The University of Otago is committed to maintaining privacy of personal information and adhering to the principles of the Privacy Act 2020. This webpage provides links to key University policies and external information related to privacy.
University privacy information
Policy on Access to, and use of, Personal Information
The University’s overarching policy covering staff access to, and use of, staff and student personal information.
Privacy of Student Information
The University’s statement on how it collects, uses, stores and discloses student personal information.
Authorisation of Access to Student Information Procedure
Guidance and procedures for authorising staff access to student information through the University’s eVision student management system.
Recording of Lectures and other Teaching Activities Policy
A policy containing privacy provisions in relation to the recording of teaching activities (e.g. videoing of lectures).
Privacy considerations in relation to use of the University’s website and mobile app.
Report a privacy breach
A privacy breach occurs when there is unauthorised or accidental access to someone’s personal information or disclosure, alteration, loss or destruction of personal information. It can also include situations where the University is stopped either temporarily or permanently from accessing personal information.
Personal information is any information about an identifiable individual, such as their name, address, photo, opinion or viewpoint. The information does not need to name someone specifically, as long as they are identifiable in other ways.
All staff have a responsibility to report privacy breaches.
If you become aware of a privacy breach, immediately notify:
- your Manager; and
- the University Privacy Officer (firstname.lastname@example.org, +64 3 479 8899) or the Deputy Privacy Officer (email@example.com, +64 3 479 8993). For breaches identified outside normal work hours, please email the University Privacy Officer, Mayhaka Mendis.
Even minor privacy breaches must be notified. Further advice will be provided on actions required, which may include completion of the Privacy Breach Notification Form below.
Privacy Breach Notification Form (PDF)
Guidance when disclosing personal information offshore (PDF)
The Privacy Act 2020 introduces new requirements around disclosing personal information overseas. Read the linked guidance if you need to disclose personal information about others overseas.
The following templates can be used as necessary based on specific circumstances, as laid out in the guidance provided. The appropriate template should be selected based on the sensitivity and amount of personal information being disclosed; the nature of the relationship with the person/entity receiving the information; and the country the information is being sent to. See the guide above for more details, or seek direct advice as required.
- Template offshore disclosure consent email (Word)
- Template offshore disclosure consent form (Word)
- Template offshore disclosure email agreement (Word)
- Template offshore disclosure simple agreement (Word)
- Template offshore disclosure contract (Word)
What is personal information? (PDF)
When can I access personal information? (PDF)
When can I share personal information? (PDF)
Advice on verifying student identity when providing personal information (available to University staff on request)
Office of the New Zealand Privacy Commissioner
The New Zealand Privacy Commissioner website, including general privacy information and advice, and free online privacy e-learning modules.
Privacy Act 2020
New Zealand’s main legislation on privacy of personal information, including 13 overarching information privacy principles.
Wiki Tūmataiti (Privacy Week) 2021
Answers to the Privacy Quiz (PDF)
Tel +64 3 479 8899
Deputy Privacy Officer
Manager, Copyright and Open Access
Tel +64 3 479 9976
Employment-related Privacy Matters
Director, Human Resources
Tel +64 3 479 8267