privacy policies. is the devil in the detail?
How do you know when you actually need to get a lawyer involved?
You could be forgiven for thinking privacy policies are pretty boilerplate. A lot of them look a great deal alike. You might have even nabbed one that looked pretty good from someone else’s website (like your competitor’s 🤣).
Can you? Yes.
Should you? Being lawyers, you’d expect us to say no.
But, like most things, ‘it depends’.
It depends on:
💭 your turnover (i.e. under/over the $3m threshold)
💭 your risk appetite;
💭 how sensitive the data you collect from your customers is (and what you do with it);
💭 the importance you/your customers place on your data collection and use practices; and 💭 whether you want to ‘tick boxes’ or have peace of mind know you have a ‘fit for purpose’ privacy policy.
You could ask a lawyer whether you need a privacy policy. But some of them might charge you for that advice too (if they do – run!).
Or you could rely on AI and ask ChatGPT, Frank, or the like.
Don’t trust those either? 😉
Then, we suggest you set aside some time to go through the Privacy Commissioner’s checklist.
As a rule of thumb, if you answer ‘no’ to most of the questions (or you’re pretty confused by the end of the exercise), you may not be able to DIY your privacy policy (no Ctrl C + Ctrl V) and should get a lawyer involved.
A good lawyer will offer cost certainty with fixed prices.
And a great one will offer you fixed prices and take a deeper dive into your privacy practices so they can draft you a tailored privacy policy and educate you on your privacy obligations in the process.
How’d we do with this article? Send us feedback.
Not already a subscriber to on the house? Subscribe here.
This information has not been prepared with your specific circumstances in mind, and may not be suitable for your business. This information is provided for your reference only and does not constitute the provision of legal advice or other professional advice by in house nous. By relying on any information on this website, you assume all risk and liability that may result.
