AI Automation and the NZ Privacy Act
A practical, non-legal guide to using AI automation without breaching NZ's Privacy Act: the IPPs that matter, cross-border data risk, and a small-business checklist.
The Privacy Act 2020 applies to every AI tool your business touches: there is no separate AI law in New Zealand and no small-business exemption. The Office of the Privacy Commissioner confirmed as much in its September 2023 AI guidance. Nothing in it stops you automating; it just sets the rules for doing it properly.
One thing to be clear about up front. I build AI automation for NZ small businesses, I'm not a lawyer, and this is practitioner guidance rather than legal advice. What follows is a working translation of the primary sources, with pointers to the originals so you can check my working.
What actually governs AI use in New Zealand
Three documents cover almost everything a small business needs, and all three are free.
First, the Privacy Act 2020 itself. It's technology-neutral and works through 13 information privacy principles (the IPPs) covering how you collect, store, use, and share personal information. If an AI tool touches personal information, the IPPs apply to it the same way they apply to your inbox.
Second, the Office of the Privacy Commissioner published Artificial Intelligence and the Information Privacy Principles in September 2023. It sets out what the regulator expects when an organisation adopts AI: senior sign-off, a check that the tool is genuinely necessary, a privacy impact assessment before use, transparency with the people whose information is involved, consideration of te ao Māori perspectives on privacy, human review of decisions AI influences, and proper terms with vendors.
Third, MBIE released its Responsible AI Guidance for Businesses in July 2025, alongside the national AI strategy. It's voluntary and adoption-focused, and it confirms the wider setting: New Zealand has chosen to apply existing law to AI rather than write a new AI Act. Its short companion PDF, Quickstart: Businesses using AI tools, is readable in one sitting.
If you're a step before all this, still working out what's worth automating in the first place, start with the practical guide to AI automation for NZ small businesses and come back.
The EU rules you've read about mostly don't apply here
Here's where most online advice quietly steers you wrong. The bulk of AI-and-privacy content is written for the GDPR, which is European law. It doesn't govern a Queenstown retailer selling to New Zealanders.
New Zealand has no mandatory cookie-banner law. Nothing in the Privacy Act requires that pop-up, and our regime isn't built on opt-in consent for every use of data. It's built on the 13 principles: collect for a stated purpose, tell people, keep it secure, use it for what you said.
That's closer to an opt-out model than Europe's opt-in, which means the compliance bar for a small business is lower and more sensible than the EU-flavoured content suggests. Fair warning though: lower is not zero.
And one rule genuinely is new. Since 1 May 2026, a new principle called IPP3A requires you to notify people when you collect their personal information indirectly, from a source other than the person themselves. The change came in through an amendment to the Privacy Act, the OPC has published guidance on it, and it matters for AI because enrichment tools, scraped datasets, and bought-in lead lists are all indirect collection.
The six privacy principles that actually bite
You don't need to memorise all 13. Six do most of the work when you're weighing up an AI tool:
- IPP1, purpose. Only collect what you need for a stated purpose. If a tool wants your whole customer database to draft email replies, that's a design smell.
- IPP5, security. You must protect personal information wherever it sits, including inside a vendor's system. Their security posture becomes yours.
- IPP9, retention. Don't keep personal information longer than the job requires. A vendor retaining your data counts as you retaining it.
- IPP10, use. Information collected for one purpose can't quietly serve another. A vendor training its models on your customer data is exactly that.
- IPP11, disclosure. Sending personal information into a tool is a disclosure, and you're responsible for where it goes next.
- IPP12, cross-border disclosure. Before personal information leaves New Zealand, comparable safeguards need to be in place. This is the sharp one, and it gets its own section.
Can I use ChatGPT with customer data?
Yes, with conditions, and this is where IPP12 earns its billing.
Almost every cloud AI tool, ChatGPT and Claude included, processes data on overseas servers by default. Under IPP12, disclosing personal information outside New Zealand requires comparable privacy safeguards, usually delivered through the vendor's contractual terms. So the practical question isn't "is this tool legal", it's "which tier am I on and what do the terms say".
The most common slip I see isn't exotic. It's a staff member pasting a customer email thread into a free consumer AI account to draft a reply. Business tiers of the major tools come with no-training commitments and written data-processing terms; consumer tiers put the burden on you to find the toggle, if one exists.
That tier distinction carries most of the risk under IPP10 and IPP12. Same tool, same prompt, very different legal position.
A privacy impact assessment your business can actually run
The OPC's guidance expects a privacy impact assessment before an organisation adopts AI. The practice is normal, not paranoid: ACC ran and published one before rolling out Microsoft 365 Copilot in February 2024.
You don't need ACC's version. The OPC's own privacy impact assessment toolkit includes a lighter option called a Brief Privacy Analysis for smaller, lower-risk projects. Here's mine, scaled for a business with no privacy officer, run once per tool before it goes live.
- Name the tool and the job. One sentence: "We're using X to do Y."
- List the personal information that will pass through it. Names, contact details, financial records, health notes, staff data. If the honest answer is none, write that down and stop here.
