The European Union’s new wide-ranging general data protection regulation - the GDPR – enters into force on Friday 25 May 2018

The GDPR establishes data protection requirements for organisations that either hold or process personal data on people residing in the EU, regardless of the organisation’s geographic location.

The reform provides tools that enhance EU residents’ rights for gaining control of their personal information, the protection of which is a fundamental right in the European Union, as in New Zealand.

All New Zealand organisations that hold or process the personal data of people residing in the EU will be required to comply with the GDPR.

This will include New Zealand businesses that provide goods or services to EU residents. New Zealand businesses and other entities whose operations may fall within the scope of these regulations are strongly encouraged to familiarise themselves with these changes and consider what actions may be required to ensure compliance.

Basic information on the GDPR and the steps required to comply with the new regulations can be found on the European Union website:

Guidance on the GDPR (external link)

EU Press Release on the GDPR (external link)

Additional information about its implications for New Zealand companies can be found on the New Zealand Trade and Enterprise website (external link).