Privacy Policy

What’s this Policy all about?

Hi there, this is our new Privacy Policy. We’ve designed this Policy to tell you how we collect, use, disclose, store, protect and share your personal information, as well as how you can request access and correct your personal information. We hope you find it fair and easy to follow.

What’s the purpose of this Policy?

To deliver outstanding products and services, we ask you to provide us with personal information from time to time, including when you join us and buy our products and services. We believe it’s not only important but fair that you know how we handle your information.

We collect, use, disclose and otherwise handle all personal information in accordance with New Zealand law which includes the Privacy Act 2020 and the Telecommunications Information Privacy Code 2020.

Who’s who in this Policy you might ask?

In this Policy:

  • we”, “our”, “us” and “2degrees” means Two Degrees Mobile Limited and/or Two Degrees New Zealand Limited and includes any of our whanau/related companies.
  • you” means you, including:
    • our customer (mobile/broadband/fixed/consumer/business);
    • a prospective customer, who may just be about to join us on an awesome deal;
    • an individual who has provided us with personal information e.g. when you enter a 2degrees competition or complete a 2degrees survey or provide an authority on someone else’s 2degrees account;
    • an employee or contractor whose employer or client is our customer;
    • a visitor to our stores;
    • a person who calls or texts a 2degrees customer; and/or
    • a user of our products, services and/or website e.g. when you use mum and dad’s awesome 2degrees broadband service at home to watch dog videos.

When does this Policy apply?

This Policy applies whenever you:

  • contact us or we contact you;
  • sign up for and/or use our products/services (including our mobile and landline services, broadband, websites and apps); and
  • otherwise provide us with your personal information.

This Policy forms part of the applicable product and/or service terms and conditions that you agree to when you sign up for such product and/or service. This Policy doesn’t apply when you use products/services provided by third party suppliers including Amazon Prime, Neon and Google Play. Any information you provide to such third parties will be handled in accordance with their own privacy policies and practices. 

What’s personal information? 

Personal information is any information that can be used to identify you. For example:

  • your contact details (such as your name, phone number, physical address, email address);
  • your date of birth;
  • your debit/credit card and bank account details;
  • your passport and driver licence details;
  • alternative contact details;
  • employment details;
  • medical conditions where appropriate, e.g. if you’re seeking vulnerable end user status;
  • information that you provide us when you call, email, webchat with us, visit a 2degrees store or otherwise communicate with us;
  • your billing information including purchase and payment history;
  • the way you use your phone and other services/products, such as call and/or text message information;
  • technical and service information about your device and how your device interacts with our networks, products and services, including the amount of data and minutes used and what you’ve used the service for e.g. whether you’ve streamed music or browsed the web; and/or
  • CCTV footage.

When do we collect your personal information?

We collect information about you when you (without limitation):

  • visit our website;
  • complete our application forms;
  • enter our promotions or competitions;
  • respond to surveys;
  • sign up for My 2degrees;
  • when you contact customer care or when we contact you;
  • when you visit our stores; and
  • when you buy, share and use our products and services (such as call and text message information (including date, time, some content, duration, and the number contacted)), and information on your browsing activity that occurs when you are using our internet services. For example, websites you have visited, your Internet Protocol (IP) address, when an internet browsing session is started and ended using your account, and any content you may access using any online content service we provide. We may also look at where your mobile device is located from time to time, and how much you’re spending.

We will generally only collect your personal information directly from you and your device. We may however on occasion:

  • collect and purchase information about you from third parties (such as loyalty programme partners, credit reference agencies, marketing agencies, and/or information aggregators) where we reasonably believe you’ve authorised us to do so or if you’ve authorised the relevant third party to share your information with us; and
  • collect or purchase publicly available information and combine it with other information that we hold about you to help us better understand your needs and those of potential customers. For example, we may:
    • obtain aggregated, anonymised information such as census data; and
    • collect information from public websites (such as information about individual house sales).

We may also collect your personal information if we’re investigating alleged fraud. This includes information from the person alleging they’ve been defrauded, verification of your applicable identification from the relevant authority and confirmation of the courier delivery status and address from courier companies for deliveries of our products.

What happens if I do not provide you with my personal information?

If you choose not to provide information we request, certain services and/or product features may not work properly and/or we may not be able to provide you with our products and services.

How do we use your personal information?

