Does My Business Need a Privacy Policy for Google Analytics?

Assessing how well your business is received by customers is an important part of ensuring business success. A common way businesses do this is by using Google Analytics to track the website and application activity of customers. Essentially, the tool enables you to have a deep insight into your consumer which could prove to be extremely valuable knowledge for your business. However, handling consumers’ personal information can raise serious legal concerns about privacy. Because of this, you are probably wondering whether your business would require a privacy policy if you use Google Analytics. In short, yes it does. In this article, we explain why this is the case.

What is a privacy policy?

A privacy policy is a document that explains to your users how your business will handle their personal information. It is an important document to ensure that businesses covered by the Privacy Act 1988 (Cth) are compliant with the law. It is a good way of letting your customers know that you value their privacy and safeguarding their personal information. If you would like further information on what a privacy policy is, this video is very helpful. Lawpath can assist you in setting up a privacy policy for your app or website in under 5 minutes. 

You need a privacy policy if using Google Analytics for two main reasons: First, it means you are compliant with Australian privacy laws. Second, you have an obligation under the Google Analytics Service Agreement. 

Australian Privacy Law

The Privacy Act covers Australia-operating businesses with an annual turnover of more than $3 million, private health service providers, and Australian or Norfolk Island government agencies. All entities within this category must have a privacy policy, regardless of whether they use Google Analytics. So if you are in one of these categories, be sure to have a privacy policy so you are compliant with the law. Unsure if you fit the bill? Check whether you are required to comply with the Privacy Act by heading to the Office of the Australian Information Commissioner website.

I run a small business, does that mean I don’t have to comply?

If you are a small business (your annual turnover is $3 million or less) and you wish to use Google Analytics, you must also comply with the Australian rules of privacy. This is because laws cover small businesses if they disclose or collect personal information about an individual for a benefit, service or advantage. Using Google Analytics would certainly mean you will be collecting the personal information of consumers for a benefit. Therefore, as an entity using consumer data to benefit your small business, you must also adopt a privacy policy.

Google’s Terms of Service

Google has its own Google Analytics service agreement. Its privacy clause states that it is your obligation to create your own privacy policy and comply with applicable laws. You are also required to set out how you use cookies or certain identifiers to collect personal data. You should also make clear that you use Google Analytics in your policy. 

Updating your privacy policy

Already have a privacy policy? You would need to update your privacy policy according to the Google Analytics Terms of Service. Be sure to consult a business lawyer for further assistance. 


Google Analytics is a useful tool to help you tailor your business to consumer needs. But remember to be cautious about the privacy of your users. Having a privacy policy lets your customers know you value the protection of their personal information. Importantly, you will able to conduct business confidently without the fear of non-compliance.

You may also like
Recent Articles

Get the latest news

By clicking on 'Sign up to our newsletter' you are agreeing to the Lawpath Terms & Conditions


Register for our free live webinar today!

Navigating the End-of-Year Shutdown: Essential Tips for Your Business

12:00pm AEDT
Tuesday 14th December 2023

By clicking on 'Register for webinar' you are agreeing to the Lawpath Terms & Conditions

You may also like

The government has introduced changes that reduce the scope of fixed term and maximum term contracts and offer additional protections to workers on these contracts. These changes passed on 6 December 2022, and are coming into force on 6 December 2023. Find out more!
Find out whether Australia’s rules and regulations prohibit a non-Australian resident from being appointed as a company director.
Read about all key statistics from 2023 for small businesses in Australia: employment, industries and failure rates.

Thank you!

Your registration is confirmed. Keep an eye on your inbox for an email with details on how to watch the webinar.