How the GDPR affects Australian Businesses
From 25 May 2018, the European Union (E.U.) has published some new rules. These rules apply to all businesses who trade with people in the E.U, or offer goods or services for sale in the E.U.
These rules are called the General Data Protection Regulation (GDPR). The GDPR is almost like the Australian Privacy Act 1988 and it similarly contains additional protections around data handling.
Australian businesses can be fined up to €20 million if they break these rules.
Key information:
- Australian businesses need to start following these rules. This applies if they sell goods or services to individuals in the E.U.
- A privacy policy should be included on all websites to show how data is used
- Companies need to have a system for people to request removal of their data
- Companies must be open about their use of data
A full breakdown of the similarities of the Australian Privacy Act 1988 and the European GDPR is available as a download here