What is GDPR?
The General Data Protection Regulation (GDPR) is an EU legislation that aims to give the residents of the EU more control over their personal data. Under this regulation, organisations that handle data of EU residents must comply with data and privacy rules.
Non-compliance can result in hefty fines of up to €20 million or four percent of annual revenues, whichever is higher.
- Your business has a presence in the EU
- You provide goods and services to EU customers
- You collect and monitor data on users or behaviours from countries within the EU.
It’s important to stay on the right side of EU privacy rules and avoid steep penalties for non-compliance.
Am I legally required to have one?
★ Collection of personal information
★ Use of personal information
★ Disclosure of personal information
★ Rights and control of a person’s personal information
★ Security and storage of personal information
★ Website cookies and third party sites
★ GDPR compliance terms
★ Customer rights under the GDPR
★ Hosting and international data transfers
★ How to make a complaint about a privacy breach
★ How you can unsubscribe or opt-out
★ Changes to the policy
Yes it does.
This information includes:
★ who your Data Controller is and contact Information
★ where personal data is not collected from the individual, the source and nature of that data
★ Who your Data Protection Officer is and contact information
★ Whether you use data to make automated decisions
★ Informing users of the 8 rights they have under the GDPR
★ Whether you transfer data internationally
★ Legal basis for processing data
I run an online shop – is this the only legal document I need?
No, you also need Website Terms and Conditions of Sale. You are legally required to display terms and conditions on your website under Australian Consumer Law if you’re selling online. This includes extra terms for payment, delivery, refunds, warranty and consumer guarantees.
Our eCommerce Legal Bundle is an affordable way to grab all the other documents you will need for your online shop in one go.
Yes, you might have also heard this document referred to as a GDPR Privacy Notice or GDPR Privacy Statement.