We offer a range of tools, services and tips to help you stay safe while using our products and services.
Our Spark Privacy Policy tells you how we collect, use and protect your personal information. It also tells you who we share your personal information with and how. Read our Spark Privacy Policy
Our Website Privacy Policy tells you about the information we collect when you’re using our website. Read our Website Privacy Policy
It’s important to know how you can keep yourself and loved ones safe and secure online. We offer a range of resources to help you do this:
Your internet browser allows you to control the use of cookies.
You can opt-out of Google Analytics advertising features, or use a browser plugin to opt-out of Google Analytics cookies.
Go to Google terms page to opt out of advertising features
At Spark, our approach to privacy is based on principles of customer centricity, fairness, transparency, autonomy and simplicity. We also work hard to protect personal information from unauthorised access.
Spark encourages and equips all its people to respect and protect customer privacy. Spark also has privacy specialists, including the Digital Trust team, led by the Lead Digital Trust Partner (Spark’s Privacy Officer) and based in the Legal Centre of Excellence. This team lead Spark’s privacy programme and support Spark people with tools and training to help ensure everyone follows our Privacy Policy.
Spark’s privacy programme includes:
These help safeguard customer information throughout business activities. For example:
Spark people must complete privacy training when they join Spark. Our people can also voluntarily retrain, as often as needed. Customer services teams have extra privacy training specific to their tools. Internal communications campaigns remind Spark people of our privacy obligations. Spark people can also access Privacy Act summaries, policies, processes and how-to guides. For example, our Spark Policy Playbook includes a section on data and privacy. This helps make our privacy policy more easily actionable for our people.
We offer a range of tools and services to help customers stay safe and manage their privacy and security. These include things like security tools and call and number display options. Spark also has an online Scams and Safety centre. It highlights common and recent scams. It also provides resources to help customers protect their information.
From time to time, Spark contacts customers directly to tell them about choices they have with their information. At times we also run campaigns and hold events aimed at helping customers protect themselves online.
Privacy at Spark is supported by one of the largest teams of certified security professionals in New Zealand. Spark's Security Operations Centre is a team of over forty cyber security experts, who work around the clock to keep Spark’s and our customers’ data safe.
In addition, access to customer information at Spark is restricted to only those who need to access it as part of their role. We also actively encourage customers to use unique passwords and PINs, and to keep these secure.
We greatly value the trust New Zealanders place in Spark and we work hard to protect your personal information and keep it private.
Like all New Zealand organisations, including telecommunications companies, there are times when we need to assist the New Zealand government and law enforcement agencies. Sometimes, this means sharing customer information with them. This assistance is provided for specific reasons. For example, to help agencies carry out their statutory duties, investigate crimes and fraud or find missing persons.
Sharing information with government agencies is not something we do lightly. We take a strict approach to how we assess and manage these requests to protect the privacy of our customers. For example, we only voluntarily share your personal information if you’ve said we can or in exceptional circumstances such as where there’s an immediate threat to public health, safety or lives. Other than that, we only share personal information with government agencies when we’re legally compelled to.
We want to be open and upfront about this process. That’s why we publish these reports.
If you have questions about these reports, please email privacy@spark.co.nz
These reports cover requests by New Zealand government agencies for Spark customers’ personal information. They also show instances where we provided all, some or none of the information requested and the agencies that most of the requests came from.
Information provided can include SIM and device information, call logs, text logs and content, browsing information, voicemail, account notes and billing information. It can also include location information from cell towers.
What’s not included
The reports don’t include requests made under the Intelligence and Security Act 2017. The reports also exclude instances where information has been shared with emergency services providers through the Police TESA database or the Emergency Caller Location Information (ECLI) initiative.
Our specialist Call Investigations Centre (CIC) manages requests for personal information from the New Zealand government, excluding requests made under the Intelligence and Security Act 2017.
When they receive a request, the CIC check whether it has been made according to the relevant legal process. For example, some types of requests can only be made by certain people, certain agencies or using certain forms. We only voluntarily share your personal information if you’ve said we can or in exceptional circumstances such as where there’s an immediate threat to public health, safety or lives. Other than that, we only share personal information with government agencies when the law says we have to and the correct processes have been followed.
