Email Disclaimers in New Zealand: What They Can and Can’t Do

Alex Solo
byAlex Solo10 min read
Other
Contents

If you run a small business, you’ve probably seen (or used) an email footer that says something like “This email is confidential” or “If you’re not the intended recipient, delete it.”

That’s an email disclaimer - and while it can be a helpful part of your risk-management toolkit, it’s not a magic legal shield.

In this guide, we’ll break down how email disclaimers in New Zealand actually work, what they can realistically achieve, what they can’t, and what you should put in place alongside a disclaimer so you’re protected from day one.

What Is an Email Disclaimer (And Why Do Businesses Use Them)?

An email disclaimer is the block of text your business adds to the bottom of emails (often automatically), usually to:

  • flag confidentiality or sensitivity of information
  • reduce the risk of misdirected emails causing harm
  • clarify who the email is intended for
  • limit misunderstandings about legal responsibility
  • set expectations about viruses, links, or attachments
  • separate personal opinions from “official” business positions

It’s common for businesses to use the same disclaimer across all staff emails, especially once the team grows and you can’t realistically control how every email is drafted.

If you’re dealing with customer information, supplier pricing, employee records, health information, or commercially sensitive work, a disclaimer is often seen as a simple “baseline” safeguard.

But the key question is: does it actually do anything legally?

Are Email Disclaimers Legally Binding in New Zealand?

Usually, an email disclaimer on its own will have limited legal force - especially if the recipient hasn’t positively agreed to it.

In plain terms: you generally can’t impose new legal obligations on someone just by sending them a sentence at the bottom of an email (particularly if they’re not expecting it or never agreed to it).

Whether an email disclaimer is enforceable can depend on context, including:

  • Prior relationship and expectations: is the recipient someone you regularly deal with on known terms?
  • Notice: was the disclaimer easy to see and understand, or buried under a long signature?
  • Agreement: did the recipient agree to your terms somewhere else (for example, in a signed contract or accepted terms and conditions)?
  • The type of statement: some statements are more “informational” than contractual (e.g. “this email may contain confidential information”).

For enforceability, New Zealand contract principles still matter. A “footer” is rarely enough to create a contract by itself, particularly if it appears after the substantive message and no one has actively accepted it.

That said, email disclaimers can still be useful evidence. They can show that your business consistently treats information as confidential, and that recipients were put on notice that the information wasn’t intended to be shared.

If you’re building a stronger legal position around confidentiality or risk, it’s often better to pair your disclaimer with proper legal documents like NDAs, service agreements, or terms and conditions - so you’re not relying on a footer to do the heavy lifting.

What Email Disclaimers Can Do for Your Business

Even though disclaimers aren’t a “get out of jail free card”, they can play an important role in how your business manages legal and operational risks.

1) Put People on Notice About Confidentiality

A well-written disclaimer can put the recipient on notice that:

  • the email is confidential, and/or
  • the information is commercially sensitive, and/or
  • the email is intended only for a specific person or entity.

This can be helpful if confidential information is later misused or forwarded, because it supports your argument that the recipient knew (or should have known) the information wasn’t for wider distribution.

Just remember: the stronger protection usually comes from a tailored agreement that includes a proper Confidentiality Clause that both sides have actually agreed to.

2) Reduce Harm When Emails Go to the Wrong Person

We’ve all done it: autocomplete selects the wrong “Sam” and suddenly your customer quote, supplier margin, or employee issue is in the wrong inbox.

Disclaimers often include a “wrong recipient” instruction like:

  • notify the sender
  • delete the email
  • don’t copy or distribute the content.

Will that force someone to comply? Not always.

But it can help your business show you took reasonable steps to reduce the impact of a mistake - which matters when you’re thinking about privacy obligations and good business practices.

3) Support Your Privacy and Security Practices

If your business handles personal information, you have responsibilities under the Privacy Act 2020 to protect that information with reasonable safeguards.

Email disclaimers aren’t enough on their own, but they can support your broader privacy posture - especially when aligned with your Privacy Policy, internal processes, and staff training.

It’s also worth being clear internally about the difference between privacy obligations and confidentiality expectations. (They overlap, but they’re not the same thing.) If that’s a blurry area for your team, clarifying the privacy and confidentiality distinction can prevent avoidable mistakes.

4) Help Manage Reputation and “Authority” Issues

Another common function of email disclaimers is to clarify that:

  • the email may contain personal opinions, not official company advice
  • only certain people can bind the business to a contract
  • the business isn’t responsible for changes made to the email after it’s sent.

This can be useful for small businesses where staff wear multiple hats and clients may assume every email is “official”.

However, this needs to be handled carefully. A disclaimer won’t necessarily prevent a contract from being formed if, looking at the communications and conduct as a whole, it was reasonable for the other party to believe your staff member had authority (or you later accept the benefit of what was agreed). A better approach is to set clear signing/approval processes and use the right contracts.

