With all the hype about the new privacy laws coming in and businesses having to be ready by March this coming year, we thought it was helpful to give you the quick version of what you need to know.
What’s the hype?
Privacy is a strong focus for Australian regulators (and around the world). There continue to be changes to the Privacy Act 1988 and the most recent changes require businesses to comply before March 12, 2014.
Do I need to do anything?
You need to know if and when you need a privacy policy. For example, if you have an e-commerce website, you need one (refer here for more info). Or if you collect personal information through your business (addresses, phone numbers, personal status information), you also should have one.
And you require a privacy policy irrespective of the information you collect if your annual turnover is more than $3 million. The requirements for privacy policies have changed, and you need to make sure your policies comply before March 12, 2014.
What does my privacy policy need to say?
Here is a six point summary of what your privacy policy needs to contain:
1. The type of personal information that you collect and hold.
2. How you collect and hold personal information.
3. The purposes for which you collect, hold, use and disclose personal information.
4. How an individual may access personal information you hold and how to correct that information.
5. How an individual may complain about a breach of the Australian Privacy Principles (APPs), and how you will deal with a complaint.
6. Whether you are likely to disclose personal information to overseas (or any) other people or organisations and, if so, the countries in which they are likely to be located.
What do I do with the privacy policy?
You must take reasonable steps to make your privacy policy available to everyone who may ask or require it, free of charge and in an appropriate form.
Usually, the best place to make your policy available is on your website. It has to be easily available to anyone coming to your website and must be up-to-date, relevant to your business and not copied from another site.
How often do I have to update it?
There is a strong focus on privacy and consumer protection with the growth of the internet. With many rogue businesses from around the world cropping up, governments are putting the emphasis on protecting consumers locally by placing stricter requirements on business owners. There are likely to be required updates on a regular basis due to the continued growth of online businesses and the attempts to standardize privacy globally. You need to ensure you keep up with the changes as a business owner. Some sites offer legal templates with free updates and also have blogs that you can sign up for to keep up to date (we offer both at Legal123.com.au!).
Why else would I bother?
It’s more professional, gives comfort to your visitors and potential customers and shows that you care about the security and privacy of their information to have a privacy policy on your website. It’s not just for legal reasons but it’s an effective means of transparency and building trust and credibility with your customers.
Just make sure you comply with the requirements in the next few months.