Free Cookie Policy Generator for Restaurant / Food — Australian Privacy Act Compliant

🇦🇺 Key Australian Privacy Act Requirements

Australia's Privacy Act 1988 and its 13 Australian Privacy Principles (APPs) regulate how organizations with annual turnover over AUD $3 million collect, use, and disclose personal information. The OAIC (Office of the Australian Information Commissioner) enforces the law and can issue fines up to AUD $50 million for serious and repeated breaches.

• Notify individuals about data collection at or before the time of collection
• Only collect personal information that is reasonably necessary
• Provide individuals with access to their personal information
• Take reasonable steps to protect personal information from misuse or unauthorized access
• Notify the OAIC and affected individuals of eligible data breaches (Notifiable Data Breaches scheme)
• Cross-border disclosure requires that overseas recipients comply with the APPs

Restaurant / Food — Specific Considerations

Food businesses with online ordering, delivery apps, or loyalty programs collect customer contact information, order history, location data, and payment details. Allergy information is particularly sensitive — treating it as health data means it may require heightened protection under GDPR and other regulations.

Data typically collected by Restaurant / Food businesses: name, delivery address, phone number, payment details, order history, dietary preferences and allergy information

• Allergy and dietary data as sensitive data
• Third-party delivery platform data sharing (DoorDash, Uber Eats)
• Loyalty program data and expiry
• Location tracking for delivery
• Marketing preferences and opt-out