On the 1st of December 2020 the new Privacy Act BECAME LAW

Is your business at risk?

What Does This mean for your business

All persons or business’s that collect Personal Information are now be required to have a Privacy Officer, report breaches, and comply with the Privacy Act 2020. Previously compliance with the Act has been good practice. Since the 1st of December 2020 it has been mandatory and harsh penalties will apply. 

Every business in New Zealand must comply.


What Do I need to do?

  • Appoint a Privacy Officer
  • Tell people when you are collecting their Personal Information
  • Obtain consent to collect any Personal Information
  • Adhere to the 13 Privacy Principles
  • Train your staff
  • Report breaches
  • Store any Personal Information securely
  • Know where your electronic data is stored


Data Storage & Security

Every business captures and uses data either actively or passively. A range of rules apply to the collection, storage and use of Data. 

Any Data stored outside New Zealand must be protected by comparable privacy standards.

Contact the team at NZBT to learn more about your obligations.


What are the penalties?

The Privacy Commissioner will be able to issue:

  • Compliance notices
  • Fines for each breach of the act

It will be an offence to destroy personal information if a request has been made for it.

The Privacy Act 2020 applies to ‘agencies’. Every business, organisation, and individual that handles personal information is considered an agency under the Privacy Act 2020 regardless of whether they are a government department, private company, religious group, school, or even an individual person in some cases.

Get In Touch

Your Details

Let us know how to get back to you.

Area Of Interest?

Head Office

595 Halswell Junction Road
Hornby, Christchurch


09 390 2000



04 390 4000



03 390 9090