Privacy Policy

Effective as of 1 February 2023 GMT, MRI New Zealand Holdings Limited (“MRI”) Limited has updated our Privacy Policy (“Policy”). For a prior version of our Privacy Policy, click here.

This page outlines our Privacy Policy for the MRI OnLocation service. Our policy is to respect and protect the privacy of our users. This policy statement tells you how we collect information from you (the Customer) and how we use it. We follow five core principles of privacy protection:

You can download our Privacy Policy here.

  1. Notice/Awareness of our information practices
  2. Choice/Consent to provide information
  3. Access/Participation to/in your own data
  4. Integrity/Security of the Data Collected
  5. Enforcement/Redress through self-regulation.

1. Notice/Awareness

This Privacy Policy is being placed as a link on MRI OnLocation (the ‘Service’) pages, a practice that is becoming an industry standard location for Web Service privacy policies.

2. Choice/Consent

The following paragraphs describe the type of information we collect and the reasons why we collect the information. By providing the information requested, and by continuing to use the Service after having an opportunity to review our privacy policy, you have consented to our use of the information we collect as described at the point of collection or in this policy.

1. User Supplied Information

  1. You control who has access to Your Data
  2. The Data entered, or imported on instruction, by You is stored securely in a database and is only accessible to any person You have authorised to use the Service (Invited Users).
  3. By using the Service, you (whether an individual or company or other legal entity), your Employee, and your Guests are asked to supply information in order for the Service to perform its core purpose – that being the management of people into and out of your organisation’s operations.
  4. When you register an account to become an MRI client, we record Employee and/or Contractor (User) profile information such as names, e-mail, department, phone, mobile and a password. If Add-ons are activated User information can include a photo and uploaded documents against their profile.
  5. When Guests check into and out of the Service we record their name, where they are from, and the date and time they arrived onsite and departed. Other information can be captured depending on the requirements of the client.
  6. We use this information to provide the core Service of MRI. Information is available to users via the Service tools or by your direct request to our helpdesk. The information we collect in this manner is not used for any other purpose. No personal customer, user, Employee or visitor data will be copied to, or shared with, any other party without the prior written consent of you.
  7. As the data entered into the Service is managed by you, we are not responsible for the integrity of the data entered into the Service nor any consequences resulting from incorrectly entered information.

2. It is Your responsibility to keep Your password safe

  1. MRI, MRI’s Employees and MRI’s partners do not have access to Your password and are therefore unable to access Your Organisation’s account or Data without receiving an invitation to do so from You via the Helpdesk.

3. Disclosure of Information

  1. We may disclose user information in special cases when we have reason to believe that disclosing this information is necessary to identify, contact or bring legal action against someone who may be causing injury to or interference with (either intentionally or unintentionally) our rights or property or other users of the Service, or anyone else that could be harmed by such activities. We may disclose user information when we believe in good faith that the law requires the disclosure.
  2. We do not use any customer data for testing.
  3. We may share aggregate information about our users with business partners and other third parties. For example, we may say x percent of our clients are Government Departments or y percent of our Clients operate in this sector.
  4. Subscribers to our Services, meaning You, are solely responsible for establishing policies for and ensuring compliance with all applicable laws and regulations, as well as any and all privacy policies, agreements or other obligations, relating to the collection of personal information in connection with the use of our Services by individuals (also referred to as “data subjects”) with whom our Subscribers interact. If you are an individual who interacts with a Subscriber using our Services, then you will be directed to contact our Subscriber for assistance with any requests or questions relating to your personal information.
  5. We collect information under the direction of our Subscribers, and have no direct relationship with individuals whose personal information we process in connection with our Subscriber’s use of our Services. If you are an individual who interacts with a Subscriber using our Services (such as a visitor, or contractor of one of our Subscribers) and would either like to amend your contact information or no longer wish to be contacted by one of our Subscribers that use our Services, please contact the Subscriber that you interact with directly.

4. Your IP Address

  1. The Service collects IP addresses for the purposes of system administration, to generate aggregate information, and to audit the use of our Service. When you request pages from MRI OnLocation, our servers log your IP address. We do not normally link IP addresses to anything personally identifiable, which means that your session will be logged, but you remain anonymous to us. We can and will use IP addresses to identify a user when we feel it is necessary to enforce compliance with our terms of use of the Service or to protect our service, site, customers or others.

5. Use of Cookies

  1. The WOL app does not use cookies that contain any personally identifiable information.
  2. uses cookies for the Google AdWords remarketing service to advertise on third party websites (including Google) to previous visitors to our site. This means we may advertise to previous visitors who haven’t completed a task on our site, for example using the contact form to make an enquiry. This could be in the form of an advertisement on the Google search results page, or a site in the Google Display Network. Third-party vendors, including Google, use cookies to serve ads based on someone’s past visits to the MRI website. Of course, any data collected will be used in accordance with our own privacy policy and Google’s privacy policy. You may choose to opt out of this service by visiting Google’s Ads Settings, or you can decline cookies in your web browser by following the instructions below:

3. Access/Participation

You may access the data collected by us about you by sending a request to the address listed below. If you believe that an error has been made in the accuracy of the data collected from you, we will correct such error upon adequate verification of the error and the identity of the person seeking the correction. If you wish to access, remove or correct any personally identifying data you have supplied to us you may do so by:

Please understand that in order to protect your privacy and security, we may also need to take reasonable steps to verify your identity before granting access or making corrections.

