OpenBrief
⌘K
Log in Sign up
Legal

Privacy Policy

OpenBrief
Last updated: 12 May 2026 · Effective date: 12 May 2026

1. About this Policy

This Privacy Policy explains how Mnemosyne Limited (NZ company number 9427882, NZBN 9429053656087) (“we”, “us”, “our”) collects, uses, stores, discloses and protects personal information when you use the OpenBrief website at openbrief.co.nz and any related services (together, the “Service”).

We are committed to protecting your privacy and complying with the Privacy Act 2020 (NZ) and the thirteen Information Privacy Principles (IPPs) set out in that Act.

By using the Service, you agree to the collection and use of personal information in accordance with this Policy.

This Policy applies to two categories of data subject: (a) Users, being individuals who register for and use the Service; and (b) Subjects, being Members of Parliament and electoral candidates about whom Dossier Content is published through the Service. Sections 3 to 11 of this Policy apply to Users. The rights of Subjects in respect of personal information held about them in Dossier Content are addressed in Section 11A.

Dossier Content is produced with the assistance of artificial intelligence tools and/or editorial curation from publicly available sources. Each Dossier includes source references to enable independent verification. Dossier Content represents editorial opinion and commentary only and should not be relied upon as verified fact.

Terms defined in the Terms and Conditions bear the same meaning in this Policy.

2. What we mean by “personal information”

“Personal information” means information about an identifiable individual, as defined in the Privacy Act 2020.

3. Personal information we collect

We may collect the following categories of personal information:

Information you provide to us:

  • Identity information — your name, username, and any profile details you choose to provide
  • Contact information — email address, phone number, postal address (if applicable)
  • Account information — login credentials, account preferences, communication settings
  • Content information — any information, files, or content you submit through the Service
  • Payment information — billing address and payment method details (note: full card details are processed by our payment provider and are not stored by us)
  • Communications — any correspondence you send us (including support enquiries)

Information we collect automatically:

  • Technical information — IP address, browser type and version, device type, operating system, time zone, and language settings
  • Usage information — pages visited, features used, time spent, referral source, and click patterns
  • Cookies and similar technologies — see Section 9 below

Information from third parties:

  • Information from authentication providers if you sign in using a third-party service (e.g. Google, Microsoft)
  • Information from analytics providers
  • Information from any integrated services you connect to your account
  • Subject information: Publicly available information about Members of Parliament and electoral candidates collected for the purpose of preparing Dossier Content, including declared policy positions, voting records, public statements, biographical information, and information disclosed in their official capacities

4. How we collect personal information

We collect personal information directly from you when you:

  • Register for an account
  • Use the Service
  • Contact us by email, phone, or through our support channels
  • Subscribe to communications
  • Respond to surveys or provide feedback

We also collect information automatically through cookies and similar technologies when you use the Service, and from third parties as described above.

5. Why we collect and use your personal information

We collect and use personal information for the following purposes:

  • To provide, operate, maintain, and improve the Service
  • To create and manage your account
  • To process payments and manage subscriptions
  • To respond to enquiries and provide customer support
  • To send service-related communications (e.g. updates, security alerts, administrative messages)
  • To send marketing communications where you have consented or where permitted by law (you can opt out at any time)
  • To monitor and analyse usage trends and improve user experience
  • To detect, prevent and address fraud, security incidents, and breaches of our Terms and Conditions
  • To comply with legal obligations
  • For any other purpose disclosed at the time of collection or with your consent
  • To research, compile, and publish Dossier Content in accordance with our editorial function, which may involve collecting personal information about Members of Parliament and electoral candidates from publicly available sources

6. Disclosure of personal information

We will not sell your personal information.

We may disclose your personal information to:

  • Service providers — third parties who help us operate the Service (for example, hosting providers, payment processors, email delivery services, analytics providers, customer support tools). These providers are only authorised to use your information to perform services on our behalf
  • Professional advisors — accountants, lawyers, and insurers, where reasonably required
  • Authorities — law enforcement, regulators, or other parties where we are required or permitted to do so by law
  • Successors — a buyer or successor entity in the event of a merger, acquisition, restructure, or sale of assets
  • With your consent — any other party where you have given us authority to do so

7. Sending personal information overseas

Some of our service providers are based outside New Zealand (including in Australia). When we disclose personal information to an overseas recipient, we comply with IPP 12 of the Privacy Act 2020, which requires us to ensure that the overseas recipient is subject to comparable privacy safeguards or that an exception applies.

