{"id":210375,"date":"2021-09-28T14:55:46","date_gmt":"2021-09-28T01:55:46","guid":{"rendered":"https:\/\/legalvision.co.nz\/?p=210375"},"modified":"2023-03-15T17:54:06","modified_gmt":"2023-03-15T04:54:06","slug":"comply-with-gdpr","status":"publish","type":"post","link":"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/","title":{"rendered":"What Measures Can My NZ Business Undertake to Comply with GDPR?"},"content":{"rendered":"\n<p><span style=\"font-weight: 400\">When you set up an online store, anyone with an internet connection can access it. This is great for reaching new customers and widening your potential market. However, this also means that when you engage with overseas customers, the laws of the area they live in may apply to you. One of these laws is the European Union\u2019s (EU) General Data Protection Regulation (GDPR). This is a broad network of laws that protect the data of people living in the EU, and it may apply to your business if you engage with customers in the EU. This article will explain what GDPR is and how it may affect your business.<\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span style=\"font-weight: 400\">What Is the GDPR?<\/span><\/h2>\n\n\n\n<p><a href=\"https:\/\/legalvision.co.nz\/data-privacy-it\/gdpr-compliance\/\"><span style=\"font-weight: 400\">The GDPR<\/span><\/a><span style=\"font-weight: 400\"> is a set of EU regulations that govern how entities (such as your business) handle the personal data of people living in the EU. This is a data framework applied across and outside of the EU since 25 May 2018. Its purpose is to protect this personal data and allow people to control how agencies use their personal data.<\/span><\/p>\n\n\n\n<p><span style=\"font-weight: 400\">Like <\/span><a href=\"https:\/\/legalvision.co.nz\/data-privacy-it\/privacy-act-and-information-privacy-principles\/\"><span style=\"font-weight: 400\">NZ privacy law<\/span><\/a><span style=\"font-weight: 400\">, the GDPR defines personal data quite broadly as information that identifies an individual (or data subject). Examples of such data include:<\/span><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><span style=\"font-weight: 400\">full names;<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400\">video or image recordings;<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400\">IP addresses;<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400\">location data;<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400\">employment details;<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400\">email addresses; and<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400\">financial information.<\/span><\/li>\n<\/ul>\n\n\n\n<p><span style=\"font-weight: 400\">Also similar to NZ privacy laws, the GDPR operates on principles aimed to protect privacy. In your business, you should seek to follow these principles. They include (table):<\/span><\/p>\n\n\n\n<figure class=\"wp-block-table\"><table><tbody><tr><td>\n<h6><b>Lawful Data Processing:<\/b><span style=\"font-weight: 400\">&nbsp;<\/span><\/h6>\n<\/td><td>\n<p><span style=\"font-weight: 400\">You must collect, store, and use customer data (also called processing) fairly and transparently. You must have express consent from the customer to track their information.<\/span><\/p>\n<\/td><\/tr><tr><td>\n<h6><b>Legitimate Purpose:<\/b><\/h6>\n<\/td><td>\n<p><span style=\"font-weight: 400\">You must have a proper purpose for processing data, which you need to make clear to the individual in question. You should make this information easily accessible to your customers.<\/span><\/p>\n<\/td><\/tr><tr><td>\n<h6><b>Data Minimisation:<\/b><\/h6>\n<\/td><td>\n<p><a href=\"https:\/\/legalvision.co.nz\/data-privacy-it\/limit-customer-data-collection\/\"><span style=\"font-weight: 400\">Only collect and process data<\/span><\/a><span style=\"font-weight: 400\"> needed for your express purpose, and do not go outside of this purpose.<\/span><\/p>\n<\/td><\/tr><tr><td>\n<h6><b>Accuracy:<\/b><\/h6>\n<\/td><td>\n<p><span style=\"font-weight: 400\">Make sure the data you process is accurate and up to date. Give your customers the chance to correct it if they would like.<\/span><\/p>\n<\/td><\/tr><tr><td>\n<h6><b>Storage Limitation:<\/b><\/h6>\n<\/td><td>\n<p><span style=\"font-weight: 400\">Only store personal data for as long as you need it. Individuals covered by this law can ask you to erase their data in certain situations or restrict the kind of data processing you do.<\/span><\/p>\n<\/td><\/tr><tr><td>\n<h6><b>Integrity and Confidentiality:<\/b><\/h6>\n<\/td><td>\n<p><span style=\"font-weight: 400\">You need to protect the data you process, ensuring security and confidentiality.<\/span><\/p>\n<\/td><\/tr><tr><td>\n<h6><b>Accountability:<\/b><\/h6>\n<\/td><td>\n<p><span style=\"font-weight: 400\">As the data controller, you need to prove your steps for compliance with the GDPR.<\/span><\/p>\n<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\"><span style=\"font-weight: 400\">Does the GDPR Affect My NZ Business?<\/span><\/h2>\n\n\n\n<p><span style=\"font-weight: 400\">The GDPR applies to entities established in the EU that deal with processing EU personal data. <\/span><span style=\"font-weight: 400\">But, if your business processes data of people living in the EU, then the GDPR will likely also apply to you. This is true even if you do not have a physical presence in the EU. <\/span><span style=\"font-weight: 400\">You should make sure that you are GDPR compliant if your business processes data relating to the:<\/span><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><span style=\"font-weight: 400\">selling of goods or services to EU residents; or<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400\">monitoring the behaviour of EU residents.<\/span><\/li>\n<\/ul>\n\n\n\n<div class=\"box box--icon box--info\">\n<p><span style=\"font-weight: 400\">Tip: The GDPR also imposes some record-keeping obligations. But, if your company or business has fewer than 250 employees, then these obligations may not apply.