Auckland
Wellington
Support
Need help now?
SLS
Privacy Policy

Last updated 16 March 2026

Streamlined Litigation Support Limited is committed to protecting the confidentiality and privacy of information entrusted to us.

This privacy statement explains how we handle the information that we collect, including personal information, and how we comply with the requirements of applicable privacy laws, including the New Zealand Privacy Act 2020 (Privacy Act). We may process personal information for any of the purposes described in this privacy statement or as otherwise stated at the point of collection.

In this privacy statement, ‘SLS’, ‘we’, ‘us’, and ‘our’ refer to Streamlined Litigation Support Limited carrying on business in New Zealand. References to ‘you’ and ‘your’ are used to refer to the individual who is the subject of the personal information.

SLS may modify this privacy statement at any time by publishing an updated version on this webpage.

1. Collection and processing of personal information

1.1. Personal information we collect

Personal information (or personal data) is any information about an identifiable individual. Processing is how we sometimes refer to the collecting, handling, use, protecting or storing of personal information.

We process personal information from actual and prospective clients, suppliers, employees, job applicants, contractors and other individuals. We process this information for our necessary business purposes.

The type of personal information we process includes, but is not limited to:

  • Contact details (e.g. names, addresses, telephone numbers, email addresses and job titles).
  • Professional details (e.g. job and career history, educational background and professional memberships, published articles, social media details).
  • Family and beneficiary details for emergency contact purposes, insurance and planning services (e.g. names and dates of birth).
  • Financial information (e.g. tax, payroll, investment interests, superannuation, assets, bank details, insolvency records).
  • Identification documents (e.g. passport, driver’s licence, IRD number or other government-issued identification number) and additional information required to verify your identity (e.g. where you ask us to provide a service that is a designated activity under applicable anti-money laundering laws and regulations).
  • General user information and location-based data, such as internet protocol addresses, browser type and internet service provider details and other technical information when you visit our website.
  • In relation to employees and prospective employees, health information reasonably required for employment, health and safety, insurance, leave management, workplace support, and rehabilitation purposes.

We generally do not intend to process, and we ask you not to provide, any special categories of personal information. Special categories of personal information include information about an individual’s race or

ethnic origin, political opinions or affiliations, religious or philosophical beliefs, trade union membership, genetic data, biometric data that uniquely identifies someone, sexual orientation and criminal records.

If you choose to provide sensitive personal information to us, where permitted by law, we may process that information for the purposes for which it was provided and as otherwise described in this privacy statement.

Due to the nature of our business, it is generally impracticable for us to deal with individuals on an anonymous basis or through the use of a pseudonym, although sometimes this is possible (e.g. when seeking client or staff feedback generally).

1.2. Lawful reasons for processing personal information

We may rely on the following lawful reasons when we process personal information to operate our business and provide our products and services:

  • Contract – To perform our contractual obligations to the relevant individuals.
  • Legitimate interests – We may rely on legitimate interests based on our evaluation that the processing is fair, reasonable and balanced.
    These may include:

    • Delivering services to you and our other clients – To deliver the professional services our clients have engaged us to provide, including providing access to relevant software and providing information on new products and services.
    • ­ Maintaining the security of our and our client’s data, our IT systems and physical security – To prevent fraud, criminal or other unlawful activity, protect our and our client’s data, our IT systems and premises, including providing software logins.
    • ­ Corporate responsibility – To comply with our corporate and corporate social responsibility commitments, such as inclusion and diversity and managing our supply chain.

  • Legal obligations – To meet our legal and regulatory obligations or mandates, as reasonably necessary, such as assisting a law enforcement agency or an agency responsible for national security in the performance of their functions, or to enforce or protect our legal rights, or those of our clients and others.
  • Public interest – Where permitted by law, to perform a specific task in the public interest.
  • Vital interests – To protect the vital interests of an individual, such as to prevent or lessen a serious threat to the life or health of a person.
  • Legal claims – Where it is necessary for us to establish, exercise or defend a legal claim.
  • Employment and social protection law – To carry out our obligations and exercise our or your rights in the field of employment and social protection law.
  • Consent – Where no other processing condition is available or where specifically required by applicable law, if you have agreed to us processing your personal information for the relevant purpose.

1.3. Why we need personal information

We aspire to be transparent when we process personal information and tell you why we need it, which typically includes the following primary purposes:

  • Providing professional services to you and understanding how you use our professional services to ensure that our software, systems and materials remain relevant. Our services may include reviewing client files for quality assurance purposes, which may involve processing personal information for the relevant client.
  • Facilitating access to and the operation of our hosted software applications, including collecting personal information for software logins.
  • Promoting our professional services, products and capabilities to existing and prospective clients.
  • Sending invitations and providing access to guests attending our events and webinars or our sponsored events.
  • Personalising online landing pages and communications we think would be of interest, based on interactions with us.
  • Security, quality and risk management activities – We have security measures in place to protect our information and information systems and our client’s information (including personal information), which involves detecting, investigating and resolving security threats.
    This may include:

    • Automated scans to identify harmful emails.
    • Monitoring the services provided to clients for risk and quality purposes, which may involve processing personal information stored on the relevant client file.
    • Carrying out conflict and risk searches to ensure there are no issues that would prevent us from working with a particular client (such as sanctions, criminal convictions, conduct or other reputational issues).
    • Authenticating registered users to certain areas of our sites.

