Reading time: 5 minutes

If you collect personal information from your customers and other individuals (such as your employees), the law requires that you inform them when you do so. Many businesses will do this with a privacy policy to detail exactly what personal information they collect and what they do with it. However, businesses can use different names for this document – such as:

  • privacy notice;
  • information notice;
  • data collection notice; or
  • data protection notice.

There are slight differences between these names, depending on the context. Essentially, they all boil down to telling your customers how and why you use their personal information. In New Zealand, you may have seen businesses use a privacy statement rather than a privacy policy. Again, these are very similar, but there are some differences. Therefore, this article will explain the difference between a privacy statement and policy and their relevance to your business.

What You Need to Tell Your Customers

If you collect personal information from your customers, the Privacy Act requires that you tell them you are doing so. You need to take reasonable measures to ensure they know that you are collecting their personal information, and:

  • why you collect their information;
  • whether any laws apply;
  • whether they can choose to give you their information;
  • what happens if they do not give you their personal information;
  • who has access to their information;
  • about their ability to access and correct their information; and
  • how they can contact you.

When operating online, you should have a formal document or webpage detailing this information. This would be your privacy policy or another similar document. Include links in your website footer to this page for easy access.

For example, when telling your customers what information you collect from them, your privacy policy should include a bullet point list of all of the personal information you collect. This could include cookie data and IP addresses, which customers may not initially be aware of.

What Is a Privacy Statement?

A privacy statement is a summary of how you deal with customer information. Usually only a few paragraphs or shorter, it provides the information above in brief terms. The Privacy Commission has resources on its website for drafting an appropriate privacy statement, including its Priv-o-Matic tool.

Despite its simplicity, a privacy statement is effective because it is an easily accessible summary designed to get across the critical points of your business’ privacy procedures. If you need a more detailed explanation of how you handle customers’ personal information, you should reference your privacy policy in your privacy statement.

What Is a Privacy Policy?

A privacy policy is similar to a privacy statement, except it is more detailed, and your customers may recognise its purpose more efficiently. A privacy policy may be appropriate when your organisation collects large volumes of complex personal information and has similarly complex procedures to deal with that information. 

If you use third-party advertising services or advertise your business’ app on the App Store, these services require a privacy policy.

Your privacy policy may also detail information that the law may not necessarily require but is important to include. This includes:

Depending on your business practices, other countries’ privacy laws may apply, and you will need to meet their requirements. For example, if you sell your products to EU residents, the General Data Protection Regulation (GDPR) will apply to you. According to this law, there are a couple of differences regarding what you need to tell your customers, and a privacy policy is a good place to include this added detail.

Using a Privacy Statement or Privacy Policy

In short, the main differences between these two documents are:

  • their length and complexity; and
  • how you use them.

If your business collects personal information and uses it straightforwardly, then a privacy statement may be enough. However, you may collect large volumes of complex personal information and use it in various procedures. Therefore, you may need a privacy policy to convey this complexity to your customers better. In this case, it may be useful to use both documents.

For example, you may display your privacy statement when you ask for a person’s email address in a pop-up box, with a hyperlink to your more detailed privacy policy. 

Alternatively, some businesses use a privacy policy to detail their internal procedures for handling personal information to inform their employees. They use a privacy statement as the external document detailing their privacy processes.

Key Takeaways

A privacy statement is a summary of how you handle customers’ personal information, usually a couple of paragraphs long. A privacy policy is a more detailed document relaying this information, which your privacy statement may link to. However you decide to use these two documents, you need to ensure you tell your customers everything the law requires when you handle their personal information.

If you would like more information or help with your business’ privacy documents, contact LegalVision’s privacy lawyers on 0800 005 570 or fill out the form on this page.

Frequently Asked Questions

What is a privacy statement?

A privacy statement informs your customers that you collect and handle their personal information. It is usually a paragraph or two, and you may display it when asking for customers’ personal information.

What is a privacy policy?

According to the law, a privacy policy is a more detailed document that outlines how you deal with customers’ personal information. Your privacy statement may link to your privacy policy, which should be accessible from every page on your website.

About LegalVision: LegalVision is a tech-driven, full-service commercial law firm that uses technology to deliver a faster, better quality and more cost-effective client experience.

The majority of our clients are LVConnect members. By becoming a member, you can stay ahead of legal issues while staying on top of costs. From just $119 per week, get all your contracts sorted, trade marks registered and questions answered by experienced business lawyers.

Learn more about LVConnect

Need Legal Help? Get a Free Fixed-Fee Quote

If you would like to receive a free fixed-fee quote or get in touch with our team, fill out the form below.

Our Awards

  • 2019 Top 25 Startups - LinkedIn
  • 2020 Excellence in Technology & Innovation Finalist – Australasian Law Awards
  • 2020 Employer of Choice Winner – Australasian Lawyer
  • 2021 Fastest Growing Law Firm - Financial Times APAC 500
  • 2021 Law Firm of the Year - Australasian Law Awards
  • 2020 Law Firm of the Year Finalist - Australasian Law Awards