What Do I Need In A Privacy Policy?

A Privacy Policy is important for every business. A privacy policy needs to include all the information set out in the Privacy Act 1988. Our privacy and data lawyers also recommend that a privacy policy include information that is helpful and transparent.

If you have a website or app that collects personal data from its users, you need to establish a policy. Although it is common for users not to read through this policy, it is essential to have one for your business.

Most Internet users have heard of a privacy policy. However, you may not know what it does or what it generally includes.

In this article, Micaela Diaz explains what a privacy policy is and what your privacy policy should include. Micaela is a qualified Australian Legal Practitioner. Micaeals holds a Bachelor of Laws (Honors) and a Bachelor of Business (International Business). She also holds a Graduate Diploma in Legal Practice from the Queensland University of Technology.

What is a Privacy Policy?

A Privacy Policy is a legal requirement if you collect and process personal data from customers or users of your website. It discloses what kind of data you collect, how you collect it, what it is used for, where it is stored, and how you keep it secure. It also describes how you collect personal data, for example, using cookies, and how users can limit the data they share with you.

The definition of personal data varies depending on applicable law. However, personal data is any data that allows businesses to identify a person.

Examples of the types of personal information include:

• Name
• Email address
• IP address
• Passport Number

You may also collect sensitive data such as financial details, biodata, or data of minors. If you collect such data, you should highlight it in a Privacy Policy.

The three most important reasons you need a privacy policy are:

Reason One: It’s a Legal Requirement under Australian Privacy Laws

In Australia, collecting and storing personal information requires a privacy policy as a legal requirement. However, the law only requires businesses that meet certain criteria to have one. We will discuss those criteria below.

We are also aware that there are some significant changes coming to Australia’s privacy laws. You may need to revisit any privacy policy you include now once the new law comes into effect.

Reason Two: It builds trust and shows respect for your users’ privacy

A privacy policy shows that your company takes the data collected from its users seriously. A privacy policy assures website users and customers that you will keep their personal information safe and private. Additionally, they can trust that your business follows Australian laws.

Reason Three: It’s a requirement of a third-party service you use

Operating an online business or website often requires the use of third-party tools or services. For example, most websites use analytics tools to track the traffic coming to the website and traffic patterns. Websites and blogs often use advertising to generate revenue and affiliate links. All these services may require that your website, blog, or eCommerce store have a policy.

For example, companies like Google and Apple require your website to include a privacy policy.

Where to put a Privacy Policy on the website?

Your policy must be easily accessible to your users/customers. Your Privacy Policy should be clearly displayed on your website and on every page where you gather personal information from users.

Footer

The footer is the most popular place for websites to post their policy. It is also accessible from any page on your website.

About Us

Another place where your privacy policy should be is on the main menu under the “About Us” section. This is a convenient and easily accessible option, again, available on every page of your website.

Checkout Forms

An effortless way to ensure your users can find your privacy policy is to add it to your checkout form. This is typically done by adding a checkbox next to a statement such as “I have read and agree to the Privacy Policy .”

The checkbox is near the “Pay” button, and you cannot process the transaction until you check the checkbox. A link to your privacy policy is provided. This means the customer must agree to, and read the privacy policy to purchase.

There are a variety of ways you can collect data from your users.

Some examples are:

1. Using cookies on your website;
2. Collecting email addresses for monthly newsletters;
3. Collecting email addresses to advise when you are running a sale or to publish your next blog post;
4. Collecting personal information to send goods to your customers.

What does a Privacy Policy need to include?

A policy should be a comprehensive handbook that leaves no stone unturned. It should encompass the following elements:

1. The type of personal information you collect and store
2. The purposes for which you collect, retain, use and disclose personal information
3. How you collect and securely store personal information
4. A promise not to “spam,” sell, or rent a visitor’s email address
5. How an individual can get access to personal information and correct the information you hold, including unsubscribing from an email list
6. How an individual can complain about a breach of the Australian Privacy Principles and how you’ll handle the complaint
7. How you share personal information with others, and if they’re in other countries, the countries it will be shared with.
8. Your contact details

The Australian Privacy Principles (APPs):

The Australian Privacy Principles (APPs) strengthen Australia’s data protection by providing 13 fundamental rules for managing personal information. A robust policy must align with these principles, ensuring comprehensive adherence to the legal framework. These principles address matters such as lawful data collection, responsible use, and vigilant data security.

Tailor your Australian privacy policy to your business

We don’t recommend copying and pasting policies from other websites as they may not fully meet your needs.

A privacy policy is a legal document that informs and protects consumers. It should be well-written, readable, understandable, and accurate. Readers and customers won’t find a policy helpful if they cannot understand the meaning behind the legal jargon.

There are several ways to write a company’s privacy policy, and they’re:

1. Hiring a law firm: reliable legal advice and the most expensive option available;
2. Writing it yourself: The cheapest option, but also the most difficult and time-consuming. If you’re not familiar with the rules and regulations, you could miss important information and put your business at risk.

It’s best to hire a privacy lawyer to draft a privacy policy for your business website. If you want to write it yourself that is acceptable. However, we recommend hiring a privacy lawyer to review your privacy policy.

Key takeaways

• place your policy somewhere prominent on your website
• be transparent and disclose anything a user may want to know about their personal information
• don’t copy privacy policies from other websites
• seek legal advice from qualified privacy and data lawyers

How can Prosper Law help?

Prosper Law is Australia’s online law firm. We provide legal advice to businesses and individuals across Australia. Our areas of legal practice include contracts, eCommerce, publishing, legal counsel and employment law.

If you need to talk to an eCommerce Lawyer, get in touch today.

Contact the team at Prosper Law today. Talk to our privacy data lawyers to discuss how we can help you for a fixed fee.

Micaela Diaz | Solicitor

PROSPER LAW – Australia’s Online Law Firm

M: 1300 003 077

E: enquiry@prosperlaw.com.au  

W: www.prosperlaw.com.au

A: Suite No. 99, Level 18, 324 Queen Street, Brisbane, Queensland Australia 4000