Is Your Email Marketing Compliant With Australian National Privacy Principles?

Like most of us, you are probably wondering what all the fuss about the National Privacy Principles is all about. With most new acts or changes in legislation, they make you feel like you need a legal translator to make any sense of them.

As a provider of Email and SMS Marketing services, helping clients collect customer information and actively collecting customer information ourselves we feel twice as responsible.

We’ve been diligently working on our own system and business compliance, and are now happy to pass that experience onto you.

Here’s a bit of background.

In late 2012 the Federal Government enacted the Privacy Amendment Act of 2012 and the new laws come into force on March 12. The amended act sees the National Privacy Principles and Information Privacy Principles replaced with a new set of 13 Australian Privacy Principles (APPs).

National Privacy Principles may require your organisation to:

  • Identify the types of personal information they hold, collect, use and disclose
  • Amend compliance documentation – privacy policy and collection notifications
  • Amend contracts
  • Train staff and engineer compliance into their systems

The main groups Australian National Privacy Principles are broken into are:

  1. Companies with turnover of $3 Million or less
  2. Companies with turnover of more than $3 Million
  3. Health Care Providers (special inclusions etc)

BrandMail have clients in each camp, and there are no clear “one-size fits all” approaches. However, there are common elements to the changes in the act that apply to everyone. It is worth noting that smaller businesses with a turnover of $3 Million or fewer are not considered APP entities.

There are exceptions of course, and it is best to seek legal advice if you wish to be sure. We are focused on helping everyone that use email marketing services, so we created:

5 Ways to Comply With Australian National Privacy Principles

1. Get a privacy policy

This is where you are able to be open and transparent about what you do with personal information. If you do not have a Privacy Policy in place, now is a good time to get one. Make sure you include a Collection Notification Statement that outlines what you collect personal information for.

ADMA has a great resource for this in their Privacy Policy Guide.

2. Don’t collect unnecessary information

Working through these privacy amendments it starts to become very clear that collecting information no reasonable for the function of your business is frowned upon. Collecting items such as passport numbers or other sensitive ID documents not necessary for business may see you having to justify the reason for their collection.

3. Make sure you are Spam Act compliant

You will also notice that amendments have tightened up around direct marketing. The Australian SPAM Act has been with us since 2003 so a best practice to your email marketing should lock in your compliance here, please make sure your “Expressed Consent”, “Inferred Consent”, and you provide clear and obvious unsubscribes in your emails.

Learn more about the SPAM Act.

4. Review where your data is stored

National Privacy amendments have also introduced increased stringent rules around cross-border disclosure of personal information. Keeping personal information on your customers, even just names and email addresses requires you to take reasonable steps to make sure your provider (email marketing service, CRM etc) is not breaching National Privacy Principles.

Once personal data leaves Australian borders international laws apply (not always in the interest of your business or customers).

BrandMail is an Australian business with Australian infrastructure and hosting. Its services including customer information and their subscribers personal information are  kept within Australian borders.

5. Let them know

When you’ve updated your Privacy Policy, let your subscribers know. There are a few ways to do this:

  • Update ALL Auto-response emails (after 12th March 2014) from all web pages include your notification statement and a clear opt out
  • Send a Branded Email Template that just notifies your existing subscribers and links to your Privacy Policy
  • Include an updated Email Footer that links to your new notification statement
  • Ensure ALL emails have clearly marked Unsubscribe buttons/links, even on “View Online” versions of the email
  • Create a blog post about the changes and link it to your own updated Privacy Policy

All of our “Done For You” services now include a National Privacy Principles update in the standard set up.

If you are interested in speaking to one of the team about our Full Service Email Marketing and Outsourced Email Services just ask!

In Conclusion

Whether you this relates to you or not, it’s good practice to treat your subscribers with respect and make sure you are compliant while taking every precaution when handling your customers information.

When using overseas services to manage your email marketing, upgrade to BrandMail your Australian Email Marketing service and keep all your data protected by Australian Law.

If you would like more information on the new Australian Privacy Principles and how they you can download a summarised fact sheet from the Office of the Australian Information Commissioner.

Facebook Comment

Make contact

Create sales from leads that didn’t buy the first time around. Make contact or call on

Easy to use Australian email and SMS marketing service helps ambitious businesses with proven email and SMS doubling sales with every send.

Find out more

Discover the simple email marketing tactics that turn your emails into serious sales boosters for your business.

learn more