Here is the honest situation. The New Zealand Privacy Act 2020 is built on 13 Information Privacy Principles covering how agencies collect, store, secure, access, correct, use and disclose personal information, plus rules on cross-border disclosure and unique identifiers. It requires a privacy officer and, since 2020, mandatory notification of privacy breaches likely to cause serious harm. An agency that handles personal information but cannot show its security, its access and correction handling or its breach notification is exactly where agencies fall short.
This Kit removes the guesswork. It is the Act and its principles written as adopt-ready controls you personalize in a weekend, with the evidence the Privacy Commissioner examines.
What you get, the moment you buy
Grounded in the New Zealand Privacy Act 2020 and its 13 Information Privacy Principles, with the privacy officer, collection, storage and security, access and correction, use and disclosure, cross-border disclosure, unique identifiers and mandatory breach notification called out. Editable Word and Excel files.
What one control looks like
This is confirming scope and appointing a privacy officer, where the Act begins. All 18 are built to this depth.
Why this is not another template pack
- The evidence is the point. A duty you cannot evidence is exposure before the Commissioner. This tells you what the Privacy Commissioner examines and where agencies fall short, for every duty.
- The IPPs and breach notification built in. The collection, security, access, correction, disclosure, cross-border and breach-notification duties are written into the controls, the substance the Act requires.
- Built on a mapped compliance corpus, not one person's opinion, from a graph of thousands of controls across standards.
- It compounds. The Act's principles align with the wider global privacy frameworks, so this work feeds your multi-jurisdiction privacy program.
Who buys this
Agencies and businesses handling personal information in or from New Zealand and their privacy officers, legal and compliance leads. Whether it is a first alignment or a compliance uplift, you save weeks and walk in with the IPPs, access, disclosure, cross-border and breach notification structured.
Common questions
Is it really editable? Yes. Word and Excel files you own and adapt. No portal, no subscription.
Is this legal advice? No. It is an implementation toolkit grounded in the Act. For a specific matter consult counsel; this gets your controls and evidence in order fast.
Does it cover the 13 principles? Yes. Each Information Privacy Principle is reflected in the controls.
Does it cover breach notification? Yes. Managing and notifying privacy breaches likely to cause serious harm is built as a control.
What if it is not for me? A 30-day money-back guarantee.
Instant digital download · 30-day money-back guarantee · The Art of Service Pty Ltd, GPO Box 2673, Brisbane QLD 4001 · support@theartofservice.com