8. Storage and security

We take reasonable steps to protect personal information from loss, unauthorised access, modification, disclosure, misuse, and other interference, including:

  • Encryption of data in transit (HTTPS/TLS)
  • Access controls and authentication requirements
  • Regular review of our security practices
  • Use of reputable, security-certified service providers

While we use reasonable safeguards, no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security.

Personal information is held by us and our service providers in New Zealand and Australia.

9. Cookies and tracking technologies

We use cookies and similar technologies to operate and improve the Service. Cookies are small text files placed on your device.

We use:

  • Strictly necessary cookies — required for the Service to function (e.g. session management, authentication)
  • Functional cookies — to remember your preferences
  • Analytics cookies — to understand how visitors use the Service. We use Umami, a privacy-focused analytics platform that does not track individuals across sites or share data with third parties
  • Marketing cookies — where you have consented, to deliver relevant communications

You can control cookies through your browser settings. Disabling some cookies may affect the functionality of the Service.

10. Retention

We retain personal information as follows: (a) User account data: retained for the duration of your account and for up to 24 months following account closure, after which it will be securely destroyed or de-identified unless retention is required by law; (b) Dossier Content: retained indefinitely as part of our editorial record unless we determine that removal is appropriate; and (c) communications and support records: retained for up to 7 years. When personal information is no longer required to be retained, we will take reasonable steps to securely destroy or de-identify it.

11. Your rights

Under the Privacy Act 2020, you have the right to:

  • Request access to the personal information we hold about you
  • Request correction of any personal information that is inaccurate, incomplete, misleading, or out of date

To exercise these rights, please contact us using the details in Section 14. We may need to verify your identity before responding. We will respond to your request within the timeframes required by the Privacy Act 2020 (generally within 20 working days).

We will not charge you for making a request, although in limited cases we may charge a reasonable fee for providing copies of information.

If you are a Subject (a Member of Parliament or electoral candidate) and wish to request access to or correction of personal information held about you in Dossier Content, please contact our Privacy Officer at [email protected] or using the details in Section 15. We will respond within 20 working days. We may need to verify your identity before responding. Where we determine that a correction is warranted, we will update or annotate the relevant Dossier. Where we determine that a correction is not warranted, we will notify you of our reasons and your right to complain to the Privacy Commissioner.

12. Children

The Service is not intended for use by children under the age of 16. We do not knowingly collect personal information from children. If you believe we have collected information from a child without appropriate consent, please contact us so we can remove it.

13. Privacy breach notification

If we become aware of a privacy breach that poses a risk of serious harm to any affected individual, we will notify the Privacy Commissioner and the affected individual as required by sections 113 to 120 of the Privacy Act 2020. Notification will be made as soon as reasonably practicable after we become aware of the breach. We will take all reasonable steps to contain any breach and prevent recurrence.

14. Changes to this Policy

We may update this Policy from time to time. The “Last updated” date at the top of this Policy will indicate when it was last revised. Material changes will be notified through the Service or by email. Your continued use of the Service after a change takes effect constitutes acceptance of the updated Policy.

15. Contact us

If you have any questions, concerns, or complaints about this Policy or our handling of your personal information, please contact our Privacy Officer:

Mnemosyne Limited
Attn: Privacy Officer
Suite 16305, Unit A Level G
26 Hobson Street
Auckland City 1010
New Zealand
Email: [email protected]

Written requests under the Privacy Act 2020 may be sent to the email address above.

17. Complaints to the Privacy Commissioner

If you are not satisfied with our response to a privacy concern, you may make a complaint to the Office of the Privacy Commissioner:

Website: https://www.privacy.org.nz
Phone: 0800 803 909
Email: [email protected]