Our website uses cookies so we can analyse our site usage and give you the best experience. Click "Accept" if you’re happy with this, or click "More" for information about cookies on our site, how to opt out, and how to disable cookies altogether.

More Accept ×

We respect your Do Not Track preference.

Close ×

opc header logo

About OPC

Print | Email this page

Storage and security

We use third party providers to store and process our data. We store most of the personal information we collect and generate electronically on Microsoft Azure cloud servers located in Australia. We also use Microsoft Office 365 for our email and other office productivity applications. This means that the personal information we hold may be transferred to, or accessed from, countries other than New Zealand.

Information about our e-learning modules is stored on the Moodle platform at the Vocus data centre in New Zealand.

Most records we create are public records for the purposes of the Public Records Act 2005. We retain personal information in compliance with the requirements of the Public Records Act until we are authorised to dispose of it under the relevant disposal authority (more information can be found on Archives New Zealand’s website).

Security

We take all reasonable steps to ensure the personal information we collect is protected against loss, unauthorised access and disclosure or any other misuse, including meeting the requirements prescribed by the New Zealand government for the secure handling, storage and disposal of any protectively marked or security classified information.

Our privacy breach response plan enables OPC to contain, assess and respond to privacy breaches and to help mitigate potential harm to affected individuals. 

We ensure that our third party data processors can meet our privacy and security requirements. We are satisfied, for example, that Microsoft has adequate security and privacy safeguards in place to protect information it holds on our behalf.

Read our privacy impact assessment review undertaken in June 2023 (opens to PDF, 783 KB)

Read our privacy impact assessment about the use of Microsoft's data storage services (opens to PDF, 504KB)

Read more about Microsoft’s privacy and security practices.

Openness and transparency are important to us

If you become aware of a privacy breach affecting the personal information we hold, please contact us to let us know. If you find a security issue within our online systems please tell us about it so we can get it fixed. We acknowledge receipt as soon as possible and within 7 working days we will give you an update on the progress of our investigation.

Read our Vulnerability Disclosure Policy, which outlines how we will work with anyone who tells us about vulnerabilities in our system.

Back to top