What Is A Privacy Policy?

A Privacy Policy is a legal document that sets out how your business collects, uses and protects the personal information of your online customers. “Personal information” is a legal term as defined by the Privacy Act – now updated to remain current with our fast‐moving digital landscape – and it includes an individual’s name, signature, address, telephone number, date of birth, medical records, bank account details and other sensitive data.

Do I Need It?

A Privacy Policy is a legal requirement under the Privacy Act 1993 (NZ) for organisations that collect personal information. Even if your new business is not immediately mandated by law to have a Privacy Policy, it is a wise precaution to implement one early on. This not only ensures compliance as your business grows but also builds trust with customers right from the start, particularly as privacy standards continue to evolve in 2025.

Moreover, personal information is often invaluable for online business marketing and customer engagement. To avoid potential conflicts with spam regulations and data protection breaches, your Privacy Policy should clearly explain how you intend to use, store, and protect personal information. For further insight, you might also want to check out our guide on essential legal documents.

How Do I Use It?

Typically, a Privacy Policy is linked with your Terms & Conditions. For example, when users sign up for your service, you might include a checkbox with wording such as “By signing up, I agree to the Terms and Conditions and Privacy Policy”. This integration ensures that users have the opportunity to review both documents and understand their rights and obligations before proceeding. It is one of the many simple yet effective measures to ensure transparency and legal compliance.

Privacy Policy Example

Michael has developed a mobile app that allows users to create personalised to-do lists. Before users can access the app, Michael requires them to register an account by providing personal information such as their name and email address. Prior to registration, a checkbox is displayed for users to confirm that they agree to the App Terms & Conditions and the Privacy Policy, with links provided for in-depth reading. This simple step helps ensure that users are fully informed and consent to your data practices.

GDPR: EU Privacy Laws

For businesses operating in Europe or handling the personal data of European customers, compliance with the General Data Protection Regulation (GDPR) remains essential. If this applies to you, it is advisable to implement a GDPR-compliant Privacy Policy. In addition to the measures required for New Zealand, you must ensure that your data collection, storage and management procedures meet GDPR’s rigorous standards. For more current guidance on data protection, please see our comprehensive Legal Guides.

Engaging with legal experts in the EU can help you tailor your Privacy Policy to meet these standards, a crucial step as data protection requirements continue to be refined in 2025.

Additional Considerations for 2025

As privacy laws and technology evolve, businesses should routinely update their Privacy Policies to reflect current legal requirements and best practices. In 2025, emerging issues such as cross-border data transfers, data minimisation, and enhanced consumer rights are at the forefront of privacy discussions. Staying informed through updated resources, such as our legal insights for small businesses, will help you remain compliant and maintain customer confidence.

Need Help With A Privacy Policy?

Drafting a Privacy Policy can seem daunting, given the intricacies of privacy regulations and the need to clearly articulate your data practices. Hiring a lawyer to draft or review your Privacy Policy is a one-off investment that can save your business from potential disputes and legal complications down the line.

At Sprintlaw, our team of experienced lawyers is on hand to assist you with drafting or reviewing your Privacy Policy and other essential legal documents. Whether you require guidance on the latest privacy standards or need broader legal advice, we’re here to help. For more information on our services or to schedule a consultation, visit our contact page or call us on 0800 002 184.

Minna Boyle
Minna is the Head of People & Culture at Sprintlaw. After completing a law degree and working in a top-tier firm, Minna moved to NewLaw and now manages the people operations across Sprintlaw.
About Sprintlaw

We're an online legal provider operating in New Zealand, Australia and the UK. Our team services New Zealand companies and works remotely from all around the world.

5.0 Review Stars
(based on Google Reviews)
Do you need legal help?
Get in touch now!

We'll get back to you within 1 business day.

  • This field is for validation purposes and should be left unchanged.

Related Services

Privacy Policy

Privacy policies outline how you handle information.
Learn More

Privacy Policy (GDPR)

Ensure your privacy policy is GDPR-compliant.
Learn More

Privacy Policy (Credit Provider)

Get a Privacy Policy (Credit Provider)
Learn More

Privacy Policy (Sensitive Information)

If you hold sensitive data, it's important you comply with privacy law.
Learn More

Privacy Policy (Health Service Provider)

Privacy policies tailored to health service providers.
Learn More
Related Articles
Influencer Agreements – What Are They? (2025 Updated)
Posted 25th February, 2025
Who Can Access Medical Records? (2025 Updated)
Posted 24th February, 2025
How To Start An Online Subscription Business: Legal Tips (2025 Updated)
Posted 24th February, 2025
Trade Marks Vs. Copyright: What’s The Difference? (2025 Updated)
Posted 24th February, 2025
Starting A Podcast? Here’s How To Set Yourself Up For Success (2025 Updated)
Posted 23rd February, 2025
Everything You Need To Know About Canva & Copyright (2025 Updated)
Posted 23rd February, 2025