1. Policy Purpose

e-merge Data Solutions (a Wells Group company) is committed to protecting the privacy of individuals whose personal information we collect, hold, and use in the course of our business operations. This policy has been developed in compliance with the New Zealand Privacy Act 2020.

Personal information means information about an identifiable individual (a living person). This policy explains how e-merge Data Solutions collects, uses, discloses, and protects personal information in connection with our services, including the development and delivery of software platforms such as Con-X, data integration services, and field service management solutions.

This policy does not limit or exclude any rights you may have under the Privacy Act 2020. For further information, visit www.privacy.org.nz.

2. Changes to this Policy

We may update this policy from time to time. Any changes will be published on our website (www.e-merge.co) or communicated through our platforms and client channels. Changes take effect from the date of publication. We encourage you to review this policy periodically.

3. Who We Collect Information From

We collect personal information from the following sources:

Directly from you, when you provide information to us through our platforms, via email, telephone, or other contact.
Client organisations and employers who engage e-merge Data Solutions for software development, field service management, or data solutions.
Third parties authorised by you or your organisation to share information with us.
Publicly available sources, where relevant to our services.
Our software platforms, including Con-X, through which operational and compliance data is captured in the course of field service work.

4. What Personal Information We Collect

The personal information we collect may include:

4.1 Identity and Contact Information

Full name and job title.
Business email address and phone number.
Employer and organisational details.

4.2 Operational and Platform Data

Login credentials and user activity within e-merge platforms (including Con-X).
Location data captured through mobile applications during field service activities.
Job site information, including property addresses and customer details.
Digital signatures, timestamps, and job completion records.
Photos, documentation, and compliance records uploaded through our platforms.
Device and technical data from mobile devices or computers used to access our services.

4.3 Business and Commercial Information

Information exchanged during business development, contracting, or onboarding processes.
Correspondence and communication records related to service delivery.
Billing and subscription details for organisations using our platforms.

5. How We Use Your Personal Information

We use personal information for the following purposes:

To verify your identity and manage access to our platforms and services.
To deliver software development, field service management, and data solution services to you and your organisation.
To enable job management, compliance tracking, reporting, and workflow functionality within our platforms.
To facilitate communication between field workers, administrators, client organisations, and third-party integrations.
To support quality assurance, auditing, and regulatory compliance processes.
To improve and develop our products and services based on usage data and feedback.
To provide technical support, training, and user assistance.
To process billing and manage commercial relationships.
To comply with applicable legal and regulatory obligations.
To protect our legal rights and interests, including in connection with any dispute or claim.
For any other purpose authorised by you, your organisation, or as permitted by the Privacy Act 2020.

6. Disclosing Your Personal Information

We may share your personal information with:

Other companies or business units within the Wells Group.
Client organisations and employers who have engaged e-merge Data Solutions for services.
Subcontractors, technology partners, and service providers who assist in delivering our services.
Third-party platforms and integrations configured as part of our service delivery (e.g., field service management, Jira, CRM, or ERP systems).
Cloud infrastructure providers and technology vendors who host or support our platforms.
Regulatory authorities, government agencies, or legal bodies where required by law.
Any person or entity authorised by you, your organisation, or as permitted by the Privacy Act 2020.

Some third-party service providers may be located outside New Zealand. Where personal information is transferred offshore, we take reasonable steps to ensure that it is handled in accordance with the Privacy Act 2020 and our privacy standards.

7. Security of Your Information

e-merge Data Solutions takes the security of personal information seriously. We implement industry-standard safeguards, including:

Encryption of data during transmission and at rest.
Role-based access controls and authentication mechanisms.
Regular security reviews, updates, and monitoring.
Secure cloud infrastructure with backup and disaster recovery procedures.

While we take all reasonable precautions, no method of data transmission or storage is entirely without risk. Users are responsible for maintaining the security of their login credentials and devices.

8. Collection of Personal Information from Third Parties

The New Zealand Privacy Act 2020 (Information Privacy Principle 3) requires that individuals are generally made aware when their personal information is being collected. Where personal information about an individual is collected from a third party — such as a client organisation, retailer, lines company, Meter Equipment Provider (MEP), or other industry participant — rather than directly from the individual concerned, it may not always be practicable for e-merge Data Solutions to provide this notification directly.

In these circumstances, e-merge Data Solutions operates as a data processor acting on behalf of the client organisation that holds the primary relationship with the individual. Consistent with IPP3 and the obligations placed on data collectors under the Privacy Act 2020:

Where we process personal information on behalf of a client organisation, that organisation is responsible for ensuring individuals are informed about how their information is collected and used.
Client organisations are responsible for including appropriate privacy notifications in their own customer communications, terms of service, or contracts, covering the collection of personal information and its disclosure to third parties such as e-merge Data Solutions.
e-merge Data Solutions requires, through its client contracts, that client organisations meet their obligations under IPP3 and IPP3A before passing personal information to us for processing.

Where e-merge Data Solutions collects personal information directly from an individual (for example, through user registration or direct contact), we will provide notification in accordance with IPP3 at the point of collection.

If you have questions about how your personal information was collected or disclosed to e-merge Data Solutions by a third party, we recommend contacting that organisation in the first instance. You are also welcome to contact us using the details in Section 12.

9. Cookies and Tracking Technologies

Our platforms and website may use cookies and similar technologies to support platform functionality, improve user experience, and gather usage analytics. You may configure your browser or device to manage or decline cookies, though this may affect your ability to use certain features of our platforms.

10. Your Rights — Access and Correction

Subject to the provisions of the Privacy Act 2020, you have the right to:

Request access to the personal information we hold about you.
Request correction of any personal information that is inaccurate, incomplete, or out of date.
Request removal of personal information we hold about you, where it is reasonable and practicable to do so.

To exercise any of these rights, please contact us using the details below. We may require you to verify your identity before processing a request. Please note that:

If personal information has been provided to us by your organisation or a third party, they may resubmit that information and we cannot prevent this.
Removal of personal information may impact the functionality of services provided to you or your organisation.
Some information may need to be retained to meet our legal, regulatory, or contractual obligations.

11. Third-Party Links and Services

Our platforms and communications may contain links to third-party websites or services. e-merge Data Solutions is not responsible for the privacy practices of those third parties. We recommend reviewing the privacy policies of any external sites you visit.

12. Contact Us

For questions about this policy, to request access or correction of your personal information, or to raise a privacy concern, please contact us at:

e-merge Data Solutions

A Wells Group Company

Email: info@e-merge.co

Website: www.e-merge.co