BOOK A CONSULTATION

Privacy Policy

Last updated: 19th February 2026

Introduction

Protecting your personal information is important to us. We are committed to handling your information carefully and in accordance with the Privacy Act 2020 (Privacy Act). 

This Privacy Policy explains how we collect, use, store, disclose, and protect personal information about you. It applies to personal information you provide to us, authorise us to collect, or that we collect through your interactions with our websites, products, and services. 

By accessing our websites (including www.enable.mewww.nestegg.enable.me, and www.moneyfit.me) or engaging with enable.me or AdviceFirst Limited in any way, you acknowledge that you have read and understood this Privacy Policy. 

This Privacy Policy operates alongside, and does not limit, our obligations under the Privacy Act, the Health Information Privacy Code 2020 (where relevant), or any other applicable legislation. 

We may update this Privacy Policy from time to time. Any updated version will be published on our website and will take effect immediately upon publication. Where appropriate, take reasonable steps to notify you of material changes. 

Who We Are

Your personal information is collected and held by AdviceFirst Limited, trading as enable.me. 

Registered office: 
Level 19, Aon Centre, 29 Customs Street West  
Auckland 1010 
New Zealand 

In this Privacy Policy, “enable.me”, “AdviceFirst”, “we”, “us”, or “our” refers to AdviceFirst Limited and its brands. 

AdviceFirst is part of the AMP Group in New Zealand. We may share personal information within the AMP Group where necessary and permitted by New Zealand privacy law. 

What Is Personal Information?

When we talk about “personal information” we mean any information that could identify a specific individual or be used to establish an individual’s identity. We only collect personal information that is reasonably necessary to provide our products and/or services, meet our legal obligations, and improve your experience with us. You can choose not to provide personal information, but this may affect the services we can offer you. 

How We Collect Personal Information (direct and indirect collection)

We usually collect personal information directly from you when you: 
  • call, email, or otherwise communicate with us 
  • use our websites, tools, calculators, or online forms 
  • subscribe to newsletters, e-books, or marketing communications 
  • participate in surveys, competitions, promotions or provide feedback 
  • purchase or apply for our products or services 
  • provide payment or identity verification information 
  • interact with us on social media 
  • apply for a role with us 

We may also collect personal information from third parties where you have authorised this or where it is otherwise permitted by law, for example from: 
  • other companies within the AMP Group  
  • public registers and publicly available sources 
  • Inland Revenue, AML/CFT providers, insurers, or other government / regulatory agencies 
  • referrals or introducers, where relevant  

From 1 May 2026, where we collect your personal information indirectly (from someone other than you), we will take reasonable steps, as soon as reasonably practicable, to ensure you are aware of: 
  • that we have collected your personal information 
  • the purpose of the collection 
  • the intended recipients (who we may share it with) 
  • our name and contact details (and that we hold the information) 
  • whether the collection is authorised or required by law and, if so, the law 
  • your rights to request access to and correction of your information 

Unless an exception applies under IPP3A. We may provide this notice through a privacy notice, onboarding documentation, email/SMS, or other appropriate channel depending on the circumstances and what is reasonable. 

Types of Personal Information We Collect

The personal information we collect depends on how you interact with us, but may include: 
  • Contact details: name, address, phone number, email address 
  • Personal details: date of birth, gender, occupation, household details, next of kin 
  • Financial information: income, assets, liabilities, KiwiSaver or retirement savings, IRD number 
  • Identity verification: passport or driver licence details 
  • Health information: where relevant to a particular service and where permitted, in accordance with the Health Information Privacy Code 2020 (as applicable) 
  • Interaction records: calls, call recordings, emails, meetings, enquiries, and support interactions 
  • Application and compliance information: AML/CFT data, source of wealth, entity details 
  • Marketing preferences: opt-ins / opt-outs and consent records 
  • Technical data: IP address, browser type, device information, cookie data and website usage information 
  • CCTV footage: where you visit our premises (where CCTV is in operation)

If you provide us with personal information about another person, you confirm that you have their authority / consent to do so and that you have made them aware of this Privacy Policy.

