Privacy Policy & Privacy Notice: What’s The Difference?

Privacy is a growing area of concern for many customers and policymakers. As a result, businesses must follow privacy regulation by taking the relevant and necessary steps. In particular, one requirement of privacy law is that businesses are often required to have a privacy policy and also a privacy notice.

In this post we’ll discuss the difference between a privacy policy and a privacy notice, and also how each of them operate.

Table of Contents

Privacy policy

A privacy policy is a document that states how your business will deal with personal information it collects. It covers how personal information will be handled. This includes how data will be collected, used, stored and managed.

Get a free Privacy Policy when you sign up to Lawpath today.

A Privacy Policy is required by law in certain circumstances. It outlines how your business will use, store and collect your customers information.

A privacy policy is required by law if the business falls within one of the criteria set out in the Privacy Act 1988 (Cth):

  • You are a private or not-for-profit organisation with an annual turnover of more than $3 million
  • You are a private health service provider
  • Some small businesses called APP entities

Privacy notice

A privacy notice tells a customer about privacy practices of the business. This is usually located on a website’s footer. Similarly, it describes how the business collects, uses, retains and discloses personal information.

It is simply a notice for customers about the collection of personal information. The notice does not usually need to follow strict Australian Privacy Principles (APP) guidelines. As such, privacy notices are usually shorter than privacy policies.


A privacy policy focuses within the business. It tells customers how they will handle personal information. However, a privacy notice focuses externally. It tells customers, regulators and other stakeholders what the organisation does with personal information. It will generally notify customers when, why and also how personal data will be collected and processed.

Additionally, a privacy policy must also follow a strict multi-layered format covered under APP principles. Consequently, a privacy policy will be more structured and cohesive than a privacy notice. Further, a privacy policy typically contains:

  • A scope
  • Collection of personal information
  • Disclosure (sharing)
  • Rights and choices
  • How to make a complaint
  • Contact details

Generally, privacy notices are more flexible because it simply notifies customers that their personal information is being collected. The notice must be in clear language that customers will also understand. Rules regarding privacy notices are outlined in APP 5.

If you have further concerns about complying with privacy regulations, it may be worth also speaking to a privacy lawyer.

Find the perfect lawyer to help your business today!

Get a fixed-fee quote from Australia's largest lawyer marketplace.

You may also like
Recent Articles

Get the latest news

By clicking on 'Sign up to our newsletter' you are agreeing to the Lawpath Terms & Conditions


Register for our free live webinar today!

Tax Strategies for Small Business Success

12:00pm AEDT
Thursday 25th July 2024

By clicking on 'Register for webinar' you are agreeing to the Lawpath Terms & Conditions

You may also like

The 2024 Federal Budget has unveiled a comprehensive package of measures designed to support small to medium enterprises (SMEs) in Australia, while also laying the groundwork for a "Future Made in Australia."
Default interest clauses can help protect lenders' interests, but sometimes they will not be enforceable. Find out more here.
Lying on your resume to get a job is never a good idea. In fact obtaining employment through fraud can actually land you in jail.

Thank you!

Your registration is confirmed. Keep an eye on your inbox for an email with details on how to watch the webinar.