Introduction
Aotearoa Infinite Academy Limited and our related entities (“AIA”, “we”, “us”, or “our”) are committed to protecting your privacy.This Privacy Policy explains how we collect, use, share, and protect your personal information (“Personal Information”) across all websites, applications, platforms, and services that we own or operate, and all related programmes or offerings we provide (“Services”). Unless specified otherwise, AIA is responsible for how your Personal Information is managed in accordance with the Privacy Act 2020. This Privacy Policy also explains your privacy rights.
Third Party Links and Platforms
Our Services may contain links to websites, applications, platforms and services maintained by third parties. The privacy practices of these third parties, including social media platforms that host our branded content, are governed by their respective privacy policies.We are not responsible for the privacy or security practices of any non-AIA service. We encourage you to review those third-party policies to understand how your information may be collected, used or shared.
Directly or Automatically
We may collect Personal Information directly from you, from your parent or guardian (where applicable), or automatically when you interact with our Services. “Personal Information” means any information about an identifiable individual as defined in the Privacy Act 2020. This may include your name, contact details, date of birth, educational and enrolment records, assessment results, attendance information, internet activity, visual data, identifiers, and any other information you choose to provide to us in connection with your education or participation in our Services.
We collect Personal Information in the following situations:
Indirectly
We may also collect Personal Information indirectly from third-party sources such as education-technology partners, service providers, educational research organisations, publicly available sources, or information provided to us by authorised government agencies (for example, the Ministry of Education)/We may generate or combine information based on the Personal Information you provide with information lawfully obtained from such third-party or public sources, in accordance with the Privacy Act 2020 and other applicable laws. We use this information to maintain the accuracy of our records, enhance the quality and security of our Services, and protect the rights, property, and safety of AIA, our students, staff, and the public.
We may also create limited analytical insights — for example, identifying trends in enrolment or engagement — to help us improve our educational delivery and meet reporting or research obligations. All such analysis is conducted under human oversight and is not used to make automated decisions about individual students or staff.
If you provide us with information about another individual (for example, a student, parent, or emergency contact), you confirm that you are authorised to do so and that the person is aware that their information may be used in accordance with this Privacy Policy.
If you believe your Personal Information has been provided to us improperly, or wish to exercise your rights under the Privacy Act 2020, please contact us using the details in Section 10 below.
We use Personal Information only for the purposes for which it was collected, or for related purposes that you would reasonably expect in the operation of a New Zealand school or educational organisation. These purposes include:
(A) Education delivery and administration:
Providing education and related Services to students and parents;
Managing enrolments, attendance, academic progress, and pastoral care;
Communicating with students, parents, guardians, staff, and contractors;
Verifying identity and managing access to online platforms.
(B) Legal and regulatory obligations:
Meeting our obligations under the Education and Training Act 2020, the Privacy Act 2020, and our other legal obligations
Providing required data and reports to the Ministry of Education, Education Review Office (ERO), Charter School Agency, and other authorised public agencies;
Responding to lawful requests from government or law enforcement agencies.
(C) Safety and well-being:
Ensuring the safety, welfare, and protection of students, staff, and visitors;
Supporting our child safeguarding and pastoral care policies;
Maintaining online safety and security.
(D) Research, improvement, and analytics:
Participating in authorised educational research or national assessments;
Analysing enrolment, engagement, and outcomes data to improve our programmes;
Generating insights (under human oversight) to enhance learning experiences and operational performance.
(E) Marketing and community engagement:
Sending newsletters, event information, or promotional materials where you have opted in;
Using photographs, testimonials, or achievements for publicity with appropriate consent.
(F) Financial and contractual administration:
Processing payments, donations, or reimbursements;
Managing supplier and contractor relationships.
If we need to collect certain Personal Information by law or to perform our functions and you choose not to provide it, we may be unable to enrol you, deliver Services, or meet our statutory obligations. We will not use Personal Information for any purpose that is materially different from those listed above without first taking reasonable steps to obtain consent or otherwise ensure the use is permitted by law.
AIA uses cookies when you interact with our website or Services. Cookies are small text files stored by your web browser when you visit websites. In addition to cookies, we may also use other similar technologies such as HTML5 Local Storage, local shared objects, web beacons, and embedded scripts. These technologies help us remember your preferences when you return to our sites, analyse how you use the website, conduct market research, and gather information about the ads you see and interact with.
You can control how AIA uses cookies and similar technologies by adjusting your browser or by using our cookie management tool available in the footer of this page. By allowing cookies, we can improve your experience by:
tailoring our website and content based on your preferences;
keeping track of your settings and preferences for future visits;
better understanding your likely interests to provide you with more relevant AIA ads and content on non-AIA websites and apps;
and helping us enhance the performance of our website for you.
If you choose to disable cookies and similar technologies, our websites may not function properly, and your user experience may be different from what you expect. We won’t be able to remember your preferences across sessions, so your experience may not be tailored to your interests. You will still have access to the content on our website, but certain features that rely on cookies may not function. Additionally, you will still see ads, but they might not be relevant to your interests.
There are also strictly necessary cookies. These cookies are essential for our website to function and cannot be disabled through our systems. They are usually only set in response to actions you take which amount to a request for services, such as setting your privacy preferences, logging in, or filling out forms. While you can set your browser to block or alert you about these cookies, doing so may prevent parts of our website from working. These cookies do not store any Personal Information.
We may share Personal Information only as permitted by the Privacy Act 2020, other applicable laws, or as necessary to deliver our educational Services. These disclosures are made with appropriate confidentiality and security safeguards.
(A) Parents, guardians, and authorised representatives:
For enrolled students, we may share relevant information with their parents, guardians, or caregivers, consistent with our educational and safeguarding duties.
