Most Internet users have heard of a privacy policy. However, you may not know what it does or what it generally includes.
A Privacy Policy is important for every business. A privacy policy needs to include all the information set out in the Privacy Act 1988. We also recommend that a privacy policy includes information that is helpful and transparent for its readers.
If you have a website or app that collects personal data from its users, you need to establish a policy. Although it’s common for users not to read through this policy, it’s essential to have one for your business.
In this article, our privacy and data lawyer, explains why a privacy policy is important and what you should have in your businesses privacy policy.
A privacy policy is a legal requirement if you collect and process personal data from customers or users of your website.
It discloses what kind of data you collect, how you collect it, what it is used for, where it is stored, and how you keep it secure. It also describes how you collect personal data, for example, using cookies, and how users can limit the data they share with you.
The definition of personal data varies depending on applicable law. However, personal data is any data that allows businesses to identify a person.
Examples of the types of personal information include:
You may also collect sensitive data such as financial details, biodata, or data of minors. If you collect such data, you should highlight it in a Privacy Policy.
In Australia, collecting and storing personal information requires a privacy policy as a legal requirement. However, the law only requires businesses that meet certain criteria to have one. We will discuss those criteria below.
We are also aware that there are some significant changes coming to Australia’s privacy laws. You may need to revisit any privacy policy you include now once the new law comes into effect.
A privacy policy shows that your company takes the data collected from its users seriously. A privacy policy assures website users and customers that you will keep their personal information safe and private. Additionally, they can trust that your business follows Australian laws.
Operating an online business or website often requires the use of third-party tools or services. For example, most websites use analytics tools to track the traffic coming to the website and traffic patterns. Websites and blogs often use advertising to generate revenue and affiliate links. All these services may require that your website, blog, or eCommerce store have a policy.
For example, companies like Google and Apple require your website to include a privacy policy.
Your policy must be easily accessible to your users or customers. Your privacy policy should be clearly displayed on your website and on every page where you gather personal information from users.
Here are some suggested locations for your businesses privacy policy:
The most obvious and prominent placement for the policy is in the website’s header menu. Business can out the privacy policy, terms and conditions, and feedback page on the header menu of your website.
The header menu can be accessible from any website page, and users can easily navigate to the privacy policy.
Make sure you have clearly marked your policy as “Privacy Policy” so that there is no confusion among users.
The website footer is another popular location for businesses to post their policy. It’s also accessible from any page on your website.
Another place where your privacy policy could be housed is on the main menu under an “About Us” section. This is a convenient and easily accessible option, again, typically available on every page of your website.
An easy way to ensure your users can find your privacy policy is to add it to your checkout form (if suitable). This is typically done by adding a checkbox next to a statement such as “I have read and agree to the Privacy Policy.”
The checkbox is near the “Pay” button, and you cannot process the transaction until you check the checkbox. A link to your privacy policy is provided. This means the customer must generally agree to, and read the privacy policy to purchase.
You need a privacy policy if:
There are a variety of ways you can collect data from your users.
Some examples are:
A policy should be a comprehensive handbook that leaves no stone unturned. It should encompass the following elements:
The Australian Privacy Principles (APPs) strengthen Australia’s data protection by providing 13 fundamental rules for managing personal information. A robust policy must align with these principles, ensuring comprehensive adherence to the legal framework. These principles address matters such as lawful data collection, responsible use, and vigilant data security.
We don’t recommend copying and pasting policies from other websites as they may not fully meet your needs.
A privacy policy is a legal document that informs and protects consumers. It should be well-written, readable, understandable, and accurate. Readers and customers won’t find a policy helpful if they cannot understand the meaning behind the legal jargon.
There are several ways to write a company’s privacy policy, and they’re:
It’s best to hire a privacy lawyer to draft a privacy policy for your business website. If you want to write it yourself that is acceptable. However, we recommend hiring a privacy lawyer to review your privacy policy.
A privacy policy should be prominently placed where visitors can easily find it, such as in the website’s header, footer, or on a dedicated page linked from places where personal information is collected, like signup or checkout forms.
Yes, if your website uses cookies to collect data, such as tracking user behaviour or storing preferences. Businesses should include a section in your privacy policy that explains how cookies are used and what data they collect.
Not having a privacy policy when required can lead to legal penalties, including fines and regulatory actions.
It can also harm your business’s reputation and trustworthiness, as customers may be reluctant to share their personal information with you.
It’s essential to review and update your privacy policy regularly, especially when there are changes in your business practices, data collection methods, or applicable laws.
Keeping the policy up-to-date ensures ongoing compliance and transparency with your customers.
To ensure compliance, it’s advisable to consult with a privacy lawyer who can tailor your policy to meet the specific requirements of the Privacy Act 1988 and other relevant regulations, ensuring it covers all necessary aspects.
Use clear, straightforward language and organise the policy logically with headings and sections.
Avoid legal jargon to ensure that all users, regardless of their legal knowledge, can easily understand their rights and your practices.
Contact us for a free consultation
We provide legal advice to business and individuals across Australia, no matter which State or Territory you are located. Our easy-to-access, online legal services mean that you can talk to our lawyers wherever you are, at a time that suits you.
4.8
Google Reviews
Don’t hesitate – reach out for your free legal assistance today. Your peace of mind is just a click or call away!
The laws that apply to sending unsolicited marketing emails are about to change. Businesses that marketing emails must review the way they collect consent from potential customers. These new rules
Australian email marketing laws govern when businesses can send marketing emails and specify the type of consent needed. Australian law permits businesses to send unsolicited emails if they meet certain
Trade promotions and competitions have become a common tool for businesses to connect with their customers, create brand awareness and loyalty, and support sales and social media engagement. Whether it’s