Our CIC team works with Spark’s legal and privacy teams to ensure we’re doing what we need to under law, while maintaining high standards for protecting our customers’ privacy.
When we provide all, some or none of the information.
When we have the information requested, and there’s no doubt that we legally must provide it, then we’ll fulfil the request.
Where we supply either none of the information, or only some of it, this may be because we don’t have the information requested, or because we don’t have enough information from the government agency to identify the customer with confidence. Occasionally, we challenge a request because we don’t believe there’s a reasonable legal basis for it.
Spark received 1549 requests from more than 11 government agencies.
These resulted in:
Of the total requests made, most came from:
Spark received 2003 requests from more than 11 government agencies.
These resulted in:
Of the total requests made, most came from:
Spark received 2298 requests from more than 11 government agencies.
These resulted in:
Of the total requests made, most came from:
Spark received 1972 requests from more than 11 government agencies.
These resulted in:
Of the total requests made, most came from:
Spark received 1907 requests from more than 11 government agencies.
These resulted in:
Of the total requests made, most came from:
Spark received 1936-1945 requests from more than 12 government agencies.*
These resulted in:
Of the total requests made, most came from:
*In the first half of 2019 this data was recorded in a different system. Because of this, the total count is recorded as a range rather than an exact count for this period.
You can request access to, and correction of, the personal information that we hold about you. To do this, contact the Spark Investigations Centre:
A member of the Spark Investigations Centre will contact you to:
We’ll do our best to give you access to your personal information. But occasionally we may withhold information on one of the grounds set out in the Privacy Act 2020. We aim to process requests within 20 working days.
The ECLI service enables 111 emergency call takers to receive automatically generated geographical information about the likely location of a caller, when a 111 call is made from a mobile device on a cellular network.
The ECLI Service improves public safety and potentially saves lives. It does this by decreasing the time taken to accept and verify the location of 111 mobile callers and reducing the average dispatch time for emergency events from mobile phones.
The ECLI informs Police, Fire and Ambulance of your location when you call 111 from a mobile phone. You still need to tell the emergency call taker where you are or as much information about your location as you can. But the system helps emergency services find you faster, even if you’re not sure of your exact location.
ECLI works with all mobile phones and you don’t need to do anything different when you call 111, even if your phone’s location services are turned off. Your data is protected and your location is only provided when you call 111.
The ECLI service is also supported by registered Android devices using the 111 TXT service. Learn about the 111 TXT service
More information about how the ECLI system operates is available from MBIE. Go to MBIE website
The ECLI Service is a collaboration between the Ministry of Business, Innovation and Employment (MBIE), emergency service providers and mobile network operators (like Spark).
Spark provides network cell site data to a 111 Location Area Service (LAS) system operated by MBIE. The LAS system receives and processes ECLI, then sends it to the relevant authorised emergency service provider.
Authorised emergency service providers — New Zealand Police, Fire and Emergency New Zealand, St John and Wellington Free Ambulance — can use this location information to help them verify where you are calling from, so they can respond to the emergency as quickly as possible.
The Privacy Commissioner has authorised the Emergency Caller Location Information system via an amendment to the Telecommunications Information Privacy Code 2003. This amendment includes the addition of Schedule 4 to the Code which defines the boundaries and controls on the system's use. View the privacy code
You can ask to access any of your information that Spark holds. See accessing and correcting your personal information above for how to do this.
You can also request access to the record of your 111 call from the emergency service providers at the links listed below:
If you'd like to make a privacy complaint, there are a few different ways you can do this. View Spark's privacy complaints process
If you'd like to complain about the ECLI system, please email info@mbie.govt.nz
Complaints about Emergency Service Providers should be made to the relevant organisation.
If you have any feedback or queries about privacy at Spark, please don’t hesitate to reach out to us. Email privacy@spark.co.nz
We have robust processes to manage the personal information we hold. But if you have any concerns or feel your privacy has been breached in some way, let us know. The Spark Privacy complaints process ensures concerns are addressed as quickly as possible. Learn about the privacy complaints process