Privacy Statement

Warren and Mahoney enhances its Australian leadership and design team with the addition of leading multidisciplinary designer, 
Kate Roach. 

Warren and Mahoney Group – Privacy Statement – 16 May 2022

Warren and Mahoney Limited and its subsidiary companies (together Warren and Mahoney and referred to as we, us or our in this document) recognise the importance of protecting your privacy. This privacy statement outlines the way in which we manage the personal information (being information about an identifiable individual) that we hold about our employees, potential employees, clients, potential clients, contractors and others.
As Warren and Mahoney operates in both New Zealand and Australia, we are bound by, and act in accordance with, both the New Zealand Privacy Act 2020 and the Australian Privacy Act 1988 (together, the Privacy Acts).

Why does Warren and Mahoney collect personal information?

We collect personal information to conduct our business, to provide and market our architectural and design services and to meet our legal obligations.

Who does Warren and Mahoney collect personal information about?

We collect and hold personal information about (but not limited to):

  • clients, business associates and potential clients, and their employees, contractors, owners and directors;
  • suppliers and their employees and contractors;
  • prospective employees, employees and contractors;
  • directors, shareholders, beneficial shareholders and prospective directors, shareholders and beneficial shareholders of Warren and Mahoney; and
  • other people who come into contact with Warren and Mahoney.


What kinds of personal information does Warren and Mahoney collect?

In general, and depending upon the nature of the person’s connection with Warren and Mahoney, the type of personal information we collect and hold commonly includes (but is not limited to):


Identity data

Names, addresses, contact details, date of birth, gender, photographs, nationality and other information relating to residency and citizenship which may be required to establish a right to work in a given country.

Contact data

Home addresses, email addresses and telephone numbers and emergency contact details.

Historical data and employment related data

Employment history and/or details, education, skills and qualifications, references, criminal background history, interview and assessment feedback and results from any other background and disclosure checks where it is lawful to carry out such checks.

Verification and financial data

A copy of your driving licence, passport, identity card or another form of identification, personal preference payment details and tax-related information, and financial data that you choose to share with us.


Other information which assists us in conducting our business, providing and marketing our architectural and design services and meeting our legal obligations.

In some cases, if personal information we request is not provided, it might adversely impact our ability to supply the relevant product or service or to perform our obligation.

How does Warren and Mahoney collect personal information?

Except as otherwise permitted by law, we will collect personal information:

  • from you directly when you provide your details to us;
  • from you indirectly (through emails, forms, face-to-face meetings, interviews, business cards, telephone conversations and through the use of the services and facilities available through our websites and social media channels, e.g., if you subscribe to our newsletter);
  • with your prior consent, from third parties, for example:
  • we may use third parties to analyse traffic at our websites and social media channels, which may involve the use of cookies;
  • a report provided by a medical professional or an employment reference;
  • where a third party provides security-related services; and
  • from publicly available websites (such as those used to check registration information).

How might Warren and Mahoney collect, hold, use and disclose your personal?

In general, we collect, hold, use and disclose your personal information for the following purposes:

  • to conduct our business;
  • to provide and market our architectural and design services to you;
  • to engage third parties on your behalf;
  • to communicate with you;
  • to purchase goods or services;
  • to help us manage and enhance our services;\
  • to check your identity against governmental databases, including:
    • The New Zealand Ministry of Justice (for criminal history checks);
    • The Australian Federal Police (for criminal history checks); and
    • The New Zealand Architects register, the New South Wales register of architects and the Victorian register of architects.
  • to manage share transactions and other company governance matters;
  • for health and safety, or security purposes; and
  • to comply with our legal obligations.

To whom might Warren and Mahoney disclose your personal information?

We may disclose your personal information to:

  • other members of the Warren and Mahoney group;
  • senior managers and/or directors of the Warren and Mahoney group where those people are involved in decision-making that concerns your personal information;
  • other companies or individuals who assist us in providing services or who perform functions on our behalf (such as travel agencies and hosting and data storage providers);
  • other companies or individuals who perform checks that are necessary or desirable under law on our behalf;
  • other companies, agencies or individuals that maintain databases against which your identity may be verified, which may include (but is not limited to) the New Zealand Department of Internal Affairs, New Zealand Transport Agency, and the Commonwealth of Australia Document Verification Service;
  • social media sites on which we have a presence;
  • professional industry bodies such as the New Zealand Architects register;
  • courts, tribunals and regulatory authorities; and
  • anyone else to whom you authorise us to disclose it.

Management and retention of personal information

Warren and Mahoney take reasonable steps to protect the security of personal information. Warren and Mahoney employees are required to respect the confidentiality of personal information and the privacy of individuals.

We take reasonable steps to protect personal information held by us from misuse and loss and from unauthorised access, modification or disclosure, for example,
by use of usernames and passwords, restricted access to electronic records and
the recording of file movements.

We store all our data (including your personal information) on the secure Microsoft Azure cloud platform, Microsoft Office 365, AWS (Amazon Web Services), Autodesk Cloud Services, Salesforce Cloud Services, and on-premises servers. New storage systems and platforms are continually being implemented and deployed to optimise our ever-evolving technology infrastructure. When these new systems are proposed a security assessment is conducted to ensure they meet industry standard security requirements before any data is stored on them. We put cyber security and data protection strategies at the forefront of all our systems.

We will not retain your personal information for longer than is required for the purposes for which the information may lawfully be used.

How can you access and correct your personal information?

Warren and Mahoney endeavour to ensure that the personal information we hold is accurate, complete and up to date. We encourage you to contact us to update any personal information we hold about you. Contact details are set out below. You have the right to correct any personal information we hold about you in accordance with the Privacy Acts.

Subject to the exceptions set out in the Privacy Acts, you may seek access to the personal information which we hold about you by contacting our Privacy Officer, Charlotte Moll, available at

We will require you to verify your identity and to specify what information you require.

How can you make a privacy complaint?

If you have any questions about privacy related issues or wish to complain about the handling of your personal information by us, please contact our Privacy Officer at We may ask you to lodge your complaint in writing. Any complaint will be investigated by the Privacy Officer. You will be notified of the decision in relation to your complaint as soon as practicable after it is made, usually within 20 working days. If we are unable to satisfactorily resolve your concerns about our handling of your personal information, you can contact the following authorities, depending on whether you are based in New Zealand or Australia:

New Zealand:
Office of the Privacy Commissioner at: PO Box 10-094, The Terrace, Wellington 6143, phone 0800 803 909,

Office of the Australian Information Commissioner at: GPO Box 5218, Sydney NSW 2001, complaint-with-us

Updates to this Statement

This Statement will be reviewed from time to time to take account of new laws and technology, changes to our operations and practices and the changing business environment.

The most current version of this Statement is located on our website or can be obtained by contacting our Privacy Officer at



In this Statement:

Warren and Mahoney and Warren and Mahoney group means Warren and Mahoney Limited, Warren and Mahoney Services Limited, Warren and Mahoney
Architects Limited, Warren and Mahoney Architects New Zealand Limited, Warren and Mahoney Living New Zealand Limited, Warren and Mahoney Architects Australia Pty Limited, Warren and Mahoney Living Australia Pty Limited, Warren and Mahoney Technologies Limited and Warren and Mahoney Dunedin Hospital Limited.