Do I Need A Privacy Policy For My Website

By John Wallace on Nov 17, 2021
Do I Need A Privacy Policy For My Website

So you've got yourself a solid website with fun graphics and nifty coding. It's a joy to navigate. The last thing on your mind is a detailed privacy policy for your online commerce, cookies, analytics, ad campaigns, comments—look, I'm boring you already.

Sorry if we're bursting your bubble - but that text is one of the most important pieces of content on the entire website. Not having one could land you in trouble.

It's time to talk about privacy policies.

You might be wondering if you even need a privacy policy for your website. The short answer: yes, you probably do. 

Our good friends at HHG Legal Group provided us with relevant info for business owners looking to add a privacy policy to their site.

Here's the lowdown.

Hold up. What's a privacy policy?

A privacy policy is a legal text. It tells the user or customer how and why your website collects, and stores, shares, analyses and protects their data. A privacy policy also lets the user know their rights and protects theirs and your interests.

Ok, so why is this important?

Websites interact with users in a variety of ways. For example, a website could collect data on your IP address and location, email addresses, or even monitor how long you spend on certain pages. This personal data can then be used for various purposes - and that's where data protection laws come into play.

Website owners should be aware of their obligations under the Australian Privacy Act (1988) as well as relevant international data privacy laws. It's not uncommon for (very big) fines to be dealt out for non-compliance. Even companies like Google have had to swallow fines up to $57 million for not disclosing how their data was being used across its services.

Do I Need A Privacy Policy For My Website?

Not all businesses require a privacy policy. However, according to the Privacy Act 1988, if your business has an annual turnover of more than $3 million, or your website collects any customer data - you're going to need a privacy policy. Customer data can be any personal details, for example:

  • Names
  • Email addresses or physical addresses
  • Bank account details
  • Phone numbers
  • Data from google analytics, Adsense, eg. location data, photos, clicks.

A website privacy policy is good for business

Letting your users know what personal information you're collecting and how you're using it isn't just the law. It's also a good practice more generally.

If you were browsing a shop in the real world, maybe ordering a coffee and the cashier was like "great, can I also collect your email address and personal address, oh and just to let you know, we're monitoring how long you spend in our shop" - you'd want to know why.

A privacy policy keeps your business transparent and helps you gain trust amongst your users and customers. These days - that's a big deal. No one wants to even feel like they might be scammed.

What do I need to include in a website privacy policy?

What Do I Need To Include In a Website Privacy Policy

So you need a privacy policy - and you're wondering how to start. Depending on your business and what personal data your website collects and how that is being used, you'll want to make sure you cover these:

  • What kind of data you're collecting
  • Why you're collecting it
  • How do you collect, store and use it
  • How do you use 'cookies' on your site
  • Where and to whom you disclose it
  • How users can access and change their data
  • Ways for users to contact you

What should a privacy policy look like?

Creating a privacy policy may be a legal obligation for your business - but it's not always easy to know how to start. A privacy policy should be:

  • Accessible. Basically don't use pt 6 font, and don't make it impossible to find.
  • Easy to understand. Avoid using complex language. This isn't helpful for anyone.
  • Compliant with relevant legal obligations.

Want to find out more on how to write the perfect privacy policy for your website? Why not hear it from the experts - check out their blog here.

Different breeds of privacy policies

Different Breeds Of Privacy Policies

Different types of privacy policies will look different depending on the platform and what the business aims to collect. Here are some examples:

Online Blogs 

If your blog has an ad campaign running, or you're allowing public comments on your site - you will need to look at posting a disclaimer and inform readers about your cookie policy that might be tracking them while on your site.

Email campaigns 

An email campaign can either be super successful or very costly - depending on which side of the law you fall. Australia's spam act prohibits unsolicited commercial messages - so make sure your users and customers are given a heads up by:

  1. Getting consent via opting into your mailing list.
  2. Provide a link to your privacy statement when they opt-in.
  3. Give your recipient a way to unsubscribe - every time.

eCommerce sites

Any platform set up to take people's money in exchange for goods and services will need to meet some strict standards. First up, you're dealing with sensitive personal data: credit card details, phone numbers, and addresses. An eCommerce site will need to disclose how and where the data is being collected and stored, including by third parties.


Applications available on Google Play and Apple stores are required to have privacy policies registered with them detailing how data is being collected and used. If your app collects data - you should always check with a lawyer to ensure you're above board.

Can I write my own privacy policy?

Technically, yes. There are plenty of free online privacy policy builders - some of which are better than others and will probably back you up 90% of the time. But ultimately, a privacy policy is a legal document that must comply with the relevant Australian privacy principles and standards. So unless you're a fully qualified lawyer with experience in privacy law - you might want to leave this one to the experts.


A privacy policy is an essential part of your online presence. Aside from an important legal requirement, it also protects you and your valued users' data and can help build trust between your company and your users. If your website lacks a privacy policy, or maybe you want to get yours reviewed - make sure you get the appropriate legal advice. 

Better safe than sorry, right?

John Wallace

Super passionate about all things content, I'm a storyteller (Content Marketing Strategist) here at Dilate Digital. I believe that the best marketing strategy is a compelling story built on the wants of your customer and the way your business positions itself within the market. Craft a compelling and engaging brand story that meets people where they're most comfortable, and talks to them in language they use. Images, video and words are all part of that story, but it all starts with a central narrative. If you want help telling yours, reach out!

Partners Logos
Don't Take Our Word For It
Dilate Digital has received a fantastic 5/5 star rating startratingfromgoogle from 103 Clients on Google
Our List Of Clients Subaru
Our List Of Clients Pool Assist
Lukes Landscaping Logo
Our List Of Clients Mazda
Our List Of Clients Skoda
Our List Of Clients The Maker
Fringe World
Jerky Co Black
Our List Of Clients Golf Box
APM Employment Services
Our List Of Clients Lawrence Group
Jym Locker
Mortlock Timber
Naturaliste Charters
Roof Top Movies
Soko and Co
Dilate Digital Footer Astronaut Image
We're here to help Not sure where to start?

Our team of digital and business experts will guide you to the right direction.

Let's Talk
Let's Talk