我们仅会严格按照本隐私政策的条款共享您的个人信息。
传输您的个人信息:作为一个全球化的集团,我们收集的个人信息可能会在我们的全球组织机构内进行跨境传输。当我们传输或共享您的个人信息时,我们将取得您的明确同意,对于从中国大陆(为避免疑义,中国大陆不包括香港特别行政区、澳门特别行政区和台湾)向境外传输,还会取得您的单独同意,或对您的个人信息进行匿名化处理。您的个人信息可能会在银蕨农场内部以及各集团实体之间共享。我们出于管理目的共享您的信息,以便我们全面了解您与银蕨农场之间的联系和合同。我们还可能共享您的信息以便为您提供完整的服务和产品组合。
向境外传输个人信息
一般地,除以下情形以外,我们不会向位于新西兰以外或欧洲经济区以外的国家的任何接收方传输您的个人信息:
- 向被认为具备足够相似的隐私或数据保护法律法规的司法管辖区传输,并且在该国家或地区,通过与下列法律类似的方式认可您的个人隐私权:(i)就向新西兰境外传输而言,新西兰2020年《隐私法》,以及(ii)就向欧洲经济区境外传输而言,《通用数据保护条例》;
- 如果您的个人信息被传输给无法提供与新西兰或欧盟同等水平的个人信息保护的国家的接收方,我们将采取措施确保您的个人信息按照当地适用的、并经我们依照自行决定进行必要修订的数据保护要求,获得充分保护。例如:
- 对于向欧洲经济区境外传输个人信息,我们将根据《通用数据保护条例》第46(2)(c)条的要求,确保我们的接收方接受经欧盟委员会批准的标准合同条款的约束;
- 对于向新西兰境外传输个人信息,我们将根据2020年新西兰《隐私法》的要求,确保我们的接收方接受经隐私专员批准的格式合同条款的约束。
对于我们的中国实体收集的个人信息,我们不会将您的个人信息传输给中国大陆以外国家和地区的任何接收方,除非该等传输已符合《中华人民共和国个人信息保护法》的要求。
第三方访问您的个人信息:以下类型的第三方可能会在必要时访问您的个人信息:
- 参与您从我们订购的产品和服务交付的合作伙伴、供应商、分销商、销售商或代理商;
- 我们的客户;
- 接受委托为我们或代表我们履行服务的公司;
- 执法机构、监管机构或其他主管部门根据法律要求请求提供;
- 债务催收机构、征信机构、反欺诈或业务评级机构或其他信用评级机构;
- 为与第三方进行联合推广,向该等第三方提供,该等第三方应自行负责遵守对其适用的隐私法律;
- 我们为营销而采用的第三方,比如经批准的媒体代理,以及我们为了向您提供在线广告而进行广告投放的第三方,比如Facebook;
- 第三方:在收购或转让我们的任何部分业务的过程中,或就业务重组,向该等第三方提供;或
- 其他代表:当您告知我们您计划参加某次活动时,您的姓名将出现在该活动的参加者名单中。
数据处理者对您的个人信息的使用:当我们允许第三方访问您的个人信息时,我们将采取一切合理措施确保仅在必要的范围内处理您的个人信息。第三方仅会根据适用法律以数据处理者的身份处理您的个人信息。
向他人披露:
在少数情况下,我们可能会向新西兰的监管机构、税务机关和/或调查机关提供您的个人信息。只有在法律、法规要求我们提供,或者您同意我们披露该等信息的情况下,我们才会披露您的个人信息。
We will only share your personal data strictly in accordance with the terms of this Privacy Policy.
Transferring your personal data: As a global organisation, personal data we collect may be transferred internationally throughout our worldwide organisation. Where we transfer or share your personal data, we will seek your express consent and (in the case of transfer out of Mainland China (for the avoidance of doubt Mainland China does not include Hong Kong SAP, Macau SAP and Taiwan) separate consent)to do so, or anonymise your personal data. Your personal data may be exchanged within Silver Fern Farms and amongst its group entities. We exchange your data for administrative purposes and so that we can have a complete overview of your contacts and contracts with the Silver Fern Farms. We may also exchange your data to offer you a complete package of services and products.
Cross border transfers of personal data:
As a general policy. we will not transfer your personal data to any recipient in a country outside of New Zealand or the European Economic Area (“EEA”) except in the following circumstances:
- to a jurisdiction that is deemed to have sufficiently comparable privacy or data protection laws and regulations in their respective country that recognise your individual privacy rights in a similar way that the following laws do, (i) in the case of transfer out of NZ, New Zealand Privacy Act 2020 and (ii) in the case of transfer out of the EEA, the GDPR;
- If your personal data is transferred to a recipient in a country that does not provide the level of protection for personal data as New Zealand or the European Union do, we will take measures to ensure that your personal data is adequately protected in line with locally applicable data protection requirements, subject to amendments we may deem necessary at our sole discretion. For example, for transfer of personal data:
- out of the EEA we will bind our recipient to the Standard Contractual Clauses approved by the European Commission in accordance with Article 46(2)(c) of the General Data Protection Regulation; and
- out of New Zealand, we will bind our recipient to the model contractual clauses approved by the Privacy Commissioner in accordance with the New Zealand Privacy Act 2020.
For personal data collected by our Chinese entities, we will not transfer your personal data to any recipient in a country outside of Mainland China unless such data export is in compliance with the requirements of the PRC’s Personal Information Protection Law.
Access to your personal data by external parties: The following types of external parties may have access to your personal data, where necessary:
- Partners, suppliers, distributors, vendors or agents involved in delivering the products and services you have ordered from us; or
- Our customers; or
- Companies who are engaged to perform services for us or on our behalf; or
- Law enforcement bodies, regulators: or other competent authorities where requests are made in accordance with legal requirements; or
- Debt-recovery organisations, credit reference, fraud-prevention or business-scoring agencies, or other credit scoring agencies; or
- Third parties for joint promotions with that third party who will be responsible for their own compliance with applicable privacy laws; or
- Third parties that we use for marketing, for example, approved media agencies, and third parties that we advertise with, such as Facebook, to serve you advertisements online; or
- Third parties: in the context of the acquisition or transfer of any part of our business or in connection with the business reorganisation; or
- Other delegates: where your name will appear on the attendee list for events where you have told us you plan to attend.
The use of your personal data by data processors: When we give third parties access to your personal data, we will take all reasonable measures to ensure that your personal data is only processed to the extent necessary. The external parties will only process your personal data as a data processor in accordance with applicable law.