If you have received a contract from a client, it likely includes confidentiality and privacy clauses. Both clauses deal with your obligations on using and disclosing information – so what is the difference?

It is important you understand your obligations under the contract so you can properly comply with it. This article will explain the difference between confidentiality clauses and privacy clauses and provide some pointers for contract negotiation.

What Is a Confidentiality Clause?

Most commercial contracts contain a confidentiality clause which places an obligation on one or both parties to keep specific information confidential. The obligation can either be one-way, where the receiving party must keep the disclosing party’s information confidential. Contrastingly, the obligation can be two-way, where both parties must keep the other’s information confidential. The obligation may be one-way because only one party has information to disclose or because it is in a stronger negotiating position.

Tip: If you are disclosing confidential information, make sure that the obligation is two-way.

What confidential information specifically is will be defined in your contract. A typical definition of confidential information may be: 

“Information disclosed to the receiving party verbally or in writing that relates to the contract, engagement, the disclosing party’s business or any other matter that is contemplated by the contract.”

Tip: An all-encompassing and broad definition is in the interest of the discloser, and a narrow definition is in the interest of the receiving party, and you should negotiate accordingly.

Exceptions to Confidentiality

The confidentiality obligation does not apply in scenarios where the:

  • information is already in the public domain;
  • disclosing party has given written consent for the receiving party to disclose it;
  • disclosure is required to provide the goods or services under the contract;
  • receiving party discloses confidential information to a professional advisor (like a lawyer) concerning the contract, and the confidential obligation binds that professional advisor; and
  • the disclosure is required by law, for example, in court proceedings.

Tip: Check an exception has not been slipped into the contract in addition to those you generally expect to see.

Seeking Injunctions

The contract will also generally include a right for the parties to seek an injunction. They can seek this if the other party breaches their confidentiality. An injunction is a court order which orders someone to either do something or refrain from specific actions.

For example, if the receiving party shares confidential information on its website, an injunction could force them to take for the web page down.

Tip: If you are disclosing information, make sure that you have an express right to seek injunctions within your confidentiality clause.

What Is a Privacy Clause?

A privacy clause imposes an obligation on one or both parties to comply with the Privacy Act. The Privacy Act aims to protect individuals’ personal information. It also sets out how a business collects, stores and discloses personal information. Personal information includes:

  • names;
  • addresses; 
  • emails;
  • dates of birth; and
  • phone numbers.

The Act sets out key principles which certain organisations must comply with, called Australian Privacy Principles (APPs). In practice, this means that if the other party provides you with access to personal information, you must collect, handle and disclose the information following the Act. 

For example, if you are a marketing contractor and you have access to another company’s client list, you agree to use the personal information in compliance with the Act.

Unlike a confidentiality clause, you cannot amend or negotiate the definition of personal information or your obligations under the APPs. You will need to consider whether the Act applies to you. If not, you must decide whether you would like yourself and the other party to be bound by these obligations.

Do You Need to Comply With the Privacy Act?

All organisations that collect personal information must comply with the Act unless they are a business with an annual turnover of $3 million or less. If your business has an annual turnover of $3 million or less, you may still need to comply with the Act if you (note that this list is not exhaustive):

  • are a health service provider; or 
  • you trade in personal information.

Tip: Ensure that the clause requires that the other business complies with the Act.

If you are not currently complying with the Act, a privacy clause which requires that you comply with it could add additional obligations that you may not be willing to accept.

Tip: Amend the clause and agree to comply with the Act only once you become an APP entity; for example, if your annual turnover exceeds $3 million.

Key Takeaways

It is crucial that you understand the terms of your contract for the provision of services so you can negotiate it and properly comply with it. A confidentiality clause places an obligation on one party or both parties to keep specific information confidential. In comparison, a privacy clause generally requires that one or both parties comply with the Act, whether you are already under an obligation to do so or not. If you need assistance reviewing your contract or complying with Australian privacy law, contact LegalVision’s online lawyers on 1300 544 755 or fill out the form on this page.

About LegalVision: LegalVision is a tech-driven, full-service commercial law firm that uses technology to deliver a faster, better quality and more cost-effective client experience.
Nathalie King

Get a Free Quote Now

If you would like to receive a free fixed-fee quote or get in touch with our team, fill out the form below.

  • We will be in touch shortly with a quote. By submitting this form, you agree to receive emails from LegalVision and can unsubscribe at any time. See our full Privacy Policy.
  • This field is for validation purposes and should be left unchanged.

Our Awards

  •  Top 20 Startups in Australia - 2018 LinkedIn Startups List Top 20 Startups in Australia - 2018 LinkedIn Startups List
  • NewLaw Firm of the Year – 2019 Australian Law Awards NewLaw Firm of the Year – 2019 Australian Law Awards
  • Law Firm of the Year Finalist – 2018 Australasian Law Awards Law Firm of the Year Finalist – 2018 Australasian Law Awards
  • AFR Fast 100 List – 2018 Australian Financial Review AFR Fast 100 List – 2018 Australian Financial Review
  • NewLaw Firm of the Year – 2017 Australian Law Awards NewLaw Firm of the Year – 2017 Australian Law Awards
  • Most Innovative Law Firm - 2019 Australasian Lawyer Most Innovative Law Firm - 2019 Australasian Lawyer

Privacy Policy Snapshot

We collect and store information about you. Let us explain why we do this.

What information do you collect?

We collect a range of data about you, including your contact details, legal issues and data on how you use our website.

How do you collect information?

We collect information over the phone, by email and through our website.

What do you do with this information?

We store and use your information to deliver you better legal services. This mostly involves communicating with you, marketing to you and occasionally sharing your information with our partners.

How do I contact you?

You can always see what data you’ve stored with us.

Questions, comments or complaints? Reach out on 1300 544 755 or email us at info@legalvision.com.au

View Privacy Policy