  • General management and reporting activities, such as invoicing and account management.
  • In relation to the employment of our personnel, providing internal services to our staff, seeking qualified candidates, and assessing the suitability of candidates.
  • Providing technical and other service support, administrative messages, reminders, technical notes, updates and information to you and your authorised third parties.
  • Processing online requests, including responding to communications from individuals or requests for proposals and quotations.
  • Complying with any requirements of law, regulation or a professional body of which we are a member.
  • Compiling health and safety data (directly or indirectly) following an incident or accident. Indirect data can take many forms, including an incident report, first aider report, witness statements and CCTV footage.
  • For other purposes related to our business.

Your personal information will not be used for other purposes unless we obtain your consent to the secondary use, or the secondary use is required or permitted by law.

If you choose not to provide us with personal information which we have requested from you, we may be unable to fulfil any of the above purposes, including providing professional services to you, responding to your requests, paying your invoices or processing your application for employment.

1.4. How we collect personal information

  • Directly – We obtain personal information directly from individuals in a variety of ways, including from individuals who provide us with their business cards, complete our paper and online forms, communicate with us via telephone or email, register for webinars, attend meetings or events we host, visit our offices or for recruitment purposes. We may also obtain personal information directly when, for example, we are establishing a business relationship, performing professional services through a contract, through our hosted software applications or through AI Tools provided as part of our services.
  • Indirectly – In some instances, we may obtain your personal information indirectly from a variety of sources, including publicly available sources, our clients, recruitment, or third parties:

    • Public sources – Personal information may be obtained from public registers, government agency publications, news articles, sanctions lists, internet searches and social media sites.
    • Our clients – Our clients may engage us to perform professional services which involves sharing personal information they control as part of that engagement. Our services may also include processing personal information under our clients’ control on our hosted software applications, which may be governed by different privacy terms, policies and notices.
    • Service providers and other third parties – We may obtain personal information from our service providers, such as recruitment and credit reference agencies and other third parties, such as previous employees, previous employers, law enforcement agencies, banks, other financial institutions and screening providers who assist us with our legal obligations to conduct anti-money laundering, sanctions screening and regulatory checks.

  • Personal information about others – Where you provide personal information to us about other people (such as your customers, directors, officers, shareholders, beneficial owners or employees), you must ensure that you have a lawful basis to make such disclosure, provide all required notifications to and obtain required consents from those people in connection with our processing of that personal information.

1.5. Cookies

Our website may use cookies. Where cookies are used, a statement will be sent to your browser explaining the use of cookies. To learn more, please refer to our Cookies Notice.

1.6. Children

SLS understands the importance of protecting the privacy of children, especially in an online environment.

Our website is not intentionally designed for or directed at children under the age of 16. It is our policy never to knowingly process information about anyone under the age of 16, except as part of an engagement to provide professional services.

1.7. AI Tools

SLS may use AI Tools for document handling, workflow support, analytics, or service delivery, subject to confidentiality, client instructions, and applicable law. Where we use AI Tools to process your personal information, we will comply with all applicable laws, professional standards and this privacy statement.

2. Sharing and transfer of personal information

2.1. Sharing with third parties

The information you provide to us may be shared with third parties to the extent necessary to carry out our professional and business needs, to complete your requests, where we are required to disclose that information by law or for safety reasons, with your consent or as otherwise stated in this privacy statement.

Examples of this might include:

  • Sharing with our service providers – We work with reputable service partners and agencies to meet our business needs, as well as to assist in our delivery of services to you. We may share your personal information with these providers where, and to the extent that, it is required in the provision of the services you have asked that we provide (such as hosting services), or to use their applications, AI Tools and APIs. Some applications may enable or require you to interact with us through APIs in a way that requires you to log in or otherwise provide personal information. SLS will only share personal information with providers who have met our standards on the processing of data and security.
  • Sharing with professional advisers – We may share your personal information with our professional advisers, including lawyers and insurers.
  • Sharing for internal and compliance purposes – The disclosure of your personal information might be necessary for crime prevention, anti-money laundering compliance, sanctions screening, data privacy or security audits, other audits required by local legislation, client conflicts and independence checks, or where we are required to investigate or respond to a complaint or a security threat.
  • Sharing as required under applicable laws, regulations or professional standards – There may be occasions where courts, tribunals, regulatory or professional standards bodies or other third parties require SLS to share information with them, or it may be prudent for SLS to comply with such requests, in accordance with applicable law, regulations, professional standards or national and international sanctions.
  • Sharing in the event of sale or transfer – In the event SLS or the business of the website is sold, transferred, merged or assigned, disclosure might be necessary for that sale, transfer, merger or assignment, or as a result of the sale, transfer, merger or assignment.
  • Sharing with payment, marketing and recruitment service providers – We may share your personal information with payment, marketing and recruitment service providers.

