In Australia, only some small businesses are covered by the Privacy Act.
A small business is one with a turnover of $3 million or less. But even if your small business makes less than $3 million, it may have to comply with the Privacy Act.
The following small businesses must comply with the Privacy Act regardless of their turnover:
- A private sector health service provider (eg gym, weight loss clinic)
- A business that sells or buys personal information
- A contractor providing services under a contract with the Australian Government
- A credit provider or credit reporting body
- A residential tenancy data operator
If the Privacy Act covers your small business, you need to comply with the Australian Privacy Principles. These outline how you must handle, use and manage personal information.
If in doubt about whether your small business needs to comply with the Privacy Act, contact a lawyer.
