Apply Now
Personal Business

Vega Privacy Policy

Vega Group Holdings Limited and its subsidiaries comply with the Privacy Act 2020.

This privacy statement sets out how we collect, hold, use and share your personal information.  This does not limit or exclude any of your rights under the New Zealand Privacy Act 2020.

If you provide us with personal information through this website, we will protect your information as set out below. We may amend this privacy statement from time to time.

Vega Group Holdings Limited is a New Zealand registered company. We have three subsidiary companies Vega Business Limited, Vega Mortgages Limited and Vega Protect Limited. Under this privacy statement we refer to our group of companies as “Vega”, “we”, “us” and “our”.

Vega Group Holdings Limited (FSP773794) is a licensed Financial Advice Provider. This means that businesses who operate under Vega’s licence may provide financial advice to retail clients.

We may collect personal information about you when you provide information to us directly, and when you obtain services from us. We may also collect personal information about you from third parties where authorised by you and from public sources.

The type of personal information we may collect may include:

  • your contact details: name, address, phone number, email
  • documents that confirm your identity: your driver’s licence, passport etc.
  • other information relevant to the service we will provide to you

We only collect and use your personal information to assist you in obtaining or enquiring about mortgage, insurance, or related products and services. If you provide your details through any form on our website, social media platforms, or when downloading one of our online guides, we may enter this information into our marketing database. This allows us to contact you with relevant information about our services. If you choose not to provide the requested information, we may be unable to assist you or inform you about relevant products and services. We do not sell your information or share it with third parties without your consent.

We will not hold your personal information for longer than is required for the purpose(s) for which it was collected (subject to any obligations at law to hold the information for longer periods).  

We have cyber security safeguards in place to protect the information and we take reasonable steps to ensure that information will not be disclosed to any unauthorised person or organisation. Our security measures include:

  • Security software
  • Anti-virus software
  • Back up processes
  • And other cyber security measures

We use cloud storage to store our client records. The cloud storage and the IT services may be located outside New Zealand.

Our compliance training systems are hosted in New Zealand. We also use Office 365 and Mailchimp which are hosted in the USA and are compliant with the General Data Protection Regulations (GDPR). 

When we share your data with a third party, we have contracts in place with them which requires them to have in place the technical and organisational measures necessary to protect your personal data, however many such providers are subject to different privacy laws and controls to New Zealand and hence we cannot provide absolute surety that those providers will not comply with their obligations to us, and divulge your personal data.

We take reasonable steps to ensure that personal information held by us is accurate and up-to-date.  You are entitled to obtain confirmation from us as to whether or not we hold personal information about you and you are entitled to reasonable access to this information, and to ask for it to be corrected if you think it is wrong.

If you’d like to ask for a copy of your information and have it corrected, or would like to be removed from any of our subscription lists at any time, then please contact us at [email protected]

While we take reasonable steps to maintain secure internet connections, any information you provide over the internet is provided at your own risk.

Our website may, from time to time, contain links to and from other websites. Please note that those websites will have their own privacy policies and that we do not accept any responsibility for the actions of those websites.

 This Privacy Policy was last updated on October 2024.

Additional Privacy Terms for Earna Referrals

If you have been referred to Vega via the Earna platform, the following additional privacy terms apply.

Effective Date: 11 March 2026

Vega Earna (“Earna”, “we”, “us”, or “our”) respects your privacy and is committed to protecting your personal information. This Privacy Statement explains how we handle your information when you are referred to a service provider through the Earna platform.

Earna operates as a referral facilitation platform only. It does not provide financial advice, and any services you may receive are provided directly by the relevant service provider.

This statement applies specifically to individuals who are referred as potential clients through Earna.

When you are referred, we may receive limited personal information about you from the person making the referral (“Referrer”). This may include: - Your name - Contact details (such as phone number or email) - Basic information relevant to the referral (e.g. type of service you may be seeking)

Referrers are expected to have your consent, or a reasonable basis, to share your information with us for the purpose of making the referral.

We only collect information that is necessary to facilitate the referral.

Your information is used for the purpose of: - Connecting you with the relevant service provider - Facilitating the referral process - Allowing the service provider to contact you regarding the referred service - Tracking the status of the referral within the Earna platform

We do not use your information for unrelated purposes.

Your information may be shared with: - The service provider you are being referred to - Relevant participants within the referral process (where necessary) - Service providers who support the Earna platform (e.g. technology providers) - External compliance consultants where required for monitoring and improving our services - Regulatory bodies such as the Financial Markets Authority (FMA), where required to meet legal or regulatory obligations

We only share the minimum information necessary to facilitate the referral and meet our obligations.

Being referred does not obligate you to engage with any service provider.

You can choose whether or not to proceed with the referral. If you do not wish to be contacted or included in the referral process, you may decline or request removal of your information at any time.

We take reasonable steps to protect your personal information from loss, unauthorised access, misuse, or disclosure.

We retain your information only for as long as necessary to manage the referral, comply with legal obligations, and support business and compliance requirements.

Under the Privacy Act 2020, you have the right to: - Request access to the personal information we hold about you - Request correction of your personal information

To exercise these rights, please contact us using the details below.

Earna complies with the Privacy Act 2020 and its Information Privacy Principles (IPPs).

  • We only collect information necessary for the referral process (IPP 1)
  • We collect information from appropriate sources, including referrers (IPP 2)
  • We are transparent about why we are collecting your information (IPP 3)
  • We protect your information with appropriate safeguards (IPP 5)
  • We allow access to and correction of your information (IPP 6 & 7)
  • We take reasonable steps when sharing information, including with third parties (IPP 11)

If you have concerns about how your information has been handled, please contact us first.

If you are not satisfied with our response, you can contact the Office of the Privacy Commissioner.

If you have any questions or requests regarding your personal information, please contact:

Email: [email protected] Business Name: Vega Earna