Privacy Policy

In this policy, references to "My Net Worth Limited", "we", "us", and "our" refer to My Net Worth Limited (FSP number: 1012016), a financial advice provider licensed by the Financial Markets Authority (FMA).

We are committed to protecting your privacy and handling your personal information with care, in accordance with the Privacy Act 2020 (New Zealand) and our obligations under the Financial Services Legislation Amendment Act 2019, the Financial Markets Conduct Act 2013, and the Code of Professional Conduct for Financial Advice Services 2025.

This policy explains how we collect, use, store, share, and protect personal information about you, and outlines your rights in relation to that information. By engaging our services or using our website, you agree to the terms of this policy.

1. Who We Are

2. What Is Personal Information?

"Personal information" means any information about an identifiable individual, as defined in the Privacy Act 2020. This includes information from which a person could reasonably be identified, either directly or indirectly.

3. Information We Collect

To provide you with quality financial advice and meet our legal obligations, we may collect the following categories of personal information:

3.1 Identity & Contact Information

• Your full name, date of birth, and gender
• Residential and postal address
• Phone number and email address
• Identity verification documents (e.g. passport, driver's licence)

3.2 Financial Information

• Income, expenses, assets, and liabilities
• Investment holdings, KiwiSaver details, and insurance policies
• Banking and credit information
• Objectives, risk tolerance, and financial goals

3.3 Compliance & Regulatory Information

• Information required under the Anti-Money Laundering and Countering Financing of Terrorism Act 2009 (AML/CFT Act), including source of funds and wealth
• Tax identification information (IRD number, overseas tax residency status for FATCA/CRS compliance)

3.4 Communication Records

• Emails, letters, and meeting notes
• Records of advice given and instructions received
• Complaints and feedback

3.5 Website & Technical Information

• IP address and browser type
• Pages visited and referring URLs
• Cookie data and website usage analytics

We collect information primarily directly from you. Where you authorise us to, or where permitted by law, we may also collect information from publicly available sources, product providers, insurers, credit reporting agencies, your accountant, lawyer, or other professional advisers.

If you choose not to provide information we request, we may be unable to begin or continue providing services to you.

4. How We Use Your Information

We collect and use your personal information only for lawful purposes connected with the delivery of our services and meeting our obligations. These purposes include:

• Providing personalised financial advice and related services to you
• Opening, administering, and managing your account and our ongoing client relationship
• Verifying your identity in accordance with AML/CFT requirements
• Complying with our legal and regulatory obligations under the Financial Markets Conduct Act 2013, Financial Services Legislation Amendment Act 2019, AML/CFT Act, Tax Administration Act 1994, and related legislation
• Communicating with you about our services, including sending statements, reports, and important notices
• Marketing and promoting our services to you — you may opt out of marketing communications at any time by contacting us
• Maintaining accurate business, compliance, and accounting records
• Protecting and enforcing our legal rights and interests
• Improving our services and client experience

We take reasonable steps to ensure that the personal information we use is accurate, complete, and up to date.

5. Disclosure of Your Information

We will not sell, rent, or trade your personal information to third parties. We may disclose your personal information in the following circumstances:

5.1 To Service Providers and Professional Advisers

We may share your information with third parties who assist us in providing our services or who perform functions on our behalf, including:

• Investment platforms, custodians, and fund managers
• Insurance providers and underwriters
• Mortgage lenders and banks
• IT system providers, cloud storage, and CRM platform providers
• Compliance, AML/CFT, auditing, and legal advisers
• Our approved dispute resolution scheme provider

5.2 To Regulatory and Government Bodies

We may be required to disclose your information to:

• The Financial Markets Authority (FMA)
• The Financial Intelligence Unit (Police) and other agencies under AML/CFT obligations
• Inland Revenue (IRD) or overseas tax authorities for FATCA/CRS reporting
• Other government agencies where required or authorised by law

5.3 Identity Verification Agencies

As part of our AML/CFT obligations, we may verify your identity against databases held by agencies such as the Department of Internal Affairs, NZTA, and authorised identity verification providers.

5.4 With Your Consent

We may share your information with your other professional advisers (such as your accountant or solicitor), or any other party, where you have expressly authorised us to do so.

We will only disclose your personal information to overseas parties if we have taken reasonable steps to ensure that the recipient is subject to the Privacy Act 2020 or privacy laws that provide comparable safeguards (in accordance with Information Privacy Principle 12).

