Introduction to the Privacy Act
The Privacy Act is a legislation in New Zealand that regulates how personal information is collected, used, stored and disclosed by businesses, organisations, and government agencies.
The Act was first enacted in 1993, and has been updated several times since then, with the most recent update in December 2020.
The Privacy Act applies to businesses and organisations of all sizes, including small businesses and sole traders. This ensures that all New Zealanders are protected by the same privacy standards, regardless of the size of the organisation collecting their personal information.
Companies witness an average return on investment (ROI) of 1.8% from their privacy-related expenditures, and 92% acknowledge they have a moral obligation to use consumer data honestly and transparently.
76% of individuals said it’s too hard for them to understand how their information is being used.
Describe the reasons why your business collects personal information, such as to provide services to customers, to process transactions, or to conduct marketing activities.
Make a list of the types of personal information your business collects, such as names, addresses, email addresses, phone numbers, etc. This can also include sensitive information such as health or financial information.
How – Describe the methods used to collect personal information, such as through website forms, phone calls, or in-person interactions.
With who – Describe the purposes for which you use personal information and whether you share it with third parties. Be sure to provide details on how you protect personal information, such as through encryption or secure storage.
Describe how individuals can access their personal information, request that it be corrected, or request that it be deleted.
Don’t forget to comply with New Zealand’s Privacy Act 2020 and the Information Privacy Principles.
Review your PrivacyPpolicy regularly to ensure that it remains accurate and up-to-date.
Famous privacy branches cases:
Record damages awarded for cake photo breach – Human Rights Review Tribunal awarded Karen Hammond over $168,000 dollars, largely in part for the severe humiliation she suffered through the actions of her former employer, NZCU Baywide.
ACC ordered to pay claimant $50,000 for breach of privacy by destroying the man’s file.
Record fine for privacy breaches – German real estate company has been fined €14.5 million for breaching the General Data Protection Regulation (GDPR).
If you’re interested in learning more about the services we can support you with, click here for an overview.
Get in touch today, we’d love to know how we can help you and your growing business.
The Freelancer PA team.