Home | Browse Topics | Individual rights & freedoms | Privacy and information | Complaining to the Privacy Commissioner

Individual rights & freedoms

Complaining about a breach of your privacy

Complaining to the Privacy Commissioner

What can I complain to the Privacy Commissioner about?

Privacy Act 2020, ss 69–70

If talking directly with the organisation and/or their Privacy Officer doesn’t resolve the issue, you can go to the Privacy Commissioner.

You can complain to the Privacy Commissioner if:

  • there’s been a breach of the privacy rules (for example, a breach of one of the privacy principles in the Privacy Act or the rules in a code of practice), and
  • that breach caused (or may cause) some kind of loss or harm, including non-financial harm such as humiliation or loss of dignity.

For example, if your insurance company turns down an insurance claim on the basis of medical information that your doctor told your insurer without your permission, your doctor’s potential breach of the privacy rules might have caused you harm.

It’s also an interference with your privacy if an organisation refuses, without a proper basis, to give you access to your information or to correct information after you’ve asked for a correction (see: “How you can access your information and correct it if necessary”). But in these cases, unlike with other breaches of the privacy rules, you don’t have to show that the breach caused you some kind of loss or harm.

You can make a complaint to the Privacy Commissioner if the breach happened to you, or if you want to complain on behalf of someone else or a group of people.

How do I complain to the Privacy Commissioner?

Privacy Act 2020, s 72

You can complain verbally or in writing, but if you complain verbally you should put the complaint in writing as soon as possible. The Privacy Commissioner can help you with putting the complaint in writing.

To complain in writing you can write a letter yourself or you can fill in the complaint form that’s available from the Privacy Commissioner. The Privacy Commissioner also provides guidance on the type of information to include in the complaint.

What can the Privacy Commissioner do about my complaint?

Privacy Act 2020, ss 74–78 

The Privacy Commissioner will decide whether to investigate your complaint, and if they do investigate, will decide whether there’s been a breach of the privacy laws that has caused you, or someone else, loss or harm. The Privacy Commissioner can refer the complaint to the Ombudsman if the Privacy Commissioner thinks this would be more appropriate (see:“The Ombudsman: Watchdogs over government”). At every stage of the investigation, the Privacy Commissioner will try to help the two sides resolve the complaint.

Privacy Act 2020, ss 123, 133

The Privacy Commissioner has the power to issue compliance notices to make an organisation do something or stop something. If they don’t comply, they could get a penalty of up to $10,000.

What happens if my complaint can’t be resolved?

Privacy Act 2020, s 78

If your complaint isn’t settled during the investigation, the Privacy Commissioner will send both sides a letter with an initial opinion of how the law should apply to the complaint. Both sides will get an opportunity to comment. Once the Privacy Commissioner has taken those comments into account, and if the complaint is still not settled or withdrawn, the Privacy Commissioner will come to a final opinion.

The Privacy Commissioner’s opinions on privacy complaints aren’t legally binding, but they’re taken seriously.

If the Privacy Commissioner decides that your complaint is justified, they may refer it to the Director of Human Rights Proceedings, who will decide whether to take the case to the Human Rights Review Tribunal. If the Privacy Commissioner thinks there hasn’t been an interference of your privacy, you can take the matter to the Human Rights Review Tribunal yourself.

What can the Human Rights Review Tribunal do?

Privacy Act 2020, ss 97–103

If your complaint goes to the Human Rights Review Tribunal, the Tribunal will make a decision about whether there has been a breach of the privacy laws, and can award you damages (money) and other remedies. For more information about going to the Tribunal, see: “Taking action: what you can do if you’re discriminated against”.

Did this answer your question?

Privacy and information

Where to go for more support

Community Law

Your local Community Law Centre can provide you with free initial legal advice.

Find your local Community Law Centre online: www.communitylaw.org.nz/our-law-centres

Privacy Commission

The Privacy Commissioner website provides information about your rights and responsibilities under the Privacy Act 2020 and the Privacy Principles. It also outlines the role of the Privacy Commissioner and how to make a privacy complaint.

Website: www.privacy.org.nz
Email: enquiries@privacy.org.nz
Phone: 0800 803 909

To make a complaint online: www.privacy.org.nz/your-rights/making-a-complaint

Privacy of your health information

Information on the Health Information Privacy Code 2020:  www.privacy.org.nz/privacy-act-2020/codes-of-practice/hipc2020

Mental health: This pamphlet provides you information about the Programme for the Integration of Mental Health Data: www.health.govt.nz/system/files/documents/publications/hp7310-primhd-dl-v6-web.pdf

Nationwide Health & Disability Advocacy Service

The Nationwide Health & Disability Advocacy Service offers free, independent, and confidential advice to support you making a complaint about health and disability services.

Website: www.advocacy.org.nz
Email: advocacy@advocacy.org.nz
Phone: 0800 555 050

Also available as a book

The Community Law Manual

The Manual contains over 1000 pages of easy-to-read legal info and comprehensive answers to common legal questions. From ACC to family law, health & disability, jobs, benefits & flats, Tāonga Māori, immigration and refugee law and much more, the Manual covers just about every area of community and personal life.

Buy The Community Law Manual

Help the manual

We’re a small team that relies on the generosity of all our supporters. You can make a one-off donation or become a supporter by sponsoring the Manual for a community organisation near you. Every contribution helps us to continue updating and improving our legal information, year after year.

Donate Become a Supporter

Find the Answer to your Legal Question

back to top