<\/span><\/p>\n<\/div>\n\n\n\n<p><span style=\"font-weight: 400\">Both of these classifications are quite broad and may encompass your business operations. Examples of such operations include:<\/span><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><span style=\"font-weight: 400\">EU customers seeing and paying for products on your online store;<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400\">web analytics that process the personal data of EU residents.<\/span><\/li>\n<\/ul>\n\n\n\n<p><span style=\"font-weight: 400\">For example, even if customers cannot place orders through your website, if you collect cookies from visitors, then that could include the personal data of EU residents.<\/span><\/p>\n\n\n\n<div class=\"box box--warning box--icon\">\n<p><span style=\"font-weight: 400\">Note: EU data protection authorities can implement severe fines for GDPR breaches, up to \u20ac20 million, or 4% of your annual worldwide turnover (whichever is higher).<\/span><\/p>\n<\/div>\n\n\n\n\n<a href=\"#content-next\"\n   class=\"block p-4 mt-10 text-xl font-bold text-center text-white no-underline bg-gray-800 rounded-t-xl\">\n    Continue reading this article below the form\n    <i class=\"text-xl fa-regular fa-arrow-down\"><\/i>\n<\/a>\n<div class=\"px-6 pt-10 pb-12 mb-10 text-center bg-gray-100 rounded-b-xl sm:px-12 test\">\n    <div class=\"mb-8 text-2xl font-bold text-orange\">\n        Need legal advice?\n        <br>\n        <span class=\"text-lg not-prose\">\n                            Call <a href=\"tel:+64800005570\" class=\"not-prose\">0800 005 570<\/a> for urgent assistance.\n                <br>\n                Otherwise, complete this form, and we will contact you within one business day.\n                    <\/span>\n    <\/div>\n\n    \n\n<div class=\"not-prose flex justify-center text-left gform_input_bg_white    \">\n    <script>\nvar gform;gform||(document.addEventListener(\"gform_main_scripts_loaded\",function(){gform.scriptsLoaded=!0}),document.addEventListener(\"gform\/theme\/scripts_loaded\",function(){gform.themeScriptsLoaded=!0}),window.addEventListener(\"DOMContentLoaded\",function(){gform.domLoaded=!0}),gform={domLoaded:!1,scriptsLoaded:!1,themeScriptsLoaded:!1,isFormEditor:()=>\"function\"==typeof InitializeEditor,callIfLoaded:function(o){return!(!gform.domLoaded||!gform.scriptsLoaded||!gform.themeScriptsLoaded&&!gform.isFormEditor()||(gform.isFormEditor()&&console.warn(\"The use of gform.initializeOnLoaded() is deprecated in the form editor context and will be removed in Gravity Forms 3.1.\"),o(),0))},initializeOnLoaded:function(o){gform.callIfLoaded(o)||(document.addEventListener(\"gform_main_scripts_loaded\",()=>{gform.scriptsLoaded=!0,gform.callIfLoaded(o)}),document.addEventListener(\"gform\/theme\/scripts_loaded\",()=>{gform.themeScriptsLoaded=!0,gform.callIfLoaded(o)}),window.addEventListener(\"DOMContentLoaded\",()=>{gform.domLoaded=!0,gform.callIfLoaded(o)}))},hooks:{action:{},filter:{}},addAction:function(o,r,e,t){gform.addHook(\"action\",o,r,e,t)},addFilter:function(o,r,e,t){gform.addHook(\"filter\",o,r,e,t)},doAction:function(o){gform.doHook(\"action\",o,arguments)},applyFilters:function(o){return gform.doHook(\"filter\",o,arguments)},removeAction:function(o,r){gform.removeHook(\"action\",o,r)},removeFilter:function(o,r,e){gform.removeHook(\"filter\",o,r,e)},addHook:function(o,r,e,t,n){null==gform.hooks[o][r]&&(gform.hooks[o][r]=[]);var d=gform.hooks[o][r];null==n&&(n=r+\"_\"+d.length),gform.hooks[o][r].push({tag:n,callable:e,priority:t=null==t?10:t})},doHook:function(r,o,e){var t;if(e=Array.prototype.slice.call(e,1),null!=gform.hooks[r][o]&&((o=gform.hooks[r][o]).sort(function(o,r){return o.priority-r.priority}),o.forEach(function(o){\"function\"!=typeof(t=o.callable)&&(t=window[t]),\"action\"==r?t.apply(null,e):e[0]=t.apply(null,e)})),\"filter\"==r)return e[0]},removeHook:function(o,r,t,n){var e;null!=gform.hooks[o][r]&&(e=(e=gform.hooks[o][r]).filter(function(o,r,e){return!!(null!=n&&n!=o.tag||null!=t&&t!=o.priority)}),gform.hooks[o][r]=e)}});\n<\/script>\n\n                <div class='gf_browser_gecko gform_wrapper gravity-theme gform-theme--no-framework lawyer-form_wrapper gplaceholder_wrapper form-with-labels-no-asterisks_wrapper has-new-validation-error-styling_wrapper' data-form-theme='gravity-theme' data-form-index='0' id='gform_wrapper_2452' style='display:none'><div id='gf_2452' class='gform_anchor' tabindex='-1'><\/div><form method='post' enctype='multipart\/form-data' target='gform_ajax_frame_2452' id='gform_2452' class='lawyer-form gplaceholder form-with-labels-no-asterisks has-new-validation-error-styling' action='\/api\/wp\/v2\/posts\/210375#gf_2452' data-formid='2452' novalidate>\n                        <div class='gform-body gform_body'><div id='gform_fields_2452' class='gform_fields top_label form_sublabel_below description_below validation_below'><div id=\"field_2452_15\" class=\"gfield gfield--type-honeypot gform_validation_container field_sublabel_below gfield--has-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label' for='input_2452_15'>Name<\/label><div class='ginput_container'><input name='input_15' id='input_2452_15' type='text' value='' autocomplete='new-password'\/><\/div><div class='gfield_description' id='gfield_description_2452_15'>This field is for validation purposes and should be left unchanged.