Privacy policy and procedure

$250.00 inc. GST

Terms & conditions * 

This policy and procedure is purchased subject to terms and conditions, (or download PDF here). Please confirm that you have read, understand, and agree before proceeding with your purchase.


Ensure your organisation’s handling of personal information complies with the new privacy laws.

This policy and procedure provides a framework for compliance with the Privacy Act and Australian Privacy Principles, now in effect. It requires businesses to give detailed consideration to, and incorporate into the policy (at clearly marked points):

  • the types of personal information they collect;
  • why they collect personal information;
  • how they collect personal information; and
  • what they intend to do with personal information collected.

The 15-page document sets out:

  • the scope of ‘personal information’ covered by the policy;
  • why the organisation collects personal information, what types of personal information are collected, from whom, by what means and for what purposes (in terms that can be amended as applicable);
  • how the organisation ensures the integrity of personal information;
  • how the organisation will ensure access to, and correction of, personal information; and
  • how complaints will be handled.

Businesses will also need to consider the internal processes and procedures that they may need to put in place in order to comply with the requirements/commitments set out in the policy – for example, businesses are likely to need to develop privacy notices or statements to be given to individuals at the time or shortly after personal information is collected. These notices/statements needs to be tailored to reflect the type of information collected and the purpose for which it will be used.

The policy is suitable for use by all businesses to which the Privacy Act applies, but organisations should note that there may be additional legal requirements that operate in their particular industry that need to be considered and incorporated into the final policy.

Note: If your organisation has turnover of less than $3 million per annum, the Privacy Act may not apply and might be more detailed/onerous than you require, but it could still be used as a guide for best practice.

The policy and procedure will be emailed to you in Word format. It has been drafted to help your organisation comply with all relevant Australian industrial laws.

This document has been prepared by Kristin Ramsey of Hynes Legal.

Please tick the checkout box to indicate that you have read, understand, and agree to the terms and conditions before proceeding with your purchase. Purchases are not refundable.