It makes good business sense to have a privacy policy published on your website, and we encourage all small businesses to have one. Legally only certain businesses are required to have a privacy policy under Australian law, such as health service providers, businesses trading in personal information, contractors providing services under a Commonwealth act and businesses with a turnover of more than $3 million. However, some Australian businesses are also subject to European laws in relation to privacy, which are much stricter. These are called the General Data Protection Regulations, or GDPR. In this case, a business of any size will need to comply if they have some sort of office in the EU, or offer goods and services to EU customers, or if they monitor the behaviour of people in the EU. It even covers you if you collect email addresses from website visitors from the EU! This includes the UK! Despite “Brexit”, the UK has its own act which contains the same regulations as the GDPR, so be careful.
The GDPR has quite an expansive definition of personal information which includes anything from social media handles to tax file numbers and IP addresses. It gives customers a variety of rights.
Even if you are not legally required to have a privacy policy, having one on your website builds trust with your website visitors and your clients and customers, and makes it clear what information you will be collecting and how you will use it. It also means that disputes are less likely to arise later on.
A privacy policy needs to be drafted to ensure it complies with the Australian Privacy Principles. It should demonstrate what exact information you are going to collect, why you need that information and how you are going to be using it. A privacy policy tells website visitors, customers and clients about the security and storage measures you have in place to keep their information secure and private. It also tells them how long you intend to keep the data. Then it should cover how people can access their information and how they can update it or have it deleted, amongst other matters. These are not hard issues to address, but are important.
Website terms are essential for businesses. Perhaps it’s true, they are the most “boring” part of your website and “no one reads them”. But when your website developer asks you for them, make sure you are ready! There are so many benefits and important reasons you should include them, and it makes for a very poor business decision to leave them out. They are the rules by which visitors can use your website, and visitors need to know if they don’t follow the rules, they cant use your site. They will help protect your website content and copy, limit your liability if something goes wrong, and make sure you don’t have to troop around the world to determine a dispute. It is best practice to include them, and what’s more, they will help your site be trustworthy which in turn helps your Google rating.
Any website that sells goods or services should have additional terms that address the relationship with their paying clients or customers. And any marketplace site also needs terms that that set out the rules for listings, and so on. Even if your website is purely information based, and you are not selling online, we still recommend that you have website terms. This is because, if there is some outdated or erroneous information that a website visitor relies on to their detriment; you don’t want to be found liable. You get the idea… every website needs terms. It’s your domain so protect it.