Privacy Updates

New Zealand’s current Privacy Law was 27 years old and was refreshed from 1 December 2020. In this 2Shakes Privacy Update, find out about some the changes that came and what 2Shakes does that you should be aware of.

Key changes

You can find resources on the Privacy Commissioners website about the changed legislation. Some key changes:

• Privacy commissioner now has ‘teeth’ to deal with privacy breaches.
• Individuals can ask to view their own records.
• There are constraints around the disclosure of information overseas.
• If you use numbers or codes to represent people there are restraints over using these unique IDs with other organisations.

Our Privacy Policy Updates

2Shakes have published our updated privacy policy on our website. Key changes to our Privacy Policy include:

• We add further explanation of the use of information for AML/CFT CDD checks and fraud detection.
• We specify where information may be sent to others who may operate cloud software services located overseas.
• We link to the privacy policies of cloud software services providers we integrate with.
• We specify how we deal with privacy breaches.

To maximise security and privacy, 2Shakes has always operated from Microsoft Azure cloud services from data centers located in Australia.  The providers of our identity verification integrated cloud services are Centrix (located in New Zealand) and OCRLabs (in Australia). NZ privacy law is similar in nature to Australian Privacy requirements. So this provides real confidence that this identity information is held in countries with privacy laws that provide safeguards in line with the New Zealand Privacy Act.

We include links to the privacy policies of the providers we integrate within our privacy policy.

Your Privacy Policy

If you have an account with 2Shakes, now’s a good time to review what you are doing around privacy in your business. It all starts with a privacy policy. If you already have a policy and are a 2Shakes user you can include a link to the 2Shakes policy in your own.

In case you don’t have a privacy policy, or you have one that is out of date, you should create a new one. Here are some resources that can help:

• The tool on the Privacy Commissioner’s website helps to create your own privacy statements.  Or, you might refer to Simmonds Stewart lawyers who have a template for a privacy policy.
• Business.govt.nz provide tips on what customer and employee information you should be keeping, and ways to protect personal data
• Digital.govt.nz has guidance information on privacy and and key privacy concepts 

For any concerns or questions about how 2Shakes handles Privacy, please email our privacy officer privacy@2shakes.co.nz and we will be pleased to help.