<\/div><\/div><div id=\"field_2452_1\" class=\"gfield gfield--type-text gfield--input-type-text gf_left_half gfield--width-half gfield_contains_required field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label' for='input_2452_1'>First Name<span class=\"gfield_required\"><span class=\"gfield_required gfield_required_text\">(Required)<\/span><\/span><\/label><div class='ginput_container ginput_container_text'><input name='input_1' id='input_2452_1' type='text' value='' class='medium'     aria-required=\"true\" aria-invalid=\"false\"   \/><\/div><\/div><div id=\"field_2452_12\" class=\"gfield gfield--type-text gfield--input-type-text gf_right_half gfield--width-half gfield_contains_required field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label' for='input_2452_12'>Last Name<span class=\"gfield_required\"><span class=\"gfield_required gfield_required_text\">(Required)<\/span><\/span><\/label><div class='ginput_container ginput_container_text'><input name='input_12' id='input_2452_12' type='text' value='' class='medium'     aria-required=\"true\" aria-invalid=\"false\"   \/><\/div><\/div><div id=\"field_2452_2\" class=\"gfield gfield--type-email gfield--input-type-email gf_left_half gfield--width-half gfield_contains_required field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label' for='input_2452_2'>Email Address<span class=\"gfield_required\"><span class=\"gfield_required gfield_required_text\">(Required)<\/span><\/span><\/label><div class='ginput_container ginput_container_email'>\n                            <input name='input_2' id='input_2452_2' type='email' value='' class='medium'    aria-required=\"true\" aria-invalid=\"false\"  \/>\n                        <\/div><\/div><div id=\"field_2452_3\" class=\"gfield gfield--type-phone gfield--input-type-phone gf_right_half gfield--width-half gfield_contains_required field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label' for='input_2452_3'>Phone<span class=\"gfield_required\"><span class=\"gfield_required gfield_required_text\">(Required)<\/span><\/span><\/label><div class='ginput_container ginput_container_phone'><input name='input_3' id='input_2452_3' type='tel' value='' class='medium'   aria-required=\"true\" aria-invalid=\"false\"   \/><\/div><\/div><div id=\"field_2452_14\" class=\"gfield gfield--type-select gfield--input-type-select gfield--width-full custom-select gfield_contains_required field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label' for='input_2452_14'>Number of Employees in Your Business<span class=\"gfield_required\"><span class=\"gfield_required gfield_required_text\">(Required)<\/span><\/span><\/label><div class='ginput_container ginput_container_select'><select name='input_14' id='input_2452_14' class='large gfield_select'    aria-required=\"true\" aria-invalid=\"false\" ><option value='' ><\/option><option value='0' >0<\/option><option value='1' >1-5<\/option><option value='6' >6-20<\/option><option value='21' >21-50<\/option><option value='51' >51-250<\/option><option value='250' >250+<\/option><\/select><\/div><\/div><div id=\"field_2452_4\" class=\"gfield gfield--type-textarea gfield--input-type-textarea gfield_contains_required field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label' for='input_2452_4'>Tell us about your enquiry<span class=\"gfield_required\"><span class=\"gfield_required gfield_required_text\">(Required)<\/span><\/span><\/label><div class='ginput_container ginput_container_textarea'><textarea name='input_4' id='input_2452_4' class='textarea medium'     aria-required=\"true\" aria-invalid=\"false\"   rows='10' cols='50'><\/textarea><\/div><\/div><div id=\"field_2452_5\" class=\"gfield gfield--type-html gfield--input-type-html gfield_html gfield_html_formatted gfield_no_follows_desc field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  >By submitting this form, you agree to receive emails from LegalVision and can unsubscribe at any time. View our <a href=\"https:\/\/legalvision.co.nz\/privacy-policy\/\" target=\"_blank\">Privacy Policy<\/a>. <\/div><div id=\"field_2452_8\" class=\"gfield gfield--type-hidden gfield--input-type-hidden gform_hidden field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><div class='ginput_container ginput_container_text'><input name='input_8' id='input_2452_8' type='hidden' class='gform_hidden'  aria-invalid=\"false\" value='http:\/\/legalvision.co.nz\/api\/wp\/v2\/posts\/210375' \/><\/div><\/div><div id=\"field_2452_13\" class=\"gfield gfield--type-hidden gfield--input-type-hidden gform_hidden field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><div class='ginput_container ginput_container_text'><input name='input_13' id='input_2452_13' type='hidden' class='gform_hidden'  aria-invalid=\"false\" value='generic_form' \/><\/div><\/div><\/div><\/div>\n        <div class='gform-footer gform_footer top_label'> <button type=\"submit\" id=\"gform_submit_button_2452\" class=\"gform_button button\" onclick=\"gform.submission.handleButtonClick(this);\" data-submission-type=\"submit\"><span class=\"gform_submit_button__text\">Submit Now<\/span><\/button> <input type='hidden' name='gform_ajax' value='form_id=2452&amp;title=&amp;description=&amp;tabindex=0&amp;theme=gravity-theme&amp;hash=8d907caff460821c366ed2411b0c45b3' \/>\n            <input type='hidden' class='gform_hidden' name='gform_submission_method' data-js='gform_submission_method_2452' value='iframe' \/>\n            <input type='hidden' class='gform_hidden' name='gform_theme' data-js='gform_theme_2452' id='gform_theme_2452' value='gravity-theme' \/>\n            <input type='hidden' class='gform_hidden' name='gform_style_settings' data-js='gform_style_settings_2452' id='gform_style_settings_2452' value='' \/>\n            <input type='hidden' class='gform_hidden' name='is_submit_2452' value='1' \/>\n            <input type='hidden' class='gform_hidden' name='gform_submit' value='2452' \/>\n            \n            <input type='hidden' class='gform_hidden' name='gform_currency' data-currency='AUD' value='WA3\/hb+vgvad9pfTC7FbxL6y3UnIpILskayMdFtR1AAU0d+UchhOceZ9lB8sWVimlUu\/\/L99HDmZYkXJiCET6ddAlysjuc2MBA7Ni4c1eG0Jgys=' \/>\n            <input type='hidden' class='gform_hidden' name='gform_unique_id' value='' \/>\n            <input type='hidden' class='gform_hidden' name='state_2452' value='WyJ7XCIxNFwiOltcIjIyODY0N2ViMWU3NTcxZjA4YTY4NGJmMDcwMTk3Y2I0XCIsXCJiMzk3YmQ1MDBmMmFjNjk1ODE4MzdmNTBhYTA2MzQ0OFwiLFwiNGYyNGZkZGEwMzlkNDUxMWFhZGE1NGYwZmQwZmNiZTdcIixcIjUyMmJkMDE2M2I2ZmEwOTI3NDZhZjU5YTg0ZmM1NDk5XCIsXCIzODRlNjk1YjQxMTAzMWFiYmQ2ODEyMGYyZWFhMDYyNlwiLFwiYjkzNDcwNTE2MjkxOGRjZWViMjQzNzRjNmE0NGVmNTlcIixcIjQxMTliODZhMzVjYzJiMWViNDZiMmQ4NjRlNGUzZmNjXCJdfSIsIjQ3MjNiMzA2ZDIyZGVkODA2N2YyMjYyOThkYzI1ODVmIl0=' \/>\n            <input type='hidden' autocomplete='off' class='gform_hidden' name='gform_target_page_number_2452' id='gform_target_page_number_2452' value='0' \/>\n            <input type='hidden' autocomplete='off' class='gform_hidden' name='gform_source_page_number_2452' id='gform_source_page_number_2452' value='1' \/>\n            <input type='hidden' name='gform_field_values' value='' \/>\n            \n        <\/div>\n                        <\/form>\n                        <\/div>\n\t\t                <iframe style='display:none;width:0px;height:0px;' src='about:blank' name='gform_ajax_frame_2452' id='gform_ajax_frame_2452' title='This iframe contains the logic required to handle Ajax powered Gravity Forms.'><\/iframe>\n\t\t                <script>\ngform.initializeOnLoaded( function() {gformInitSpinner( 2452, 'https:\/\/legalvision.co.nz\/wp-content\/themes\/legalv-v6\/img\/spinner.svg', true );jQuery('#gform_ajax_frame_2452').on('load',function(){var contents = jQuery(this).contents().find('*').html();var is_postback = contents.indexOf('GF_AJAX_POSTBACK') >= 0;if(!is_postback){return;}var form_content = jQuery(this).contents().find('#gform_wrapper_2452');var is_confirmation = jQuery(this).contents().find('#gform_confirmation_wrapper_2452').length > 0;var is_redirect = contents.indexOf('gformRedirect(){') >= 0;var is_form = form_content.length > 0 && ! is_redirect && ! is_confirmation;var mt = parseInt(jQuery('html').css('margin-top'), 10) + parseInt(jQuery('body').css('margin-top'), 10) + 100;if(is_form){form_content.find('form').css('opacity', 0);jQuery('#gform_wrapper_2452').html(form_content.html());if(form_content.hasClass('gform_validation_error')){jQuery('#gform_wrapper_2452').addClass('gform_validation_error');} else {jQuery('#gform_wrapper_2452').removeClass('gform_validation_error');}setTimeout( function() { \/* delay the scroll by 50 milliseconds to fix a bug in chrome *\/ jQuery(document).scrollTop(jQuery('#gform_wrapper_2452').offset().top - mt); }, 50 );if(window['gformInitDatepicker']) {gformInitDatepicker();}if(window['gformInitPriceFields']) {gformInitPriceFields();}var current_page = jQuery('#gform_source_page_number_2452').val();gformInitSpinner( 2452, 'https:\/\/legalvision.co.nz\/wp-content\/themes\/legalv-v6\/img\/spinner.svg', true );jQuery(document).trigger('gform_page_loaded', [2452, current_page]);window['gf_submitting_2452'] = false;}else if(!is_redirect){var confirmation_content = jQuery(this).contents().find('.GF_AJAX_POSTBACK').html();if(!confirmation_content){confirmation_content = contents;}jQuery('#gform_wrapper_2452').replaceWith(confirmation_content);jQuery(document).scrollTop(jQuery('#gf_2452').offset().top - mt);jQuery(document).trigger('gform_confirmation_loaded', [2452]);window['gf_submitting_2452'] = false;wp.a11y.speak(jQuery('#gform_confirmation_message_2452').text());}else{jQuery('#gform_2452').append(contents);if(window['gformRedirect']) {gformRedirect();}}jQuery(document).trigger(\"gform_pre_post_render\", [{ formId: \"2452\", currentPage: \"current_page\", abort: function() { this.preventDefault(); } }]);        if (event && event.defaultPrevented) {                return;        }        const gformWrapperDiv = document.getElementById( \"gform_wrapper_2452\" );        if ( gformWrapperDiv ) {            const visibilitySpan = document.createElement( \"span\" );            visibilitySpan.id = \"gform_visibility_test_2452\";            gformWrapperDiv.insertAdjacentElement( \"afterend\", visibilitySpan );        }        const visibilityTestDiv = document.getElementById( \"gform_visibility_test_2452\" );        let postRenderFired = false;        function triggerPostRender() {            if ( postRenderFired ) {                return;            }            postRenderFired = true;            gform.core.triggerPostRenderEvents( 2452, current_page );            if ( visibilityTestDiv ) {                visibilityTestDiv.parentNode.removeChild( visibilityTestDiv );            }        }        function debounce( func, wait, immediate ) {            var timeout;            return function() {                var context = this, args = arguments;                var later = function() {                    timeout = null;                    if ( !immediate ) func.apply( context, args );                };                var callNow = immediate && !timeout;                clearTimeout( timeout );                timeout = setTimeout( later, wait );                if ( callNow ) func.apply( context, args );            };        }        const debouncedTriggerPostRender = debounce( function() {            triggerPostRender();        }, 200 );        if ( visibilityTestDiv && visibilityTestDiv.offsetParent === null ) {            const observer = new MutationObserver( ( mutations ) => {                mutations.forEach( ( mutation ) => {                    if ( mutation.type === 'attributes' && visibilityTestDiv.offsetParent !== null ) {                        debouncedTriggerPostRender();                        observer.disconnect();                    }                });            });            observer.observe( document.body, {                attributes: true,                childList: false,                subtree: true,                attributeFilter: [ 'style', 'class' ],            });        } else {            triggerPostRender();        }    } );} );\n<\/script>\n<\/div>\n<\/div>\n<div id=\"content-next\"><!-- scroll anchor --><\/div>\n<h2 class=\"wp-block-heading\"><span style=\"font-weight: 400\">Tips for GDPR Compliance<\/span><\/h2>\n\n\n\n<p><span style=\"font-weight: 400\">There is a lot of overlap between the GDPR and current NZ privacy law. So, the measures you need to take to comply with NZ privacy law will be similar to those you would engage for the GDPR. The EU has useful resources <\/span><a href=\"https:\/\/gdpr.eu\/checklist\/\"><span style=\"font-weight: 400\">on their website<\/span><\/a><span style=\"font-weight: 400\"> about compliance. What you need to do to comply will vary depending on your unique circumstances, so you should seek legal advice to ensure you meet the requirements applicable to your business.