fbpx

Productivity / Processes

New privacy laws: Understand them or pay

Privacy is an issue that you must now take seriously, not only for the financial consequences, but for the damage to your reputation if you breach the new laws.

By

The new privacy laws

On 12 March 2014, significant changes to Australian Privacy Law came into effect.

Who do the new laws apply to?

Strictly speaking, the current Privacy legislation is only a requirement for businesses with an annual turnover of $3M or more. There are some exemptions to this for businesses such as those involved in health services, advertising and marketing, contracting to the Commonwealth government. You can check if you are exempt.

Why you need a Privacy Policy

Just because your business does not meet the required $3M revenue threshold, doesn’t mean you should not have a Privacy Policy.  Here’s why:

"The Office of the Australian Information Commission will continue to do random sweeps of business websites, and will issue fines to non-compliant websites."

  1. Credibility
    Your business is more professional and has more credibility when you have a clear privacy practice in place. Privacy compliance is considered best business practice and most customers will appreciate it. It builds trust.
  2. Banks require it.
    If you are using a payment gateway for transactions on your website, then most banks normally require the publication of a privacy policy, a return/refunds policy and a warranty policy on your website or in your customer documentation.
  3. Google Adwords needs it.
    Google requires you to add a statement about cookies to your Privacy Policy, so you need a privacy policy in the first place!
  4. Customers expect it.
    Most businesses have a Privacy Policy, and if you don’t, customers will wonder why. They may even ask what you do with their information.A privacy policy goes a long way to closing a potential sale. Customers are more reluctant to give credit card details to businesses without published Privacy Policies.
  5. Offshore customer privacy requirements.
    If you deal with offshore customers, particularly in the UK or US, you likely need one to comply with their local laws.
  6. OAIC Website Privacy Sweeps.
    The Office of the Australian Information Commission (it’s the Privacy Commissioner) has and will continue to do random sweeps of business websites, and will issue fines to non-compliant websites.

When they do their website privacy sweeps they do not know your revenue or whether your business needs to comply, so you may be required to prove your business revenue. Save yourself the potential trouble by having a Privacy Policy on your website.

Want more articles like this? Check out the processes section.

In practical terms complying with the Privacy legislation has always meant your policy needs to inform people that you:

  • Collect their personal information, what you collect and what you will do with it.
  • Only use personal information about people in ways that they might expect.
  • Do not pass personal information on without telling people.
  • Give people the chance to see any information you hold about them if they ask.
  • Keep personal information safe.
  • Allow people to easily opt out of any marketing.

What you must now do to update your Privacy Policy

  1. Explain how a person is able to complain about a privacy breach and also how you will deal with any complaint.
  2. Tell your visitors and customers if you are likely to disclose personal information to overseas recipients and to which countries.
  3. Ensure you have specific details about what information you collect and how you use it.
  4. Include a statement confirming individuals can ‘opt out’ of further direct marketing.
  5. Add specific ‘opt outs’ on all communications (not just marketing).
  6. It is prudent to include a Cookies notification. If you target the US/UK markets, it’s already a requirement.

As you can see, privacy is an issue that every soloist and micro business owner must take seriously. Building trust with your clients is vital, so getting your Privacy Policy right is good for business!

Do you have a Privacy Policy in place? What are your thoughts on the new privacy laws?

Vanessa Emilio

is a Practice Director, Lawyer, Founder and CEO of Legal123.com.au, a legal website business with easy-to-use, inexpensive legal templates, forms and agreements for everyday Australians as well as lots of useful information.

Comments

127,187 people use Flying Solo to help them create a business with life. Do you?

Connect with Flying Solo

Explore the benefits of membership