How will the EU General Data Protection Regulations (GDPR) affect your Australian business?
In addition to new data breach requirements under the Australian Privacy Act, Australian businesses will also have to consider whether new privacy regulations from Europe will apply to their business.
The European Union (EU) General Data Protection Regulations (GDPR) contain new data protection rules that apply from 25 May 2018.
- Does your business have an establishment in the European Union (EU)?
- Does your business offer Goods or Services in the EU?
- Does your business monitor behaviour of individuals in the EU?
If so, your business may need to comply with the GDPR.
While the GDPR share many similar principles of the Australian Privacy Act, they go further and require businesses to take active steps to protect the privacy of individuals including an ‘opt in’ approach to combatting SPAM.
Once GDPR is operational, businesses are required to get Consent of individuals to handling their personal data (opt in). This consent must be freely given, specific, informed and unambiguous. For example, individuals must click a button, or consent in writing (e.g. email) to continue to receive communications from you. Silence, or inactivity, or providing pre completed consent boxes are not considered consent. Neither is assumed consent with an unsubscribe button at the bottom of an email. In addition, if people do consent to communication, opting out of further communications must also be simple.
Should breaches of the regulations occur, sanctions can be as high as 20 Million Euros in fines or 4% turnover, whichever is higher, so it is important that businesses consider these rules.
If your business has customers in Europe, or you have contacts in Europe that receive your communications, you should consider how these new regulations will apply and take steps to comply.
The Australian Government Office of the Australian Information Commissioner (OAIC) has published information about how these rules can affect Australian businesses.
Should you require specific advice on how these rules may affect your business, Hanrick Curran can connect you to lawyers and accountants in Europe through our affiliates in the Alliott Group.
Please contact Alliott Group Worldwide Deputy Chairman and Hanrick Curran tax partner Jamie Towers for an introduction.
Please note that this publication is intended to provide a general summary and should not be relied upon as a substitute for personal advice.