Website privacy policy

About this website privacy policy

This is a model website privacy policy, referred to by the Australian Information Commissioner’s Office (“OAIC”) as a privacy notice. It is written in plain language that is visitor friendly. We have provided a large menu of paragraphs so that you can easily tailor the notice to suit the exact structure of your business and website.

Although this document cannot magically absolve you from risk of data mismanagement, it is a giant first step. Informing your visitors and customers (and other parties) about the data you collect about them is a legal requirement. A privacy notice is a simple way to comply, but a good privacy notice goes further. It is prime evidence to everyone with whom you deal, and to the OAIC, that you take confidentiality seriously. That can help increase the trust that visitors and customers have in your business and boost their confidence in using your services or buying from you.

When to use this website privacy policy

This privacy policy is suitable for any website. Not only does it aid compliance with Australian Data Protection legislation, but it spells out to your customers how you should use their data. The more data you collect, the more important is to assure your customers that it is safe in your hands.

This website privacy policy suits all business models, whether you sell goods and/or services, have registered users or provide information only.

If you have a website, regardless of whether you are trading from it, it is highly likely that you will be collecting information about your customers in some way, even if you don’t use the information. A common example of information collection that is covered by the law is anonymous visitor tracking. If you use Google Analytics, weblogs or any similar software, your privacy policy will need to disclose this.

The law in this privacy notice

The OAIC has provided a guide to what you should and should not be saying in your privacy notice. We find the OAIC's guidance at times is unspecific and muddled. In order to provide our customers with the greatest possible level of compliance, the Net Lawman website privacy policy follows the guidance as closely as possible, expanding with greater detail in areas that are less clear.

This document complies with Australian law, including the Australian Privacy Principles. (Note that having a privacy policy is just part of the requirements for compliance with the Privacy Act 1988). The Australian Privacy Principles (APPs) are the base line privacy standards with which private sector organisations need to comply in relation to the personal information they hold. The 13 APPs of the Privacy Act 1988 regulate how organisations manage personal information. They cover the collection, use, disclosure and secure management of personal information. They also allow individuals to access that information and have it corrected if it is wrong.

Privacy notice features and contents

Your privacy notice should reflect the way in which your organisation collects and uses data. This will change between organisations enough to make each privacy policy unique, but with common elements that can be covered with standardised statements. In short, you will need to edit your privacy policy to reflect how your website and organisation operates, but we have done much of the legwork for you to make this an easy process.

In places we have provided a number of possibilities, where you choose the most appropriate from the menu and delete the others. In other places, we have provided ideas and the most common scenarios, but the notice may require a little customisation to fully reflect your business.

The notice is drawn around:

• compliance with the Privacy Act 1988 as amended to date
• reminding you how to avoid contravening Australian Data Protection legislation;
• providing re-assurance to your customers or clients;
• maintaining a professional but friendly image.

The contents of the document cover:

• categorisation of different types of information and how you use them;
• how you collect, use and store financial information;
• information security and data retention;
• fraud prevention;
• cookies;
• collection of information by other means (such as telephone calls and e-mails);
• complaints;
• compliance with the law and disclosure to government;
• processing data outside the Australia;
• review, removal and update of collected data;
• third party advertising;
• the use of the site by children.