&nbsp;<\/span><\/p>\n\n\n\n<p><span style=\"font-weight: 400\">Here are some steps to take when considering your GDPR compliance requirements:<\/span><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><span style=\"font-weight: 400\">assess the scope of your business\u2019s online activities and whether EU residents may engage with your website;<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400\">review how you collect data. Do you have customers\u2019 express consent to process their data? You can gain this with a pop-up notice telling customers you track their data when they enter your website, and they need to confirm their acceptance on this notice;<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400\">consider why you are collecting data. What is your purpose? Can you give a legal reason, like needing it to perform a contract?;<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400\">review any existing IT or cybersecurity policies to make sure they are up to date;<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400\">make sure any data you process is encrypted and that you take other security measures as well;<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400\">appoint a Privacy Officer to manage your data collection obligations; and<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400\">if there is a serious privacy breach at your business, report it.<\/span><\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><span style=\"font-weight: 400\">Key Takeaways<\/span><\/h2>\n\n\n\n<p><span style=\"font-weight: 400\">If you engage with EU customers or monitor EU residents\u2019 activity on your business\u2019s website, then the GDPR will likely apply to you. Take steps to ensure that you are GDPR compliant to avoid liability. If you would like more information or guidance around your GDPR compliance, our experienced <\/span><a href=\"https:\/\/legalvision.co.nz\/it-lawyers-lp\"><span style=\"font-weight: 400\">data, privacy and IT lawyers<\/span><\/a><span style=\"font-weight: 400\"> can assist as part of our LegalVision membership. For a low monthly fee, you will have unlimited access to lawyers to answer your questions and draft and review your documents. Call us today on <a href=\"tel:+64800005570\" class=\"AVANSERnumber dynamic-number\">0800 005 570<\/a> or visit our\u00a0<a href=\"https:\/\/legalvision.co.nz\/membership\/\" target=\"_blank\" rel=\"noreferrer noopener\">membership page<\/a>.<\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span style=\"font-weight: 400\">Frequently Asked Questions<\/span><\/h2>\n\n\n\n<div class=\"schema-faq wp-block-yoast-faq-block\"><div class=\"schema-faq-section\" id=\"faq-question-1632793966907\"><strong class=\"schema-faq-question\"><strong>Does the GDPR apply in NZ?<\/strong><\/strong> <p class=\"schema-faq-answer\">If your business or organisation based in NZ is likely to deal with the personal data of EU residents, then the GDPR will apply to you. You do not need a physical presence in the EU to be subject to these legal requirements.<\/p> <\/div> <div class=\"schema-faq-section\" id=\"faq-question-1632793978932\"><strong class=\"schema-faq-question\"><strong>What does GDPR compliance require?<\/strong><\/strong> <p class=\"schema-faq-answer\">What you need to do to comply with the GDPR will depend on your business. But, it generally means keeping your customers\u2019 personal information safe, only taking what you need, and making sure you have your customer\u2019s express consent to collect their personal data.<\/p> <\/div> <\/div>\n<div class=\"not-prose m-feedback-prompt\">\n    <!-- Thumbs up\/down bar -->\n    <div class=\"m-feedback-prompt__main\">\n        <div class=\"m-feedback-prompt__title\">Was this article helpful?<\/div>\n        <div>\n            <!--span class=\"m-feedback-prompt__button--text\">Thanks!<\/span-->\n            <button type=\"button\" class=\"m-feedback-prompt__button m-feedback-prompt__button--yes\"\n                    data-analytics-link=\"feedback-prompt:yes\" aria-label=\"Agree\">\n                <i class=\"fa-regular fa-thumbs-up fa-3x\"><\/i>\n            <\/button>\n            <button type=\"button\" class=\"m-feedback-prompt__button m-feedback-prompt__button--no\"\n                    data-analytics-link=\"feedback-prompt:no\" aria-label=\"Disagree\">\n                <i class=\"fa-regular fa-thumbs-down fa-3x\"><\/i>\n            <\/button>\n        <\/div>\n    <\/div>\n\n    <!-- Feedback form -->\n    <div class=\"m-feedback-prompt__form\">\n        <div class=\"m-feedback-prompt__form--thanks \">\n            <div>Thanks!<\/div>\n            <p>\n                We appreciate your feedback \u2013 your submission has been successfully received.            <\/p>\n        <\/div>\n        <form id=\"contact-form\" class=\"m-feedback-prompt__form--form\" action=\"\" method=\"post\">\n            <input type=\"hidden\" id=\"authenticity_token\" name=\"authenticity_token\" value=\"3bc3beddae\" \/><input type=\"hidden\" name=\"_wp_http_referer\" value=\"\/api\/wp\/v2\/posts\/210375\" \/>            <input value=\"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/\" type=\"hidden\" name=\"currenturl\"\n                   id=\"currenturl\">\n            <input value=\"What Measures Can My NZ Business Undertake to Comply with GDPR?\" type=\"hidden\" name=\"currenttitle\"\n                   id=\"currenttitle\">\n            <label>\n                <!-- display on thumbs-up -->\n                <span class=\"m-feedback-prompt__feedback m-feedback-prompt__feedback--yes\">\n                    Can you tell us <span class=\"font-semibold\">why<\/span> you found it helpful?