We hold and use the information we collect for a number of purposes, including:

  • Processing application forms and any online transactions you make;
  • Carrying out credit checking and credit scoring/reporting (if you have purchased products other than Prepay products);
  • Billing you;
  • Providing and assisting you with product(s) or service(s) you request;
  • Monitoring compliance with the terms and conditions of 2degrees service(s) and product(s) you purchase and use, including our Fair Use Policy;
  • Offering you rewards, special offers, competitions and other promotions;
  • Providing you with information on 2degrees product(s) and service(s) and/or products and services of carefully selected third parties we think you might like\. When we get in touch via text, you agree that these marketing messages from us and our third party friends don't need to include an option to unsubscribe in the message;
  • Responding and following up on any queries, complaints or requests you might have made, and other customer care issues;
  • Conducting surveys;
  • Complying with legal, governmental or regulatory agencies’ requests in connection with the regulation of telecommunications services, and in connection with any legal proceedings, crime or fraud prevention or detection, or prosecution;
  • Training our staff, monitoring our network(s) and service(s), and maintaining our system(s);
  • Monitoring, detecting and preventing fraudulent or illegal use of our services and networks;
  • Develop and improving our products and services; and
  • Providing handset location information to emergency services including Fire, Police and Ambulance when you dial 111” so that they can readily locate you and the emergency quickly.

You agree that we and our agents may send you marketing messages, electronic or otherwise, about (amongst other things) our rewards, special offers, competitions and other promotions, and those of our agents or third parties which we consider may be of interest to you. You may unsubscribe from receiving marketing messages from us and our agents at any time through My 2degrees, getting in touch via our ‘Contact Us’ webpage, or using the unsubscribe facility located in the relevant marketing email. Once we receive your request, we will take you off our marketing list.

Who do we disclose your personal information to?

We may disclose your information to trusted third parties (some of whom may be located outside of New Zealand) for the purpose(s) (or directly related purpose(s)) outlined above under the section “how do we use your personal information”. These third parties may include:

  • Dealers and suppliers whose products and services support our service(s), product(s), or our network(s), including the providers of infrastructure where your information is processed, and providers involved with monitoring and protecting the operation and security of our network(s);
  • Agents, contractors and advisers;
  • Our group companies who will only use and disclose your information for the same purposes as we would;
  • Other network operators and telecommunication companies as required to provide and/or support the product(s) and service(s) we provide to you eg when you use your phone when overseas;
  • Credit reference/credit reporting agencies (if you have purchased products other than Prepay products) who may share your information with other organisations and who may keep a record of the searches we make against your name;
  • Debt collection agencies or companies, in order to collect any money owing by you in respect of an unpaid bills;
  • If someone else pays for your service(s) or product(s) or the services are on a single bill, such as your employer or Account Holder with Group Plans, that person/party;
  • Our advertisers, customers, potential customers and associates with whom we may share anonymised, aggregated information such as user statistics and other information that does not personally identify you;
  • Persons we are legally obliged to provide your information to, including law enforcement agencies (such as the police, or the Serious Fraud Office), emergency services, government departments and regulatory authorities, as well as any person or organisation authorised to obtain your information in accordance with the Privacy Act 2020 and/or the Telecommunication Information Privacy Code 2020;
  • Other service providers who use our network(s), service(s) or product(s) to provide services to you;
  • Any of our potential or actual assignees or transferees, such as a potential purchaser of our business;
  • Suppliers who assist us in protecting the operation of our networks and systems, including the use of monitoring and detection in order to identify potential threats, such as hacking and virus spreading and other security concerns;
  • Other people who you specifically request we share your account information with. For example, if you authorise another person on your account that authorised person will have access to your personal information; and
  • Emergency services including Fire, Police and Ambulance services.

Does our Customer Care Team record calls?

Yes, calls made to, or from, our Customer Care Team are recorded and monitored. This is to help us to maintain and improve the service(s) and product(s) we provide to you.

Will my mobile number be displayed to the person I am calling?

Unless you request our caller line identification restriction service (CLIR), your mobile phone number may be displayed to the person you have called. Where you have requested CLIR, we will prevent your mobile phone number being shown to the recipient of your calls. Your mobile phone number may however still be displayed to us, the emergency services, or when you send a text message. You may also be able to block your mobile phone number being shown to the recipient of your calls in your phone settings.

Do you use web analytics services?

