Generally, the Privacy Act covers organisations operating in Australia and having an annual turnover of more than $3 million.
Author: Farrah Motley, an online business lawyer located in Australia.
Your contact details
What personal information you are collecting and storing
How you are collecting the personal information
Where you are storing it
The reasons for collecting such personal information
How you will use and disclose such information
How your customers can access their personal information
How they can ask for a correction
How your customers can complain if they feel that their information is being mishandled
How you can handle customer complaint
In case you have to disclose customer information outside of Australia, then which countries you are more likely to disclose such information to
Collection and Use of Personal Information
In this section, you must mention in detail:
What is personal information
[This is information that can render an individual reasonably identifiable.]
What type of personal information your business is collecting
[This information can include name, phone number, email address, social media profile, employment history, etc.] You should provide the details of the information that is collected through apps and websites, such as date and time of website access, IP addresses, location information, and cookies.
How your business has collected that information
[Here, you can inform your customers that you can collect their information directly from them, a third-party provider, any publicly available source, or cookies.]
Why have you collected that information
[Explain if such information is helping you in improving your products and services, or expanding your marketing scope, or designing personalisation, etc.]
Collection and Use of Sensitive Information
While explaining this point, you must mention that such sensitive information is collected only when the individual consents to providing them. You should also clarify that this information is going to be used for the original purpose of collection only.
Disclosure of Personal and Sensitive Information
In this segment, you need to describe when, why and to whom you might disclose the personal information of your customers. For instance, you might have to share it with your contractors and marketers.
You might need to provide their information for data analysis to apps like Google Analytics or present them to authorities and/or courts as required by law. You also need to mention if the information is likely to be disclosed overseas, and if so, what will be the impact of that on data protection.
Storage/Security of Personal Information
Here, you have to state how you are storing and protecting your customers' personal information through encryption. You should also mention how long you are going to keep the information. This means that you have to explain if you are combining the personal information of individuals in a file or storing them separately.
Access to and Correction of Personal Information
Enquiries and Complaints
You must also provide a generic phone number and an email address for your customers to get in touch with you. These contact details should not change, irrespective of the staff member in charge.
Privacy Policies in Summary
Want to read more? Check out our article which answers the question what does 'without prejudice' mean?
Author: Farrah Motley | Legal Principal
PROSPER LAW - A Commercial Law Firm for Businesses
M: 0422 721 121