Helping You Achieve the Freedoms of Time, Money and Peace of Mind
This notice applies across all websites that we own and/or operate, all services we provide and any other services we may offer (for example, events or training). For the purpose of this notice, we’ll just call them our ‘services’.
We may need to update this notice from time to time. Where a change is significant, we’ll make sure we let you know – usually by sending you an email.
You can read the entire document (privacy notice) below, or if you haven’t got much time, you can jump to the section you need using the navigation menu in the PDF document. Download PDF here.
If you have any questions about our Privacy Notice, or how we process your Personal Data, please contact us using the contact form on our website or using any other contact details provided to you on the Privacy Notice page.
Lynch & Associates Limited
Personal Information Privacy Statement
Who we are
Lynch & Associates Limited, also referred to below as “we”, “us” or “our” are operating from their office at Level 5, 60 Parnell Rd. Auckland 1052.
At the core of our business, is our Tax & Compliance Service for small to medium enterprises. We also offer Audit and Business Development services to our clients. If you want to find more about what we do, see the About Us page on our website.
Lynch & Associates Limited acts as a ‘Controller’ as defined in the GDPR which means we are responsible for your Personal Data.
We also act as a ‘Processor’ as defined in the GDPR of your clients’ Personal Data. We take the responsibility for ensuring that the Personal Data we collect about you is being
This Privacy Notice
This Privacy Notice is created with reference to the Privacy Act 2020, General Data Protection Regulation (EU) 2016/679 (GDPR).
- sets out how we handle personal information and
- how we comply with our obligations under the Privacy Act and
- demonstrates our commitment to the protection of your privacy.
- our principles of data protection
- how and why we collect your personal information,
- how we may use and disclose it,
- how we keep it secure,
- how you can access or correct your personal information and
- how to make a complaint relating to your privacy.
Our principles of data protection
We perform to the highest standards and objectives, we stay independent, competent, ethical and respect privacy and confidentiality.
We use industry leading approaches to securing the personal data entrusted to us. We stay on top of changes, are knowledgeable, diligent, use leading professional software, are time efficient and practice teamwork.
We are observant, act when required, review our work and offer constructive feedback. We actively listen to our clients’ needs, practice empathy and compassion, and walk the extra mile. We care for each and every client of ours and take responsibility that comes with processing personal data.
We are supportive of our clients, trustworthy and reassuring, responding to their needs with care. We respect their privacy that comes with personal data collected by us.
We are open and transparent when we address personal data, we are kind, respectful and relaxed with our clients.
Security is a priority for us when it comes to your personal data.
All your personal information collected by Lynch & Associates Ltd, is stored exclusively in secure hosting facilities provided by Tier4, a Gold-Level Watchguard firewall partner providing security against the latest threats of ransomware and malware and data protection, ensuring compliance with the GDPR. All hosting is performed in accordance with the highest security regulations.
We also partner with security providers such as Webroot and Malwarebytes for total endpoint protection from misuse, interference, loss, unauthorised access, modification and disclosure.
Whenever you register or purchase services from our sites, we use current technology to encrypt the information and online access to your information, products and services requires you to provide a username and password.
Where we are not required or authorised by law to retain your personal information, it will be destroyed or de-identified when it is no longer required for any purpose for which we may lawfully use or disclose it.
How do we collect and process your personal information?
Personal information - Definition
This Privacy Notice applies to “personal information” as defined in the Privacy Act 2020 and includes any information that can be used to identify you. This may include your name, address, telephone number, email address and profession or occupation. If the information we collect personally identifies you or you are reasonably identifiable from it, the information will be considered to be personal information.
You do have the right to remain anonymous or use a pseudonym, but this may restrict the provision of our services.
How we collect your data
We collect personal information about you when it is reasonably necessary for one or more of our activities or functions. This personal information is collected in several ways, including:
- From you: We collect and hold personal information about you, which is information that can identify you and is necessary and relevant to providing you with the professional services that are seeking. The type of information we naturally collect include your name, address, date of birth, gender, job titles and any other information that is relevant to the provision of accounting services, such as bank account details, credit card details, shareholdings, details of investments and tax file numbers.
- Through the Sites: In general, you are not required to provide personal information when you visit our website. However, if you apply to receive information about our services, events and our advisory updates or wish to apply for a job or complete a survey we may require you to provide certain personal information.
- From third parties: We may receive your personal information from other sources, such as your authorised or personal representative, or from a publicly available record, public databases, professional bodies (for example under reciprocal arrangements), your employer (for example when your employer registers you in seminar, workshop or course), regulators and government and statutory bodies.
We process collected data only:
- to perform a contract with you, or
- where we have legitimate interests to process the personal data and they’re not overridden by your rights, or
- in accordance with a legal obligation, or
- where we have your consent.
