New Zealand - New Zealand Privacy Law 2020

Modified on Fri, 30 Jun, 2023 at 3:11 PM

What is this law? How can i make my site comply with it?


The Privacy Law of New Zealand was originally written and approved back in 1993 making it one of the oldest data privacy laws in existence, and has been updated in December 2020.


In essence, the 2020 Privacy Law of New Zealand governs the handling of personal information through the implementation of the 13 New Zealand Privacy Principles. It requires individuals and organizations to notify and inform users about the collection, usage, and sharing of their personal information. Additionally, it grants individuals the right to access and correct their data. The law is enforced by the Privacy Commissioner and applies to all websites, companies, and organizations that handle personal information originating from New Zealand, regardless of their location in the world.


According to the 2020 Privacy Law of New Zealand and New Zealand Privacy Principle 3, users must be informed about the use of cookies and other tracking technologies. They should also receive detailed information about the type of personal information collected, how it is used, with whom it is shared, where it is stored, and for how long.


Personal information, according to the Privacy Act of New Zealand 2020, is broadly defined as "information about an identifiable individual" which includes data commonly collected and processed by third-party trackers and cookies used by social media platforms (e.g., through a Like button on your domain) or marketing services (e.g., advertising on your website).


If you want to know more about the different regulations you can access our article "Laws and regulations for each region"




Do i need a Cookie Consent Banner in New Zealand?


Although there is not extensive information specifically addressing the use and management of cookies, it is recommended to display our GLOBAL cookie banner in New Zealand to ensure compliance with these regulations and provide enhanced protection for users.

This banner counts with:

  • Include a Button to Accept Cookies: The text in the cookie banner and the button must make it clear that by clicking the button the user agrees to the deployment of cookies.
  • Include a Button to Reject Cookies: Although it does not specifically clarify a button as in other cases, we must provide an opt-out option that “takes effect immediately and is consistent.”
  • Provide Detailed Information About Cookie Use: The cookie banner should contain information about why the website uses cookies. For example, does it collect data for analytics, advertising, or social media purposes?
  • Alert the User if the Website Shares Data with Third Parties: If the website shares the data collected through cookies with third parties the cookie banner should explain this.
  • Link to the Website’s Cookie Policy: Here the website will provide further information about the cookies in use on the site, including a list of all the cookies.
  • Include a Link to the Cookie Settings: This isn’t required under GDPR as long as users have the choice to reject all cookies. However, it does have the benefit of allowing users who would otherwise reject all cookies to permit some forms of data collection. 


Observations: With illow´s GLOBAL banner, your site will be ready to comply with this regulation.



If you want to know the different types of banner cookies that you can find on our platform, access our article "Types of banners you will find on our platform"


Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article