This page summarises the changes that have been made over time to:
- the RealMe terms of use and privacy statement; and
- the identity verification service terms of use and privacy statement.
Note that, upon launch of the RealMe service in July 2013, what previously was the "igovt logon service" became a part of the RealMe service and is now known as the "RealMe login service".
Whilst the identity verification service terms of use and privacy statement once covered the igovt logon service and igovt identity verification service, from July 2013 they cover only the identity verification service. The RealMe terms of use and privacy statement cover the RealMe service which, in essence, consists of the RealMe login service and the RealMe verification service.
For these reasons, you will see that historical changes to the identity verification service terms of use and privacy statement, i.e., before July 2013, include changes to logon-related matters. From July 2013, such changes will be made to the RealMe terms of use and privacy statement.
History of changes to the RealMe terms of use
16/03/2018: Changes to the RealMe Terms of Use
- Removal of New Zealand Post Limited as a provider of RealMe
- Explain that third party attribute providers may provide their own support services. RealMe is not responsible for those services
- Inclusion of enduring consent to allow RealMe to remember your consent to share attributes with a participating service provider
- Update to Unlawful access or use to reference Contract and Commercial Law Act 2017, Part 2 Subpart 1
- Explain that disputes relating to third party attribute providers must be taken up with the attribute provider
- Update to Minor's Contract section to reference Part 2 , Subpart 6 of the Contract and Commercial Law Act 2017
10/09/2014: Changes to the RealMe terms of use to:
- reflect the introduction of, and required security obligations for, a voluntary PIN that enables users to reset their passwords online
- record the possible use of Google Authenticator to generate RealMe codes, including additional recommended practices for users to keep their information secure
01/07/2013: First version of the RealMe terms of use. The RealMe terms of use:
- incorporate and in some cases streamline the login-related terms that previously were contained in the igovt terms of use
- note that the RealMe service is provided by both the Department of Internal Affairs (DIA) and New Zealand Post Limited (NZ Post)
- make a series of changes to reflect the change in branding from the igovt logon service to the RealMe login service (including that the previous Help Desk becomes the RealMe Help Desk, igovt codes become RealMe codes, and igovt tokens become RealMe tokens)
- explain that there are separate terms that apply when one wishes to apply for an igovt verified identity or an NZ Post verified address
- introduce and account for the RealMe verified account, the RealMe verification service and the RealMe verification service's role in fetching igovt verified identities and NZ Post verified addresses)
- remove the obligation to change one's password at regular intervals (the RealMe service addresses this requirement at a technical level).
History of changes to RealMe privacy statement
04/07/2022: Changes to the RealMe Privacy Statement
- changes to simplify the language and make it easier to read
- changes incorporating the new one button access to Manage My Account
12/04/2021: Changes to the RealMe Privacy Statement
- changes to storage of information now being in the cloud
- changes to cookies
- changes to access to information dated prior to 1 January 2018
16/03/2018: Changes to the RealMe privacy statement:
- Removal of New Zealand Post Limited as a provider of RealMe
- Reflect RealMe's role as a broker of verified attributes between attribute providers and participating service providers
02/12/2014: Changes to the RealMe privacy statement to:
- reflect changes to the names of the cookies used by the RealMe services
10/09/2014: Changes to the RealMe privacy statement to:
- reflect the introduction of a voluntary PIN
- reflect the possible use of Google Authenticator
17/07/2014. Changes to the RealMe privacy statement to:
- note that we may use information provided by users to communicate with them about the RealMe services
- notify website visitors of statistical information that may be collected about their visit, and the manner in which that information may be used
01/07/2013: First version of the RealMe privacy statement. The RealMe privacy statement:
- note that we may use information provided by users to communicate with them about the RealMe services
- notify website visitors of statistical information that may be collected about their visit, and the manner in which that information may be used
01/07/2013: First version of the RealMe privacy statement. The RealMe privacy statement:
- incorporates and in some cases streamlines the login-related provisions that previously were contained in the igovt privacy statement
- explains the RealMe service, its privacy-centric design approach and how it interacts with the igovt identity verification service and NZ Post address verification service
- explains that separate privacy statements apply to DIA's treatment of personal information with the igovt identity verification and NZ Post's treatment of personal information with its address verification service
- explains that site visit data is recorded when one uses the RealMe login service or accesses his or her RealMe verified account
- describes the information that DIA collects for, and provides to, the RealMe verified account service
- describes the information that the RealMe login service provides to the igovt identity verification service to enable that system to communicate with users
- notes that, when one uses the RealMe service to verify identity or address, the RealMe service will generate two additional non-persistent cookies
- explains the means by which one can access and correct personal information through the RealMe service.
History of changes to identity verification service terms of use
18/08/2024: Removed references to the co-apply channel (getting a RealMe verified identity at the same time as renewing your passport) as this option has been turned off.
