Book a demo Log in / Sign up

Employee Privacy Notice Template for New Zealand

Generate a bespoke document

  • England and Wales
  • Scotland
  • Northern Ireland
  • Ireland
  • United States
  • Alabama (USA)
  • Alaska (USA)
  • Arizona (USA)
  • Arkansas (USA)
  • California (USA)
  • Colorado (USA)
  • Connecticut (USA)
  • Delaware (USA)
  • Florida (USA)
  • Georgia (USA)
  • Hawaii (USA)
  • Idaho (USA)
  • Illinois (USA)
  • Indiana (USA)
  • Iowa (USA)
  • Kansas (USA)
  • Kentucky (USA)
  • Louisiana (USA)
  • Maine (USA)
  • Maryland (USA)
  • Massachusetts (USA)
  • Michigan (USA)
  • Minnesota (USA)
  • Mississippi (USA)
  • Missouri (USA)
  • Montana (USA)
  • Nebraska (USA)
  • Nevada (USA)
  • New Hampshire (USA)
  • New Jersey (USA)
  • New Mexico (USA)
  • New York (USA)
  • North Carolina (USA)
  • North Dakota (USA)
  • Ohio (USA)
  • Oklahoma (USA)
  • Oregon (USA)
  • Pennsylvania (USA)
  • Rhode Island (USA)
  • South Carolina (USA)
  • South Dakota (USA)
  • Tennessee (USA)
  • Texas (USA)
  • Utah (USA)
  • Vermont (USA)
  • Virginia (USA)
  • Washington (USA)
  • West Virginia (USA)
  • Wisconsin (USA)
  • Wyoming (USA)
  • Austria
  • Denmark
  • France
  • Germany
  • Lithuania
  • Luxembourg
  • Malta
  • Netherlands
  • Poland
  • Portugal
  • Romania
  • Slovakia
  • Slovenia
  • Spain
  • Sweden
  • Switzerland
  • Australia
  • New Zealand
  • Singapore
  • Hong Kong
  • India
  • Malaysia
  • Pakistan
  • United Arab Emirates
  • Qatar
  • Saudi Arabia
  • South Africa
  • Nigeria
  • Canada
  • Brasil
  • Monaco
  • Bermuda
  • Cayman Islands
  • Gibraltar
  • Isle of Man
  • Mauritius

What is a Employee Privacy Notice?

The Employee Privacy Notice is a mandatory document for organizations operating in New Zealand, designed to comply with the Privacy Act 2020 and related employment legislation. It serves as a transparent communication tool between employers and employees regarding the collection, use, storage, and protection of personal information in the employment context. This document should be provided to employees at the commencement of employment and updated as necessary to reflect changes in privacy practices or legal requirements. The notice is particularly important given the increasing focus on data protection and privacy rights in the workplace, and the need for organizations to demonstrate compliance with New Zealand's privacy principles. It covers various aspects of employee data processing, from recruitment through to post-employment record keeping.

Frequently Asked Questions

Is an Employee Privacy Notice legally required under New Zealand's Privacy Act 2020?

Yes, under the Privacy Act 2020, New Zealand employers are legally required to provide privacy notices to employees, contractors, and job applicants. This document must inform individuals about how their personal information is collected, used, stored, and disclosed in accordance with the 13 privacy principles. Failure to provide adequate privacy notices can result in penalties and complaints to the Privacy Commissioner.

Can my business be fined if our Employee Privacy Notice is missing or incomplete in New Zealand?

Yes, New Zealand businesses can face significant penalties for inadequate or missing Employee Privacy Notices. Under the Privacy Act 2020, the Privacy Commissioner can impose fines up to $10,000 for individuals and $100,000 for organizations. Additionally, employees can lodge complaints, and serious breaches may result in criminal charges with penalties up to $10,000.

How long does it typically take to prepare an Employee Privacy Notice for a New Zealand business?

Creating a comprehensive Employee Privacy Notice typically takes 2-4 weeks for most New Zealand businesses. This includes reviewing current data collection practices, ensuring compliance with all 13 privacy principles, customizing the template for your specific industry, and having legal review. Simple organizations may complete it faster, while complex businesses with multiple data sources may need longer.

How is an Employee Privacy Notice different from an employment contract in New Zealand?

An Employee Privacy Notice specifically addresses how personal information is handled under the Privacy Act 2020, while an employment contract covers terms and conditions of employment under the Employment Relations Act 2000. The privacy notice focuses on data collection, use, storage, and employee rights regarding their personal information, whereas the employment contract covers wages, duties, leave, and termination procedures.

Must New Zealand Employee Privacy Notices cover contractor and job applicant information too?

Yes, Employee Privacy Notices in New Zealand must cover personal information handling for employees, contractors, and job applicants under the Privacy Act 2020. The notice should explain how recruitment data, contractor information, and ongoing employment records are collected and managed. Many organizations create comprehensive notices covering all three categories to ensure full compliance.

Can employees in New Zealand request copies of their personal information mentioned in the Privacy Notice?

Yes, under Privacy Principle 6 of the Privacy Act 2020, New Zealand employees have the right to request access to their personal information held by employers. Your Employee Privacy Notice should explain this right and outline the process for making such requests. Employers must respond within 20 working days and can only charge reasonable costs for providing the information.

