๐ŸŒฟFair Say NZ

Fair Say NZ

Privacy Policy

Last updated: 1 November 2025

Who we are

Fair Say NZ is an independent civic engagement platform. We are not affiliated with any political party, government body, or commercial interest. Our purpose is to give New Zealanders clear, unbiased information about politics and a place to make their voices heard on civic questions.

We are subject to the New Zealand Privacy Act 2020, the Privacy Amendment Act 2025, and the Biometric Processing Privacy Code 2025.

What we collect and why

We collect as little as possible. Here is exactly what we hold and why.

Email accounts

What's collectedYour email address at sign-up.
What's storedYour raw email address (in accounts.email) and a one-way HMAC-SHA256 hash of it (in verified_identifiers). The hash is used solely to prevent duplicate accounts. The raw address is retained for login and, if you opt in, for sending app and civic topic updates.
PurposeTo send a magic-link login code, prevent duplicate accounts, and (if you opt in) send app and topic update emails.
Newsletter opt-inUnchecked by default at signup. You can change this at any time in your account settings or via the unsubscribe link in any email we send.
Third partiesNone. Your email address is not shared with or sold to any third party. It is transmitted to Resend (our email delivery provider) solely for the purpose of sending you emails you have requested or opted into.
RetentionThe email address is retained for the life of your account. Deleting your account removes it.

Passport-verified accounts

What's storedA one-way hash of your Didit session ID combined with a server-side secret. No email address is stored. Fair Say cannot contact you, identify you, or link your activity to any personal information.
PurposeTo confirm NZ citizenship for inclusion in the Verified NZ Citizens filter on poll results.
Can Fair Say contact you?No. Passport-verified accounts have no email stored. It is architecturally impossible for Fair Say to send you anything.
RetentionThe hashed session ID is retained for the life of your account to prevent re-verification attempts. Deleting your account deletes this hash.

Didit NZ Passport Verification โ€” Verified NZ Citizen tier

Optional. This is subject to the NZ Biometric Processing Privacy Code 2025.

What's collectedYou scan your NZ passport and complete a liveness check. This processing is performed entirely by Didit โ€” Fair Say never receives your passport image, biometric template, or passport number.
What Didit seesYour passport document and facial image, for the purpose of the liveness and document check. See Didit's privacy policy for how long they retain this data.
What Fair Say storesA one-way hash of your Didit session ID combined with a server-side secret. This hash cannot be reversed. It cannot be linked to your votes, your email, or any activity on the platform.
PurposeTo confirm NZ citizenship for inclusion in the Verified NZ Citizens filter on poll results. Only NZ passports are accepted โ€” a passport is the only document that directly confirms NZ citizenship (not just residency).
Why passport onlyA NZ driver's licence or proof-of-age card confirms NZ residency but not citizenship. Fair Say's Verified NZ Citizens filter is designed to represent the views of NZ citizens specifically.
Why DiditWe assessed alternatives: IRD number verification (requires full name and address โ€” more invasive), RealMe (enterprise-only government system โ€” not available to independent platforms), bank account verification (proves residency, not citizenship). Didit is the least privacy-intrusive method available that confirms NZ citizenship.
Cost$2 NZD, charged only on successful verification. This covers Didit's fee, passed on at cost. You are not charged if verification fails.
RetentionThe hashed session ID is retained for the life of your account to prevent re-verification attempts. It cannot be used to identify you. Deleting your account deletes this hash.

Polls and votes

Anyone with a Fair Say account can vote in any poll. There is no gatekeeping based on verification tier. Verification affects only how your responses are displayed in results filters โ€” it does not affect whether your vote counts.

All votes are anonymous. A per-poll hash is generated using your account identifier, the poll ID, a device salt, and a server-side secret. This hash prevents duplicate votes. It cannot be reversed to identify you, and it changes between polls โ€” so your votes across different polls cannot be linked to each other.

Each vote is tagged with your account's verification tier at the time of voting: email or verified_nz_citizen. This tag identifies the credential type, not you personally.

Poll results are filterable by tier โ€” all respondents, email accounts, or Verified NZ Citizens. The filter is a transparency tool, not a weighting system. Every vote counts equally in the overall result. Filtered groups with fewer than 5 responses are suppressed entirely to prevent any possibility of de-anonymising small groups.

Individual responses are never shown. Results are published as aggregates only, and always will be.

What we never do

  • โœ•We never sell personal information.
  • โœ•We never share email addresses or any personal data with political parties, advertisers, or government agencies.
  • โœ•We never use biometric information for any purpose other than confirming NZ citizenship.
  • โœ•We never store passport images, biometric templates, or passport numbers.
  • โœ•We never link verification records to votes or browsing activity.
  • โœ•We never email passport-verified users โ€” no email is stored for those accounts.

Your rights under the Privacy Act 2020

You have the following rights regarding information Fair Say holds about you:

  • Right to access: You can request what data we hold about you. Because we store one-way hashes rather than identifiable information, the data we can provide is limited by design.
  • Right to correction: You can request corrections to any personal information we hold.
  • Right to deletion: You can delete your account at any time. Deletion removes your hashed email identifier, hashed verification session ID, and account record. Vote records are anonymous and cannot be attributed to you โ€” they are not deleted, as they form part of the aggregate public results.
  • Complaints: If you believe we have breached the Privacy Act 2020, you can complain to the Office of the Privacy Commissioner at privacy.org.nz.

Third-party processors

Didit

Biometric identity verification. Processes NZ passport scans and liveness checks on Fair Say's behalf. Fair Say receives only a pass/fail result.

Privacy policy โ†’

Supabase

Database hosting. Data is stored in AWS ap-southeast-2 (Sydney, Australia).

Privacy policy โ†’

Vercel

Application hosting and edge functions.

Privacy policy โ†’

Resend

Email delivery. Used solely to send login codes and (for opted-in email-tier users) newsletter and update emails. Resend does not receive data about passport-verified accounts.

Privacy policy โ†’

Biometric processing

Fair Say is subject to the NZ Biometric Processing Privacy Code 2025 (in force 3 November 2025). In accordance with this Code:

  • Biometric processing (passport scan and liveness check) is performed solely by Didit, not by Fair Say.
  • The purpose is limited to confirming NZ citizenship for inclusion in the Verified NZ Citizens results filter.
  • No biometric information is retained by Fair Say โ€” only a one-way hash of the Didit session ID.
  • A Proportionality Assessment has been completed and is available on request.
  • Complaints about biometric processing can be directed to the Privacy Commissioner at privacy.org.nz.

Contact

For privacy questions, access requests, or corrections, contact us at privacy@fair-say.nz.

Fair Say NZ is an independent platform. We are not a government body and cannot access government records on your behalf.