• Facebook
  • Twitter
  • Youtube
  • LinkedIn
Parry Field Lawyers
  • Home
  • About
    • News & Insights
    • Terms of Engagement
  • Our People
  • Services
    • Property
      • Residential
      • Construction
      • Subdivisions
      • Commercial
      • Leasing
      • Community Housing Information Hub
    • Advisory
      • Employment
      • Sale & Purchases
      • Financing
      • Governance
      • Technology/IT
      • Start-ups and Capital Raising Hub
    • Disputes
      • Employment
      • Court, Tribunals and Arbitrations
      • Estates & Wills
      • Divorce & Separation
      • Insurance
      • Family
      • Company & Shareholding
      • Debt Collection
      • Construction
    • Trusts & Asset Planning
      • Wills & Enduring Powers of Attorney
      • Estates
      • Succession Planning
    • Charities/For Purpose Organisations
      • Incorporated Societies: Information Hub
      • Charities: Information Hub & Healthchecks
      • Governance Essentials
      • Faith Based Groups: Information Hub
      • Impact Investing: Information Hub
      • Hybrid Solutions: Charity/Business
      • Not for Profits
      • Churches
      • Sports Groups
      • Social Enterprises/Impact Companies
      • Community Groups
    • Migrants
    • Immigration
      • Work Visas
      • Family Visas
      • Skilled Migrants
      • Business and Investment Visas
      • Potentially Prejudicial Information
      • Employer Assistance
      • Overseas Investment
  • Resources
    • Guides
      • Capital Raising Guide
      • Resources for the Incorporated Societies Act 2022
      • Doing Business In New Zealand
      • Start Ups Legal Toolkit
      • Buying & Selling Property
      • Charities In New Zealand
      • Social Enterprises in New Zealand Handbook
      • Family Trusts
      • Death & Estates
      • Churches Handbook
    • Articles
      • Heat of the moment resignations – do employees need to be given a chance to cool off?
      • The new Incorporated Societies Act 2022: When will the new Act affect my Society?
      • Racial Harassment in the Workplace
      • Built up annual leave – does an employee have to use it?
      • Resources for the Incorporated Societies Act 2022
      • When can a Trustee delegate their powers?
      • Buying your first home: Key issues (a practical guide from a first home buyer)
      • The new Incorporated Societies Act 2022: What it means for your Incorporated Society
      • The Addington Farm: A case study in setting up a Charity
      • The Bright-Line Test
      • Funds that advance charity: How do they work? 
      • What is a LIM?
      • Charity Founders’ Ongoing Relationship With The Charity They Start: Key points to know
    • Blog
    • Templates
      • Terms and Conditions
      • Terms and Conditions Including Software
      • Non-Disclosure Agreement – One Way
      • Non-Disclosure Agreement – Two Way
      • Independent Contractors Agreement
      • Shareholders’ Resolutions – Written resolution
      • Share Transfer
      • Incorporation – First Shareholder Resolutions
      • Incorporation – First Directors’ Resolutions
    • Videos
      • COVID-19 and Commercial Leases
      • Force Majeure” clauses in Contracts and COVID-19
      • Property sale and purchases and COVID-19
      • Seeds Podcast
  • Careers
  • Contact
    • Healthcheck
  • Pay Online
  • Search
  • Menu Menu

General Data Protection Regulation (GDPR)

Business, Governance

The European Union (EU) will soon have new rules that are likely to affect the privacy policies of businesses around the world.  They relate to the collection of data from citizens of EU countries, and so can affect businesses even as far away as New Zealand.  The EU General Data Protection Regulation (known as the GDPR – more info here) has now come into force as of 25 May 2018.

 

There are three key ways that it could affect your business which you should be thinking through now.

1. Assessing to what extent it will affect you

 

To answer this you need to think through questions like this:

  • do you market to and target EU residents via website?  Just having it accessible to them may not be enough – do you actively target EU residents to help those in the EU order tours or trips via your website such as offering the website in languages of the EU (beyond English)?
  • what “personal” data do you collect about users/customers e.g. names, gender, dates of birth, phone, credit card information, addresses, emails etc.
  • do you transfer data to the EU for example to any agents who act on your behalf there or do you have an “EU representative” or any physical presence at all?
  • does anyone else store your data on servers offshore or is it all in New Zealand?

