NZTeco | Official Distributor for ZKTeco Products in New Zealand, offering Access Control, Turnstile Gates, Time & Attendance, Smart Locks, Vehicle Barriers and more.
NZTeco Biometric Privacy in New Zealand
Article

Biometric Privacy in New Zealand: Let’s Clear the Air

Clear, factual guidance on biometric privacy in NZ. Learn how data is stored, encrypted, and hosted—plus myths debunked and legal insights shared.
  • Reynardt Badenhorst
  • June 26th, 2025

Table Of Contents

What you really need to know about biometric privacy compliance, data, and separating fact from fiction

At NZTeco, we believe transparency builds trust. In an age where facial recognition, fingerprint scanners, and biometric attendance are becoming more common, many New Zealanders are asking: "Where does my data go? Who sees it? Is it safe?" — This article aims to clear that up.

Quick Facts (Read This First):

  • Biometric templates are NOT raw images — They are encrypted, non-reversible mathematical representations of facial features, fingerprints, or palm veins.

  • Biometric data is encrypted at all stages — Both on the devices and wherever it is hosted.

  • Hosting can be local or external — The software can be installed by the client themselves or hosted by a trusted third-party provider.

  • The Privacy Act 2020 applies — But you may not be directly responsible depending on how the data is collected or processed.

What the Commissioner Says about Biometric privacy

We reached out to the Office of the Privacy Commissioner (OPC) to clarify our obligations. Their advice:

If your agency does not collect or hold personal information, the Privacy Act is unlikely to apply. However, if your agency is involved in the collection of information, we would suggest referring to our Office’s guidance about third party providers.

This is based on Section 11 of the Privacy Act, which outlines your responsibilities when using another party to process data on your behalf. Read their guidance on third-party providers (PDF).

How Biometric Data Is Actually Stored

When using a ZKTeco device:

  • The raw biometric (like your face) is processed and instantly converted to a mathematical template.

  • That image is then deleted and only the template remains.

  • Templates are encrypted using advanced algorithms, and cannot be reverse engineered.

Where it is stored:

  • On-device: Stored locally within the device for quick identification.

  • On server: Optionally stored on software installed on-premises by the client or hosted by a third-party provider (e.g., on a secure cloud platform like AWS).

In both cases, security measures include:

  • Password-protected access

  • Role-based permissions

  • Firewalls & intrusion detection

  • Regular firmware updates

Debunking the Common Myths about biometric privacy

MYTH: "The device takes and stores my photo forever."

FACT: The device never stores your image. It is deleted immediately after converting it into an encrypted template.

MYTH: "Biometric data can be stolen or hacked easily."

FACT: The encrypted template is useless without the original image. Even in the rare case of a breach, it cannot be reversed into a face or fingerprint.

MYTH: "All data is stored in China."

FACT: Hosting is chosen by the installer or end client. Many clients host data locally or on cloud servers based in Australia or New Zealand.

NZTeco's Commitment to biometric Privacy & Security

  • We only work with biometric systems that use encrypted templates.

  • Our systems are installed in a way that aligns with OPC and international data privacy guidelines.

  • Our core biometric devices are certified under our Cybersecurity Conformance Certificate.

  • We support clients who choose to host software on-premises or in the cloud.

  • We help partners implement clear consent and privacy disclosure processes.

FAQs

Yes. That’s why it must be protected under the Privacy Act 2020.

The business collecting it is the "agency" under the law. If hosted externally, that third-party must act under written instructions. Biometric Privacy is therefore their responsibility.

Yes, you can. Businesses must have processes in place for this.

Yes. You can host it yourself, use a cloud service, or work with a trusted provider.

Yes. Signage or digital consent notices are strongly recommended.

Final Thoughts

Biometric systems offer security, convenience, and speed—but they must be implemented correctly. At NZTeco, we’re committed to privacy, education, and helping businesses stay compliant.

Still unsure? We’ll happily walk you through the process or help you assess your current setup.

📞 Contact us today to talk privacy, security, and what’s right for your business.

Comments are closed

Comments

    Share the love

    Our Related Products

    Please select product categories to display related products.

    Related Articles

    Reach Out

    By submitting this form, you agree that your details will be used to respond to your inquiry only, the site is protected by Google reCAPTCHA (subject to Google’s Privacy Policy and Terms of Service), misuse may result in access restrictions. For full details, see our Privacy Policy and Terms & Conditions.

    Connect with us

    NZTeco Main Header Logo White
    NZTeco Limited is the official ZKTeco Partner for New Zealand
    PSPLA License #24-121944 Privacy Policy Terms & Conditions

    GET STARTED

    0$

    Thank you, we will contact you soon !

    The final estimated price is :

    Fast Response Form | Enquire Now

    Do you want to specify any areas of interest?

    Summary

    Description Information Quantity Price
    Discount :
    Total :
    Send

    Reach Out

    By submitting this form, you agree that your details will be used to respond to your inquiry only, the site is protected by Google reCAPTCHA (subject to Google’s Privacy Policy and Terms of Service), misuse may result in access restrictions. For full details, see our Privacy Policy and Terms & Conditions.

    Copyright © 2025

    We’re a Licensed Security Company!
    NZTeco Limited is officially licensed under the Private Security Personnel Licensing Authority (PSPLA).
    License Number: 24-121944
    License Classes: Security Technician & Security Consultant
    Expiry Date: 22-11-2029

    What does this mean?
    It confirms that we meet the legal standards to provide professional and secure services in New Zealand, ensuring your peace of mind and trust in our solutions.
    Being licensed ensures compliance with industry regulations, ethical practices, and accountability in delivering Access Control, CCTV, and other security solutions.

    For more about the PSPLA and why choosing a licensed provider matters, visit the official PSPLA information page: https://www.pspla.govt.nz/ (opens in a new tab).

    Connect with us

    Follow us

    Fast Response Form

    By submitting this form, you agree that your details will be used to respond to your inquiry only, the site is protected by Google reCAPTCHA (subject to Google’s Privacy Policy and Terms of Service), misuse may result in access restrictions. For full details, see our Privacy Policy and Terms & Conditions.