Book a demo Log in / Sign up

Cookies Notice Template for New Zealand

Generate a bespoke document

  • England and Wales
  • Scotland
  • Northern Ireland
  • Ireland
  • United States
  • Alabama (USA)
  • Alaska (USA)
  • Arizona (USA)
  • Arkansas (USA)
  • California (USA)
  • Colorado (USA)
  • Connecticut (USA)
  • Delaware (USA)
  • Florida (USA)
  • Georgia (USA)
  • Hawaii (USA)
  • Idaho (USA)
  • Illinois (USA)
  • Indiana (USA)
  • Iowa (USA)
  • Kansas (USA)
  • Kentucky (USA)
  • Louisiana (USA)
  • Maine (USA)
  • Maryland (USA)
  • Massachusetts (USA)
  • Michigan (USA)
  • Minnesota (USA)
  • Mississippi (USA)
  • Missouri (USA)
  • Montana (USA)
  • Nebraska (USA)
  • Nevada (USA)
  • New Hampshire (USA)
  • New Jersey (USA)
  • New Mexico (USA)
  • New York (USA)
  • North Carolina (USA)
  • North Dakota (USA)
  • Ohio (USA)
  • Oklahoma (USA)
  • Oregon (USA)
  • Pennsylvania (USA)
  • Rhode Island (USA)
  • South Carolina (USA)
  • South Dakota (USA)
  • Tennessee (USA)
  • Texas (USA)
  • Utah (USA)
  • Vermont (USA)
  • Virginia (USA)
  • Washington (USA)
  • West Virginia (USA)
  • Wisconsin (USA)
  • Wyoming (USA)
  • Austria
  • Denmark
  • France
  • Germany
  • Lithuania
  • Luxembourg
  • Malta
  • Netherlands
  • Poland
  • Portugal
  • Romania
  • Slovakia
  • Slovenia
  • Spain
  • Sweden
  • Switzerland
  • Australia
  • New Zealand
  • Singapore
  • Hong Kong
  • India
  • Malaysia
  • Pakistan
  • United Arab Emirates
  • Qatar
  • Saudi Arabia
  • South Africa
  • Nigeria
  • Canada
  • Brasil
  • Monaco
  • Bermuda
  • Cayman Islands
  • Gibraltar
  • Isle of Man
  • Mauritius

What is a Cookies Notice?

A Cookies Notice is essential for any organization operating a website in New Zealand that uses cookies or similar tracking technologies. While New Zealand doesn't have specific cookie laws like the EU's GDPR, the Privacy Act 2020 requires transparency in data collection and processing practices. This document should be implemented when a website begins using cookies or updates its tracking practices. The Cookies Notice typically includes information about the types of cookies used, their purposes, duration, and how users can manage them. It serves as a key transparency tool and helps organizations comply with privacy legislation while building trust with users. The notice should be easily accessible on the website and written in clear, understandable language for the average user.

Frequently Asked Questions

Is a cookies notice legally required for New Zealand websites?

Yes, under New Zealand's Privacy Act 2020, websites that collect personal information through cookies must provide clear notice to users about their data collection practices. This includes explaining what cookies are used, their purpose, and how personal information is handled. Failure to provide adequate notice can result in privacy complaints and potential enforcement action.

Can I be fined for not having a cookies notice on my New Zealand website?

The Privacy Commissioner can investigate complaints and issue compliance notices for breaches of the Privacy Act 2020. While direct fines for missing cookies notices are rare, non-compliance can lead to formal warnings, compliance orders, and in serious cases, Human Rights Review Tribunal proceedings. The reputational damage and legal costs often exceed preventive compliance measures.

How is a cookies notice different from a privacy policy in New Zealand?

A cookies notice specifically focuses on cookie usage and tracking technologies, while a privacy policy covers all personal information collection and handling practices. Under the Privacy Act 2020, both serve different purposes - the cookies notice provides upfront transparency about tracking, while the privacy policy details broader data protection practices. Many businesses combine both into a comprehensive privacy statement.

Must I get consent for all cookies under New Zealand privacy law?

Not all cookies require explicit consent under New Zealand law. Essential cookies for website functionality (like shopping carts or login sessions) don't need consent. However, cookies collecting personal information for marketing, analytics, or third-party advertising typically require clear notice and often user consent. The Privacy Act 2020 emphasizes transparency and user control over personal information.

How long does it take to prepare a compliant cookies notice for New Zealand?

Using a template, a basic cookies notice can be completed in 2-4 hours, including website audit and customization. However, conducting a thorough cookie audit for complex websites may take 1-2 days. Professional legal review adds another 1-2 business days but ensures Privacy Act 2020 compliance and reduces regulatory risk.

Can overseas visitors to my New Zealand website expect the same cookie protections?

