I operate an online business – Do I need to have a Privacy Policy?

The answer to the question “Do I really need to have to have a Privacy Policy?” is – It depends.

Earlier in 2014, the Australian Privacy Principles (APPs) were introduced to supplement the Privacy Act. The APPs apply to Australian government agencies and private sector organisations with an annual turnover of $3 million or more. So if your online business will have an annual turnover of more than $3 million, yes, you should definitely have a privacy policy.

Frequently Asked Questions about Privacy Policies

What if I have less than $3 million turnover, should I still get one? Yes!

Is it good business practice to have one? Yes!

Do you recommend that I get one? Yes!

Can I draft my own? You probably could, but it’s risky! Unless you are an experienced business lawyer who is familiar with the APPs, then this will be very difficult.

If you’re thinking about getting a Privacy Policy, a business or contract lawyer will be able to quickly draft a Privacy Policy that fulfills the applicable legal requirements and is tailored to your business.

Why should I have a Privacy Policy?

As technology continues to develop, it becomes more and more important that the privacy of every individual is well-protected. In addition to ensuring your compliance with the APPs and the Privacy Act in general, having a privacy policy gives your customers peace of mind about how their personal information will be utilised.

What needs to be covered in my Privacy Policy?

The APPs set out exactly what your privacy policy needs to cover.

In general, it should set out:

• what personal information you collect;
• how you will use that personal information;
• in what circumstances will personal information be disclosed;
• how the personal information is stored;
• what rights your customers have to access their personal information; and
• what happens when you find out that the personal information you have collected is incorrect or no longer accurate.

What happens if I am in breach of the Privacy Act?

If the Privacy Act applies to your business, you must have a privacy policy. Serious and/or repeated breaches of the Privacy Act can lead to fines of up to $1.7 million for companies or $340,000 for other entities, including individuals.

Other legal documents

In addition to a privacy policy, we also recommend that you have website terms of use and a set of business terms and conditions.

Conclusion

When you are operating a business, whether online or offline, it is important that you have the right legal documents to protect your business. If you are unsure of what legal documents you need, or how to draft the right documents, contact a contract lawyer at LegalVision today!