Sign up
Log in
Sign up

Data and Privacy Policy

Last updated: 25/10/2023

’DEKRA Training Academy’ when used in this privacy policy and the Terms of Use means DEKRA Southern Africa Oceania LTD, DEKRA Training Academy Learning Management System (LMS),  our website www.dekratraining.co.nz and the payment platform Stripe.

For you to access the LMS and use the Service we, DEKRA Southern Africa Oceania LTD  (‘we’, ‘us’, ‘our’) need to collect some information from you.

We think it is important for you to know when we will collect information from you, what we will collect and why we collect it, how we will store it, and how we will use that information. Most importantly, we want you to know that we will protect your information, and we will only collect, use and store it in accordance with the Privacy Act 2020.

This Privacy Policy applies to the DEKRA Training Academy and it forms part of our Terms of Use.Your use of DEKRA Training Academy LMS means that you accept and agree to this Privacy Policy and any revisions or updates.

1. How we collect information and what we collect

1.1 Personal information will be collected from a variety of channels for legitimate DEKRA Training Academy purposes.

1.2 In order to access and use the LMS to complete learning  the following information is required for each user account:

What Why
First Name
Last Name
Email Address
Username created by us		 Minimum information needed to create a User account in our LMS.
Organisation Name
Organisation MS Number
Role in the Organisation		 So we can identify and link a User to to a Workplace. Required to separate Users and assign managers.
ID Your Stripe Customer Number for our reference.
If a Vehicle Inspector Used to notify Users of VIRM updates.

1.3 There are additional profile fields that could contain specific information relating to a User which are not mandatory for User account creation. These are populated directly by the User. This information is also protected under the Privacy Act 2020.

1.4 We process payments using Stripe and online technologies where the following information is held:

What Why
Customer Name
Business Name
Contact Phone Number
Workplace Address		 Used to identify our customers
Subscription History
Invoice History		 Used to allocate and manage User subscriptions
Payment Method The type of card used to pay for the subscription, the last number group and expiry date only.

1.5 All transactions processed by us meet industry security standards to ensure payment details are protected.  For more information see Stripe Privacy Center

1.6 In addition, the DEKRA Training Academy LMS generates and holds the following User data:

  • Training module access and results 
  • Training record 
  • Badges obtained 
  • Access information 

1.7 Our website www.dekratraining.co.nz colects data relating to:

  • The number of views
  • Time and date of views
  • The country the content was viewed from

2. Cookies and tracking

2.1 The DEKRA Training Academy uses Totara LMS. Two cookies are used by this LMS. The essential one is the session cookie, usually called  TotaraSession. You must allow this cookie into your browser to provide continuity and maintain your login from page to page. When you log out or close the browser this cookie is destroyed (in your browser and on the server). 

2.2 The other cookie is purely for convenience, usually called something like  TOTARAID. It just remembers your username within the browser. This means when you return to this site the username field on the login page will be already filled out for you. It is safe to refuse this cookie – you will just have to retype your username every time you log in.

3. Sharing of your information

3.1 We may not share your information to third parties without your specific consent.

3.2 We will need to give our respective employees, contractors, agents and advisers (including our hosting providers) limited access to the information you provide us or is

4. How we store and proctect your information

4.1 DEKRA Training Academy commits to maintain all reasonable safeguards against the loss, misuse, or inappropriate disclosure of personal information, and maintaining processes to prevent unauthorised use or access to that information.  

4.2 DEKRA Training Academy will keep personal information held electronically secure by endeavoring to ensure that:  

  • Infrastructure and systems are protected from external attacks. 
  • Internal access is appropriate and role specific. 
  • Internal access is reviewed to ensure access remains appropriate. 
  • Access is audited. 
  • Data is backed up. 
  • Cloud computing solutions are accessed, adopted and managed in accordance with legislative obligations, the privacy principles and DEKRA Training Academy’s business needs. 

4.3 DEKRA Training Academy uses Totara LMS provided by Synapsys NZ and hosted by Sitehost

4.4 Sitehost data centres are co-located in Auckland, New Zealand and Sydney, Australia. The both comply with all the leading security compliance schemes, including PCI DSS, CSA Security Trust Assurance and Risk (STAR), GDPR, SOC 2 (Service and Organization Controls), NZISM (New Zealand Information Security Manual), AS/NZS ISO/IEC 27002, and ANSI/TIA-942.

4.5 All Synapsys client servers are backed up daily (overnight) and back-ups for New Zealand clients are held in both Auckland and Sydney. Backups are retained for 14-days and can be easily restored if required. Target time for server restore from backup is 120 minutes, with a data-point recovery maximum of 24 hours.

5. Obtaining or Correcting User Information

5.1 DEKRA Training Academy commits to providing Users with access to the information held in the LMS where appropriate and respects the Users right to seek amendment of factually incorrect information.   

5.2 Users may seek the correction of information held in the LMS. This may be in the form of correction of factual and verifiable information, or attaching a statement provided by the User of the correction requested to hello@dekratraining.co.nz.  

5.3 Users may export and view their own User Data directly from their profile area in the LMS. 

6. Managing Change 

6.1 DEKRA Training Academy endeavors to manage and mitigate any privacy risks associated with significant changes to processes or systems. When a change is proposed, a privacy analysis will be undertaken to build in privacy safeguards as required.  

7. DELETING USER ACCOUNTS

7.1 When a User is deleted the following information remains in the LMS: 

  • Username 
  • First name 
  • Last name 
  • Email address 
  • Record of Learning 
  • Badges gained. 

7.2 Data specified in 4.1 above will be permanently deleted from the LMS 12 months after a User last logged in to the LMS. This is to allow a User to transfer learning records within a 12-month period between employers who use the Service. 

7.3 Users can request that their data be permanently deleted at the time their User Account is deleted. This request is made via www.dekratraining.co.nz.  

7.4 Customer information immediately archived, and payment method disabled in Stripe when a customer cancels their subscription.

8. COMMUNICATIONS

8.1 By using our Service, you agree to subscribe to newsletters, marketing or promotional materials and other information we may send. However, you may opt out of receiving any, or all, of these communications from us by by emailing hello@dekratraining.co.nz

9. HOW TO CONTACT US

If you have any questions about this Privacy Policy or the Service, please contact us at hello@dekratraining.co.nz or in writing to:

DEKRA Training Academy
ATTN: Privacy

Level 5,
15 Willeston Street,
Wellington,
New Zealand

Log in
Sign up

Christmas Closure

Our team will be away from 20th December and will resume normal operations from 6th January.

Please note that new sign-ups will be temporarily unavailable during this period.

For any inquiries, kindly reach out to us at hello@dekratraining.co.nz and we will contact you on our return.