4. Information Sharing, Data Protection, and Security of the Data Collected

1. Information Sharing

  1. Except as described in this Policy, MRI will not give, sell, rent or loan any personal information to any third party. We may disclose such information to respond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims. We may also share such information if we believe it is necessary in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms of Service, or as otherwise required by law. MRI may also provide non-personal, summary or group statistics about our customers, sales, traffic patterns, and related Site information to reputable third-party vendors, but these statistics will include no personal information.

2. Protection of Information

  1. MRI is committed to ensuring the security of your personal information. We take every precaution to protect the confidentiality and security of the personal information placed on the Site or used within the Service, by employing technological, physical and administrative security safeguards, such as firewalls and carefully-developed security procedures. For example, when You enter sensitive information (such as login credentials and all your activity on our Service platform) We encrypt the transmission of that information using secure socket layer technology (SSL). These technologies, procedures and other measures help ensure that your data is safe, secure, and only available to You and to those You authorised access.
  2. The Service uses COMODO 2048-Bit Encryption to secure data information transfer, is EV SSL Certified, and is stored in a secure server facility in major Data Centres. The Data Warehouses are physically protected as there is no external signage identifying the buildings, there is a 24 hour Security Guard posted on-site, the facilities are monitored for intrusion 24 hours a day. Guests must provide Photo ID and are escorted throughout their visit. To minimise systems outage and Service down-time the facility employs multiple UPS’s and on-site generators. All servers are on a dedicated Firewall with robust check-point security.
  3. You are responsible for maintaining the secrecy of your unique password and account information, and for controlling access to your email communications at all times.

3. Our Access to Your Information

  1. MRI Support may ask you to grant us login access in order to assist you with a question, issue or request.
  2. Granting login access allows MRI Support to view your account for one hour. MRI Support cannot view any customer account data unless permission is granted by a user like yourself.
  3. During the effective access period, they will be able to access your data in order to help you resolve any problems.
  4. MRI Support will never ask for your password, either via phone or email.
  5. If we need to log into the application we will always ask you or another of your users to grant login access. If you receive any email requests for your password from a source pretending to be from MRI, please report via email to

4. Country-specific-terms


  1. Compliance With The Australian Privacy Act 1988 (Commonwealth) and the Australia Privacy Principles: In Australia, the key privacy legislation applying to MRI is the Privacy Act 1988 (Cth). The Privacy Act applies to most private sector organisations operating in Australia and sets a national standard for the collection, use and disclosure, quality and security of “Personal Information”. In particular, the Privacy Act establishes the Australian Privacy Principles (APPs) (effective from 12 March 2014) that sets out these key obligations.
  2. We detail our commitments and adherence to the Act in our ANZ Privacy Policy Statement.

New Zealand

  1. Compliance With The New Zealand Privacy Act and Privacy Principles: Similar to the Australian privacy principles, New Zealand law lays out 13 information privacy principles (NZ IPPs) for the proper handling of personal information of New Zealand citizens, and these principles can be found at
  2. Cross-border data flows are permissible in prescribed circumstances. MRI will continue to take steps to ensure its third-party processor either use the personal information solely in accordance with our instructions or will otherwise adequately protect the personal information.
  3. We detail our commitments and adherence to the Act in our ANZ Privacy Policy Statement.

European Union

  1. Personal Data collected, stored, used and/or processed by MRI, as described in the Agreement, is collected, stored, used and/or processed in compliance with MRI’s obligations under the General Data Protection Regulations (“GDPR”), a European privacy regulation which replaced the hitherto EU Data Protection Directive (“Directive 95/46/EC”).
  2. We detail our commitments and adherence to GDPR in our GDPR Policy Statement.

5. Enforcement/Redress

If for some reason you believe that we have not adhered to our privacy policy, please notify us by the method set forth above. We will do our very best to respond to your concerns and, when appropriate, take steps to correct a problem. By using this Service, you signify your assent to this policy statement regarding online privacy. If you do not agree to our terms of use, then please do not use our Service. Your continued use of the Service following posting of changes to our Terms of Use will mean you accept those changes.

1. You can opt-out of any email communications

  1. MRI sends billing information, product information, Service updates and Service notifications to You via email, and via the Site notifications message board, Where appropriate communication will contain clear and obvious instructions describing how You can opt to be removed from the email mailing list. MRI will remove You upon Your request.

2. You are responsible for checking the Privacy Policy of any third-party applications the Service links to

  1. The Service may contain links enabling the electronic transfer of data with third-party applications that your Account Owner has activated under the Add-ons function. MRI takes no responsibility for the privacy practices or content of these applications. This policy may be updated from time to time MRI reserves the right to change this policy at any time and any amended policy is effective upon the posting on:
  • The login screen message board
  • Email to Administrators.

Please read our Master Subscription Agreement

Use of the Service is subject to MRI’s Master Subscription Agreement and this Privacy Policy, along with our ANZ and GDPR Statements (if applicable), should be read in conjunction with this. In the event of a conflict or disagreement between this Privacy Policy and the Master Subscription Agreement, the Master Subscription Agreement will prevail.

Contact for Questions about our Privacy Policy:

If you have any questions about the Privacy Policy, the practices of this Web site Service, or your dealings with us, you may contact us by sending an email to: Email at or by writing to:

Attn: Privacy Policy MRI OnLocation
MRI OnLocation Customer Services
MRI New Zealand Holdings Limited
P.O. Box 27023
Marion Square, Wellington, New Zealand 6141

Last Updated on: 1 February 2023

You can download our Privacy Policy here

Select your region