(B) Service providers and contractors:
External providers who assist us with IT systems, student-management platforms, data storage, payment processing, analytics, communications, or event organisation. Some of these providers may use artificial intelligence tools to process or analyse data.
We ensure any such processing occurs under contractual safeguards and human oversight, consistent with NZ privacy principles.
(C) Government agencies and authorised research bodies:
The Ministry of Education, Education Review Office (ERO), New Zealand Council for Educational Research (NZCER), Charter School Agency, and other public agencies to meet our statutory and contractual reporting obligations.
Approved research organisations conducting national or international education studies.
(D) Affiliates and related entities:
Entities within the AIA or Crimson Academies group that support the delivery of educational or administrative functions.
(E) Professional advisers:
Lawyers, auditors, accountants, insurers, and consultants engaged to provide professional services to AIA.
(F) Third parties involved in organisational change:
If AIA undergoes a merger, reorganisation, or transfer of operations, Personal Information may be disclosed to prospective or actual transferees under confidentiality arrangements.
(G) Public authorities and law-enforcement agencies, where required or permitted by law, such as responding to official requests, safeguarding individuals, or preventing unlawful activity.
We may also share aggregated or de-identified information to illustrate trends in the use of our Services. Such information does not identify any individual.
We do not sell Personal Information to third parties.
Your rights
Under the Privacy Act 2020, you have rights relating to the Personal Information we hold about you. These include:Access: You may request confirmation of whether we hold Personal Information about you and, if so, request access to it.
Correction:
You may request correction of any Personal Information that you believe is inaccurate, incomplete, or outdated.
Deletion or limitation:
You may ask us to delete Personal Information where it is no longer required for the purposes for which it was collected or where we are not legally required to retain it.
Information:
You may ask for an explanation of how we have used or disclosed your Personal Information.
Marketing preferences:
You may opt out of receiving marketing or promotional communications from us at any time by using the unsubscribe link in our emails or by contacting us directly.
These rights apply only to Personal Information that we actually hold and may be limited where fulfilling a request would unreasonably affect another person’s privacy, involve disproportionate effort, or conflict with our legal obligations.
To exercise your rights, please contact us using the details in Section 10 below. When responding to a request, we may need to use limited Personal Information (such as verifying your identity) in order to process it. We will acknowledge your request and aim to respond within a reasonable timeframe, unless a specific deadline applies under the Privacy Act 2020. In some cases, our response may take longer, depending on the complexity or number of requests we receive. If we are unable to fulfil your request, we will explain the reason for our decision and advise you of your options.
AIA may send you direct marketing communications using the Personal Information you provide to us. You can opt-out of receiving marketing communications at any time by clicking the unsubscribe link at the bottom of our emails, or by emailing us at admin@aotearoainfiniteacademy.school.
Requests relating to students’ Personal Information should generally be made by their parent or guardian, unless the student is legally able to act on their own behalf.
You may also make a complaint to the Office of the Privacy Commissioner if you believe we have not handled your Personal Information appropriately.
AIA takes appropriate technical, organisational and physical measures to help safeguard Personal Information against accidental, unlawful, or unauthorised alteration, destruction, loss or disclosure.
These measures include encryption, password protection, two-factor authentication, restricted system access, staff training on privacy and data-handling practices, and contractual confidentiality obligations for all employees and contractors.
Where our service providers use artificial-intelligence tools to process or analyse data, we ensure that such use is governed by contractual safeguards, data-security standards, and human oversight consistent with New Zealand privacy principles.
We also maintain incident-response and data-breach procedures to detect, report, and manage any suspected privacy or cybersecurity incident in accordance with the Privacy Act 2020 and guidance from the Office of the Privacy Commissioner.
While we follow generally accepted standards to protect Personal Information, no method of storage or transmission is completely secure. You remain responsible for limiting access to your own devices, protecting your passwords, and signing out of websites or applications after each session.
We keep Personal Information only for as long as it is needed to fulfil the purposes described in this Privacy Policy or to meet our legal, contractual, and reporting obligations.
This includes obligations under the Education and Training Act 2020, the Public Records Act 2005, and to the Ministry of Education and Charter School Agency. Examples include retaining enrolment, attendance, and assessment information for required minimum periods.
When Personal Information is no longer required, we securely delete or de-identify it in accordance with recognised data-disposal standards. Where complete deletion is not technically possible, we implement appropriate measures to prevent any further access or use.
We may retain limited records such as correspondence or transaction information where needed to comply with tax, audit, or dispute-resolution requirements.
We may update this Privacy Policy from time to time to reflect changes in our practices, new technologies, legal or regulatory requirements, or updates to our educational operations. When we make significant changes, we will update the “last updated” date at the top of this page and publish the revised version on our website.
Where a change materially affects how we handle Personal Information, we will take reasonable steps to notify you in advance — for example, by posting a notice on our website or contacting you directly. Updates will be made to ensure continued compliance with the Privacy Act 2020, the Education and Training Act 2020, and other applicable laws.
AIA has appointed a Data Protection Officer to oversee our privacy compliance and data-handling practices. This role also manages requests for access or correction and liaises with the Office of the Privacy Commissioner (New Zealand).
To exercise your rights or raise a question or concern about how we handle your Personal Information, please contact us at:
Email: privacy@crimsonacademies.school
Post: Data Protection Officer
c/- Director, Legal & Compliance
Aotearoa Infinite Academy
18 Viaduct Harbour Avenue
Auckland 1010 New Zealand
We will acknowledge your correspondence and aim to respond within a reasonable timeframe.If you are not satisfied with our response, you may contact the Office of the Privacy Commissioner (www.privacy.org.nz) to make a complaint or seek independent guidance.
AIA is committed to resolving privacy concerns promptly, fairly, and in good faith, in line with its obligations under New Zealand law.