What is a Privacy Policy?

A Privacy Policy is between your business and each person that you collect personal information from. It should comply with Australian Privacy Law. It should set out, amongst other things, what personal information (including sensitive information) your business collects, how the personal information is used, and under what circumstances the personal information will be disclosed to third parties.

Am I required to have a Privacy Policy by law?

Most small businesses (i.e. businesses with an annual turnover of $3 million or less) will not require a Privacy Policy.  However, there are exceptions as follows:

  • health service providers
  • businesses trading in personal information
  • a contractor providing services under a Commonwealth contract
  • a reporting entity for the purposes of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act)
  • an operator of a residential tenancy database
  • a credit reporting body
  • employee associations registered or recognised under the Fair Work (Registered Organisations) Act 2009
  • businesses that conduct protection action ballots
  • businesses that are related to a business that is covered by the Privacy Act 1988 (Cth)
  • businesses prescribed by the Privacy Regulation 2013
  • businesses that have opted into be covered by the Privacy Act 1988 (Cth)

If your business has an annual turnover of $3 million or less and meets one of the criteria above, the Privacy Act 1988 (Cth) will apply to your business and you are required to have a Privacy Policy in place.

To check whether you need to comply, you can complete the privacy checklist for small business found on the OAIC website, just click here.


If your business has an annual turnover of over $3 million, you are legally required to have a Privacy Policy. Furthermore, if you are a small business with an annual turnover of $3 million or less and you meet certain criteria, you will be required to have a Privacy Policy.

Even if the Privacy Act 1988 (Cth) does not apply to your business, it is prudent to have a Privacy Policy in place so that your customers are clear on what personal information you are collecting about them and how you will use and disclose it.

If you require a Privacy Policy or would like your existing Privacy Policy reviewed to ensure it complies with the Australian Privacy Principles, please get in touch with one of our specialised lawyers and they will be able to assist.

About LegalVision: LegalVision is a tech-driven, full-service commercial law firm that uses technology to deliver a faster, better quality and more cost-effective client experience.
Jill McKnight

Get a Free Quote Now

If you would like to receive a free fixed-fee quote or get in touch with our team, fill out the form below.

  • We will be in touch shortly with a quote. By submitting this form, you agree to receive emails from LegalVision and can unsubscribe at any time. See our full Privacy Policy.
  • This field is for validation purposes and should be left unchanged.

Privacy Policy Snapshot

We collect and store information about you. Let us explain why we do this.

What information do you collect?

We collect a range of data about you, including your contact details, legal issues and data on how you use our website.

How do you collect information?

We collect information over the phone, by email and through our website.

What do you do with this information?

We store and use your information to deliver you better legal services. This mostly involves communicating with you, marketing to you and occasionally sharing your information with our partners.

How do I contact you?

You can always see what data you’ve stored with us.

Questions, comments or complaints? Reach out on 1300 544 755 or email us at info@legalvision.com.au

View Privacy Policy