5) Act as a Consistent, Professional “House Rule”

There’s also a simple practical benefit: consistency.

When all staff emails include a clear, readable disclaimer (and not a 40-line wall of text), it signals professionalism and that your business takes confidentiality and compliance seriously.

That can be valuable when you’re dealing with:

  • commercial negotiations
  • supplier relationships
  • regulated industries (health, finance, education)
  • high-trust services (consulting, bookkeeping, HR, tech).

What Email Disclaimers Can’t Do (Common Misconceptions)

This is where many small businesses get caught out. It’s easy to overestimate what a footer can achieve.

1) They Can’t Replace a Proper Contract

If you want enforceable obligations - like confidentiality obligations, IP ownership terms, payment terms, limitation of liability, or dispute resolution - you generally need a proper agreement, not just an email disclaimer.

For example, if you provide services, you’ll usually want a signed service agreement or terms and conditions that clearly deal with scope, fees, liability, and IP. If you hire staff, you’ll want a proper Employment Contract so expectations are clear from day one.

2) They Can’t Override New Zealand Consumer or Fair Trading Laws

If you sell goods or services to consumers, you can’t use an email disclaimer to “contract out” of obligations under laws like:

  • Fair Trading Act 1986 (misleading or deceptive conduct, false representations, etc.)
  • Consumer Guarantees Act 1993 (automatic guarantees for consumers in many situations)

So if your disclaimer says “all sales are final” or “no refunds ever”, that statement could be misleading (and it may not be legally enforceable). Worse, it could create compliance risk if it contradicts your actual legal obligations.

3) They Can’t Guarantee Confidentiality Once the Email Leaves Your System

Even if you mark something as “confidential”, you can’t fully control:

  • whether the recipient forwards it
  • whether their system is secure
  • whether they print it
  • whether it’s accessed by someone else in their organisation.

If confidentiality really matters, consider technical and operational controls too (for example: password protection, sharing via secure portals, limiting who receives sensitive content, and strong internal information handling rules).

4) They Can’t Stop a Privacy Breach From Being a Privacy Breach

If your team emails personal information to the wrong person, a disclaimer doesn’t “undo” the disclosure.

Depending on the circumstances, you may still have obligations under the Privacy Act 2020 to assess the incident, contain it, and (if it creates a serious risk of harm) notify affected individuals and the Privacy Commissioner.

That’s why having an internal plan matters. A Data Breach Response Plan can help your business respond quickly and consistently when something goes wrong.

Some disclaimers try to claim that an email is legally privileged.

In New Zealand, legal professional privilege is a specific concept and it generally depends on the nature of the communication (for example, confidential communications with a lawyer for the purpose of giving or receiving legal advice).

A footer claiming “privileged” doesn’t make it privileged if the content and context don’t meet the legal requirements.

What Should a Good Email Disclaimer Include for a New Zealand Small Business?

There’s no single perfect disclaimer for every business. A trades business, an online store, and a health service provider will have very different risk profiles.

That said, most email disclaimers used by New Zealand businesses are built from a few common building blocks.

Confidentiality And Wrong Recipient Instructions

Common elements include:

  • the email may contain confidential information
  • it’s intended only for the named recipient
  • if received in error, notify the sender and delete it
  • don’t copy, forward, or disclose it.

Security / Virus Statement (Carefully Worded)

Some businesses include a clause about checking attachments for viruses or malware.

This can be reasonable, but keep it practical - you can’t realistically “disclaim” responsibility for everything, particularly if you’ve been careless. A better approach is to pair the disclaimer with actual security practices (like up-to-date software, staff training, and secure file handling).

Views And Authority Statement (If Relevant)

If your staff communicate with clients regularly, you might include a short statement like:

  • “Any views expressed are those of the sender and may not reflect the views of the business.”

For some businesses, it’s also helpful to clarify that the business is only bound by agreements signed by authorised personnel - but be careful here. If your staff are negotiating and you behave as though they have authority, a disclaimer may not protect you.

Privacy-Friendly Language

If you deal with personal information, your disclaimer can support your privacy messaging (without over-promising). For example, it can encourage unintended recipients to delete the email and notify you.

But if you’re collecting personal information (including through email), the more important piece is having an accurate and up-to-date Privacy Policy and training your team on how to handle that information safely.

Avoid Overreaching Claims

Overly aggressive disclaimers can backfire because they can:

  • look unreasonable (which can reduce compliance in real life)
  • confuse customers
  • conflict with your actual contracts
  • create consumer law risk if they’re misleading.

In practice, a short, clear disclaimer often performs better than a long one.

If you want the disclaimer itself drafted or reviewed to suit your business, it’s usually worth getting it done properly rather than copying a generic template. A tailored Email Disclaimer can also be aligned to your broader legal documents and the way your business actually operates.

