Ok, so why is this important?
Websites interact with users in a variety of ways. For example, a website could collect data on your IP address and location, email addresses, or even monitor how long you spend on certain pages. This personal data can then be used for various purposes - and that's where data protection laws come into play. Website owners should be aware of their obligations under the Australian Privacy Act (1988) as well as relevant international data privacy laws. It's not uncommon for (very big) fines to be dealt out for non-compliance. Even companies like Google have had to swallow fines up to $57 million for not disclosing how their data was being used across its services.
- Email addresses or physical addresses
- Bank account details
- Phone numbers
- Data from google analytics, Adsense, eg. location data, photos, clicks.
- What kind of data you're collecting
- Why you're collecting it
- How do you collect, store and use it
- How do you use 'cookies' on your site
- Where and to whom you disclose it
- How users can access and change their data
- Ways for users to contact you
- Accessible. Basically don't use pt 6 font, and don't make it impossible to find.
- Easy to understand. Avoid using complex language. This isn't helpful for anyone.
- Compliant with relevant legal obligations.
Different breeds of privacy policies
Different types of privacy policies will look different depending on the platform and what the business aims to collect. Here are some examples:
An email campaign can either be super successful or very costly - depending on which side of the law you fall. Australia's spam act prohibits unsolicited commercial messages - so make sure your users and customers are given a heads up by:
- Getting consent via opting into your mailing list.
- Provide a link to your privacy statement when they opt-in.
- Give your recipient a way to unsubscribe - every time.
Any platform set up to take people's money in exchange for goods and services will need to meet some strict standards. First up, you're dealing with sensitive personal data: credit card details, phone numbers, and addresses. An eCommerce site will need to disclose how and where the data is being collected and stored, including by third parties.
Applications available on Google Play and Apple stores are required to have privacy policies registered with them detailing how data is being collected and used. If your app collects data - you should always check with a lawyer to ensure you're above board.