A privacy policy is a legal document on your website which tells your visitors how you will collect, securely store, and protect their personal information, as well as their rights regarding that data.
A privacy policy is required to ensure you are compliant with Australian privacy law (Australian Privacy Act 1988). If you have a significant volume of customers in other countries, such as the US or EU, you may also need to ensure you are compliant with their laws.
What Should Your Privacy Policy Include?
Your privacy must contain information on what personal information you store, how you collect it, and what steps you are taking to ensure that data remains private. It should also include information on how a user can access the data you hold on them, their rights to complain (and how they can do so) and contact details for your organisation.
Finally, it’s not just about what you say, but how you say it. Although a privacy policy is a legal document, it is also one aimed at the general public, and as such must be easy to read and understand.
Why Do Australian Businesses Require a Privacy Policy?
You are required by law to have a privacy policy if you collect any private information from visitors to your website. This includes email addresses, names, payment details, and tracking cookies. Activities that necessitate a privacy policy include, but are not limited to, taking payments online, having an email signup or newsletter, tracking users with Google Analytics, and displaying ads using an ad network (for example, Google AdSense).
In practice, this means every Australian business should have a privacy policy. Even if you aren’t storing any personal information (unlikely), not having a privacy policy can negatively affect your reputation with both potential customers and search engines.
What Happens If You Don’t Have a Privacy Policy?
Failure to comply with the Privacy Act can potentially lead to some hefty fines; the maximum penalty for serious or repeat breaches is AUD$2.1 million, but the Australian government has recently announced that this will be increasing to the greater of AUD$10 million, 3x the value of benefit through misusing information, or 10%$ of your Australian turnover. Ouch!
Large fines can also be imposed by both the US Federal Trade Commission and the EU.
Is a Free Privacy Policy Good Enough?
There are plenty of ways to get a privacy policy for free, but should you?
No.
These general-purpose policies contain lots of information that is confusing and not relevant to your business, may miss out important industry and business-specific points that are important to you, and are more likely to confuse your customers than help them. They may not even be suitable for an Australian business if they’ve been written for a business in another country.
Nothing says “we don’t care about your privacy” more than a confusing, boilerplate privacy policy.
What Should You Do Next?
Contact us! We’ve written hundreds of privacy policies for Australian businesses. We’ll ensure your privacy policy is tailored to suit your business activities and industry, keep it easy to read for your customers, and advise you on any further steps you need to take to remain compliant with all applicable laws.
Call us today on 1800 355 455 or contact us online today.