6. How We Store and Protect Your Information

We take reasonable steps to keep your personal information safe from loss, unauthorised access, use, modification, or disclosure. Our security measures include:

• Data encryption — encryption at rest and in transit for all digital records
• Access controls — only authorised personnel who require access to your information for their role are permitted to view it
• Secure credentials — strong, unique passwords managed via a secure password management system
• System security — regular software updates and security patching across our technology environment

6.1 Wealthie — Client Relationship Management (CRM)

We use Wealthie, a New Zealand-built AI-powered CRM platform designed specifically for New Zealand financial advisers, to manage client records, meeting notes, advice documentation, and communications. Wealthie provides secure, encrypted storage for client data and is built for compliance with New Zealand's financial advice regulatory framework.

Wealthie uses AI to assist with meeting transcription, data extraction, and document generation. This functionality supports our advisers in preparing advice documentation but does not make decisions about your financial affairs. AI-assisted outputs are always reviewed by a qualified adviser before being relied upon.

Wealthie employs enterprise-grade security measures that meet or exceed industry standards for financial services applications. More information can be found at wealthie.co.nz/security.

6.2 Other Technology Platforms

We may also use other technology platforms to support our operations, including Google Suite for business communications and document management. Google stores New Zealand customer data at rest in its New Zealand and Australian data-centre regions and is contractually bound to apply privacy safeguards comparable to the Privacy Act 2020.

Where any of our service providers store or process data outside New Zealand, we take reasonable steps to ensure those providers are subject to privacy laws that provide comparable safeguards to the Privacy Act 2020, or are bound by contractual obligations to that effect (in accordance with Information Privacy Principle 12).

7. Retention of Information

In accordance with the standard licensing conditions applicable to Financial Advice Providers under the Financial Markets Conduct Act 2013 and the Code of Professional Conduct for Financial Advice Services 2025, we retain client records for a minimum of seven (7) years after the end of our business relationship with you.

After the applicable retention period, personal information will be securely deleted or destroyed, unless a longer period is required by law. We will not retain personal information for longer than is necessary for the purposes for which it was collected.

8. Privacy Breaches

We take the security of your information seriously. In the event of a privacy breach involving your personal information that is likely to cause serious harm, we will:

• Act promptly to contain and assess the breach
• Notify the Office of the Privacy Commissioner as required under Part 6 of the Privacy Act 2020
• Where required, directly notify any affected individuals
• Where appropriate, publish a notice on our website
• Take steps to prevent recurrence

9. Cookies and Website Usage

Our website (www.mynetworth.co.nz) may use cookies and similar technologies to collect information about how you interact with our site. This information is used to improve user experience and understand how our website is being used.

Cookies may include first-party functional cookies (required for the site to work) and analytics cookies (e.g. Google Analytics) that collect anonymous traffic data. You can disable cookies through your browser settings; essential site functionality will continue to operate.

Our website may contain links to third-party websites. We are not responsible for the privacy practices of those websites and encourage you to review their respective privacy policies.

10. Your Rights

Under the Privacy Act 2020, you have the right to:

• Ask whether we hold personal information about you, and to access that information
• Request correction of any personal information we hold that is inaccurate, incomplete, or misleading
• Withdraw consent for uses of your information that are not required by law or contract (noting this may affect our ability to provide services)
• Make a complaint about how we have handled your personal information

To exercise any of these rights, please contact our Privacy Officer using the details in section 12. We may ask you to verify your identity before processing a request. We will respond to access and correction requests within the timeframes required by the Privacy Act 2020.

Please note that some exceptions to access rights apply under the Privacy Act 2020, for example where providing access would disclose the personal information of another individual or prejudice an investigation.

11. Privacy Complaints

If you have concerns about how we have handled your personal information, please contact our Privacy Officer in the first instance (see section 12). We will:

• Acknowledge your complaint within three (3) working days
• Investigate and aim to resolve your complaint within ten (10) working days (or advise you of progress if more time is required)

If you are not satisfied with our response, you may lodge a complaint with the Office of the Privacy Commissioner:

12. Contact Our Privacy Officer

For any questions, requests, or complaints relating to this policy or the handling of your personal information, please contact:

13. Updates to This Policy

We review and update this Privacy Policy periodically to ensure it remains current and reflects our practices and any changes in legislation. The current version will always be available on our website.

If we make material changes, we will notify you directly where practicable. Your continued engagement with our services following an update constitutes acceptance of the revised policy.