Your privacy must contain information on what personal information you store, how you collect it, and what steps you are taking to ensure that data remains private. It should also include information on how a user can access the data you hold on them, their rights to complain (and how they can do so) and contact details for your organisation.
Failure to comply with the Privacy Act can potentially lead to some hefty fines; the maximum penalty for serious or repeat breaches is AUD$2.1 million, but the Australian government has recently announced that this will be increasing to the greater of AUD$10 million, 3x the value of benefit through misusing information, or 10%$ of your Australian turnover. Ouch!
Large fines can also be imposed by both the US Federal Trade Commission and the EU.
These general-purpose policies contain lots of information that is confusing and not relevant to your business, may miss out important industry and business-specific points that are important to you, and are more likely to confuse your customers than help them. They may not even be suitable for an Australian business if they’ve been written for a business in another country.
What Should You Do Next?