In November, sweeping Australian privacy reforms contained in the Privacy and Other Legislation Amendment Bill 2024 passed both Houses of Parliament.
Accounting firm BDO issued a statement encouraging retailers to prepare for these changes. Forensic services partner, Conor McGarrity, said that retailers should review loyalty program policies in particular.
“Loyalty programs collect vast amounts of personal data—addresses, phone numbers, transaction histories, and preferences—often without revisiting this information for years,” McGarrity said.
“The regulators are now taking a much harder stance, questioning whether all of this data is still necessary to retain. For retailers, that could mean facing scrutiny over data that no longer serves a valid business purpose.”
He added: “The key to compliance will be accountability and transparency — especially since individuals will now have the right to take legal action if their privacy is breached. For retailers, this means a sharp focus on ensuring that customer data, particularly in loyalty programs, is handled properly.”
Among the changes are a requirement for businesses to update their privacy policy to disclose when decisions are being made using automated processes, and severe penalties may apply unless proactive steps are taken to identify, store, or remove customer data appropriately.
More reading
Fine print: Major jewellery retailer penalised by ACCC
‘Scam shops’ target Aussie consumers, damage local retailers
ACCC encourages retailers to review surcharge policy
Industry watchdog takes aim at misleading advertising
Watchdog highlights fine print issues among retailers
Warning issued to Australian retailers about misleading advertising