What Is a Privacy Policy?

Author:
Minbo Wang
Minbo Wang
What Is a Privacy Policy?

A privacy policy explains how you handle personal information including how you collects, hold, use and share that information.

WHO NEEDS A PRIVACY POLICY?

The following entities are required by law to have a privacy policy:

  1. if you collect health information including gyms, childcare centres, private schools, doctors, naturopaths, chiropractors, hospitals, medical centres and pharmacies;
  2. if you buy or sell information including lobby groups, finance brokers and real estate agents that may collect and share client information;
  3. if you work with the federal government being a contractor or subcontractor with a Commonwealth agency; and
  4. if you are a large company, being a company that has a turnover of over $3 million dollars. 

There are other entities that may by law require a privacy policy, such as a related party of the foregoing, so if you are unsure, you should always speak to a lawyer to confirm. 

WHAT NEEDS TO BE IN A PRIVACY POLICY?

The privacy policy must provide the following details:

  1. the name of the organisation, business or company and their contact details;
  2. what information they collect e.g. name, phone numbers, email address, gender and even online behavioural information;
  3. how they collect the information e.g. during registration or log in on a website or through a form and where that information stored;
  4. the reasons why information is collected e.g. to assist with the provision of product and services or ensure compliance with terms and conditions;
  5. how they’ll use the information including who they may share the information with, in particular but not limited to if they do so with those outside of Australia;
  6. how you can access your own information or ask for a correction; and
  7. how to lodge a complaint against them.

WHAT ARE THE PENALTIES FOR BREAKING PRIVACY?

In or around 28 November 2022, partially due to high profile data breaches like that suffered by Optus two months earlier, penalties for:

  1. companies were raised from $2.2 million to $50 million, three times the benefits obtained or 30% of the turnover of the company during the breach, whichever was greater; and
  2. individuals from $444,000 to $2.5 million.

Disclaimer: This is intended as general information only and not to be construed as legal advice. The above information is subject to change. You should seek independent legal advice before embarking upon any course of action.

Share:
Key contacts
Minbo Wang
Special Counsel
Sydney

Related Insights

view all insights
Keffiyehs

Can Employers Censor their Employees While at Work? 

On 30 January 2024, two Black Star Pastry Bakery employees wore Keffiyehs – a traditional scarf linked to the struggle […]

Read More
Read More
Doing Business in Australia: Your Free Business Health Check and Guide to Overcoming Cashflow Challenges

Doing Business in Australia: Your Free Business Health Check and Guide to Overcoming Cashflow Challenges

This is a challenging financial and economic climate for companies, businesses, and families. If you want to outwit, outplay, and […]

Read More
Read More

Sign up for insights

Get the latest insights and updates direct to your inbox.

Newsletter

Longton Legal is committed to providing strategic, client-focused legal advice. Our expert team ensures you receive tailored solutions with the precision and care you deserve.
Facebook-square Linkedin Instagram

Navigation

Insights

© 2024 Longton Legal. All rights reserved | Terms & Conditions | Privacy Policy
Scroll to Top