We may also share non-personal, de-identified and aggregated information for research or promotional purposes. At no time will SLS sell your personal information to any third parties or transfer your personal information to any third parties for their direct marketing use.

3. Security and retention of personal information

SLS has security policies and procedures in place to protect our information and client information (including personal information) from loss, unauthorised access, use, modification, disclosure or misuse. Despite our best efforts, security cannot be guaranteed against all threats. To the best of our ability, access to your personal information is limited to those who need to know. Those individuals who have access to the data are required to maintain the confidentiality of the information. We may apply pseudonymisation, de-identification and anonymisation techniques in efforts to further protect your personal information.

We retain personal information to provide our services, stay in contact with you and to comply with applicable laws, regulations and professional obligations that we are subject to. We retain personal information for as long as is necessary for the processing purposes for which the information was collected, and any other permissible, related purpose. The criteria we use to determine the retention periods also include:

  • whether there are contractual or legal obligations that exist that require us to retain the personal information for a period of time;
  • whether you have interacted with us recently; and
  • whether any applicable law, statute, regulation or professional standard allows for a specific retention period.

Unless a different time frame applies as a result of business need or specific legal, regulatory or contractual requirements, where we retain personal information in accordance with these purposes, we retain such personal information for up to ten years or where the personal information relates to a staff member, we retain such personal information for a term equal to the length of the relevant staff member’s employment plus ten years.

Where we are unable to destroy or delete information (e.g., login information shared with software providers), we will disable the user data when the staff member leaves SLS, when we stocktake a client’s users or on your instructions, and request the relevant software provider to cease processing your personal information.

4. General Data Protection Regulation

The European Union General Data Protection Regulation (EU GDPR) and, where applicable, the United Kingdom General Data Protection Regulation (UK GDPR) may apply to your personal information, depending on where you are located and the nature of our processing activities. In this privacy statement, we generally use the term ‘personal information’. Under the EU GDPR and UK GDPR, the equivalent term is ‘personal data’.

Where the EU GDPR or UK GDPR applies, you may have additional rights in respect of your personal data, subject to applicable law. These include rights in certain circumstances to:

  • Access – Access your personal data.
  • Correction – Have inaccurate personal data rectified.
  • Erasure – Erase your personal data (right to be forgotten).
  • Processing restrictions – Restrict our use of your personal data (including preventing processing for the purpose of direct marketing).
  • Data portability – Request that your personal data be transmitted (in a structured, commonly used, and machine-readable format) directly to another company if it is technically feasible.
  • Automated individual decision-making – Request review of any decisions made about you which we made solely based on automated processing, including profiling.
  • Withdrawal of consent – Withdraw your consent that you have previously given to one or more specified purposes to process your personal data (without affecting the lawfulness of any processing carried out before you withdraw your consent).
  • Complaints – Lodge a complaint with your local data protection authority.

If you have any questions or you would like to discuss or exercise such rights, please email info@sls.net.nz.

5. Links to other sites

SLS’s website may contain links to other sites. These sites will be governed by a privacy statement that relates to that entity’s jurisdiction. We encourage users to review the privacy statement of each website before disclosing any personal information.

6. Your privacy rights

Where we process personal information about you:

  • you have the right to access that information where it can be readily retrieved, except in the limited circumstances in which it is permitted for us to withhold this information; and
  • if that information is incorrect, you may ask that we correct it.

You can make requests to access personal information by emailing info@sls.net.nz. In most instances, we will require you to provide some form of identification (such as a driver’s licence or passport) so we can verify that you are the person to whom the information relates. Please visit the Office of the Privacy Commissioner’s website for further information about your rights.

7. Our controller and processor status

Where we process personal information solely on behalf of another organisation, or to provide services to you, we do as an “agent” under the Privacy Act and to the extent applicable, a data processor under the GDPR. Where we process personal information for our own purposes, for purposes related to our business, or where professional standards regulations apply, we will be an agency governed by the Privacy Act and to the extent applicable, a data controller under the GDPR. You must bring this privacy statement to the attention of any relevant individuals.

8. How to contact us

If you have a query about this privacy statement or the privacy of your information, or if you would like to enforce your privacy rights, please contact SLS as follows:

Privacy Liaison
Streamlined Litigation Support Limited
 Level 1 22 Fanshawe Street Auckland 1010
Email: info@sls.net.nz
Or contact us via our website: sls.net.nz/contact

Changes to this privacy statement

SLS may modify this privacy statement at any time by publishing an updated version on this webpage. So you know when we make changes to this privacy statement, we will amend the revision date at the top of this statement. The newly amended privacy statement will apply from that revision date and will apply to personal information previously received from you. We encourage you to review this privacy statement periodically to stay informed about how we are protecting your information.

Any amended privacy statement will apply between you and us whether or not we have given you specific notice of any change.