\n                <\/span>\n\n                <!-- display on thumbs-down -->\n                <span class=\"m-feedback-prompt__feedback m-feedback-prompt__feedback--no text-lg\">\n                    How can we better improve this article?\n                <\/span>\n                <textarea name=\"feedbackmessage\" id=\"feedbackmessage\" required><\/textarea>\n            <\/label>\n\n            <div class=\"m-feedback-prompt__form--error\" id=\"form-submit-error\"><\/div>\n            <button id=\"submit-contact-form-button\" type=\"submit\" name=\"commit\" class=\"m-feedback-prompt__form--submit\"\n                    data-analytics-link=\"feedback-prompt:submit\">\n                Submit            <\/button>\n        <\/form>\n    <\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>When you set up an online store, anyone with an internet connection can access it. This is great for reaching new customers and widening your potential market. However, this also means that when you engage with overseas customers, the laws of the area they live in may apply to you. One of these laws is<a href=\"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/\">Continue reading <span class=\"sr-only\">&#8220;What Measures Can My NZ Business Undertake to Comply with GDPR?&#8221;<\/span><\/a><\/p>\n","protected":false},"author":13236,"featured_media":201730,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_relevanssi_hide_post":"","_relevanssi_hide_content":"","_relevanssi_pin_for_all":"","_relevanssi_pin_keywords":"","_relevanssi_unpin_keywords":"","_relevanssi_related_keywords":"","_relevanssi_related_include_ids":"","_relevanssi_related_exclude_ids":"","_relevanssi_related_no_append":"","_relevanssi_related_not_related":"","_relevanssi_related_posts":"2061,1176,153,1559,217225,202186","_relevanssi_noindex_reason":"","editor_notices":[],"footnotes":""},"categories":[28],"tags":[25,54,237,268,355,356],"class_list":["post-210375","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-data-privacy-it","tag-small-business","tag-medium-business","tag-privacy-policy","tag-data-storage","tag-privacy","tag-gdpr"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.1.1 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>How Can My Business Comply with the GDPR? | LegalVision NZ<\/title>\n<meta name=\"description\" content=\"This article will explain what the EU General Data Protection Regulation (GDPR) is and how your New Zealand business can comply.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How Can My Business Comply with the GDPR? | LegalVision NZ\" \/>\n<meta property=\"og:description\" content=\"This article will explain what the EU General Data Protection Regulation (GDPR) is and how your New Zealand business can comply.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/\" \/>\n<meta property=\"og:site_name\" content=\"LegalVision New Zealand\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/LegalVision\" \/>\n<meta property=\"article:published_time\" content=\"2021-09-28T01:55:46+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-03-15T04:54:06+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/2\/2021\/01\/11151220\/christopher-gower-m_HRfLhgABo-unsplash.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2000\" \/>\n\t<meta property=\"og:image:height\" content=\"1331\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Emma Lindblom\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@LegalVision_law\" \/>\n<meta name=\"twitter:site\" content=\"@LegalVision_law\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Emma Lindblom\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/\"},\"author\":{\"name\":\"Emma Lindblom\",\"@id\":\"https:\/\/legalvision.co.nz\/#\/schema\/person\/32362b5331a9cb23e31b656d199e7b72\"},\"headline\":\"What Measures Can My NZ Business Undertake to Comply with GDPR?\",\"datePublished\":\"2021-09-28T01:55:46+00:00\",\"dateModified\":\"2023-03-15T04:54:06+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/\"},\"wordCount\":1069,\"publisher\":{\"@id\":\"https:\/\/legalvision.co.nz\/#organization\"},\"image\":{\"@id\":\"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/2\/2021\/01\/11151220\/christopher-gower-m_HRfLhgABo-unsplash.jpg\",\"keywords\":[\"small business\",\"medium business\",\"privacy policy\",\"data storage\",\"privacy\",\"GDPR\"],\"articleSection\":[\"Data, Privacy and IT Articles\"],\"inLanguage\":\"en-NZ\"},{\"@type\":[\"WebPage\",\"FAQPage\"],\"@id\":\"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/\",\"url\":\"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/\",\"name\":\"How Can My Business Comply with the GDPR? | LegalVision NZ\",\"isPartOf\":{\"@id\":\"https:\/\/legalvision.co.nz\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/2\/2021\/01\/11151220\/christopher-gower-m_HRfLhgABo-unsplash.jpg\",\"datePublished\":\"2021-09-28T01:55:46+00:00\",\"dateModified\":\"2023-03-15T04:54:06+00:00\",\"description\":\"This article will explain what the EU General Data Protection Regulation (GDPR) is and how your New Zealand business can comply.\",\"breadcrumb\":{\"@id\":\"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/#breadcrumb\"},\"mainEntity\":[{\"@id\":\"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/#faq-question-1632793966907\"},{\"@id\":\"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/#faq-question-1632793978932\"}],\"inLanguage\":\"en-NZ\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-NZ\",\"@id\":\"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/#primaryimage\",\"url\":\"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/2\/2021\/01\/11151220\/christopher-gower-m_HRfLhgABo-unsplash.jpg\",\"contentUrl\":\"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/2\/2021\/01\/11151220\/christopher-gower-m_HRfLhgABo-unsplash.jpg\",\"width\":2000,\"height\":1331,\"caption\":\"What Measures can my NZ Business Undertake to Comply with GDPR? | LegalVision New Zealand\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/legalvision.co.nz\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Articles\",\"item\":\"https:\/\/legalvision.co.nz\/articles\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Data, Privacy and IT Articles\",\"item\":\"https:\/\/legalvision.co.nz\/category\/data-privacy-it\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"What Measures Can My NZ Business Undertake to Comply with GDPR?