Like many websites, we use web analytics services, like Google Analytics or Big Query. We use these services to help improve the overall user/customer experience on our website, These services may use “cookies” (no not the Chocolate Chippy ones), which are text files placed on your computer, or other interactive techniques such as web beacons to collect information about how you interact with our website, and web-related products and services. This information helps tell us what users like and don’t like about our website. The information generated by the cookie about your use of our website will be transmitted to and stored on servers belonging to the companies providing the analytic services.

These companies will use this information to evaluate your use of our website, and to compile reports for 2degrees on the site’s activity (for example, number of visitors to our site, how long they spend on the site when they visit and their geographical location). They may also transfer this information to their agents or where required to do so by law. If you prefer not to allow the use of cookies you can block cookies by selecting the appropriate settings on your web browser. By using our website, you consent to the processing of data about you as set out above.

What if I am using a third party login provider?

You may be able to sign into your 2degrees account using third party login providers such as Facebook, Apple or Google. When you do this, we collect authentication information from the third party login providers such as your email address, profile photo and a login token. We don’t store any passwords from third party login providers and will only use the information in accordance with this Privacy Policy.

Where do you store my personal information?

We store personal information on our own servers here in New Zealand. We may also store personal information in the cloud (online) using our third-party cloud service provider(s). This may result in your personal information being stored outside New Zealand, such as Australia. The security of your information is paramount so we carefully select data centre and cloud service providers who we trust will take care of your information.

How do you keep my personal information secure?

The security of your information is very important to us. We apply strict security measures and follow industry standards to keep your personal information secure and safeguarded against unauthorised access, use and disclosure.

You can also help keep your personal information secure by:

  • Keeping all unique account information such as your account number, usage information relating to your account, PIN and password very secure. Don’t share this information with anyone.
  • Always selecting strong, difficult to guess passwords or PINs. Make sure you’ve never used them on any other services or platforms now or in the past and don’t use your birthday, birth year or any other similar number sequence.
  • Not reusing your password or PIN for any other services or platforms.

If you make a request (or instruct us) on a call, in person or online, you are authorising us to do what has been requested, if that request is accompanied by suitable verification (like your 2degrees account number and PIN or password).

What we do if there’s a data breach?

We follow industry best practice and work very hard and to ensure the information we hold is secure. If we become aware of a data breach, we will respond in accordance with our obligations under the Privacy Act 2020. Depending on the nature of the privacy breach, we may get in touch with you, report to the Privacy Commissioner and/or report the breach publicly.

How long we keep your personal information

Generally, we only keep your personal information for as long as it’s needed. That means once we’ve carried out the purpose for which we first collected it; we delete it or de-identify it so that it can no longer identify you. More specifically:

  • We keep billing records for seven years.
  • We keep text messages securely for approximately six months. That lets us verify and address any delivery issues.
  • We generally keep recordings of telephone and live chat type conversations between our contact centres and customers for up to two years. We may keep them longer to investigate a complaint, for customer service coaching or if legislation or industry codes require us to.
  • If you’re a 2degrees customer, we may continue to hold, use and share your information after our agreement with you ends, and you stop being a 2degrees customer. We do this so that that we can discuss matters relating to your former account, and so it’s easy to re-connect your account, if you wish to join us again in the future.

How can I request access to, and correction of, my personal information?

You can access personal information that we hold about you by contacting us. Our preference is that you contact us in writing at privacyrequests@2degrees.nz. If the information held by us is inaccurate, incomplete or not up to date, you may ask us to correct the information. Before processing your request, we‘ll contact you to verify your identity, confirm your request and advise of any charges that may apply. Occasionally, we may withhold information on one of the grounds set out in the Privacy Act 2020 or the Telecommunications Information Privacy Code 2020. If we do not make the correction you are seeking to your personal information, you have the right to provide us with a statement of the correction you are seeking to your information, and request that we attach that statement to your information.

Changes to this Policy

We may need to amend the terms of this Policy if our practices change. If we do so, we will post the updated version on our website (at www.2degrees.nz/termsofuse/privacy-policy). We will provide you with two weeks’ notice of any changes on our website. If the changes are significant, we may also advise you directly. We encourage you to check this site regularly.

Contact Us

If you have any questions regarding this Policy, you can contact us at privacyrequests@2degrees.nz. We will respond to you as soon as reasonably practicable.