Employee Data Privacy

New Zealand - Data Protection Officer

 Download as a PDF

What is, and which organizations have to appoint a DPO?

A Data Protection Officer (DPO) is a person in charge of verifying the compliance of personal data processing with the applicable law. The DPO communicates information on processing personal data such as its purposes, interconnections, types, categories of data subjects, length of retention and department(s) in charge of implementing processing. DPOs may be required by law or recommended. 

In New Zealand, employers (and other agencies) are required to appoint privacy officers whose responsibilities include:

  • encouraging the company to comply with the Information Privacy Principles outlined in the Privacy Act;
  • handling requests made to employers;
  • working with the data protection Commissioner in the event of an investigation relating to the employer; and,
  • ensuring the company complies with the Privacy Act 2020.


UKG's HR Compliance Assist team relies on a network of internal and external compliance experts and lawyers to provide clients with best practices and recommendations on topics such as HR document retention, employee data privacy, and HR electronic records. HR Compliance Assist also provides local compliance monitoring and alert services in select countries where UKG's customers have employees. HR Compliance Assist is a service exclusively available to UKG customers.

Share Your Feedback

Let's Talk