updated notice will apply from the time it is posted to our website. You may view an up-to-date copy of this notice at any time at akahu.io/privacy-notice. If you do not agree to any changes, you must stop using our services.
You may choose not to provide us with information about you, but if you don't, we may not be able to provide any of our services to you, and functionality within third party applications that rely on our services may not be available to you.
To understand what information we collect and how we use it, you first need to understand how our services work. This is set out in detail in our End User Terms, but we’ve included a summary below.
Akahu is a consumer data sharing platform. We make it simple to access the data that organisations hold about you, and to share that data with trusted third parties of your choice. Our services allow you to connect your data sources (such as a bank account) to Akahu in order to exchange specific data with third party apps (such as a new bank that you want to join) ('Third Party App').
For Third Party Apps: Akahu includes software and tools that app developers use to enable functionality within their Third Party Apps, including to:
For you: Akahu provides an interface for you to connect accounts and consent to sharing specified data with Third Party Apps:
Importantly, providers of Third Party Apps that process your data will do so in accordance with their own terms and privacy policies - you should read those terms and policies carefully as we do not control how those providers engage with you or use your data.
The purpose of Akahu is to empower consumers to manage and leverage their data. In your Akahu dashboard, you can view any enduring consent that you have granted to Akahu and any Third Party Apps. You can also see a log of data requests from each of these Third Party Apps.
In the Akahu dashboard, you can control your preferences, including:
You can access the Akahu dashboard at my.akahu.io. If you haven't already created an Akahu account, you'll need to do that first - follow the instructions on the website.
We may collect the following types of information.
Information you provide such as your identification details (such as your name, email address, phone number, and username), biometrics (including photos you provide as part of identity verification), details of accounts you connect to Akahu (such as login information and credentials for those accounts, which may include tokens, passwords, and security questions and answers), and any written communications with us (such as queries or instructions).
Information we collect from accounts you connect to Akahu, such as:
Information we receive from other sources - we also receive information about you directly from Third Party Apps and other third parties, including our service providers and identity verification services.
When you agree to our End User Terms and connect an account to Akahu, you give us the authority to act on your behalf to exchange your data to and from the provider of the accounts you have connected to Akahu.
Let’s address an important point right at the start - Akahu is designed to carry out your instructions in relation to your data. We don’t sell your data or share it with third parties, other than specifically described below.
We use your information for a number of purposes, including to operate, improve, and protect Akahu, and to develop new services. More specifically, we may use your information:
We may share your information:
Sometimes the people we disclose your information to will be located outside New Zealand and may not be subject to laws that provide a comparable level of protection to New Zealand's Privacy Act 2020 (Privacy Act). By using Akahu or a Third Party App, you are authorising us to transfer your personal information overseas. We will use reasonable endeavours to ensure people we disclose your information to overseas protect it in a way comparable to the protections under the Privacy Act, such as including provisions in our contracts with them or by checking to ensure they are subject to laws with equivalent protections.
Many organisations verify the identity of their customers before they provide services to them.
To streamline identity verification processes, Akahu enables Third Party Apps to access your data (with your consent) from your connected data sources (such as your bank account) and other sources (such as credit bureaus or government agencies), to help you to verify your identity electronically. For example, a Third Party App may request your name, date of birth, address, and your driver licence details, which Akahu may help to verify from data sources that you connect to Akahu.
Your information will be stored in data centres that are owned either by us or our related companies or our external service providers. We currently use Australian-based data centres. We use a range of physical and electronic data security measures to protect information from loss and unauthorised use, access, modification, or disclosure.
We will delete your information when we no longer need it for the purposes for which it was collected.
We will not delete information we are required by law or regulatory obligations to retain.
Our contracts with developers of Third Party Apps require them to delete your information if you instruct us to do so via the Akahu dashboard, however we cannot verify or guarantee that the Third Party App provider will do so.
You can request access to and correction of personal information we hold about you by contacting us - our details are at the end of this notice.
Under the Privacy Act, in some circumstances we do not have to give you access to or correct your personal information. If that is the case, we will explain why and provide information about how you can complain should you wish to do so.
We hope that you won't have any issues with how we process your data, but if you do, you can get hold of us using the contact details at the end of this notice. We'll do our best to work with you to resolve the complaint.
You can also complain to the Privacy Commissioner if you're not happy with how we're handling things - see privacy.org.nz for more details.
We're always keen to hear from you. You can get hold of us at firstname.lastname@example.org.