• New Zealand Government Web Standards 2.0

• New Zealand Government Web Standards 1.0
  • » 1. Images
  • » 2. Colour
  • » 3. Site Markup
  • » 4. Special Purpose Documents
  • » 5. Writing Content
  • » 6. Site Content
  • » 7. Page Layout
  • » 8. Navigation
  • » 9. Style Sheets
  • » 10. Dynamic Content
  • » 11. Tables
  • » 12. Frames
  • » 13. Scripting and Applets
  • » 14. Page Refreshing
  • » 15. Site Behaviour
  • » 16. Site Layout
  • » 17. Archiving
  • » 18. Quality Assurance
  • » 19. Data Tracking
  • » 20. Authentication
  • » 21. Security
  • » 22. Online Forms
  • » 23. Tendering and Contracting
    • 23.1 GETS notified of tenders on or over the government procurement threshold
    • 23.2 Specifying compliance with web standards and recommendations
    • 23.3 Data re-use by third party hosts
  • » 30. Site Delivery
  • » 31. Operational
  • » 32. Web Strategy

23.3 Data re-use by third party hosts

The Standard

23.3 When contracting with a service provider, the contract must specify that the provider must not independently collect or reuse data gained in the course of providing the service, unless prior approval has been given by the agency.

This does not relieve the contractor of their obligations under the Privacy Act 1993.

Guide to this standard

An external service provider can have access to personal information about a service user; can gain information in the form of server or application logs, tracking, client data, HTTP header information that includes data from cookies, and click-stream data.

Rationale for this standard

The contracting out of services, for example the hosting of a web site, can include a range of issues that are similar to those faced by a government agency when hosting services in-house.