Auckland Airport is the data controller of the personal data.
What information do we collect?
Data collected from your general interactions with us
- The personal data we may collect includes your:
- name, contact details, date of birth, flight and booking details, passport details, driver licence number, credit card details;
- location and movements in public areas of the airport and its close surroundings, (via CCTV footage);
- vehicle licence plate number;
- conversations with our staff, agents or other persons, which may be recorded;
- email communications, and your written and verbal interactions with us or our agents;
- number of visits to the airport;
- image (via photograph or film) as you move around our property;
- travel destination or preferred destinations;
- use of our social media platforms; and
- preferences concerning types of products or services.
Data collected when you use our websites and apps
When you visit or use our websites or apps, we collect data (including the IP address and phone number of your machine or device, the operating system and the browser your machine or device uses, your browser's general wifi location, the date and time you are visiting and the pages you view and your preferred travel destinations).
Data regarding your usage of our websites and our apps is collected to help us improve and offer the services you need each time you visit and to improve our services generally. We may also use this data to improve our advertising and marketing of related products and services.
How do we collect your information?
- by recording conversations you have with our staff, agents or others persons on our property;
- though the recording of your image on CCTV footage in and around our airport;
- when you submit an application for employment or contracting opportunities with us;
- when you subscribe to any Auckland Airport newsletters, participate in surveys, competitions or promotions;
- by filming, or taking photographs, of you on or around our property (which may be used in our marketing materials);
- when you access any of our retail systems;
- when you log into our wifi; and
- where you have authorised this;
- a publicly available source;
- a government department, body, or law enforcement agency (in relation to security matters);
- an airline or retail outlet;
- a service provider; and
- third party providers of cookies and other online tracking systems.
What we use your information for and the legal basis for doing so
We must have a legal basis to process your personal data. In most cases, the legal basis will be one of the following:
- to allow us to comply with our legal obligations, for example obtaining proof of identity to enable us to meet our anti-money laundering and countering financing terrorism obligations;
- to allow us to take actions that are necessary in order to assist or provide you with a product / service / issue (eg performance of a contract), for example, to make and receive payments or help you solve an issue you have;
- where we have your consent to do so;
- to meet our legitimate interests where these are not overridden by your rights, for example to understand how customers are using our services and to develop new services, as well as improve the services we currently provide; or
- in the case of special categories of personal data, that it is in the substantial public interest.
- for safety and security purposes;
- to process your transactions and administer your account;
- to help us develop, market, improve, manage, administer and facilitate our services and operations and those of our business partners;
- for internal purposes (such as risk management, staff training and billing);
- as part of the investigation and analysis of incidents;
- to contract with authorised individuals;
- for us or our commercial partners to notify you of services, special offers, opportunities, products or benefits which are being offered by Auckland Airport or any of our commercial partners or associated organisations;
- for security purposes and to improve our, or our commercial partners', services by using monitoring and tracking technologies in relation to our online services and properties; or
- to conduct market research and to promote and market our, or our commercial partners', products and services.
By providing your email address and/or mobile phone number, you consent to us sending you information connected with the above collection and use purposes via email or text message. We may also send you newsletters or other information we think you may be interested in and which may market and promote our products and services, or the products and services of others. The messages you receive from us will have instructions for how you can remove yourself from our mailing list.
If you are using one of our apps, we may send you "Push Notifications", and you agree to receive notifications from us even if your App is not running. You can change your push notification settings within your device or via the App itself.
Some uses of your personal data may involve the transfer of that data outside New Zealand, to be held and used by our related companies and commercial partners.
Who will we share your information with?
Personal data held by Auckland Airport will be accessible by Auckland Airport staff or advisors where it is necessary for that staff member or advisor to carry out their duties.
We will not disclose your personal data to other people or agencies except where:
- you have authorised such disclosure;
- disclosure is required by or to our contractors or business partners (for the purposes of the products / services they provide), so that we can assist you with a transaction on your behalf or provide you with a product / service that you have requested;
- disclosure is to a law enforcement agency that is entitled to such information under its statutory powers;
- we are required to provide the information by law;
- disclosure is required for safety and security and data assurance purposes;
- disclosure was the purpose of collecting the data;
- disclosure is required to facilitate the sale, disposal, assignment or transfer of Auckland Airport or any of its assets or subsidiaries or related companies;
- disclosure is necessary following a transfer of our rights and duties;
- disclosure is necessary to market, review or improve our services or facilities or those of our business partners;
- disclosure is necessary for third parties to offer you products and services that may be of interest to you and to optimise the advertisements on our websites; or
- it is necessary for a function of Auckland Airport, such as for legal or auditing purposes.