- Cut what the tool doesn't need. If it can do the job without full customer records, don't feed it full customer records.
- Find where the data is processed and stored. Country and vendor. This is your IPP12 answer.
- Check the vendor's defaults. Does it train on your data? How long does it retain it? Is there a business tier that fixes both?
- Decide what you'll tell people. Usually a sentence in your privacy statement. Remember IPP3A if any of the information arrives indirectly.
- Name the human who reviews outputs that affect people. Quotes, declines, anything a customer would want to appeal.
- Date it, file it, revisit it when the tool changes.
That's the whole exercise. Honestly, it's less work than choosing the tool was.
Five questions to put to any AI vendor
The OPC's guidance calls for appropriate contractual safeguards with vendors. Here's what that means in plain English, asked before you sign anything:
- Is model training on our data switched off on the tier we're buying, and is that in writing?
- Where is our data processed and stored, and under which country's law?
- Can we have your data-processing terms in writing before we commit?
- How long do you retain our data, and can we have it deleted on request?
- If you have a breach involving our data, when and how do we find out?
A serious vendor answers all five without flinching. A vendor who can't answer the first two has answered a different question, and you should treat it as a no.
When to call a lawyer instead
Some situations need legal advice, not a consultant's checklist, and saying so plainly is part of the job. Call a lawyer if you're handling health information (which sits under its own Health Information Privacy Code), running automated decisions with real consequences like credit, tenancy, or hiring, processing information about children, or dealing with the aftermath of a suspected breach.
On that last one: the Privacy Act requires you to notify the OPC when a breach is likely to cause serious harm, and failing to notify is an offence carrying a fine of up to $10,000. That's a moment for a lawyer, not a blog post, including this one.
Privacy is cheap in scoping and expensive after
None of the above is a reason to stall on automation. It's a design input, and it costs close to nothing when it's handled during scoping.
When we built the practice-management platform for My Wellness, a Queenstown health practice, bookings, payments, and invoicing flowed through Cal.com, Stripe, and Xero. Knowing exactly which information entered which system wasn't a compliance afterthought; it was the integration map we needed to build the thing at all. The privacy answers fell out of work we were doing anyway.
/ From the workshop · Health platform · Queenstown
My Wellness: 10+ admin hours saved per practitioner every week.
Read the case study →
Retrofitting is the expensive path: unpicking a live workflow, renegotiating vendor terms, explaining things to customers after the fact. I've written the condensed version of this for accounting firms holding client financials, and the same logic holds in every industry. Design it in and privacy is a page of notes; bolt it on later and it's a project.
The takeaway
The Privacy Act doesn't stop a NZ small business using AI. It asks you to know four things: what data enters which tool, where it's processed, what the vendor does with it, and what you've told your customers. The Brief Privacy Analysis above answers all four, and that page of notes is the step most AI adoptions skip.
If you're weighing up an automation build and want the privacy questions handled in scoping rather than after an incident, a short call is the fastest way to see what that looks like for your business.
Frequently asked questions
- Does the NZ Privacy Act apply to AI tools?
- Yes, fully. The Privacy Act 2020 is technology-neutral, so the same 13 information privacy principles that govern a filing cabinet govern ChatGPT, Copilot, and any automation tool that touches personal information. There is no separate AI law in New Zealand and no exemption for small businesses. The Office of the Privacy Commissioner confirmed this in its September 2023 guidance on AI and the information privacy principles.
- Can I use ChatGPT with customer data in New Zealand?
- You can, with conditions. Most cloud AI tools process data on overseas servers, which brings in IPP12, the cross-border disclosure principle. In practice that means using a business or enterprise tier with model training on your data switched off, getting the vendor's data-processing terms in writing, and never pasting customer details into a free consumer account. The tier you're on matters more than the tool you choose.
- Do I need a privacy impact assessment before using AI?
- The Privacy Commissioner's AI guidance expects one before an organisation adopts an AI tool, though it isn't a statutory requirement for private businesses. For a small business the workable version is a Brief Privacy Analysis, a lighter option from the OPC's own toolkit: a one-page exercise recording what personal information enters the tool, where it's processed, what the vendor does with it, and who gets told. Write it down and date it. That record is most of the value.
- Do I have to tell customers I'm using AI?
- Transparency is one of the Privacy Commissioner's stated expectations for AI use, and the collection principles already require you to tell people why you're collecting their information and what happens to it. Since 1 May 2026 a new principle, IPP3A, also requires you to notify people when you collect their personal information indirectly, from a source other than the person themselves. A plain sentence in your privacy statement naming the kinds of tools you use and why covers most small-business situations.
- Does New Zealand have a cookie-banner law like Europe?
- No. The cookie banners you see everywhere come from EU rules, mainly the ePrivacy Directive and the GDPR's consent model, and no equivalent New Zealand law requires them. The Privacy Act 2020 works differently: it is built on the 13 information privacy principles, which focus on purpose, transparency, and safeguards rather than opt-in consent for everything. Most compliance advice online that says otherwise is written for a different jurisdiction.