Plain language law

New Zealand law explained for everyone

Customer and Product Data Act 2025

Regulated data services - Additional obligations - Requirements for requests, providing services, and making information available

32: Requirements for data holders in regulations or standards

You could also call this:

“Rules for keeping and sharing customer and product information”

You can learn about the rules for data holders in regulations or standards. These rules can cover different areas:

For charges related to regulated data services, the rules can say when you can, must, or must not charge for these services. They can also set limits on how much you can charge.

The rules can tell data holders what information they need to share, when to share it, and how to share it. This includes how the information should be presented, calculated, or prepared.

When it comes to data, the rules can specify how it should be formatted and described. They can also say how requests for regulated data services should be received and responded to. For example, they might require the use of an API (Application Programming Interface). The rules can also cover data quality.

There can be rules about how authorisations are confirmed.

In this section, ‘data’ means designated customer data or designated product data, or both.

This text is automatically generated. It might be out of date or be missing some parts. Find out more about how we do this.

This page was last updated on

View the original legislation for this page at https://legislation.govt.nz/act/public/1986/0120/latest/link.aspx?id=LMS721598.

Topics:
Money and consumer rights > Consumer protection Business > Industry rules Business > Fair trading Rights and equality > Privacy
Previous

31: Data holders must comply with requirements for requests, providing services, and making information available, or

"Companies with data must follow rules when sharing or using it"

Next

33: Accredited requestors must comply with requirements for making information available, or

"Approved information-askers must follow special rules about sharing information"

Part 2 Regulated data services
Additional obligations: Requirements for requests, providing services, and making information available

32Requirements for data holders in regulations or standards

  1. Regulations or standards made for the purposes of section 31 may (without limitation) relate to any of the following:

    Charges in connection with regulated data services

  2. requirements about charging amounts payable in connection with regulated data services, including—
    1. when an amount may, must, or must not be charged; and
      1. prohibitions or restrictions relating to charging those amounts (for example, a cap on how much may be charged):

        2. Notifying or otherwise making available information

      2. the information that must be notified or otherwise made available to any person referred to in section 31(3), the times at which, or the events on the occurrence of which, information must be notified or made available, and the manner of notifying or making available the information (including prescribing the manner in which the information must be presented, calculated, or prepared):

          1. Data

        1. the format and description of data:
          1. the manner in which requests for regulated data services are received and responded to (for example, a requirement to use an application programming interface (API)):
            1. data quality:

                1. Confirmation

              1. the manner in which authorisations are confirmed under section 39(2).

                1. In this section, data means designated customer data or designated product data (or both), as the case may be.