Privacy Policy

This policy explains how JFK Capital Limited (trading as Fee Funders and Real Estate Funders) collects, uses, stores and shares personal information in accordance with the Privacy Act 2020.

We provide credit, payment services and related financial services. Protecting personal information is a core part of our obligations to customers, guarantors, vendors, funders and staff.

1. What information we collect

We collect only information that is reasonably necessary to provide credit, comply with the law, manage risk and enforce agreements.

This may include:

• identity information such as name, date of birth, address, and ID documents
• contact details such as phone numbers and email
• financial information including bank account details, income, liabilities and credit history
• property and asset information for security and enforcement
• transaction and payment data including direct debit activity
• communications with us
• information obtained from credit reporting agencies, PPSR, AML providers and public registers

We may collect information directly from you, or from authorised third parties such as:

• credit reporting agencies
• banks and payment providers
• real estate agencies and vendors
• government databases and public registers
• identity and AML verification services

2. Why we collect it

We use personal information to:

• assess and approve credit
• set up and manage loans
• process payments and direct debits
• comply with AML, CCCFA and regulatory obligations
• register and enforce security including PPSR, caveats and mortgages
• communicate with you
• recover unpaid amounts
• prevent fraud and financial crime
• resolve disputes and complaints

We do not sell personal information.

3. Who we share it with

We may share information where reasonably necessary with:

• payment processors such as GoCardless
• credit reporting agencies
• AML and identity verification providers
• solicitors, valuers, process servers and enforcement agents
• debt collection agencies
• courts, LINZ and PPSR
• regulators including DIA and the Privacy Commissioner
• insurers and auditors

We only share what is required for the purpose.

4. Overseas storage and processing

Some of our systems, cloud platforms and service providers store or process information outside New Zealand. We take reasonable steps to ensure that overseas providers are subject to contractual or legal protections that are comparable to the Privacy Act 2020.

5. How we keep information safe

We use physical, technical and organisational safeguards including:

• access controls and authentication
• encryption and secure servers
• restricted staff access
• monitoring and audit logs
• contractual confidentiality obligations

No system is perfectly secure, but we take reasonable steps to protect against unauthorised access, loss or misuse.

6. How long we keep information

We keep personal information only as long as required for:

• providing services
• enforcing agreements
• meeting legal and regulatory obligations

Financial and credit records are generally kept for at least seven years.

7. Privacy breaches

If a privacy breach occurs that is likely to cause serious harm, we will:

• contain and investigate the breach
• notify affected individuals where required
• notify the Privacy Commissioner

8. Your rights

You have the right to:

• request access to your personal information
• request correction
• request deletion where legally possible

Requests can be made to:

We may need to verify your identity. We respond within 20 working days.

9. Complaints

If you have concerns about how your information is handled, contact us first.

If unresolved, you may complain to the Office of the Privacy Commissioner.