2. Reviewing your documents

 

In light of the answers above, the key one to review is your privacy policy and it is important to check what it says and if it needs updating to reflect best practice.  In addition, it is good to look at any consent forms (or places clients click) to check that they are widely enough drafted to give consent to use of their information.

  • When looking at your privacy policy some key questions to ask are:
  • What exactly is being collected?
  • Which entity is collecting the data?
  • What is the basis for receiving and for processing the data?
  • Whether or not the data will be shared with third parties?
  • How long will the data be stored for?
  • How is the information collected going to be used?
  • What rights does the person who submitted the information have to e.g. access it – and how?
  • What the process for a complaint is?

3. Documenting how you comply

 

This is both an internal record but also could be used if you were ever asked to show how you are complying.  It would document the above two points clearly to explain how compliance with the new rules is ensured.

You may want to also designate a person or group to lead the effort within the business.  A “Data Protection Officer” could help lead the way in this regard.  They may want to prepare a “Data Protection Policy” which can also be used to educate the businesses’ senior decision makers about the GDPR’s new risk-based compliance approach, and the potential effects of non-compliance.

We are able to assist companies with a review of their privacy policies in light of the changes in the EU.  While it may seem amazing that a jurisdiction so far away could impact us this is likely to be an increasing trend as we move into even more of a global economy where countries and regions look to protect the data of their citizens.  This focus is highlighted by reports of the improper use of data by companies harvesting that information to use in elections.  If your answers to any of the questions above indicate a link with the EU then now is the time to take action.

 

This article is not a substitute for legal advice and you should talk to a lawyer about your specific situation. Please contact Steven Moe stevenmoe@parryfield.com at Parry Field Lawyers (348-8480) 

https://www.parryfield.com/wp-content/uploads/2018/05/IMG_4654-1024x249.jpg 249 1024 Leigh Gray https://www.parryfield.com/wp-content/uploads/2019/07/Parry-Field-Lawyers-Logo.png Leigh Gray2018-05-15 11:41:562019-10-17 13:28:23General Data Protection Regulation (GDPR)

Related Lawyers

View Profile
Kris Morrison
Email Kris
+6433488480
View Profile

Christchurch CBD

PHONE: +64 3 348 8480
FAX: +64 3 348 6305

PHYSICAL ADDRESS:
Level 1, 60 Cashel Street
Christchurch 8013, New Zealand

POSTAL ADDRESS:
PO Box 744
Christchurch, 8140, New Zealand

Christchurch

PHONE: +64 3 348 8480
FAX: +64 3 348 6305

PHYSICAL ADDRESS:
1 Rimu Street, Riccarton,
Christchurch 8041, New Zealand

POSTAL ADDRESS:
PO Box 8020, Riccarton,
Christchurch, 8440, New Zealand

Rolleston

PHONE: +64 3 348 8480
FAX: +64 3 348 6305

PHYSICAL ADDRESS:
Level 1, 80 Rolleston Drive,
Rolleston, 7614, New Zealand

POSTAL ADDRESS:
PO Box 8020, Riccarton,
Christchurch, 8440, New Zealand

Hokitika

PHONE: +64 3 755 8673
FAX: +64 3 755 8073

PHYSICAL ADDRESS:
26 Weld Street,
Hokitika 7810, New Zealand

POSTAL ADDRESS:
PO Box 44,
Hokitika 7842, New Zealand

Parry Field Charitable Foundation

Parry Field charitable members of NZ LAw, Global Cross Legal and SCLA

© Copyright – Parry Field Lawyers     |     Privacy Policy

Bright Line Test Now ExtendedMuhammed Yunus on Social Enterprises
Scroll to top
  • Share on Facebook
  • Share on LinkedIn
  • Share on Email