Does GDPR apply in Australia?
What is GDPR?
GDPR stands for General Data Protection Regulation. It is a huge new law that applies to all EU citizens. But even countries in the US, China or Australia have to follow the new rules if dealing with EU citizens. The GDPR spells out how companies can get our consent to use our personal information. A request for consent can not be buried under pages and pages of terms and conditions. It has to be “clearly distinguishable from other matters”
Pre-ticked boxes can no longer be used to indicate consent. And making someone hand over more personal information in exchange for extra features or a premium service is also not allowed, because that does not count as freely given consent.
The law gives all EU citizens the right to access and erasure. At any time you can ask a company for a copy of your personal information and they will have to comply within a month. You can tell a company to correct any data that is wrong, or ask a company to delete any personal data it holds about you. And they will have to have a good reason not to do so.
GDPR also requires companies to keep our data safe to stop it being stolen. If there is a data breach, companies must inform their national regulator within 72 hours of finding out about it – where possible. And there are big penalties for companies that do not comply. The maximum fine under GDPR is €20m (AUD $31m) or 4% of a company’s global turnover – whichever is higher. And that has got companies worried. – source BBC News
So does GDPR apply to Australian online businesses?
Yes, but only if your business deals with and stores personal information of EU citizens.
Disclaimer: Go Cart does indeed make awesome Websites and Online Stores, but we do not offer legal or compliance advice. If you need help with your organisation’s compliance, please reach out to a compliance specialist or your lawyer. Need a hand with your website or online store, get in touch here 🙂
I hope this post has been helpful.
Have a great day!