A Privacy Policy states how your business will deal with personal information. It is important for businesses that collect personal information to have a detailed Privacy Policy. An experienced contract lawyer typically drafts this document. Your Privacy Policy explains to customers how your business will store their personal information, and your customer’s rights. A Privacy Policy can be used for any business that collects personal information, whether online or in person. It might be a good idea for you to contain a ‘storage and security’ clause in your Privacy Policy.
What should the ‘storage and security’ clause contain?
It is important that the ‘storage and security’ clause of your Privacy Policy explains to customers your policies in relation to how you store and secure customers’ information. It should also explain the risks associated with providing a website with personal information that could be unintentionally disclosed.
The ‘storage and security’ clause in your Privacy Policy should reflect your business’ commitment to ensuring that there are suitable procedures to safeguard and secure the information that has been collected from your customers.
You should clearly set out what procedures have been put in place to safeguard and secure the personal information. This could be any physical, electronic or managerial procedures which prevent personal information from misuse, interference, loss and unauthorised access, modification and disclosure.
However, to protect your business, your lawyer should set out that, if information is transmitted over the Internet, this transmission cannot be guaranteed to be secure and that the transmission and exchange of information is carried out at the visitor’s own risk.
Conclusion
If the Privacy Act applies to your business, you must have a Privacy Policy.
Failing to comply with the Privacy Act may result in fines of up to $1.7 million for companies, or $340,000 for entities that are not companies (including individuals) for serious or repeated breaches of the Privacy Act.
If you are unsure of whether or not your business requires a Privacy Policy, or a ‘storage and security’ clause, and if you would like assistance in drafting one, contact one of our contract lawyers today.