What would happen if we did not collect your personal information
The provision of your personal information is voluntary. However, if you cannot, or will not provide us with the personal information we reasonably require, we may not be able to contact you or otherwise interact with you, process your application, registration, subscription renewal or request, perform our statutory functions, or provide you with some or all of our products and services.
How we use your personal information
First and foremost, we use your personal data to provide you with any services you have requested, and to manage our relationship with you. We also use your personal data for other purposes, which may include the following:
When we collect, hold and use your personal information, we do it for the following purposes:
a. To communicate with you
This may include:
- Notifications about new or updated services offered in relation to our Services
- Invitations to our training webinars, seminars and other events
- Requests for feedback or to take part in research
- Providing you with information you have requested
- Marketing communications
b. To market to you
We use your Personal Data to send you our Advisory Updates containing marketing communications. We may obtain your Personal Data such as name, email address, phone number and place of employment from you personally, when we meet at networking events or from publicly available information. Wo might send you marketing communications where we have a legitimate interest to do so. You can unsubscribe from these at any time.
c. To protect
By asking for your personal details we can detect and prevent any fraudulent or malicious activity, and make sure that everyone is using our website, free resources and services fairly.
d. Other situations in which we may request your personal information
- To facilitate and process your orders and payments;
- To perform functions outsourced to us (such as hosting services) which may require us to provide personal information to our related bodies corporate, contractors, service providers or other third parties
- To process and respond to any complaint made by you;
- For our internal planning, including service development and quality control;
- To update our records and keep your contact details up to date;
- To facilitate service reviews and to seek your feedback in relation to particular services
You may at any time request that we discontinue sending you emails or other communications generated in response to your provision of personal information via this Website by clicking on the ‘unsubscribe’ button.
Disclosure of personal information by us
We may disclose your personal information to related bodies corporate or to third party organisations.
- Mailing operations
- Billing and debt-recovery functions
- Information technology services
- Marketing and telemarketing services
- Market research
- Website usage analysis
- Sales and support for our services
- Third party professional advisers such as solicitors, business advisers, consultants
- Credit-reporting and fraud-checking agencies
- Government and regulatory authorities and other organisations, as required or authorised by law.
We take reasonable steps to ensure that these organisations are bound by confidentiality and privacy obligations in relation to the protection of your personal information.
How long we keep your Personal Data
We’ll retain your Personal Data for as long as we have a relationship with you, and for a period of time afterwards where we have an ongoing business need to retain it, in accordance with our data retention policies and practices. We’ll make sure it’s deleted after this period.
Your Personal Data is stored on secure servers that have SSL Certificates.
You have a number of rights in relation to the processing of your Personal Data. Requests can be made verbally or in writing, to the contact details available at the bottom of this document or from Privacy at Lynch & Associates page. We will respond to all requests within 30 days of receipt of the request. We won’t charge you for this unless the request is manifestly unfounded or excessive. We may require you to verify your identity before we can disclose any Personal Data to you.
You also have rights to:
- know what personal data we hold about you, and to make sure it’s correct and up to date
- request a copy of your personal data, or ask us to restrict processing it or delete it
- object to our continued processing of your personal data
If you’re not happy with how we are processing your personal data, please let us know by getting in touch from the Privacy at Lynch & Associates page. We will review and investigate your complaint and try to get back to you within a reasonable time frame. You can also complain to your local data protection authority. They will be able to advise you how to submit a complaint.
Changes to this Privacy Notice
We may amend or update this Privacy Notice from time to time. The date of the last update is shown at the top of this document.
Use of Personal Data we collect is subject to the Privacy Notice in effect at the time such Personal Data is collected.
We will notify you of changes to this Privacy Notice and changes to the way we use Personal Data by sending you an email and posting an announcement on our website prior to the changes becoming effective. You are bound by any changes when you use our website or our Services after such changes have been announced.
Questions or concerns
Any questions or concerns regarding this Privacy Notice you might have or concerns regarding the way we use your Personal Data, please let us know by getting in touch using the Contact Form on this page and will try to get back to you within a reasonable time frame. You can also complain to your local data protection authority. They will be able to advise you how to submit a complaint.
If you’re based in New Zealand, you have the right to complain to the Office of the Privacy Commissioner.
If you’re based in the European Union, you have the right to complain to the Information Commissioner’s Office.
If you’re based outside of New Zealand and the European Union, you have the right to make a complaint at any time to the supervisory authority for data protection issues of the country in which you are based, or to the New Zealand Office of the Privacy Commissioner.
How to contact us
You can contact us in the following ways:
- Sending an email to [email protected]
- Calling Chris Lynch, Managing Director at Lynch & Associates Limited, our Privacy Officer on +64 9 366 6008 or
- Sending a letter to Lynch & Associates Ltd. PO Box 37 144, Parnell, Auckland 1151 New Zealand
- fill the form below.