COMMUNITY HOUSING FUNDING AGENCY LIMITED
PRIVACY POLICY
This Privacy Policy applies to Community Housing Funding Agency Limited, as well as other entities within its wider group, including Community Finance Limited, Community Finance Security Trustee Limited, Community Housing Investment Fund GP Limited, Community Housing Investment Fund Limited Partnership, Positive Capital Limited, Positive Property Fund Limited and Positive Property Fund Holdings Limited (together “the Group”). The Group is committed to developing and delivering financial solutions that provide positive social impact.
We take privacy seriously and are committed to ensuring that your personal information is kept safe and secure and is used responsibly, and only for the purpose for which it was obtained.
The Group is bound by the Privacy Act 2020 which governs how we use, hold and disclose personal information. This Privacy Policy does not limit your existing rights under relevant privacy and data protection laws. If you wish to seek further information on the Privacy Act 2020 please refer to www.privacy.org.nz.
1. Collection of personal information
The Group collects and holds personal information (obtained either directly or indirectly) to:
- Provide you with products and services;
- Meet our regulatory obligations (including but not limited to verifying your identity under the Anti-Money Laundering and Countering Financing of Terrorism Act 2009) (AML/CFT) and compliance with the Tax Administration Act 1994;
- Assist you with the use of our website;
- Assist with the ongoing administration, operation and marketing of our
products and services including targeted advertising; - Conduct internal research and development of our platforms and the services we provide;
- Improve the products and services we provide to you;
- Communicate with you, including responding to any complaints;
- Protect and enforce our legal rights and interests; and
- Any other purpose authorised by you or the Privacy Act 2020.
The personal information we request may include biometric information via facial recognition software. We request and disclose biometric information to our service providers for the sole purpose of compliance with AML/CFT functions as listed above.
We respect the highly sensitive nature of biometric information and are committed to ensuring that it is obtained and held in accordance with the provisions of the Privacy Act 2020.
2. Who do we disclose your personal information to?
We outsource some of our activities to third parties including local service providers. Contracts with third parties include security and privacy terms and conditions commensurate with the types of services we provide. You may choose not to disclose this information to us. You should be aware, however, that it may mean we are restricted or prevented from providing our services to you. We may disclose your personal information to another company or entity associated or related to us, any person who can require us to supply your personal information (for example, a regulatory authority), any other person authorised by the
Privacy Act 2020 or another law or any other person authorised by you.
Predominantly, we collect personal information from, or disclose it to:
| Third Party | Contact Details |
| FirstAML Limited | Website: www.firstaml.com Address: 12 MacKelvie Street, Grey Lynn, Auckland 1021 |
| Government Agencies | Contact details for all government agencies can be found on the New Zealand Government’s website https://www.govt.nz/organisations/ |
3. Storage of personal information
We, and our service providers, use a range of security measures in storing any personal information that you provide to us, whether electronically or otherwise.
4. The Group is committed to protecting your personal information
The Group will at all times work to ensure that we are taking all reasonable steps to protect your personal information. If we become aware of any security breach relating to your personal information, we will ensure that the breach is managed in accordance with Notifiable Privacy Breach provisions contained in the Privacy Act 2020. This may include notification to our customer and the Privacy Commissioner where that breach is likely to result in or potentially cause serious harm as defined in the Act. An incident would be assessed on a case-by-case basis by our Privacy Officer.
5. Requesting access to your personal information
We endeavour to ensure that the personal information we hold about our customers is accurate, complete and up to date. You have rights under the Act and the Privacy Principles to find out what personal information we hold about you, get a copy of and request correction to the personal information you have supplied.
This may be done by making a request in writing and sending it to us at PO Box 11176, Ellerslie, Auckland 1542 or by email to contact@chfa.co.nz.
Your personal information will only be kept for as long as it is needed. There may be circumstances where we are required to keep the information for a specified amount of time to meet various legal and regulatory requirements.
6. Marketing and advertisement
The Group uses cookies, pixel tags and other tracking technologies (collectively cookies) when you visit our website. A cookie is a small text file that is stored on your computer for record-keeping purposes. It does not identify you personally or contain any other information about you but it does identify your computer. Our websites use these cookies.
We also use direct marketing. Customers can opt out of receiving marketing information by using the unsubscribe provision within those communications.
7. Privacy complaints process
If you are unhappy with how we have handled your personal information, you may send a complaint to our Privacy Officer. Please provide us with the full details of your complaint along with any supporting documentation.
The Privacy Officer can be contacted as follows:
– Email: contact@chfa.co.nz
– Post: PO Box 11176 Ellerslie, Auckland 1542 New Zealand
If your concerns are not resolved to your satisfaction you can contact the Privacy Commissioner as below:
– Attention: The Privacy Commissioner
– Email: enquiries@privacy.org.nz
– Website: www.privacy.org.nz
– Telephone: 0800 803 909
8. This Privacy Policy may be updated
The Group may change this Privacy Policy at any time. Any change will apply from the date we upload an updated Privacy Policy on our website. Please refer to our website for any updates.
This Privacy Policy was last updated on 1 May 2026