Clifford Gouldson Lawyers

New EU data rules may impact Australian businesses

Print Version


Have you noticed your inbox filling up recently with emails regarding updates to privacy policies? We certainly have, and there is a good explanation for it.

The European Union (EU) General Data Protection Regulation (GDPR) contains new and heavier data protection requirements that will apply from 25 May 2018.

The GDPR is primarily in favour of the user or individual whose personal data is being captured and processed. It provides a responsibility on the business/organisation to be more transparent and clear about the collection and processing of data.
If you are a business that is involved with individuals or other businesses based out of the EU, then you may have to comply with these new data protection requirements, even if you already comply with the Australian Privacy Act 1988 (Cth) and its Australian Privacy Principles (knowns as the APPs).
If you have a business or organisation that:

  1. has an establishment in the EU, or
  2. does not have an establishment in the EU, but offer goods and services or monitor the behaviour of individuals in the EU;
  3. then you need to comply with the GDPR.

The new data protection requirements of the GDPR include (but are not limited to):

  1. a new definition of what constitutes ‘consent;
  2. the transfer of personal data overseas (such as outsourced cloud based storage services);
  3. requirement to undertake compulsory data protection impact assessments; and
  4. enhancement to an individual’s right to request:
  • erasure of their personal data;
  • objecting to the processing of their personal data; and
  • receive their personal data provided to the business/organisation.

The penalties for breaches of the GDPR have been heightened with administrative fines including the greater of up to 20 million (Euro) or 4% of the annual worldwide turnover.

Make sure that you are compliant today and contact our Commerical + Property or Intellectual Property sections for advice on your Privacy Policy.


Regulations amended to prevent employee ‘double dipping’ - 8/01/2019

The Fair Work Regulations 2009 (Cth) were amended on 18 December 2018 with the aim of preventing this ‘double dipping’ by allowing employers to offset certain NES entitlements by paying casual employees a casual loading. ... read on

‘Reining in staff behavior at your office Christmas party’ - 14/12/2018

With Christmas only weeks away, it’s common for businesses to celebrate the end of the year through work functions and Christmas parties. Because the celebrations occur outside the usual work environment, it can be difficult to find the balance between setting the standard of what’s expected of employees and allowing everyone to have fun.... read on

Cybersecurity – Is this business’ current greatest threat? - 7/11/2018

Cybersecurity is the protection of internet-connected systems, including hardware, software and data, from digital attack. In a computing context, security comprises cybersecurity and physical security – both are used by enterprises to protect against unauthorized access to data centres, computerized systems, and computing devices over the internet of things (IoT).... read on

Read all news/events

Site Developed by FAQ Interactive