How To Use Email Disclaimers Properly (So They Actually Help)

A disclaimer works best when it’s part of a bigger system - not a standalone fix.

1) Match Your Disclaimer To Your Actual Business Practices

If your footer says “confidential” on every email, but staff routinely forward customer details casually, the disclaimer won’t reflect reality.

Consistency matters. Your disclaimer should match your internal culture and processes.

Most email incidents happen because someone is rushed, distracted, or unclear on what they’re allowed to share.

Practical staff training can include:

  • how to double-check recipients before sending
  • when to use BCC vs CC
  • what counts as “personal information” under the Privacy Act 2020
  • when to avoid email and use a secure method instead
  • what to do if an email is sent to the wrong recipient.

If you regularly share sensitive business information, a disclaimer is not a substitute for an NDA or a properly drafted agreement.

Common situations where a “real” document matters include:

  • sharing pricing, formulas, processes, or customer lists with contractors
  • building a product with a developer or designer
  • joint ventures or partnership discussions
  • outsourcing work offshore.

This is where properly drafted confidentiality terms (and broader contract terms) can be a game changer for protecting your business as it grows.

4) Keep The Disclaimer Readable

As a rule of thumb, if the disclaimer is longer than your actual email, it’s probably not doing its job.

A clear disclaimer is more likely to be noticed, understood, and followed - which is what you want if you’re trying to reduce risk in real-world situations.

5) Have A Plan For Mistakes

Even with the best systems, mistakes happen.

When they do, speed matters: containment, documentation, and consistent action. Having a breach response process (and knowing who in your business is responsible for it) can be just as important as the disclaimer itself.

Key Takeaways

  • Email disclaimers can be a helpful way to put recipients on notice about confidentiality and reduce harm when emails are misdirected.
  • On their own, email disclaimers usually have limited legal force in New Zealand - especially if the recipient hasn’t agreed to them.
  • An email disclaimer can’t replace a proper contract, can’t override consumer law, and can’t “undo” a privacy breach.
  • If you handle personal information, your disclaimer should support (not replace) your broader Privacy Act 2020 compliance measures like policies, training, and breach response processes.
  • The most effective approach is to use a short, clear disclaimer that matches how your business operates, alongside properly drafted agreements and internal processes.

If you’d like help getting your email disclaimer (and your broader legal setup) right, you can reach us at 0800 002 184 or team@sprintlaw.co.nz for a free, no-obligations chat.

Alex Solo
Alex Solo

Alex is Sprintlaw's co-founder and principal lawyer. Alex previously worked at a top-tier firm as a lawyer specialising in technology and media contracts, and founded a digital agency which he sold in 2015.

Need legal help?

Get in touch with our team

Tell us what you need and we'll come back with a fixed-fee quote - no obligation, no surprises.

Keep reading

Related Articles

Is Reselling Products Legal In New Zealand?

Is Reselling Products Legal In New Zealand?

Reselling products can be a great way to start (or scale) a business in New Zealand. Maybe you’re buying stock wholesale and selling it online, importing popular items to sell locally, or...

10 May 2026
Read more
Is It Legal To Threaten Someone With Legal Action In New Zealand?

Is It Legal To Threaten Someone With Legal Action In New Zealand?

If you run a small business, you’ve probably had at least one moment where you’ve thought: “Can I just tell them we’ll take legal action?” Maybe a customer won’t pay, a supplier...

9 May 2026
Read more
Is It Legal To Resell Products In New Zealand?

Is It Legal To Resell Products In New Zealand?

Reselling products can be a great way to build a business in New Zealand. Maybe you’re sourcing inventory from local wholesalers, importing stock, or buying goods in bulk and selling them online....

9 May 2026
Read more
Is It Legal To Refuse Cash In New Zealand?

Is It Legal To Refuse Cash In New Zealand?

If you’re running a small business, going cashless can feel like the obvious next step. It can reduce theft risk, speed up transactions, and make end-of-day admin much easier. But plenty of...

9 May 2026
Read more
How To Legally Run a Raffle or Lottery in New Zealand

How To Legally Run a Raffle or Lottery in New Zealand

Running a raffle or lottery can be a great way to raise funds, build brand awareness, or drive foot traffic to your business. But before you start printing tickets or promoting a...

28 Apr 2026
Read more
Expressions Of Interest (EOIs) In New Zealand: What Businesses Need To Know

Expressions Of Interest (EOIs) In New Zealand: What Businesses Need To Know

If you’ve ever sold a business, leased a commercial space, or tendered for a project, you’ve probably come across an “expression of interest” (EOI). An EOI can be a great way to...

9 Apr 2026
Read more
Need support?

Need help with your business legals?

Speak with Sprintlaw to get practical legal support and fixed-fee options tailored to your business.

Get StartedBook A Call