How We Use Your Personal Information

We use personal information for purposes including: 

  • providing and administering our products and services 
  • communicating with you about reports, statements, updates, and support 
  • managing and maintaining accurate client records 
  • verifying your identity and meeting legal and regulatory obligations (including AML/CFT) 
  • improving and developing our products, services, and digital experiences 
  • understanding your financial needs and personalising our services and communications 
  • conducting data analysis, research, and business operations 
  • maintaining the security of our systems, and preventing fraud and managing risk 
  • facilitating a transfer, reorganisation or disposal of our business and assets (where permitted) 


We may also use aggregated or anonymised information (which does not identify you) for statistical, research, and reporting purposes.  

Marketing Communications

We may send you marketing communications where you have requested them, where you have consented, or where otherwise permitted. You can opt out at any time using the unsubscribe function (where available) or by contacting us using the details. 

Cookies and Digital Tracking

We use cookies and similar technologies to enhance website functionality, analyse usage, and support marketing activities. 

We may use third-party analytics and advertising tools such as Google Analytics and advertising cookies from GoogleMeta (Facebook) and Quantcast. These providers may collect and process information independently under their own privacy practices, including storing or accessing data outside New Zealand. 

You can manage or disable cookies through your browser settings; however, doing so may limit some website functionality. 

Artificial Intelligence (AI)

We may use selected AI-enabled tools to help improve service quality and efficiency, for example to assist with customer support, summarising interactions, or improving digital experiences. We do not use AI tools in a way that overrides our obligations to protect personal information and maintain appropriate safeguards. 

Sharing Your Personal Information

We do not sell or trade your personal information.  We may share personal information with: 
  • our employees and contractors (where necessary) 
  • other companies within AMP Group (including for reasonable business purposes) 
  • trusted service providers who assist with service delivery, technology, analytics, or compliance 
  • regulators or government agencies where required or authorised by law (including Inland Revenue or the Financial Markets Authority) 
  • other parties authorised by you or as otherwise permitted by law.  

All third parties who handle personal information are required to meet appropriate privacy and security standards. 

Protecting and Storing Your Information

We take reasonable technical and organisational steps to protect your personal information, including: 

  • secure cloud-based storage within the Asia-Pacific region 
  • encryption and access controls (where appropriate) 
  • regular system updates and security reviews 
  • staff training 
  • secure destruction of hard-copy records after digitisation 

Notifiable Privacy Breaches

If a privacy breach occurs that is likely to cause serious harm, we will notify affected individuals and the Office of the Privacy Commissioner as soon as practicable, in accordance with the Privacy Act. 

Inherent Risks 

Unfortunately, the transmission of information via the internet is not completely secure. While we apply reasonable safeguards and comply with legal requirements to protect your personal information, we cannot guarantee the security of information transmitted to or from our websites, and any transmission is at your own risk. 

Data Retention

We retain personal information only for as long as it is needed for the purposes it was collected, or as required by law.  

  • Call recordings (where recorded) are securely stored for up to 10 years. 
  • Client information is retained for the duration of your relationship with us. 
  • After the relationship ends, information is securely stored for at least 7 years before being destroyed, unless a longer retention period is required by law. 

External Websites

Our websites may contain links to third-party websites. We are not responsible for the privacy practices or content of those websites. We encourage you to review their privacy policies before providing personal information. 

Login Details

If you are issued with or create a username, password, or other login credentials to access any portal or service we provide, you must treat those details as confidential and not disclose them to any other person. If you believe or suspect that someone else has obtained your login details, you must notify us as soon as possible using the contact details below. 

Access and Correction

You have the right to request access to, or correction of, personal information we hold about you in accordance with the Privacy Act. 

Complaints

If you have a privacy concern or complaint, please contact us using the details below. We take privacy complaints seriously and will consider and respond to your complaint. If you are not satisfied with our response, you may contact the Office of the Privacy Commissioner. 

Contact Us

If you have questions, concerns, or requests relating to this Privacy Policy or your personal information, please contact us: 

Email: privacy@enable.me 
Address: AdviceFirst Limited, trading as enable.me 
PO Box 10550, Wellington, 6143
Phone: 0800 897 898 

Further information about privacy rights is available from the Office of the Privacy Commissioner: www.privacy.org.nz. 

Ready to Take Control of Your Financial Future?

Whether you’re just starting out and building foundations or refining a long-term wealth strategy, we’re here to help. 

LET'S TALK
0800 897 898