Privacy Policy

Purpose and Application

This privacy policy applies to Hesketh Henry in New Zealand. This policy explains how Hesketh Henry collects, uses and discloses personal information and complies with the requirements of the New Zealand Privacy Act 1993 (“Privacy Act”). If you have any further questions in relation to this policy, please contact our Privacy Officer at

This policy applies to individuals and entities that share information with the firm including clients, suppliers, employees, and any other business contacts including users of our website The use of the term “you” in this policy refers to any or all of these individuals, entities or employees, contractors, owners and directors of entities as may be relevant.

This Privacy Policy applies when you access our website and/or use our services. It should be read in conjunction with our Website Terms of Use policy which can be found at the foot of each page of our website.

The Privacy Act contains a set of privacy principles which broadly follows many international privacy and data protection laws including OECD Guidelines. The principles apply to any information about an identifiable living individual. There may be instances in which we process the personal data of individuals who are located within the European Union. Accordingly, there may be instances where the European Union’s General Data Protection Regulation applies.


This policy relates to Hesketh Henry’s collection and handling of personal information that is covered by the Privacy Act. It is not intended to cover categories of information or situations that are not covered by the Privacy Act.

Collection of Personal Information

Personal information is information about an identifiable individual.

Hesketh Henry collects and holds personal information from clients, potential clients, suppliers, employees and prospective employees, contractors and other individuals. We collect and hold this information when it is necessary for business purposes and/or to meet our legal obligations including (but not limited to) in relation to our Anti Money Laundering and Countering Financing of Terrorism obligations.

The main types of personal information Hesketh Henry collects and holds relate to the contact details and organisational roles of our clients, suppliers and other business contacts. Typically, this information includes names, addresses, telephone numbers, e-mail addresses and job titles. In the course of providing professional services to our clients, we may collect and hold more detailed personal information (for instance financial details if we are asked to handle client funds). In the case of employees or prospective employees, we may collect information such as qualifications, employment history, education, testimonials or references.

We collect most information directly from individuals when we deal with them. The personal information we collect may be provided in forms filled out by individuals, face to face meetings, email messages, telephone conversations, registration and attendance at seminars, business cards, and from publically available information.

We also collect information from third parties (for example, when seeking an employment reference from a previous employer) or when we use third parties to analyse website traffic.
Because of the nature of our business, it is generally impracticable for us to deal with individuals on an anonymous basis or through the use of a pseudonym, although sometimes this is possible (for example, when seeking staff or client feedback generally).

Use of Personal Information

  • The main purposes for which we collect, hold, use and disclose personal information are:
    to provide our services;
  • to engage with courts, tribunals and regulatory authorities;
  • to respond to an individual’s request;
  • to communicate with you/maintain contact with clients;
  • to keep clients and other contacts informed of the services we offer and industry developments that may be of interest to them, and to notify them of service offerings, seminars and other events we are holding;
  • for general management and reporting purposes, such as invoicing and account management;
  • to engage third parties on your behalf;
  • for recruitment purposes;
  • for purposes related to the employment of our personnel and providing internal services to our staff;
  • to comply with our legal obligations (including meeting our Anti Money Laundering and Countering Financing of Terrorism obligations); and
  • other purposes related to our business.

If you choose not to provide us with personal information, we may be unable to do such things.

We may collect, hold and use personal information about individuals to market our services, including by email. We may also share your information with third party email marketing providers to assist us in delivering email marketing material to you.

Individuals always have the opportunity to elect not to receive further marketing information from us by writing to the Privacy Officer at Alternatively, if we have contacted you by email, you may use the ‘unsubscribe’ function in that email to notify us that you do not want to receive further marketing information from us by email.

If we collect, hold, use or disclose personal information in ways other than as stated in this policy, we will ensure we do so pursuant to the requirements of the Privacy Act.
Please note that our Terms of Engagement also apply when we provide our services to you. These may be found at the foot of each page of our website.

Disclosure of Personal Information

Hesketh Henry does not routinely disclose personal information to third parties unless:

  • use or disclosure is permitted by this policy;
  • we believe it is necessary to provide you with a product or service which you have requested (or, in the case of a partner, employee or contractor of Hesketh Henry, it is necessary for maintaining or related to your role at Hesketh Henry) for example with arbitrators, legal counsel, the Court, document management services and associated platforms, experts, insurers, process servers and regulators;
  • to protect the rights, property or personal safety of any member of the public or a customer of Hesketh Henry or the interests of Hesketh Henry;
  • some or all of the assets or operations of Hesketh Henry are or may be transferred to another party as part of the sale of some or all of Hesketh Henry’s business;
  • you give your consent; or
  • such disclosure is otherwise required or permitted by law, regulation, rule or professional standard.

We may also share non-personal, de-identified and aggregated information for research or promotional purposes. Except as set out in this policy, we do not sell to or trade personal information with third parties.

