What is GDPR?
The General Data Protection Regulation (GDPR) is an EU legislation that aims to give the residents of the EU more control over their personal data. Under this regulation, organisations that handle data of EU residents must comply with data and privacy rules, even if they aren’t located in Europe.
Non-compliance can result in hefty fines of up to €20 million or four percent of annual revenues, whichever is higher.
There are some key differences between the Privacy Act in Australia and the GDPR legislation from the EU. In some circumstances, you may be legally required to comply with both!
What We Offer
- Free Discovery Call
- Customised GDPR Privacy Policy
- Compliance with EU privacy laws
- Practical legal advice
- Fixed Fee Pricing
- Fast turnaround times
Do I need a GDPR Privacy Policy?
Yes, Australian businesses of any size must have a GDPR Privacy Policy if:
- Your business has a presence in the EU
- You provide goods and services to EU customers
- You collect and monitor data on users or behaviours from countries within the EU.
It’s important to stay on the right side of EU privacy rules and avoid steep penalties for non-compliance. If you meet any of the three criteria above, or you might in the future, it’s a good idea to get a GDPR Privacy Policy drafted for your business.
A Privacy Policy also shows visitors that your website is trustworthy and it can improve your site’s Google search ranking.
The thing I like most about Courtney, is that like me, she is a small business owner who understands the challenges of running a small business.
I absolutely recommend Her Lawyer!
Frequently Asked Questions
If you meet any of the three conditions below, you must have a GDPR Privacy Policy:
- Your business has a presence in the EU
- You provide goods and services to EU customers
- You collect and monitor data on users or behaviours from countries within the EU.
Not only EU businesses have to comply.
More info: Australian entities and the EU General Data Protection Regulation (GDPR)
A GDPR Privacy Policy contains additional information that is legally required under the GDPR regulation in the European Union.
This information includes:
- who your Data Controller is and contact Information
- where personal data is not collected from the individual, the source and nature of that data
- Who your Data Protection Officer is and contact information
- Whether you use data to make automated decisions
- Informing users of the 8 rights they have under the GDPR
- Whether you transfer data internationally
- Legal basis for processing data
Every situation is different, which is why you need expert advice from a commercial lawyer. We’re small business specialists, so you know you’re in safe hands with us.
We’ll consider your unique situation and let you know if we think this is right for your business. Our lawyers are privacy experts so we can give you a definitive answer on whether you need one.
Our head office is at Inspire Cowork – a coworking space in Sydney – but we also support flexible work for our team. Our lawyers can work from anywhere.
We use technology to come to you, wherever you’re located around Australia. Many of our clients work from home or at coworking spaces, just like us.
We communicate with our clients via phone, email and Zoom – whatever works best for you. There’s no need to meet face to face, but if you’re ever in the area you’re welcome to drop in!