General Data Protection Regulation
In 2018, the Australian and global privacy and data landscape is shifting significantly with the introduction of the mandatory data breach notification under the Australian Privacy Act 1988 and the new European Union privacy regime, the General Data Protection Regulation.
The GDPR will apply to organisations if they process the personal data of people in the EU and do any of the following:
- offer goods or services to people in the EU – for example, on a website or in marketing material that is in a European currency or language;
- monitor the behaviour of people in the EU – for example, by using cookies or other data processing techniques which track individuals online; or
- have an office in the EU.

"This means that many Australian organisations will be affected by the GDPR. Fines for non-compliance are eye-watering – up to €20 million or 4 per cent of annual global turnover (whichever is higher)."
Brendan Coady, Maddocks

This is an optimal time for organisations to:
- consider whether they fall within the ambit of the GDPR;
- map their data flows and understand the privacy implications; and
- review and, if necessary, amend their practices, policies and contracts to ensure that they are GDPR-compliant.
Maddocks offers a ‘privacy by design’ approach to proactively ensure whole organisations are privacy compliant. We believe that organisations who are robustly prepared can adjust to the new privacy and data landscape with confidence.
For more on the new privacy laws and practical ways to prepare for them, you can access our GDPR survival guide, co-authored with data security experts Commvault.
Keen to learn more about how GDPR affects your organisation?
Get in touch with the Information Technology team.
Keep up to date with our legal insights and events
Sign upRelated articles
Looking out for smaller businesses – the revised rules for Commonwealth Procurement
By Anthony Willis, Patrick Collins
We explain the effect of recently enacted changes to the Commonwealth Procurement Rules, which commence on 1 July 2022.
Australian Contract Law: a recent case study – Sui v Jiang [2021] NSWCA 285
By Anthony Willis, Patrick Collins
Lost in translation: when the legal effect of a contract departs from its literal meaning...
New phoenixing laws put to the test
By Sam Kingston, Cara Thompson, Michael Wells
We outline the impacts that the new phoenixing laws will have on insolvency practitioners, companies and directors.
Former Minister Hunt’s final address at the Australian Pharmacy Professional Conference 2022 and PBS changes
We discuss former Minister Greg Hunt’s address at this year's APP Conference.
Partner
Sydney