21/03/2022: Change to the identity verification service terms of use to add to the "Your commitments to us" section about submitting images or video as follows:
- not submit any filtered, edited, manipulated or interfered with images or video footage. This includes video feed that is intercepted and/or manipulated by third party software.
8/05/2020: Changes to the identity verification service terms of use to:
- remove the reference to Kiwibank/PostShops as third party provider.
16/03/2018: Changes to the identity verification service terms of use:
- Exclusion of liability for loss of profit, opportunity, income or savings for any DIA appointed provider used in applying for a verified identity
- Update to Minor's Contract to reference Part 2, Subpart 6 of the Contract and Commercial Law Act 2017
03/12/2015: Changes to the verified identity terms of use to:
- rename 'RealMe verified account' as 'RealMe account'
- clarify information the RealMe Help Desk may ask to assist a customer
23/05/2015: Changes to the igovt terms of use to:
- remove the term 'igovt' as a way of describing the identity verification service
- note that photos may be captured by a wider range of approved photo-takers
- introduce and account for verified identity applications that can now be made at the same time as a person renews their adult New Zealand passport online
- reflect changes made to the verified identity renewal process
- specify the current agencies DIA may confirm personal information with
- clarify the information people are able to view about their verified identity
10/09/2014: Changes to the igovt terms of use to:
- reflect the introduction of, and required security obligations for, a voluntary PIN that enables users to reset their passwords online
- record the possible use of Google Authenticator to generate RealMe codes, including additional recommended practices for users to keep their information secure
01/07/2013: Changes to the igovt terms of use to:
- remove the logon service related terms (now covered by the RealMe terms of use) and streamline or clarify certain existing terms
- reflect the fact that the igovt identity verification service is accessed via the RealMe service
- rename "igovt ID" as "igovt verified identity"
- note that the Help Desk has become the RealMe Help Desk
- include a new section on amendment, cancellation, suspension or revocation of one's igovt verified identity, cross-referencing to relevant provisions in the Electronic Identity Verification Act 2012
- amend the process for amending the igovt terms of use.
8/04/2013: Changes to the igovt terms of use to:
- reflect enactment of the Electronic Identity Verification Act 2012 and certain of its provisions
- clarify that a person can have only one igovt ID
- note that sometimes a participating service provider will operate the Help Desk for its own customers
- record additional sources from which the igovt identity verification service may retrieve personal information when processing applications for igovt IDs or which the igovt identity verification service may check to ascertain whether changes to a person’s details in his or her igovt ID are required or whether the person has died
- note that in some cases DIA may ask a person to consent to DIA confirming that person’s details against records held by other agencies
- record the ability for DIA to suspend or disable a person’s igovt ID if DIA considers it was issued, renewed or amended on the basis of any false or fraudulent representation
- note that DIA may notify agencies at which a person has used his or her igovt ID of the fact of suspension or revocation of the igovt ID or some other change to its status
- amend the amendments clause, noting that a link to the log of changes to the terms of use and privacy statement now appears in the website footer
- record other minor drafting changes.
16/05/2011: The change to the igovt terms of use is:
- supplementing the Recommended Practices to advise that an email chosen for igovt use should not be shared with other people.
25/11/2009: Changes to the igovt terms of use are mostly due to:
- re-naming from Terms and Conditions to Terms of Use
- simplifying the content to be more easily understood
- inclusion of the Identity Verification Service (IVS) as part of igovt.
1/07/2009: Changes to the GLS terms of use are mostly due to:
- changing the GLS to the igovt logon service brand
- a new extra security logon, igovt code by TXT being introduced
- ownership of the GLS transferring from the State Services Commission to the Department of Internal Affairs, on 1 July 2009.
History of changes to identity verification service privacy statement
15/01/2025: Changes to the identity verification service privacy statement:
- change in process: "the Registrar-General of births deaths and marriages may release restricted name-change and restricted sex information to us for the express purpose of checking that you do not already have a verified identity issued to you in a different identity". This is to ensure no more than one verified identity is issued per individual.
28/02/2022: Changes to the identity verification service privacy statement:
- Updated reference to Privacy Act 1993 with Privacy Act 2020
24/11/2020: Changes to the identity verification service privacy statement:
- Replaced Public Records Act with Electronic Identity Verification Act in final paragraph - Disposal of your verified identity records.
20/07/2020: Changes to the identity verification service privacy statement:
- removed references to RealMe Now app, PostShops and Kiwibank, and 18+ card.
