Do You Need a Privacy Policy Under the Privacy Act?

If your business collects or handles personal information, names, emails, IP addresses, bank details, or even metadata, you may be required to comply with the Privacy Act.

Here’s a quick rundown:

1. The Australian Privacy Principles set out how data should be collected, stored and shared
2. Sensitive information (e.g. health data, race, criminal records) is held to a higher standard
3. Notifiable Data Breaches must be reported if serious harm is likely
4. Most small businesses are exempt… for now, but there are important exceptions (especially in health)

Pro tip: Even if your business is exempt, having a Privacy Policy is a smart move, it builds trust and future-proofs your compliance.

I’ve put together a practical explainer and checklist to help you understand your obligations and how to draft a fit-for-purpose Privacy Policy.

Sign up to read the full article and more helpful tips.