Long Arrow Right External Link angle-right Search Times Spinner angle-left

Australia - Data regulations

Privacy Act 1988

Applies to any business that sells or purchases personal information, with some exemptions (Part II, Division 3).

Implied consent is required in most situations, while express consent is required for Sensitive Information

The act includes 13 Australian Privacy Principles (APPs), governing

APP 1 - Open and transparent management of personal information

APP 2 - Anonymity and pseudonymity

APP 3 - Collection of solicited personal information

APP 4 - Dealing with unsolicited personal information

APP 5 - Notification of the collection of personal information

APP 7 - Direct marketing

APP 8 - Cross-border disclosure of personal information

APP 9 - Adoption, use or disclosure of government related identifiers

APP 10 - Quality of personal information

APP 11 - Security of personal information

APP 12 - Access to personal information

APP 13 - Correction of personal information

Where the APPs apply to Leadbook’s data:

  • Leadbook’s data is collected by lawful and fair means - Leadbook’s data is collected non-intrusively from public records, and does not involve intimidation or deception
  • Leadbook’s data is unsolicited - Leadbook’s data can be used for direct marketing, if:
    • A request for consent is provided to the individual at the first reasonable opportunity, and
    • An option to opt-out is provided in every email, and
    • The individual has not previously opted out
  • Leadbook’s data contains only non-sensitive information - implied consent is sufficient; expressed consent is only required if a campaign involves the collection of sensitive information
  • Leadbook will never conduct campaigns to collect “sensitive information” (racial or ethnic origin, political opinions or associations, religious or philosophical beliefs, trade union membership or associations, sexual orientation or practices, criminal record, health or genetic information, some aspects of biometric information).
  • Individuals have the means (email) to request for their information to be accessed, corrected, or deleted
  • All collected opt-in information may not be used or disclosed for a purpose other than described in the opt-in request, unless the individual has given further consent, or the usage for the secondary purpose is exempted.

Leadbook opt-in process - Australia

We manage the entire opt-in process to ensure compliance: 

  1. Consultation for email content for opt-in requests
    1. To obtain implied/expressed consent where applicable
    2. To provide option to opt-out
  2. Opt-in mechanism
    1. Email campaign to request for the individual’s consent
    2. Because there is no “sensitive information” there is no requirements for double opt-in mechanism for expressed consent, where contacts receive a confirmation email when they indicate consent 
  3. Opt-out mechanism
    1. Unsubscribe links and forms
    2. Inbox for collection of opt-out requests  
  4. Handling of opt-in data 
    1. Handling of opt-in data
    2. Automatically updated
    3. If requested by the individual, access to the individual’s information can be provided, and records can be corrected or deleted
    4. Monitored for consented purposes for any campaigns done on Leadbook platform
  5. Handling of opt-out data
    1. Unsubscribed contacts are automatically suppressed for all campaigns done on Leadbook platform
    2. Conditionally suppressed, suppressed, or deleted if/as the individual specifies 

How it works: opt-in campaign 


Responsibilities for opt-in campaign

What Leadbook does

  • Consultation for opt-in campaign procedures and content
  • Content adaptation to email format
  • Technical setup for opt-in campaign
  • Execution, monitoring and reporting for opt-in campaign

What you provide

  • Intended purpose(s) for the collected data
  • Intended usage location(s) for the collected data
  • Target audience profile(s)
  • Requirement for information fields
  • Link to your privacy policy or your privacy policy in pdf format

Content for opt-in requests

The email must include:

  • Your organisation or agency’s identity and contact details
  • Where and how you have obtained the personal information
  • The reason you have collected the personal information, and the consequences of not collecting the personal information
  • The kind of personal information being collected
  • Information about and directions to your privacy policy
  • If you are likely to disclose the personal information to overseas recipients, and if practical, the countries where they are located
  • A means for the individual to provide consent (opt-in):
    • Implied consent for non-sensitive information (business contact information obtained via Leadbook is non-sensitive information)
    • Expressed consent for sensitive information, if any sensitive information is to be obtained from surveys or other forms during a campaign
  • A means for the individual to withdraw consent (opt-out).