Do small New Zealand businesses under 10 employees need Employee Privacy Notices?

Yes, all New Zealand employers regardless of size must comply with the Privacy Act 2020 and provide Employee Privacy Notices. There is no small business exemption for privacy obligations in New Zealand. Even sole traders with one employee must inform staff about how their personal information is collected, used, and stored in accordance with the 13 privacy principles.

Reviewed by

Swetha Meenal

Legal Engineer, GenieAI

Swetha Meenal profile photo

A lawyer, legal researcher and legal tech founder, Swetha has built AI products deployed inside Tier 1 firms and enterprises. She ensures GenieAI's alignment with the latest regulation and executes testing on the legal robustness of Genie output.

LinkedIn

Reviewed by

Imad Mohammed Nazar

Legal Engineer, GenieAI

Imad Mohammed Nazar profile photo

A Skadden-trained M&A lawyer, Imad advised on cross-border transactions and contractual risk before moving into legal AI. He reviews GenieAI's output for compliance and enforceability across our 150+ supported jurisdictions, as well as facilitating external benchmarking.

LinkedIn

Jurisdiction

New Zealand

Reviewed by

Swetha Meenal & Imad Mohammed Nazar

Publisher

GenieAI

Category

Privacy Policy

Sector

Business

Cost

Free to use

Last updated

About the Employee Privacy Notice

An Employee Privacy Notice is a critical legal document that ensures your organization complies with New Zealand's Privacy Act 2020 while maintaining transparent communication with your workforce about data handling practices. This document protects both employers and employees by clearly outlining how personal information is collected, used, stored, and disclosed throughout the employment relationship.

When do you need this document?

You must provide an Employee Privacy Notice to all new employees, contractors, temporary staff, and work experience students before or at the commencement of their engagement with your organization. The notice is also required when collecting personal information from job applicants during recruitment processes, when implementing new data collection practices, or when making significant changes to existing privacy policies. Additionally, you should update and redistribute the notice whenever there are changes to your data handling procedures, when new legal requirements come into effect, or when expanding into new business areas that require additional personal information collection.

Key legal considerations

Your Employee Privacy Notice must address several critical legal elements to ensure compliance with New Zealand privacy law. The document must clearly identify what types of personal information you collect, including contact details, employment history, qualifications, health information for safety purposes, and performance data. You must specify the purposes for collecting this information, such as payroll processing, performance management, health and safety compliance, and legal obligations. The notice should explain how long you retain personal information and your procedures for secure disposal. Include details about who has access to employee data, both within your organization and any third parties such as payroll providers, insurers, or government agencies. You must also outline employees' rights under the Privacy Act 2020, including their right to access, correct, and request deletion of their personal information.

Legal requirements in New Zealand

Under the Privacy Act 2020, your Employee Privacy Notice must comply with the 13 privacy principles that govern the collection, use, and disclosure of personal information. Principle 3 requires that you collect personal information directly from the individual where possible and inform them about the collection. The Employment Relations Act 2000 mandates good faith obligations in employment relationships, including transparent communication about data handling. Your notice must address health and safety requirements under the Health and Safety at Work Act 2015, particularly regarding the collection of health-related information necessary for workplace safety. The Human Rights Act 1993 requires that your privacy practices don't enable discriminatory behavior in employment decisions. Ensure your notice includes mandatory elements such as your organization's contact details, the authority under which you're collecting information, and clear explanations of how employees can exercise their privacy rights. The notice must be written in plain language that employees can easily understand.

GOVERNING LAW

Applicable law

This Employee Privacy Notice is drafted to comply with New Zealand law. Key legislation includes:

Privacy Act 2020: The primary legislation governing privacy in New Zealand, including the collection, use, storage, and disclosure of personal information. It contains 13 privacy principles that organizations must follow when handling personal information.
Employment Relations Act 2000: Contains provisions relating to employment relationships and good faith obligations, including requirements for handling employee information and maintaining confidentiality in employment relationships.
Human Rights Act 1993: Protects against discrimination and ensures privacy notices don't enable discriminatory practices in the collection and use of personal information.
Health and Safety at Work Act 2015: Relevant for privacy notices as it may require collection of certain health-related information from employees for workplace safety purposes.
Harmful Digital Communications Act 2015: Relevant for addressing digital privacy and protecting employees from harmful digital communications in the workplace.
Public Records Act 2005: Applicable if the employer is a public sector organization, governing how employee records must be maintained and managed.
Criminal Records (Clean Slate) Act 2004: Relevant for privacy notices regarding the collection and handling of employee criminal record information and the right to conceal eligible criminal records.

Explore 208,390+ legal templates

Explore 208,390+ legal templates

Genie's Security Promise

Genie is the safest place to draft. Here's how we prioritise your privacy and security.

Your data is private:

We do not train on your data; Genie's AI improves independently

All data stored on Genie is private to your organisation

Your documents are protected:

Your documents are protected by ultra-secure 256-bit encryption

We are ISO27001 certified, so your data is secure

Organizational security:

You retain IP ownership of your documents and their information

You have full control over your data and who gets to see it