If your personal data is transferred to a third party in a non-approved country, we will ensure that suitable safeguards are put in place to ensure your personal information and rights are protected.
We may share your personal data with the following organisations in a manner consistent with the use and disclosure purposes listed above:
- our contractors (for the purposes of the services they provide);
- law enforcement agencies;
- our authorised business partners and related third parties;
- those entities involved in providing, managing or administering your product or service;
- organisations we sponsor and loyalty program partners, including organisations that we have an arrangement with to jointly offer products;
- service providers that maintain, review and develop our business systems, procedures and technology infrastructure, including testing or upgrading our computer systems;
- payment system organisations;
- organisations that assist with our product planning, analytics, research and development;
- organisations involved in a transfer of our assets or business;
- mailing houses and media organisations who assist us to communicate with you, including media or social networking sites; or
- other organisations involved in our normal business practices, including our agents and contractors, as well as our accountants, auditors, lawyers or other external advisors.
How do we protect your information and how long will we keep it for?
Auckland Airport implements and maintains security measures that are designed to provide reasonable protection against the loss, interference or misuse of your personal data and to prevent unauthorised access, modification or disclosure of your personal data.
Communications over the internet, such as emails, are not secure, unless they have been encrypted. We may and we may allow third parties to monitor our network for security and data assurance purposes.
We are only permitted to store your personal information for as long as necessary having regard to the purposes for which it was collected or a related or ancillary purpose. We may delete your personal information after a reasonable period of time and, if you have not used our services for some time, you may have to re-enter, or re-supply, your personal information to us. At times, we may need to retain your information for a longer period where we need the information to comply with regulatory or legal requirements or where we may need it for our legitimate purposes. If we do not need to retain information for this period of time, we may destroy, delete or anonymise it more promptly.
What if you do not provide us with your information?
You can choose not to give us your personal data. However, if you do not provide your information to us, we may not be able to:
- provide you with the product or service you want;
- respond to your requests;
- manage or administer your product or service;
- personalise your experience with us; or
- verify your identity or protect against fraud.
Your rights and contacting us
You have certain rights regarding your personal data. These include the following rights to:
- request a copy of the personal data we hold about you;
- request that we supply you (or a nominated third party) with an electronic copy of the personal data that you have provided us with;
- inform us of a correction to your personal data;
- exercise your right to restrict our use of your personal data;
- exercise your right to erase your personal data;
- withdraw consent at any time for the processing of your personal data;
- object to particular ways in which we are using your personal data; or
- lodge a complaint with a supervisory authority.
Your ability to exercise these rights will depend on a number of factors and, in some instances, we will not be able to comply with your request, for example, because we have legitimate grounds for not doing so or where the right does not apply to the particular data we hold about you. If you would like more information on these rights, wish to exercise them or have questions about your information, please contact the Data Protection Officer in the first instance by emailing the Data Protection Officer at firstname.lastname@example.org, marking the subject heading of your email "For the attention of the Data Privacy Officer".
If you would like to make a complaint or learn more about your rights in relation to your personal information, please contact the United Kingdom Information Privacy Commissioner (www.ico.org.uk), the New Zealand Privacy Commissioner (www.privacy.org.nz) or any other supervisory authority.
If you need to access recordings from our CCTV cameras, you'll need to follow the 'release of recordings' process. The Skygate Security team manages the release of recordings and will help you with the process. Note that recordings are only stored for 14 days.
The request must come from a person in a management position in the organisation including the following details:
• Exact location plus time and date the recording took place. Description of the incident/event including persons or vehicles involved etc.
• Reason for requesting the release of recordings.
The requestor will complete and sign a "CCTV Footage release form" when they pick up a copy of the footage from SkyGate Security in the ITB. These forms are only available in hard copy.
Contact the Skygate Security team on: email@example.com or (09) 256 8110