- updated wording to include web photo capture process
15/04/2018: Changes to the identity verification service privacy statement:
- update the data retention period for the RealMe Now app
- section added about the collection and use of statistical information
16/03/2018: Changes to the identity verification service privacy statement:
- Allow for the retrieval of contact information for the purposes of conducting performance survey with opt out functionality
- Explain the purpose of photo and video capture of the RealMe Now app and its data retention period
- Pre-consent to share information with a participating service. Identity information will be passed to the service by RealMe once it has been verified by IVS
- Name and date of birth may be passed to the pre-consented service if a successful facial recognition match has been made via the RealMe Now app
03/12/2015: Changes to the verified identity privacy statement to:
- rename 'RealMe verified account' as 'RealMe account'
23/05/2015: Changes to the verified identity privacy statement to:
- remove the term 'igovt' as a way of describing the identity verification service
- note that photos may be captured by a wider range of approved photo-takers
- introduce and account for verified identity applications that can now be made at the same time as a person renews their adult New Zealand passport online
- reflect changes made to the verified identity renewal process
- specify the current agencies DIA may confirm personal information with
- clarify the information people are able to view about their verified identity
01/07/2013: Changes to the igovt privacy statement to:
- remove the logon service related provisions (now covered by the RealMe privacy statement) and streamline or clarify certain existing terms
- explain how the igovt identity verification service relates to the RealMe service and what happens when a person uses a participating service provider's online service that requires verification of identity
- reflect the fact that the igovt identity verification service is accessed via the RealMe service
- rename "igovt ID" as "igovt verified identity"
- note that the Help Desk has become the RealMe Help Desk
- note that a person's application for an igovt verified identity now entails visiting a participating Post Shop to have a photo taken (rather than visiting a DIA office for this purpose)
- note that, as part of the application process, people may be asked to provide additional documents to NZ Post and that these documents may be scanned and provided to DIA with a person's application
- explain the information that a person will be asked to enter into a computer when applying for an igovt verified identity, depending on the evidence of identity source the person is relying on
- explain how one's igovt verified identity can be managed via the RealMe service.
8/04/2013: Changes to the igovt privacy statement to:
- reflect enactment of the Electronic Identity Verification Act 2012 and certain of its provisions
- reflect the roll-out of the fully implemented igovt identity verification service (prior to this DIA was operating a pilot implementation)
- note that people may now start their igovt ID applications on any computer, explain how that works and note that the person will then need to visit a DIA office to have a photograph taken
- reflect changes, also made to the Terms of use on the same date, to record additional sources from which the igovt identity verification service may retrieve personal information when processing applications for igovt IDs or which the igovt identity verification service may check to ascertain whether changes to a person’s details in his or her igovt ID are required or whether the person has died
- note that DIA may also match the photographic image it takes during a person’s igovt ID application process with the image DIA retrieves from the Ministry of Business, Innovation and Employment’s immigration databases
- note that DIA does not store the image it retrieves from those immigration databases
- record that DIA may use the information it collects, where relevant, to verify individuals’ details provided with applications for issuance, renewal, amendment or cancellation of an igovt ID
- delete reference to a process (which is not deployed) regarding the logon service generating an indicator, where relevant, to government service providers when a person next logs on that that person has changed his or her contact details
- notify people that, as part of their account information, DIA holds a record of where people have used their igovt IDs and the time and date that a person’s identity attributes were disclosed to a participating service provider (noting also that DIA does not hold information about the transaction performed with that service provider)
- explain how people are able to view their own igovt activity records and what their records contain
- note that the logon service now generates an additional session (non-persistent) cookie named “CLIENT_KEY”
- note that a person’s ability to view his or her transaction history/igovt ID may be limited where access may prejudice an investigation or for technical reasons
- note that a person may apply to cancel his or her child’s igovt ID where the person is the child’s parent or guardian and the child is under 14 years of age
- note that, if a person discovers that one or more igovt ID attributes are incorrect and, as requested, contacts the igovt Help Desk, the person may be referred to the relevant part of DIA or other agency that was the authoritative source of the identity information
- record changes to the contact details for DIA’s Privacy Office
- explain DIA’s retention and disposal of igovt ID records
- record other minor drafting and stylistic changes.
17/01/2013: Changes to the igovt privacy statement to:
- note that a person may, when applying for a logon, be asked to provide the person’s mobile number for TXT support messages
- note that, if a person is already an igovt user but has not provided his or her mobile number, DIA may ask the person periodically if he or she would like to receive support via TXT messages to the person’s mobile phone.
25/11/2009: Changes to the igovt privacy statement to:
- simplify the content to be more easily understood
- incorporate significant changes as a result of the inclusion of the Identity Verification Service (IVS) as part of igovt, including information collected and how it is used
1/07/2009: Changes to the privacy statement to:
- reflect the change from the GLS to the igovt logon service brand
- reflect ownership of the GLS transferring from the State Services Commission to the Department of Internal Affairs, on 1 July 2009.