The IFSO Scheme Privacy Policy

This Privacy Policy sets out how the Insurance & Financial Services Ombudsman Scheme ("the IFSO Scheme”) manages, collects, uses, and shares personal information.

You have the right to access the personal information we hold about you and to correct it where it is wrong.

We will take reasonable steps to make sure that the personal information collected, used or disclosed is accurate, complete and up to date.

We will make the necessary changes to personal information details held where you or your provider notifies us of errors or changes required. We will make the changes as soon as practicable.

If a change is not made, you can provide us with your correction and we will attach it to the information you believe needs to be corrected.

It helps us if you make information requests to us in writing and we will also receive requests over the phone.

We will provide you with the information you ask for as soon as possible, and no later than 20 working days. Some information may be withheld or removed if one or more of the exceptions in the Privacy Act applies - for example, where it is confidential information.

If you have any questions about this Privacy Policy or requests relating to your personal information, please contact us.

Personal information is information that identifies you as an individual.

The types of personal information the IFSO Scheme may collect includes:

  • your name, address, email address, and telephone numbers, for example, if you complete an online complaint form, call or email us
  • details of your complaint and interactions with your financial service provider and financial adviser
  • your feedback provided to us in comments, surveys and complaints
  • information about your interactions with us, such as when you visit our website or when you call us, email, post or meet with us in person.

We collect, hold and use personal information about you to provide our dispute resolution services.

Before we formally investigate a complaint, you will be asked to complete a separate Complaint Declaration that explains the information we will collect during the investigation, who we may collect it from and what we will use it for. It also sets out your obligations of confidentiality.

Where possible we collect information directly from you or your representative. We collect information in letters, emails, forms, taking notes of conversations, in surveys, by using cookies and web tracking software, and from our social media platforms.

If you complete our online forms such as the Make a Complaint form or the online application to become a member, we keep a record of the information you provide.

We may also collect information from:

  • parties to a complaint
  • experts that have information relevant to a complaint
  • people using our website
  • people using our other services, such as training and,
  • responses to our communications.

We primarily use the information we collect for complaint management and investigation, membership, promotion of the IFSO Scheme, and reporting.

We may also use your personal information to:

  • produce anonymised information such as case studies in training material after removing identifiers, like your name or occupation
  • ask for your feedback to evaluate our services
  • contact you about services we provide
  • send you information that may be relevant to you.

If you have made a complaint about your financial service provider, we will need to disclose personal information to investigate and resolve it. Transparency is important to promote natural justice. If there is sensitive information that you do not want us to disclose to the financial service provider, please let us know.

We may need to disclose identifiable personal information to trusted service providers to help us with our activities, like running our IT systems, conducting surveys, or providing us with professional advice.

In some situations, we are required by law to pass on information about a financial service provider to a regulator or enforcement agency. The information provided may include information about a complaint.

We may publish a case note about your complaint if it will help others but we will change information so it does not identify you. All our reporting is done on a combined basis to prevent anybody being identified.

We have appointed a Privacy Officer to promote privacy within our organisation.

We check that our processes, systems, and practices to ensure we are meeting our obligations to you.

We ensure our staff are properly trained and have access to support in order to get it right.

We invest in our data and information technology systems and monitor our processes to ensure we securely and confidentially manage your information and promote your privacy.

We get independent assurance from time to time about our systems and practices.

Under the Privacy Act 2020, if the IFSO Scheme has a privacy breach that is likely to cause anyone serious harm, we are legally required to notify the Office of the Privacy Commissioner and any affected people as soon as we are practicably able to.

If we become aware of a privacy breach at the IFSO Scheme, we will respond as quickly as possible. We will take action to contain and assess the breach and take action to prevent and minimise any further harm. We urgently fix any mistakes we make, and we learn from them. We take feedback and complaints seriously.

If you wish to make a complaint about your financial service provider, you should only send information relevant to the dispute and keep to a minimum information concerning third parties.


You are welcome to have another person to represent or support you during your interactions with us. If that relates to the investigation of a complaint, that person will also need to complete a Complaint Declaration.

Website Analytics

Information is collected to gain a better understanding of how the information in our website is being used so that we can continually improve it. For example, we collect user internet addresses, browser type and internet service provider details and other technical information. We get reports about which pages are being used, what documents are opened, and what tools are used. This helps us understand what is important to you and helps us to improve our website.


Cookies are small pieces of text stored on a user's computer, sent by a web browser. They are used for remembering data about the computer user, such as IP addresses, dates and times of visits, pages accessed, documents opened and links clicked. You can block cookies in your browser settings.

Third parties

We use third party providers to help us engage with people and to gain insights into how we perform. We use Information Technology (IT) systems to do this, including our case management system (CMS), website management system, social media platforms, analytics tools, Microsoft Office products.

Our IT networks and database system use servers and support within New Zealand and overseas. Our CMS and website are supported by New Zealand companies with whom we have privacy agreements. Our CMS data is securely backed up in a fully-encrypted format on secure servers.

We use these third-party platforms:

SurveyMonkey – to conduct customer satisfaction and other surveys. We disclose your name and email address to SurveyMonkey to generate and conduct the survey. SurveyMonkey is based in the United States. The responses you provide to the survey are anonymous and we only receive combined, statistical information. To find out more, see the SurveyMonkey privacy policy.

MailChimp – to generate and distribute Participant newsletters and undertake email campaigns. We provide MailChimp with Participant names, email addresses. We do not use the analytics tools offered by MailChimp. To find out more, see the MailChimp privacy policy.

Google Analytics – to understand how our website is used. To find out more, see the Google Analytics privacy policy.

Facebook, LinkedIn – we use social media platforms to promote our services and interact with members of the public and financial services providers. Interactions with us on social media platforms will remain stored with those platforms and will be subject to the privacy policies of the platform provider.


We provide anonymised information in reports to IFSO Scheme Participants and government agencies or regulators.

Media Enquiries

We do not provide media with personal information relating to a complaint. This is either proactively or in response to a request for comment. We may refer media to an anonymised case study.

If you are not satisfied with an aspect of our service or our process, including how we have handled your personal information, you are able to make a service complaint about the IFSO Scheme by emailing Just tell us what the issue is and what you want to happen. If you need any help, please call us on 0800 888 202.

Service complaints are about the service we provided. They are not a review of a complaint decision or outcome.

We will respond to your service complaint as quickly as possible. If we need to make further enquiries, it may take more time. We will let you know the timeframe to expect. You may also make a complaint to the Privacy Commissioner.