The IFSO Scheme Privacy Policy

This Privacy Policy sets out how the Insurance & Financial Services Ombudsman Scheme ("the IFSO Scheme”) manages, collects, uses, and shares personal information.

Personal information is information that identifies a person (that is you).

Types of personal information the IFSO Scheme may collect include:

  • your name, address, email address, and telephone numbers, for example, if you complete an online complaint form, call or email us;
  • details of your complaint and interactions with your financial service provider and financial adviser;
  • information about your interactions with us, such as when you visit our website or when you call us, email, post or meet with us in person;
  • your feedback provided to us in surveys, comments, and your complaint.

We collect, hold and use personal information about you to provide dispute resolution services.

Before we formally investigate a complaint, you will be asked to complete a separate Complaint Declaration that explains the information we will collect during the investigation, who we may collect it from and what we will use it for. It also sets out your obligations of confidentiality (what you must keep private).

Where possible we collect information directly from you or your representative. We collect information in letters, emails, forms, taking notes of conversations, in surveys, by using cookies and web tracking software, and from our social media platforms.

If you complete our online forms such as the Make a Complaint form or the online application to become a member, we keep a record of the information you provide.

We may also collect information from:

  • parties (other people/organisations/businesses that have a connection) to a complaint;
  • experts that have information relevant to a complaint;
  • people using our website;
  • people using our other services, such as our training resources; and
  • responses to our communications.

The main use of information we collect is for complaint management and investigation, membership, promotion of the IFSO Scheme, and reporting.

We may also use your personal information to:

  • produce information such as case studies or in training material after removing obvious information that identifies you, such as your name, or occupation; and
  • ask for your feedback to evaluate our services
  • contact you about services we provide;
  • send you information that may be relevant to you.

If you have made a complaint about your financial service provider, we will need to disclose (give) personal information in order to investigate and resolve it. Giving us all the information about your complaint is important for us to make the right decision. . If there is sensitive information that you do not want us to disclose to the financial service provider, please let us know.

We may need to supply personal information that could identify you to trusted service providers to help us with our activities, like running our IT systems, conducting surveys, or providing us with professional advice.

In some situations, we are required by law to pass on information about a financial service provider to a regulator or enforcement agency. The information provided may include information about a complaint.

We may publish a case study about your complaint if it will help others but we will change information, so it does not identify you.

Our reporting is supplied as numbers (e.g., as a percentage or total) to prevent anybody being identified.

We check that our processes, systems, and practices meet our responsibilities to you.

We invest in our data and information technology systems and monitor our processes to make sure we securely and confidentially manage your information and promote your privacy.

We ensure our staff are properly trained and have access to support in order to get it right. We have appointed a Privacy Officer to promote privacy within our organisation.

We get independent assurance from time to time about our systems and practices.

Under the Privacy Act 2020, if the IFSO Scheme has a privacy breach that is likely to cause anyone serious harm, we are legally required to notify the Office of the Privacy Commissioner and any affected people as soon as we are practicably able to.

If we become aware of a privacy breach at the IFSO Scheme, we will respond as quickly as possible. We will take action to limit and assess the breach and take action to prevent and minimise any further harm. We urgently fix any mistakes we make, and we learn from them. We take feedback and complaints seriously.

If you wish to make a complaint about your financial service provider, you should only send information connected to the dispute and keep to a minimum information about third parties (people/businesses/organisations that are not central to your complaint).


You are welcome to have another person represent or support you during the investigation of a complaint. That person will also need to complete a Complaint Declaration.

Website analytics

We gather information from our website to gain a better understanding of our website how it is being used in order to improve it. We collect user internet addresses, browser type and internet service provider details and other technical information. We generate statistics about page use, e.g., what pages are accessed, what documents are opened, and what tools are used. This assists us to understand what is important to users and help us to improve our website.

We keep the aggregated (statistical) reports but do not receive or keep identifying information (e.g., IP addresses).


Cookies and other session tools may be used for security and performance to improve user experience when accessing our website. A cookie is a small piece of text stored on a user's computer by a web browser. It is sent by a web server to a web browser and then sent back unchanged by the browser each time it accesses that server and is used for remembering data about the computer user (such as IP address; dates and times of visits, pages accessed, documents opened, and links clicked). You can prevent cookies being used by updating your browser settings.

Third parties we use

We use third party providers to manage our work, enable us to interact with people efficiently, and to gain insights into how we perform. We use Information Technology (IT) systems to do this, including our case management system (CMS), website management system, social media platforms, analytics tools and Microsoft Office products.

We use the following third-party platforms for the following purposes:

SurveyMonkey – we use SurveyMonkey to conduct customer satisfaction and other surveys of people who use our services. To find out more, see the SurveyMonkey privacy policy.

Google Analytics – we use Google Analytics services to understand how our website is used. To find out more, see the Google Analytics privacy policy.

Facebook, LinkedIn – we use social media platforms to promote our services and to interact with members of the public and financial services providers. Interactions with us on social media platforms will remain stored with those platforms and will be subject to the privacy policies of the platform provider.


We provide information with names and contact details removed in reports to scheme participants and other relevant bodies, such as government agencies or regulators.

Media enquiries

We provide media with information relating to a complaint that does not identify details such as personal names or contact details.

You have the right to access the personal information we hold about you and to correct it where it is wrong.

We will take reasonable steps to make sure that the personal information collected, used or disclosed is accurate, complete and up to date.

We will make the necessary changes to personal information details held where you or your provider notifies us of errors or changes required. We will make the changes as soon as possible.

If a change is not made, we will ensure you have the opportunity to provide us with what you believe the correction should be and we will attach it to the information you believe needs to be corrected.

It assists us if you make information requests in writing, but we will also receive requests over the phone.

We will provide you with the information you ask for as soon as possible, and no later than 20 working days. Some information may be withheld or removed if one or more of the exceptions in the Privacy Act applies - for example, where it is confidential information.

If you have any questions about this Privacy Statement or requests relating to your personal information, please contact us

If you wish to complain about how we have handled your personal information, please complain in writing. If you need help putting in a complaint, you can contact us. If we receive a complaint from you about how we have handled your personal information, we will determine what (if any) action we should take to resolve the complaint.

If we decide that a complaint should be investigated further, the complaint will be handled by a senior member of staff who was not involved in the original investigation.

We will tell you promptly that we have received your complaint and then respond to the complaint within a reasonable timeframe.

You may also make a complaint to the Privacy Commissioner.

How to contact us

Our office hours are 8:30am to 5:00pm Monday to Friday (New Zealand time). We are closed on public holidays and over the Christmas and new year break.

Phone: 0800 888 202 | email: website: