A website privacy policy is an essential foundational document for your business and its online presence. It states how a company will respect the privacy of the users of its website. In addition, it must cover what information the company will gather from its website users and how it will use and secure that information. This article will explore what a website privacy policy is so you can implement it in your business.
What is a Website Privacy Policy?
Website users may be requested to provide information, known as personal information. This may include their:
- name;
- job title;
- contact information (including an email address or phone number);
- demographic information, such as postcode;
- preferences and interests; and
- other information relevant to customer surveys or promotions.
Additionally, your business can collect information through cookies and other analytic tools. Such information can be a powerful tool for your business to understand visitors’ needs to the website better.
Privacy Principles
The content and existence of your Privacy Policy are governed by the Privacy Act 1988. In 2012, the government updated this legislation to include a series of principles known as the Australian Privacy Principles (APPs). These principles govern how businesses handle personal information. Additionally, they mandated the existence of a privacy policy for businesses that deal with personal information.
The Privacy Principles also make clear that users and visitors must always have the chance to decline information collection or request the deletion of that information. Therefore, your website should include the option for a visitor to restrict the collection or use of their personal information. For instance, website visitors should be able to indicate, by ticking a box, that they do not want the information to be used for direct marketing purposes.

Before sending electronic messages, learn how your business can comply with the Spam Act with our free Spam Consent Factsheet.
Key Takeaways
Anyone with a website should have a privacy policy. It serves as a disclosure document to visitors to your website, alerting them on how your business uses the personal information that they disclose to you through their use of your website. It presents a good image of your business, one that is responsible and careful about the personal information of its users.
If you need help with a website privacy policy, our experienced privacy lawyers can assist as part of our LegalVision membership. For a low monthly fee, you will have unlimited access to lawyers to answer your questions and draft and review your documents. Call us today on 1300 544 755 or visit our membership page.
Frequently Asked Questions
Your privacy policy must tell users who you are and how they can contact you. Furthermore, it should specify what kind of personal information you collect and why you need to collect personal information. According to the Privacy Act, there are many other things your policy must include, so it is best to get a lawyer to draft it and ensure you are compliant.
It depends. You are legally required to have a privacy policy if your business is an APP entity, which means you have an annual turnover of $3 million or more. However, some exceptions to this turnover threshold apply.
We appreciate your feedback – your submission has been successfully received.