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/legalvision.co.nz\/#website\",\"url\":\"https:\/\/legalvision.co.nz\/\",\"name\":\"LegalVision New Zealand\",\"description\":\"LegalVision is a commercial law firm in NZ with a commitment to innovation\",\"publisher\":{\"@id\":\"https:\/\/legalvision.co.nz\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/legalvision.co.nz\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-NZ\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/legalvision.co.nz\/#organization\",\"name\":\"LegalVision New Zealand\",\"url\":\"https:\/\/legalvision.co.nz\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-NZ\",\"@id\":\"https:\/\/legalvision.co.nz\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/legalvision.co.nz\/wp-content\/uploads\/sites\/2\/2020\/11\/LegalVision_square_logo.png\",\"contentUrl\":\"https:\/\/legalvision.co.nz\/wp-content\/uploads\/sites\/2\/2020\/11\/LegalVision_square_logo.png\",\"width\":400,\"height\":400,\"caption\":\"LegalVision New Zealand\"},\"image\":{\"@id\":\"https:\/\/legalvision.co.nz\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/LegalVision\",\"https:\/\/x.com\/LegalVision_law\",\"https:\/\/www.linkedin.com\/company\/legalvision-group\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/legalvision.co.nz\/#\/schema\/person\/32362b5331a9cb23e31b656d199e7b72\",\"name\":\"Emma Lindblom\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-NZ\",\"@id\":\"https:\/\/legalvision.co.nz\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/ad516503a11cd5ca435acc9bb6523536?s=96\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/ad516503a11cd5ca435acc9bb6523536?s=96\",\"caption\":\"Emma Lindblom\"},\"description\":\"Emma is a Legal Editor based in New Zealand. She is experienced at writing for online publications and wants to use these writing skills to make legal information transparent and accessible for anyone. Emma has a double degree in Law and Politics, with a minor in Psychology.\",\"url\":\"https:\/\/legalvision.co.nz\/author\/emmalindblom\/\"},{\"@type\":\"Question\",\"@id\":\"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/#faq-question-1632793966907\",\"name\":\"Does the GDPR apply in NZ?\",\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"If your business or organisation based in NZ is likely to deal with the personal data of EU residents, then the GDPR will apply to you. You do not need a physical presence in the EU to be subject to these legal requirements.\",\"inLanguage\":\"en-NZ\"},\"inLanguage\":\"en-NZ\"},{\"@type\":\"Question\",\"@id\":\"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/#faq-question-1632793978932\",\"name\":\"What does GDPR compliance require?\",\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"What you need to do to comply with the GDPR will depend on your business. But, it generally means keeping your customers\u2019 personal information safe, only taking what you need, and making sure you have your customer\u2019s express consent to collect their personal data.\",\"inLanguage\":\"en-NZ\"},\"inLanguage\":\"en-NZ\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How Can My Business Comply with the GDPR? | LegalVision NZ","description":"This article will explain what the EU General Data Protection Regulation (GDPR) is and how your New Zealand business can comply.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/","og_locale":"en_US","og_type":"article","og_title":"How Can My Business Comply with the GDPR? | LegalVision NZ","og_description":"This article will explain what the EU General Data Protection Regulation (GDPR) is and how your New Zealand business can comply.","og_url":"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/","og_site_name":"LegalVision New Zealand","article_publisher":"https:\/\/www.facebook.com\/LegalVision","article_published_time":"2021-09-28T01:55:46+00:00","article_modified_time":"2023-03-15T04:54:06+00:00","og_image":[{"width":2000,"height":1331,"url":"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/2\/2021\/01\/11151220\/christopher-gower-m_HRfLhgABo-unsplash.jpg","type":"image\/jpeg"}],"author":"Emma Lindblom","twitter_card":"summary_large_image","twitter_creator":"@LegalVision_law","twitter_site":"@LegalVision_law","twitter_misc":{"Written by":"Emma Lindblom","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/#article","isPartOf":{"@id":"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/"},"author":{"name":"Emma Lindblom","@id":"https:\/\/legalvision.co.nz\/#\/schema\/person\/32362b5331a9cb23e31b656d199e7b72"},"headline":"What Measures Can My NZ Business Undertake to Comply with GDPR?","datePublished":"2021-09-28T01:55:46+00:00","dateModified":"2023-03-15T04:54:06+00:00","mainEntityOfPage":{"@id":"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/"},"wordCount":1069,"publisher":{"@id":"https:\/\/legalvision.co.nz\/#organization"},"image":{"@id":"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/#primaryimage"},"thumbnailUrl":"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/2\/2021\/01\/11151220\/christopher-gower-m_HRfLhgABo-unsplash.jpg","keywords":["small business","medium business","privacy policy","data storage","privacy","GDPR"],"articleSection":["Data, Privacy and IT Articles"],"inLanguage":"en-NZ"},{"@type":["WebPage","FAQPage"],"@id":"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/","url":"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/","name":"How Can My Business Comply with the GDPR? | LegalVision