Join us at the MySmallBiz Expos across QLD & NSW from April to June 2024, a must-attend event for small business owners and anyone thinking of becoming self-employed.
Enquire 1800 007 400

By Vanessa Emilio

Article sourced from – http://www.flyingsolo.com.au/ – Australia’s solo & micro business community

On 12 March 2014, significant changes to the Australian Privacy Law came into effect.

Who do the new laws apply to?
Strictly speaking, the current Privacy legislation is only a requirement for businesses with an annual turnover of $3M or more. There are some exemptions to this for businesses such as those involved in health services, advertising and marketing, contracting to the Commonwealth government.

Why you need a Privacy Policy
Just because your business does not meet the required $3M revenue threshold doesn’t mean you should not have a Privacy Policy.  Here’s why:

  1. Credibility
    Your business is more professional and has more credibility when you have a clear privacy practice in place. Privacy compliance is considered best business practice and most customers will appreciate it. It builds trust.
  2. Banks require it
    If you are using a payment gateway for transactions on your website, then most banks normally require the publication of a privacy policy, a return/refunds policy and a warranty policy on your website or in your customer documentation.
  3. Google Adwords needs it
    Google requires you to add a statement about cookies to your Privacy Policy, so you need a privacy policy in the first place!
  4. Customers expect it
    Most businesses have a Privacy Policy, and if you don’t, customers will wonder why. They may even ask what you do with their information.
  5. OAIC Website Privacy Sweeps
    The Office of the Australian Information Commission (it’s the Privacy Commissioner) has and will continue to do random sweeps of business websites, and will issue fines to non-compliant websites.
    When they do their website privacy sweeps they do not know your revenue or whether your business needs to comply, so you may be required to prove your business revenue. Save yourself the potential trouble by having a Privacy Policy on your website.

In practical terms complying with the Privacy legislation has always meant your policy needs to inform people that you:

  • Collect their personal information, what you collect and what you will do with it.
  • Only use personal information about people in ways that they might expect.
  • Do not pass personal information on without telling people.
  • Give people the chance to see any information you hold about them if they ask.
  • Keep personal information safe.
  • Allow people to easily opt out of any marketing.

What you must now do to update your Privacy Policy 

  1. Explain how a person is able to complain about a privacy breach and also how you will deal with any complaint.
  2. Tell your visitors and customers if you are likely to disclose personal information to overseas recipients and to which countries.
  3. Ensure you have specific details about what information you collect and how you use it.
  4. Include a statement confirming individuals can ‘opt out’ of further direct marketing.
  5. Add specific ‘opt outs’ on all communications (not just marketing).
  6. It is prudent to include a Cookies notification. If you target the US/UK markets, it’s already a requirement.

As you can see, privacy is an issue that every small business owner must take seriously. Building trust with your clients is vital, so getting your Privacy Policy right is good for business!



Get one of our friendly staff to contact you today.

Enquire Today

    Stay in The Know

    Sign up for our newsletter to stay informed about the latest tips, trends and business insights from ETC.

      Skip to content