Every country in the world has their own privacy law. To make it easier, we have worked with some pretty smart lawyers to boil it all down to 8 principles.
- Being Transparent: Making sure your customers and employees know what you are doing with their data.
- Giving Choice: Providing an “opt-out” or “opt-in” to give customers choice and control over the data you are processing about them (the approach differs in each country).
- Providing Control: Having a process in place to promptly delete an individual’s information upon request
- Protecting Kids: Making sure that minors’ information is protected
HOT TIPS:
- There is a lot of change in this space at the moment so its important to keep up to date with Horizon Scanning (ie reporting on law changes that can impact your business), if your interested in this reach out and we can let you know the lawyers and services we trust and the approach we would suggest you take!
- All Privacy Laws have serious penalties at levels that can be nothing short of crippling.
If you want to dive in more, here is a handy table to help you out:
| What is it? | Does it apply to me? | |
| Australian Privacy and Direct Marketing Laws | The Australian Privacy Act sets out 8 principles that organisations must comply with. You can be fined for not complying. | If your turnover is more than $3million. BUT the proposed changes, slated for 2024-2025, are likely to bring small businesses into scope – so we suggest you make sure your digital ecosystem is ready now! |
| EU Privacy and Tracking Laws | The General Data Protection Regulation (GDPR) regulation from the European Union that makes sure businesses are responsible with their use of people’s data. | If you handle data in the EU or process the data of EU residents (even in Australia) for the purposes of providing products or services to EU residents. |
| China Privacy Laws | The three main pillars of the personal information protection framework in the PRC are the Personal Information Protection Law (PIPL), the Cybersecurity Law (CSL), and the Data Security Law (DSL). | If you handle data in China or process the data of Chinese residents (even in Australia) for the purposes of providing products or services to Chinese residents or for analytics or evaluation of the behaviour of Chinese residents. |
| UK Privacy and Tracking Laws | The UK has three interconnected pieces of legislation, the UK GDPR, PECR and the DPA. It covers privacy and use of tracking technologies (like cookies). | If you handle data in the UK or process the data of UK residents (even in Australia) for the purposes of providing products or services to UK residents. |
| US Privacy Laws | The US is a mess of state-based privacy laws, but most organisations just focus on complying with California Consumer Protection Act as that sets the standard in the US. | Unlikely, you need to have:annual gross revenues in excess of twenty-five million, possess the personal information of 50,000 consumers (that 137 website users a day); or derive 50 percent or more of your annual revenue from selling consumers’ personal information. |
Please note this is not legal advice.