NZ","isPartOf":{"@id":"https:\/\/legalvision.co.nz\/#website"},"primaryImageOfPage":{"@id":"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/#primaryimage"},"image":{"@id":"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/#primaryimage"},"thumbnailUrl":"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/2\/2021\/01\/11151220\/christopher-gower-m_HRfLhgABo-unsplash.jpg","datePublished":"2021-09-28T01:55:46+00:00","dateModified":"2023-03-15T04:54:06+00:00","description":"This article will explain what the EU General Data Protection Regulation (GDPR) is and how your New Zealand business can comply.","breadcrumb":{"@id":"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/#breadcrumb"},"mainEntity":[{"@id":"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/#faq-question-1632793966907"},{"@id":"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/#faq-question-1632793978932"}],"inLanguage":"en-NZ","potentialAction":[{"@type":"ReadAction","target":["https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/"]}]},{"@type":"ImageObject","inLanguage":"en-NZ","@id":"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/#primaryimage","url":"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/2\/2021\/01\/11151220\/christopher-gower-m_HRfLhgABo-unsplash.jpg","contentUrl":"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/2\/2021\/01\/11151220\/christopher-gower-m_HRfLhgABo-unsplash.jpg","width":2000,"height":1331,"caption":"What Measures can my NZ Business Undertake to Comply with GDPR? | LegalVision New Zealand"},{"@type":"BreadcrumbList","@id":"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/legalvision.co.nz\/"},{"@type":"ListItem","position":2,"name":"Articles","item":"https:\/\/legalvision.co.nz\/articles\/"},{"@type":"ListItem","position":3,"name":"Data, Privacy and IT Articles","item":"https:\/\/legalvision.co.nz\/category\/data-privacy-it\/"},{"@type":"ListItem","position":4,"name":"What Measures Can My NZ Business Undertake to Comply with GDPR?"}]},{"@type":"WebSite","@id":"https:\/\/legalvision.co.nz\/#website","url":"https:\/\/legalvision.co.nz\/","name":"LegalVision New Zealand","description":"LegalVision is a commercial law firm in NZ with a commitment to innovation","publisher":{"@id":"https:\/\/legalvision.co.nz\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/legalvision.co.nz\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-NZ"},{"@type":"Organization","@id":"https:\/\/legalvision.co.nz\/#organization","name":"LegalVision New Zealand","url":"https:\/\/legalvision.co.nz\/","logo":{"@type":"ImageObject","inLanguage":"en-NZ","@id":"https:\/\/legalvision.co.nz\/#\/schema\/logo\/image\/","url":"https:\/\/legalvision.co.nz\/wp-content\/uploads\/sites\/2\/2020\/11\/LegalVision_square_logo.png","contentUrl":"https:\/\/legalvision.co.nz\/wp-content\/uploads\/sites\/2\/2020\/11\/LegalVision_square_logo.png","width":400,"height":400,"caption":"LegalVision New Zealand"},"image":{"@id":"https:\/\/legalvision.co.nz\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/LegalVision","https:\/\/x.com\/LegalVision_law","https:\/\/www.linkedin.com\/company\/legalvision-group"]},{"@type":"Person","@id":"https:\/\/legalvision.co.nz\/#\/schema\/person\/32362b5331a9cb23e31b656d199e7b72","name":"Emma Lindblom","image":{"@type":"ImageObject","inLanguage":"en-NZ","@id":"https:\/\/legalvision.co.nz\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/ad516503a11cd5ca435acc9bb6523536?s=96","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/ad516503a11cd5ca435acc9bb6523536?s=96","caption":"Emma Lindblom"},"description":"Emma is a Legal Editor based in New Zealand. She is experienced at writing for online publications and wants to use these writing skills to make legal information transparent and accessible for anyone. Emma has a double degree in Law and Politics, with a minor in Psychology.","url":"https:\/\/legalvision.co.nz\/author\/emmalindblom\/"},{"@type":"Question","@id":"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/#faq-question-1632793966907","name":"Does the GDPR apply in NZ?","acceptedAnswer":{"@type":"Answer","text":"If your business or organisation based in NZ is likely to deal with the personal data of EU residents, then the GDPR will apply to you. You do not need a physical presence in the EU to be subject to these legal requirements.","inLanguage":"en-NZ"},"inLanguage":"en-NZ"},{"@type":"Question","@id":"https:\/\/legalvision.co.nz\/data-privacy-it\/comply-with-gdpr\/#faq-question-1632793978932","name":"What does GDPR compliance require?","acceptedAnswer":{"@type":"Answer","text":"What you need to do to comply with the GDPR will depend on your business. But, it generally means keeping your customers\u2019 personal information safe, only taking what you need, and making sure you have your customer\u2019s express consent to collect their personal data.","inLanguage":"en-NZ"},"inLanguage":"en-NZ"}]}},"_links":{"self":[{"href":"https:\/\/legalvision.co.nz\/api\/wp\/v2\/posts\/210375","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/legalvision.co.nz\/api\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/legalvision.co.nz\/api\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/legalvision.co.nz\/api\/wp\/v2\/users\/13236"}],"replies":[{"embeddable":true,"href":"https:\/\/legalvision.co.nz\/api\/wp\/v2\/comments?post=210375"}],"version-history":[{"count":6,"href":"https:\/\/legalvision.co.nz\/api\/wp\/v2\/posts\/210375\/revisions"}],"predecessor-version":[{"id":221642,"href":"https:\/\/legalvision.co.nz\/api\/wp\/v2\/posts\/210375\/revisions\/221642"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/legalvision.co.nz\/api\/wp\/v2\/media\/201730"}],"wp:attachment":[{"href":"https:\/\/legalvision.co.nz\/api\/wp\/v2\/media?parent=210375"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/legalvision.co.nz\/api\/wp\/v2\/categories?post=210375"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/legalvision.co.nz\/api\/wp\/v2\/tags?post=210375"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}