Most businesses collect some form of personal information from customers or clients, even if it is just an email address. However, often, you may also collect sensitive information, health data, billing information, addresses, and various analytical data via a Facebook Pixel or Google Analytics.

It’s important to have a privacy policy which covers what, how and why you collect personal information, to help you comply with the Australian Privacy Principles. When you collect information from EU citizens, you should also have terms to comply with the GDPR (General Data Protection Regulations) and in some cases businesses may need to comply with some US laws regarding data protection.


What Mums are Saying

Benefits of having a privacy policy

When Sue came to us she thought that she didn’t need a privacy policy on her website. She was a small business and thought she was exempt from complying with the Australian Privacy Principles. However, Sue was updating her website which was going to have an opt-in, and she was also going to be using Facebook Pixel and using various Google analytic and targeting services. It therefore not only made good business sense to have a privacy policy, but Facebook and Google also required Sue to have one. Besides which, it helped with her Google ranking. We drafted her privacy policy to ensure it was transparent with what information she was collecting, how she would collect it and why. It also demonstrated the security and storage she would use to keep the information secure, and gave website visitors the ability to access and update their information.

We can help you by drafting a privacy policy that complies with the Australian Privacy Principles, and meets Facebook and Google requirements.

When you need to comply with international privacy laws

Even some Australian businesses are subject to the more onerous European laws in relation to privacy. We helped Gina comply with the General Data Protection Regulations by drafting her privacy policy to address these requirements. Her business was expanding into the EU, and she had started collecting the emails of EU citizens. Gina was also concerned because her business was expanding into the US, and she knew that there were more laws coming into California in relation to privacy. We were able to put her mind at ease that she didn’t need to comply with the Californian laws, as she didn’t have gross revenue in excess of $25m and did not buy or sell personal information.

We can help you with compliance with the General Data Protection Regulations, by drafting a privacy policy that complies.

When you don’t know if you can do email marketing

It is important to be across the Anti-Spam laws in Australia when running your business. It is illegal in Australia to send unsolicited emails. We helped Harriet comply with this legislation by ensuring she had adequate consent from the receivers of the emails, that she had adequate unsubscribe functionality in her emails and sufficient contact details. She was particularly worried because some people she wanted to send emails to hadn’t ticked the subscribe to newsletter box, but we were able to determine that the recipients had given inferred consent, because they would reasonably expect to get further emails. We also helped Harriet by drafting a privacy policy, because this made her practices of email address collection transparent.

We can help you by drafting a privacy policy, and with compliance.

How does it work?

Please message us so that we can help with your legal privacy requirements.

We believe in

Making legals simple

We'd love to help you with a free 20min consultation.