Your cookies notice should comply with New Zealand's Privacy Act 2020 for all users, regardless of location. However, if you have significant overseas traffic, you may need additional compliance measures for jurisdictions like the EU (GDPR) or California (CCPA). Many New Zealand businesses adopt a global approach to ensure consistent privacy protection.

Which common mistakes make cookies notices non-compliant in New Zealand?

The most frequent errors include using generic overseas templates that don't reference New Zealand privacy laws, failing to identify all third-party cookies, not explaining data sharing with overseas providers, and burying the notice where users can't easily find it. Under the Privacy Act 2020, notices must be clear, accessible, and specifically address New Zealand privacy principles.

Reviewed by

Swetha Meenal

Legal Engineer, GenieAI

Swetha Meenal profile photo

A lawyer, legal researcher and legal tech founder, Swetha has built AI products deployed inside Tier 1 firms and enterprises. She ensures GenieAI's alignment with the latest regulation and executes testing on the legal robustness of Genie output.

LinkedIn

Reviewed by

Imad Mohammed Nazar

Legal Engineer, GenieAI

Imad Mohammed Nazar profile photo

A Skadden-trained M&A lawyer, Imad advised on cross-border transactions and contractual risk before moving into legal AI. He reviews GenieAI's output for compliance and enforceability across our 150+ supported jurisdictions, as well as facilitating external benchmarking.

LinkedIn

Jurisdiction

New Zealand

Reviewed by

Swetha Meenal & Imad Mohammed Nazar

Publisher

GenieAI

Category

Privacy Policy

Sector

Business

Cost

Free to use

Last updated

About the Cookies Notice

If you operate a website in New Zealand that uses cookies or tracking technologies, you need a comprehensive Cookies Notice to comply with privacy legislation and maintain user trust. While New Zealand doesn't have specific cookie laws like Europe's GDPR, the Privacy Act 2020 requires transparency about how you collect and process personal information, which includes data gathered through cookies.

When do you need this document?

You need a Cookies Notice when your website uses any form of cookies or similar tracking technologies. This includes e-commerce sites using analytics tools like Google Analytics, marketing platforms with retargeting pixels, or even basic websites with functional cookies for user preferences. The notice becomes legally necessary the moment you begin collecting personal information through these technologies, as the Privacy Act 2020 mandates transparency in data collection practices. You should also update your notice whenever you implement new tracking technologies or change your cookie practices.

Key legal considerations

Your Cookies Notice must clearly categorise the types of cookies you use, such as strictly necessary cookies for website functionality, performance cookies for analytics, and marketing cookies for advertising purposes. Under the Privacy Act 2020, you must explain the purpose of each cookie type and how long they remain active on users' devices. The notice should provide clear instructions on how users can manage or disable cookies through their browser settings, respecting their right to control their personal information. Additionally, if you use third-party cookies from services like Google or Facebook, you must disclose this and explain how these external parties may use the collected data.

Legal requirements in New Zealand

The Privacy Act 2020 requires that your cookie collection practices align with the privacy principles, particularly around collection limitation and transparency. You must ensure your Cookies Notice is easily accessible from every page of your website, typically through footer links or prominent banners. The Fair Trading Act 1986 also applies, requiring that your cookie disclosures are not misleading or deceptive about your data practices. Your notice should be written in plain English that average users can understand, avoiding technical jargon that might obscure important information about their privacy rights. Regular reviews and updates of your Cookies Notice are essential to maintain compliance as your website evolves and privacy laws develop.

GOVERNING LAW

Applicable law

This Cookies Notice is drafted to comply with New Zealand law. Key legislation includes:

Privacy Act 2020: The primary legislation governing personal information handling in New Zealand, including how cookies collect and process personal data. It sets out privacy principles for collecting, storing, and using personal information.
Fair Trading Act 1986: Ensures businesses don't engage in misleading or deceptive conduct, which applies to how companies communicate their cookie practices to users and obtain consent.
Consumer Guarantees Act 1993: While not directly related to cookies, it ensures services (including digital services) meet reasonable standards of quality and fitness for purpose, which can apply to how websites implement and manage cookies.
Electronic Transactions Act 2002: Governs electronic communications and transactions, providing legal framework for online activities including how consent can be obtained electronically.
Unsolicited Electronic Messages Act 2007: Relevant when cookies are used for marketing purposes or tracking user behavior for marketing communications, ensuring compliance with anti-spam regulations.

Explore 208,390+ legal templates

Explore 208,390+ legal templates

Genie's Security Promise

Genie is the safest place to draft. Here's how we prioritise your privacy and security.

Your data is private:

We do not train on your data; Genie's AI improves independently

All data stored on Genie is private to your organisation

Your documents are protected:

Your documents are protected by ultra-secure 256-bit encryption

We are ISO27001 certified, so your data is secure

Organizational security:

You retain IP ownership of your documents and their information

You have full control over your data and who gets to see it