Our website uses cookies so we can analyse our site usage and give you the best experience. Click "Accept" if you’re happy with this, or click "More" for information about cookies on our site and how to opt out.

We respect your Do Not Track preference.

Privacy Act & codes

The Privacy Act has twelve information privacy principles. For the full text of each, click on its number. As a brief guide, though:

Principle 1, Principle 2, Principle 3 and Principle 4 govern the collection of personal information. This includes the reasons why personal information may be collected, where it may be collected from, and how it is collected.

Principle 5 governs the way personal information is stored. It is designed to protect personal information from unauthorised use or disclosure.

Principle 6 gives individuals the right to access information about themselves.

Principle 7 gives individuals the right to correct information about themselves.

Principle 8 and Principle 9, Principle 10 and Principle 11 place restrictions on how people and organisations can use or disclose personal information. These include ensuring information is accurate and up-to-date, and that it isn't improperly disclosed.

Principle 12 governs how "unique identifiers" - such as IRD numbers, bank client numbers, driver's licence and passport numbers - can be used.

For more information view our quick tour of the information privacy principles.