Responsibility for policy: Chief Operating Officer (Privacy Officer)
Approving authority: Vice-Chancellor
Last reviewed: December 2020
Next review date: December 2025

Print version

Application

  1. This policy applies to all staff of the University of Waikato.

Purpose

  1. The purpose of this policy is to set out responsibilities with respect to the collection and management of Personal Information in accordance with the Privacy Act 2020 and General Data Protection Regulation (GDPR).

Related Documents

  1. The following documents set out further information relevant to this policy:

Definitions

  1. In this policy, Personal Information means information about an identifiable individual.

Responsibilities

  1. The collection of Personal Information by staff of the University is governed by the Privacy Act 2020, this policy and the University of Waikato Privacy Statement.
  2. Staff who wish to collect, update, use, store, disclose or share Personal Information must adhere to the privacy principles contained in the Privacy Act 2020.
  3. Staff who wish to collect, update, use, store, disclose or share personal information must also, where applicable, comply with the regulations relating to the archiving of data and the privacy, storage and use of Personal Information, that are contained in the University's Ethical Conduct in Human Research and Related Activities Regulations.
  4. Line managers are responsible for ensuring that all systems, processes and practices in the areas for which they are responsible conform with this policy.
  5. Any questions (by staff or students) about the interpretation of, or compliance with, the Privacy Act 2020, this policy or the University of Waikato Privacy Statement must be referred to the Privacy Officer.
  6. Requests for information and complaints of interference with privacy under the Privacy Act 2020, this policy or the University of Waikato Privacy Statement (by staff or students) must be referred to the Privacy Officer.

Responsibility for monitoring compliance

  1. The Privacy Officer is responsible for monitoring compliance with this policy, and reporting any breaches to the Vice-Chancellor, external agencies and affected individuals (where appropriate).
  2. Breaches of this policy may result in disciplinary action under the Staff Code of Conduct.