[ Policy ]

Privacy

We Can Privacy Policy 2026

We Can Precision Engineering Limited is concerned about protecting your privacy.  This Privacy Policy explains how We Can Precision Engineering Ltd (We Can) collects, stores and uses and discloses personal information when providing its services, operating our website, managing communications and our business.

This Policy aligns with the New Zealand Privacy Act 2020 and its Information Privacy Principles. It applies to all personal information we handle, whether collected directly from individuals or indirectly from customers, suppliers and third parties identified as below, as part of our services.

You have the right to access, edit and request deletion of any personal information concerning you, pursuant to the New Zealand Privacy Act 2020 and all amendments.

Situations where this Policy applies:

• You access or use our website(s), request our services, or request quotes.

• You, or your employer interacts with us about our services or products.

• You are an employee of We Can.

• We indirectly collect your personal information.

By engaging with our services or otherwise interacting with us, you acknowledge this Policy.

If you provide us personal information about other individuals (e.g. an employee, supplier or customer), you confirm you are authorised to do so, and you have informed those individuals where required to by the Privacy Act 2020 (and amendments).

What personal information we may collect

We only collect information that is lawful and reasonably necessary for our functions and activities. We limit access to those who need it and ensure it is collected, used and disclosed only to the extent necessary for the relevant purpose. Examples include, but are not limited to;

• Customer and Supplier identity and contact information (e.g. name, phone number, email, address).
• Recruitment information (e.g. CV, application data, referee details, vetting results).
• Employment information
• Log and analytics data from our website (e.g. IP address, browser type, pages visited

How we collect personal information:

• Directly from you (e.g. website enquiries, quote requests, application forms, employment forms and email/phone).
• From customers, suppliers and authorised third parties (e.g. health professionals, nominated referees, credit checks, recruitment and visa agencies).
• From publicly available sources (e.g. LinkedIn, Facebook) where appropriate.
• Automatically via cookies and analytics when you use our website.

Notification that we have or are collecting personal information either directly or indirectly will depend on the situation. You can disable cookies in your browser settings; doing so may affect some features of our website.

Purposes for which we use personal information:

We only use personal information for the reason it was collected, or for something closely related to that reason. We will not use it for something different unless we have your consent or are required or permitted to do so by law. Examples include;

• Delivering products and services and otherwise fulfilling our professional business duties.
• Managing customer relationships and engagements.
• Recruitment and employment processes (e.g. background or reference checks).
• Providing newsletters, or critical information to customers and suppliers that will affect their business interaction with us. (e.g road closures, staff and business changes)
• Improving our services and website through aggregated analytics (non-identifiable).

Disclosure of personal information:

We will only disclose personal information where permitted by the Privacy Act 2020 (and amendments). This means we will only disclose personal information if:

• The disclosure is for the purpose for which the information was collected, or a directly related purpose.
• The individual has authorised the disclosure (e.g. to carry out recruitment checks, obtain a medical report, H&S investigations, allow medical insurance access or site security access).
• The information is publicly available, and disclosure would not be unfair or unreasonable.
• Disclosure is required or permitted by law (for example, to prevent or lessen a serious threat to health or safety, or to assist law enforcement),
• The information is provided in a form that does not identify the individual (for example, anonymised data for reporting or benchmarking).

We will not disclose personal information to third parties for unrelated purposes without consent, unless required or permitted by law.

Security safeguards:

We operate a range of security safeguards including role-based server access controls, multi-factor authentication and encryption for systems handling sensitive data, including secure storage of customer IP, supplier and employee documents.

Retention and destruction:

We retain personal information for as long as it is required for the purposes for which it was collected or to meet legal and business requirements. We then take reasonable steps to securely destroy or de-identify it.

Access and correction:

All individuals have the right to request access to and correction of their personal information held by We Can. We will respond promptly and may refuse access in limited circumstances permitted by law (e.g. where disclosure would endanger safety or breach another person’s privacy).

If you are not satisfied with our response to an access, correction or privacy complaint, you have the right to complain to the Office of the Privacy Commissioner. Further information is available at www.privacy.org.nz.

Roles and responsibilities:

We Can has designated the General Manager as the role responsible for overall compliance with this Policy and the Privacy Act 2020, handling access/correction requests and managing privacy incidents.

Privacy breach:

If a privacy breach occurs, we will notify the Office of the Privacy Commissioner and affected individuals as required.

Updates to this Policy:

We may update this Policy to reflect changes in legislation, technology or our practices.