Working with third-party providers: understanding your privacy responsibilities
This guidance explains what you must think about when you are choosing a third-party provider and what your ongoing responsibilities are.
Our website uses cookies so we can analyse our site usage and give you the best experience. Click "Accept" if you’re happy with this, or click "More" for information about cookies on our site, how to opt out, and how to disable cookies altogether.
We respect your Do Not Track preference.
Displaying 1 - 20 of 28
This guidance explains what you must think about when you are choosing a third-party provider and what your ongoing responsibilities are.
When your organisation receives a privacy complaint from someone you need to act quickly and decisively.
Section 77 of the Privacy Act says that after receiving a complaint and before investigating, a complaint may be resolved by way of conciliation.
Board of Trustees and schools often deal with highly sensitive information about staff, students, and families so they need to know about privacy.
This document provides guidance about the disclosure of personal information from government departments to Ministers and...
Releasing personal information to Police and law enforcement agencies (updated April 2024)
This guidance helps organisations through the cloud computing decision-making process.
This paper provides guidance on how the Privacy Act applies to sensitive personal information.
The Office of the Privacy Commissioner wants to take a proactive stance to protect the rights and privacy of tenants and prospective tenants.
Under section 30 of the Privacy Act 2020, an agency may apply to the Privacy Commissioner to authorise a one-off collection, use, retention, or disclosure
Under the Privacy Act 2020, you have 6 months to file a claim in the Human Rights Review Tribunal. Read more about the requirements for filing a privacy claim.
Principle 12 is a new privacy principle introduced in the Privacy Act 2020. You can read more about the purpose of the principle here.
We have produced a series of information sheets, each covering one of the main changes in the Privacy Act 2020.
We’ve created a detailed table comparing the Privacy Act 2020 with the Privacy Act 1993. The table is a section-by-section breakdown of both Acts, showing the changes at a granular level.
You can view the table here: Comparing the Privacy Acts - 1993 and 2020.
Did you know under the Privacy Act you can ask any organisation or business for information they hold about you and to correct it if it’s wrong?
Find out more about your right to access and correct your information by downloading our information sheet here: Your right to know (PDF).
The Ministry of Justice and Oranga Tamariki have each released new guidance on requesting, sharing, and using personal information.
The Privacy Commissioner and the Government Chief Data Steward have jointly developed six key principles to support safe and effective data analytics.
Read the Privacy Commissioner's Commentary on R v Alsford: voluntary requests for personal information by law enforcement agencies.
Practical tips on how to manage personal information during the life cycle of a .nz domain name registration.
Read our FAQs on the Intelligence and Security Act 2017's changes to the Privacy Act. NZSIS and GCSB are now subject to most of the Act's privacy principles.