When do I need a privacy policy for my business?

HomeBlogWhen do I need a privacy policy for my business?
man and woman standing in front of a wall full of cameras

It is sometimes difficult to know when you need to implement a privacy policy in your business. When operating a business in Australia, you will inevitably collect, store and use information provided to you by your customers. This often includes potentially sensitive personal information. Under Australian Privacy Laws, owners of certain businesses are required to disclose what data they collect and how they use it to protect consumers.

Key points to remember

  • Some businesses in certain industries are required to disclose this information regardless of their size.
  • If your business has an annual turnover of more than $3 million then you will be required to comply with Australian Privacy Law and implement a privacy policy.
  • If your business has an annual turnover of more than $3 million then you will be required to comply with Australian Privacy Law and implement a privacy policy.

What is a privacy policy?

A privacy policy is a legal statement that discloses the type of information the business is collecting, how the information is collected and stored, and any circumstances that would result in disclosure of the information to a third party.

Does my business need a privacy policy?

As a general rule, most small businesses (those with an annual turnover of $3 million or less) are not under an obligation to have a privacy policy in place. However, some businesses in certain industries will be required to disclose this information regardless of their size. These industries include:

  • health service providers
  • businesses trading in personal information
  • a contractor providing services under a Commonwealth contract
  • a reporting entity for the purposes of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) (“AML/CTF Act”)
  • an operator of a residential tenancy database
  • a credit reporting body
  • employee associations registered or recognised under the Fair Work (Registered Organisations) Act 2009 (Cth)
  • businesses that conduct protection action ballots
  • businesses that are related to a business that is covered by the Privacy Act 1988 (Cth)
  • businesses prescribed by the Privacy Regulation 2013 (Cth)
  • businesses that have opted into being covered by the Privacy Act 1988 (Cth)

Are you unsure whether the above apply to your business? the Office of the Australian Information Commissioner’s website has a useful checklist designed  to help you  decide whether or not your business must comply with the Australian Privacy Principles. It will also guide you to understand if you should have a privacy policy in place.

If your business has an annual turnover of more than $3 million then you will be required to comply with Australian Privacy Law and implement a privacy policy. 

What should a privacy policy include?

If you are required to have a privacy policy it should include information such as:

  • the kind of personal information that is collected and held;
  • how the personal information is collected (both directly and indirectly) and held;
  • the purpose for which the personal information is collected, held and used;
  • how an individual may access information that is about them;
  • how an individual may request correction of information that is about them;
  • how an individual may complain about a breach of the APP or any APP codes;
  • how the organisation will manage complaints of breaches;
  • whether any personal information will likely be disclosed to overseas entities; and
  • if practicable, which overseas countries will receive personal information.

How we can help

If you would like to purchase a generic, simple and easy-to-use privacy policy that can be amended for your business, you can purchase one here: https://businesskitz.com.au/product/privacy-policy/.

Legal advice

Click here to book a FREE consultation with one of our highly experienced solicitors today or contact us at info@legalkitz.com.au or call 1300 988 954. 

The above information may have been collected from relevant government websites or other sources and is subject to change. For the latest information regarding new or amended legislation or government policy, please refer to state and federal government websites. 

0

Your Cart