The nature of personal data which can be collected includes (but is not limited to):
- Addresses (physical or e-mail)
- IP addresses
- Telephone numbers
- Date of birth
- Financial information, such as debit or credit card details
- Browsing behaviour
- Political inclinations
- Biometric information
- Medical records
- Facial recognition
- And more
The moment you decide to handle any personal information is when you need to demonstrate you are clearly abiding within the Australian Privacy Principles as outlined in Schedule 1 of the Privacy Act 1988 (Privacy Act). Not only this but if you are an employer who retains data on your employees, for whatever reason, it is pivotal that you demonstrate your compliance with the Privacy Act.
There are numerous reasons as to why privacy policies are crucial.
First, as we have elucidated above, it is a legal requirement. Without a comprehensive and rigorous policy in place, you risk the possibility of being sued. For example, large corporations such as Snap Chat, Google and more have faced large lawsuits in the past over their questionable privacy policies.
Third, with many 2019 data scandals remaining newsworthy, it is important to demonstrate your commitment to keeping your customers’ privacy safe. More than ever, the public is on guard for bad practices by business, especially after such large cases as Facebook’s user data breaches, and Apple’s glitch that allowed users to surreptitiously listen in on others.
Having a rigorous and robust approach to your policy sends a clear message to your customers that says, “We value your privacy”.
By law, everyone who you collect data on needs access to your policy.
What key things do I need to include in my policy?
At a standard level, most privacy policies should include the following.
- Age appropriateness: Whether minors can use your site without parental supervision
- Personal Information: Information pertaining as to what data will be collected, how it will be handled, and how users can change information.
- Changes: Have you changed anything on the site? If so, you’ll need to ensure your visitors are kept notified of these changes.
Privacy policies can become a strenuous task but are also legally required. It’s crucial that you gain expert knowledge on how to create one that will not only protect your business but your customer’s data.