What is a GDPR Privacy Policy?
A Privacy Policy is a legal document that explains how you will manage the personal information you collect from website visitors and customers.
A GDPR Privacy Policy includes additional information in order to comply with the European Union General Data Protection Regulation (GDPR).
If your business has a presence in the EU, provides goods and services to EU customers or tracks users and behaviours in the EU, you need to have a GDPR Privacy Policy on your website. GDPR compliance is not optional!
Who can use this template?
- Business with operations in the EU
- Business that provides goods and services to EU customers
- Business with a website that targets EU customers (e.g. allows payment in euros or has a European language version other than English)
- Business with a website that collects and monitors data on users or behaviours from countries within the EU.
What is GDPR?
The General Data Protection Regulation (GDPR) is an EU legislation that aims to give the residents of the EU more control over their personal data. Under this regulation, organisations that handle data of EU residents must comply with data and privacy rules.
Non-compliance can result in hefty fines of up to €20 million or four percent of annual revenues, whichever is higher.
Do I need a GDPR Privacy Policy for my Australian website?
Yes, Australian businesses of any size must have a GDPR Privacy Policy if:
- Your business has a presence in the EU
- You provide goods and services to EU customers
- You collect and monitor data on users or behaviours from countries within the EU.
It’s important to stay on the right side of EU privacy rules and avoid steep penalties for non-compliance.
A Privacy Policy also shows visitors that your website is trustworthy and it can improve your site’s Google search ranking.
Am I legally required to have one?
Yes, if you meet any of the three conditions listed above, you must have a GDPR Privacy Policy. Not only EU businesses have to comply.
More info: Australian entities and the EU General Data Protection Regulation (GDPR)
What does the GDPR Privacy Policy template include?
Our GDPR Privacy Policy template covers:
- Collection of personal information
- Use of personal information
- Disclosure of personal information
- Rights and control of a person’s personal information
- Security and storage of personal information
- Website cookies and third party sites
- GDPR compliance terms
- Customer rights under the GDPR
- Hosting and international data transfers
- How to make a complaint about a privacy breach
- How you can unsubscribe or opt-out
- Changes to the policy
Does your GDPR Privacy Policy template include all of the information that is essential for a GDPR Privacy Policy?
Yes it does.
There are certain terms and clauses which must be included to make a Privacy Policy compliant with the GDPR. Don’t worry, we have made sure our template includes all the necessary information and have written the policy according to best practice.
What’s the difference between a normal Privacy Policy and a GDPR Privacy Policy?
A GDPR Privacy Policy contains additional information that is legally required under the GDPR regulation in the European Union.
This information includes:
- who your Data Controller is and contact Information
- where personal data is not collected from the individual, the source and nature of that data
- Who your Data Protection Officer is and contact information
- Whether you use data to make automated decisions
- Informing users of the 8 rights they have under the GDPR
- Whether you transfer data internationally
- Legal basis for processing data
I run an online shop – is this the only legal document I need?
No, you also need Website Terms and Conditions of Sale. You are legally required to display terms and conditions on your website under Australian Consumer Law if you’re selling online. This includes extra terms for payment, delivery, refunds, warranty and consumer guarantees.
Our eCommerce Legal Bundle is an affordable way to grab all the other documents you will need for your online shop in one go.
Other names for a GDPR Privacy Policy
- GDPR Privacy Notice
- GDPR Privacy Statement
Where do I pubish my GDPR Privacy Policy?
It is common practice for websites to place a link to their privacy policy and website terms of use in the footer of the website.
Once you have completed our GDPR Privacy Policy template in Word, you can publish it on your website as a new page and link to it in the footer.
What are the benefits of having a GDPR Privacy Policy?
If you meet any of the conditions listed above, the main benefit of having a GDPR Privacy Policy is that you will be obeying EU law. Serious fines apply for breaches of the GDPR. Definitely want to avoid that!
Even if you aren’t required by law to have a GDPR Privacy Policy, there are still many benefits to having one anyway:
- It shows Google your website is more trustworthy and can improve your site’s search rankings
- It shows your website visitors that you will protect their personal information, giving you more credibility
- It makes your website appear more professional
Is this GDPR Privacy Policy template legally binding?
Absolutely!
All of our templates have been drafted by qualified Australian lawyers who hold an Australian legal practicing certificate.
We are affiliated with a commercial law firm based in Sydney.
