Why You Need a Privacy Policy For Your Australian Website

Why you need a privacy policy

Certain small businesses in Australia need a clear privacy policy displayed on their website. With the new GDPR regulations, even more small businesses need to create a privacy policy. We test a number of template packages to see which are worth the money.

In Australia, all small businesses need to comply with a raft of laws in terms of operating their business and marketing to their clients.

Who Needs a Privacy Policy On Their Website in Australia?

In addition, certain small businesses with an annual turnover of less than $3million, already need legally compliant privacy policies in place and displayed on their websites.

Which small businesses are covered by the APP requirements?

The most common small businesses affected by the Privacy Act are:

  • Health service providers that provide services in relation to physical, emotional, psychological and mental health. These include traditional health service providers, such as private hospitals, day surgeries, medical practitioners, pharmacists and allied health professionals; complementary therapists, child care centres, private schools and private tertiary educational institutions.
  • Commonwealth contracted service providers that provide services to, or on behalf of, Australian or Norfolk Island government agencies under a Commonwealth contract or subcontract.
  • Reporting entities or authorised agents of a reporting entity under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act) or its Regulations or Rules.

Small businesses caught under the Australian Privacy Principle (APP) Privacy Policy Guidelines from the OAIC must include privacy policies that include information about:

  • The kinds of personal information that you collect and hold.
  • How you collect personal information.
  • How you hold personal information.
  • The purposes for which you collect, hold, use and disclose personal information.
  • How an individual may access their personal information and seek correction of it. 
  • How an individual may complain if you or a contractor breaches the APPs or a binding registered APP code.
  • Whether you are likely to disclose personal information to overseas recipients (including a related body corporate), and the likely countries that information may be sent.

A reminder: If you target clients in the EU, then you also need to comply with the GDPR.

While not caught up by the APP, I had already chosen to comply with the guidelines and had a privacy policy in place that had been drafted by a lawyer.

The problem was that my policy was out of date and missed some of the areas now covered by the APP and the GDPR requirements. So, as my fabulous IT lawyer has now returned to the public rather than private practice (deep sigh of sadness here), I started to check out what templates (free and paid) were on the market.

I hoped to find one good supplier that I could send my clients to. I sunk the equivalent of a flight to NY into paid templates across a number of suppliers, only to find there was not one on the market that covered all basis.

To save you time and money in case you want to review your privacy policy, here’s a quick rundown of the best on the market. I won’t cover the ones that were rip-offs or scams, but only discuss the best options I tested.

Free Privacy Policy TemplatesFree-privacy-policy-templates

WordPress (Free)

For free options, the latest version of WordPress, version 4.9.6, now has a privacy page generator built in, with a basic template included. You still need to extensively add more information to the template, but it is a start. Remember, that the WordPress privacy policy is not fully compliant with the APP.

Here’s where to find it in your WordPress dashboard.

Victorian Government (Free)

Vic Business has a handy PDF template that is a good basic privacy policy. This works if your business is not covered by the APP or GDPR.

Legal Vision (Free)

This is another good basic privacy policy, but it doesn’t cover GDPR.

Lawpath (Free – sort of)

Lawpath is another site that you need to sign up for first. When you sign up, you get one free policy. Any future policies you need to pay for at a subscription of $59 per month. You also have to pay if you want to be able to copy or edit the policy and not have to retype the whole thing.

For a free policy, it was quite comprehensive but is not GDPR compliant. One of the best free options.

How did my policies end up?

No template meets all needs. My policies are founded on the TermsFeed and Katie Horner’s templates, with a dash of WordPress 4.9.6 and a smidge of Legal123 thrown in for good measure.

I will still run my final version past my lawyer for a final review, but these policies are good for now. Have a read over them to help you work out what you need to think about adding to your website privacy policy.

You can read our revised policies here:

Read more about Website Copyright notices here.


About the Author

Ingrid Moyle

Ingrid Moyle is a small business web designer and copywriter. When not hardwired to her computer, she quests for the perfect decaf coffee while chasing virtual reality creatures across the backstreets of Brisbane.
Bowler hat with lightbulb.

Join Our Newsletter

Related Posts