Hesketh Henry uses a range of service providers to help maximise the quality and efficiency of services and our business operations (including internal business requirements, such as recruitment and human capital requirements). This means that individuals and organisations outside of Hesketh Henry will sometimes have access to personal information held by Hesketh Henry and may collect or use it from or on behalf of Hesketh Henry. This may include, but is not limited to, independent contractors and consultants, travel service providers, mail houses, off-site security storage providers, information technology providers, event managers, credit managers and debt collecting agencies. We require our service providers to adhere to our privacy guidelines and not to keep, use or disclose personal information we provide to them for any unauthorised purposes.

Storage of Information in Cloud Systems

Hesketh Henry may store personal information within services provided by offshore cloud service providers. Currently, Hesketh Henry only utilises the services of cloud service providers who are able to provide a guarantee that information remains within a specific geographic location within the cloud service provider’s infrastructure. Hesketh Henry utilises cloud services from a cloud service provider who has met the data sovereignty and data privacy framework stipulated by the New Zealand Government.

Privacy on our Websites and Applications

This policy also applies to any personal information we collect via our websites, including, and applications. In addition to personal information you provide to us directly (such as where you make a request or complete a registration form), Hesketh Henry may also collect personal information from you via its applications and websites.

Hesketh Henry utilises cookies on its websites. Cookies are small text files that are placed on your computer by the websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. The use of cookies is now standard for most websites. If you are uncomfortable with the use of cookies, you can manage and control them through your browser, including removing cookies by deleting them from your ‘browser history’ (cache) when you leave the site. In most cases, you can refuse a cookie and still fully navigate the Hesketh Henry websites.

In order to properly manage our websites and applications, we may log certain statistics about the users of the facilities, for example the users’ domains and browser types. None of this information specifically identifies an individual and it is used solely to ensure that our websites and applications present the best possible navigational experience for users.

We may share your personal information with a variety of third party service providers to assist us with client insight analytics including through Google Analytics.

If you have registered an account with us, you will be identified by a user name and password when you log into our website or applications. The information we collect about use of our websites may be used for measuring use and performance and in assisting to resolve any technical difficulties.

Because Hesketh Henry wants your user experience to be as informative and resourceful as possible, we provide a number of links to websites and embedded content operated by third parties that may also set cookies. Hesketh Henry is not responsible for the privacy practices or policies of those sites. We encourage you to review each website’s privacy policy, especially if you intend to disclose any personal information via that site. A link to another non-Hesketh Henry website is not an express or implied endorsement, promotion or warranty of the products or services offered by or accessible through that site or advertised on that site.

Retention of Information

In relation to visitors to our website, we will retain relevant personal information for at least 12 months from the date of our last interaction with you and in compliance with any other obligations under New Zealand privacy legislation and, where applicable, under the European Union General Data Protection Regulation. We may also keep your personal information longer if we are required to do so under our Professional Rules of Conduct or professional indemnity obligations.

In relation to personal information we have processed as part of providing our services to you as a client, we will retain that personal information for at least six years from the date of our last interaction with you as a client and otherwise in compliance with New Zealand privacy legislation or, if applicable, the European Union General Data Protection Regulations. We may also keep your personal information longer if we are required to do so under our Professional Rules of Conduct or professional indemnity obligations. Please refer also to our Terms of Engagement which are located at the foot of each page of our website.

Confidentiality and Security

We take keeping the personal information you have provided to us secure very seriously and will therefore take reasonable precautions to protect that information from loss, misuse or alteration. We have implemented security policies, rules and technical measures to protect the personal information that we have under our control from any such loss, misuse or alteration.

Access to Personal Information

We will provide access to personal information upon request by an individual, except in the limited circumstances in which it is permitted for us to withhold this information (for instance, where granting access would infringe another person’s privacy).

When you make a request to access personal information, we will require you to provide some form of identification (such as a driver’s licence or passport) so we can verify that you are the person to whom the information relates.

If at any time you want to know what personal information we hold about you, you may contact us via email; Privacy Officer at

Corrections and Concerns

We endeavour to ensure that the personal information we hold is accurate, complete and up to date. If your personal information is not correct, you have the right to correct it. If you believe that information we hold about you is incorrect or out of date, or if you have concerns about how we are handling your personal information, please contact us and we will try to resolve those concerns.

If you wish to have your personal information deleted or transferred to third party, please let us know and we will take reasonable steps to delete or transfer it (unless we need to keep it for legal, auditing or internal risk management reasons).

If Hesketh Henry becomes aware of any ongoing concerns or problems concerning our privacy practices, we will take these issues seriously and work to address these concerns. If you have any further queries relating to our privacy policy, or you have a problem or complaint, please contact our Privacy Officer. If you are not satisfied with our handling of your problem or complaint you may make a complaint to the Office of the Privacy Commissioner – see for more information.

You may withdraw any consent that you may have granted to us previously in relation to any processing of your personal information in circumstances where your consent was necessary.

Effect of Policy

We reserve the right to change this Privacy Policy from time to time by publishing the revised Policy on our Website. Please check this Privacy Policy regularly for any modifications and updates. If you continue to use our Website or services or if you provide any personal information after we make any modifications and updates to this Privacy Policy, this constitutes your acceptance of those modifications and updates.

Send us an enquiry
For expert legal advice, please complete the form below or call us on (09) 375 8700.
  • This field is for validation purposes and should be left unchanged.