Let’s talk about the in’s and out’s of why Privacy Policies matter:
The Privacy Act 1988
What you need to know is
General Data Protection Regulations (GDPR) and Australian Businesses
The General Data Protection Regulations (GDPR) are laws set to protect residents’ privacy and personal information in the European Union (EU).
Importantly, these laws also apply to organisations that operate outside the EU (like many of our Love Your Legals clients) and have users/clients/customers/contacts/website visitors who reside in the EU.
You may not be selling to the EU, not have a physical office or an agent in the EU, and you may not be marketing to the EU. However, you are likely to be present in social media groups with a global membership who may visit your website. You have no control over the location of the IP address of visitors to your website.
There are many requirements for collecting and managing personal data under GDPR or any other privacy laws across the globe.
It generally won’t mean you need to re-work your entire business process. Instead, focus on understanding how and why you collect personal information and how to secure that information.
- Do you collect any personal information? (Names, phone numbers, email addresses etc.)
- How is this information collected? (Form submission, payment gateway, client intake form etc.)
- Why is this information collected? (To deliver purchases, to email files, to perform services etc.)
- How is this information stored? (I.e. paper files in a draw, online database, CRM etc.)
- How do you keep this information safe? (Password protected accounts, 2FA, key-locked draw etc.)
- How long is this information kept? (This may be dependant on obligations such as tax and accounting needs.)
- Do you share or sell this information? (If you do, to whom, and why?)
- Do third parties have access to this information? (Service providers, for example.)
- How do users control these aspects? (Can users request the removal of data?)
Not sure if it’s right for you? Email me at firstname.lastname@example.org, and I’ll be happy to help.
Disclaimer: This blog is written to support business owners to consider legal requirements and issues that may arise in business. The information provided is for general and educational purposes only. It is not intended as legal advice for your individual circumstances. Please consult your lawyer for advice specific to you and your business.