It is imperative for your customers to be aware of how their data is being used and reasonable steps be taken to handle such information with care.
Depending on your business needs there are various privacy policies that you might use and it is often known by other names such as:
- Responsible use of data policy.
- Confidential information policy.
IMPORTANT: having this policy is not sufficient to comply with any of the relevant legislation. You must actually follow the procedures outlined in the policy. Please read the provisions of this policy and ensure that you are prepared to follow such procedures.
- telephone number;
- date of birth;
- credit card information;
- financial information;
- contact information;
- sexual orientation;
- ethnic origin;
- health information;
- personally identifiable information;
- demographic information; or
- social media information.
If you're still unsure if your small business needs to comply with the Privacy Act, read more: Does my small business need to comply with the Privacy Act?
You would like to inform people how you collect, use and respect information data;
You would like to be in compliance under Australian federal laws, as well as the California Consumer Privacy Act.
- how personal information data and sensitive information is collected;
- what the personal information is used for;
- how the personal information data is stored and managed; and
- the kind of control and rights that customers have over their personal information.
Other documents you may need:
- Website Terms and Conditions of Use (Goods)
- Website Terms and Conditions of Use (Services)
However, if you are unsure on whether your business is compliant with applicable privacy policies, contact us for more information.
Websites often interact with and pass data onto affiliates/third party vendors such as Google Analytics or Facebook Advertising who track the website for marketing purposes using browsers ‘cookies’ who collect personal information from its users, also to display ads.
Does anybody actually read privacy policies?
If your website also collects personal data from browser 'cookies' (ie. blog), it is important to give users the opportunity to consent - directly or possibly from a guardian - before collecting any information.
The Australian Privacy Act 1988 (Privacy Act) and the Australian Privacy Principles (APPs) regulates the handling of personal information about individuals. The CCPA is the California equivalent, and has different requirements to Australian legislation.
If the business or website interacts with consumers outside Australia, certain international privacy laws may apply.
Should I get this policy reviewed by a lawyer?