Privacy Law

Data & Privacy Law


Compliance on a global scale

Privacy law is a complex and dynamic area of practice. The global, multi-jurisdictional nature of data processing operations and the rapid growth of new laws and regulations in response to changing technology and business processes, pose real challenges for any business. This is particularly the case for global organisations with international operations and clients and complex products that are marketing in a number of jurisdictions.

You don’t just need to consider the privacy laws that exist in Australia but rather you will need to consider what data and privacy compliance looks like in every jurisdiction in which you collect, use, store, and/or transfer personal data.

Privacy108 provides specialist legal advice about the scope, nature, application and effect of Australian federal and state privacy laws, including the Australian Privacy Principles, as well as global privacy laws.

Our team of privacy lawyers can assist with:

  • Privacy law advice, including the interpretation and application of privacy, security and other relevant legislation;
  • Application of and compliance with data breach notification obligations;
  • Commercial contract advice, including Data Processing Agreements, Standard Contractual Clauses and cloud and outsourcing arrangements;
  • Reviewing the laws of other jurisdiction, including as part of a Transfer Impact Assessment;
  • Drafting and reviewing privacy policies, collection notices, consent wording and website terms of use; and
  • Privacy assessments including Privacy Impact Assessment, Transfer Impact Assessment, AI Ethical Assessment, Privacy Compliance Review and Privacy Health Check.

If you are interested in assessing your organisation’s compliance with privacy laws, Privacy 108 offers a special Privacy Compliance review.  More information about that service is available here. While we are always delighted to offer proactive privacy compliance services, we also serve clients who need responsive legal services following a data breach or other privacy crises.

As experienced in-house lawyers who have worked in international law firms, we bring a fresh, non-nonsense approach to everything we do for our clients. We’ve been in your position, and we understand the daily challenges you face, so we can help you overcome them efficiently.


How this Service Helps

At Privacy 108, our sole focus in on privacy and data security. We stay up to date with the latest developments in privacy and security regulation around the world. This means we can provide current, specialist legal advice on the application of privacy, data protection and security laws and data breach notification schemes to your business.

Our team of privacy legal experts will help you:

  • Understand and meet your Australian and global privacy and data protection legal obligations;
  • Navigate GDPR compliance;
  • Identify and address any areas of non-compliance with Australian and global privacy and data protection legal obligations;
  • Keep up to date with changes in Australian and global privacy and data protection laws;
  • Ensure your policies, notices, consent forms, terms of use and other customer facing documents are current and consistent with Australian and global privacy and data protection legal obligations;
  • Respond to and assess a data breach in accordance with Australian and global privacy and data protection legal obligations;

More information about our Privacy Impact Assessment services is available here.


From a team that understands technology.

Our understanding of privacy and supporting technology and cybersecurity is a significant advantage for our clients. We contemplate the practical technological and cybersecurity impacts of our advice and are able to communicate with your IT, information security and risk and compliance teams to plan or manage privacy risk and compliance.


What it Costs

Privacy 108 is happy to provide a fixed quote for most engagements.

We understand that budgets are tight and always look for the most cost-effective way to delivery services that meet your needs.

We have a range of resources from junior consultants to senior legal practitioners, each with a different charge out rate relevant to their background and skills. We do our best to match available resources with the skill set best suited to your organisational requirements.

Privacy Law FAQ’s

Which privacy laws are relevant to businesses and organisations in Australia?

The privacy laws that apply to your business vary depending on where you collect, store, use, and transfer personal information. Your organisation needs to comply with the privacy laws that apply to organisations and users in any jurisdiction where you collect, store, use, and/or transfer personal information.

In Australia, the Australian Privacy Principles regulate the handling, storage, use, and disclosure of personal information by the federal government, its agencies, and private organisations. Australian states and territories have equivalent legislation that covers the local and state governments and agencies.

Elsewhere, the General Data Protection Right (GDPR), which covers the European Union, and the California Consumer Privacy Act are two of the more well-known privacy laws. But more than 100 countries have laws in place to protect consumer privacy – and you are expected to comply with the laws in any relevant jurisdiction.

How do businesses comply with global privacy laws?

The specifics of privacy laws around the globe are different, but the spirit of most privacy laws follow similar patterns. Global privacy laws tend to require businesses and organisations to:

  • Give your users power over their privacy, including the data you collect, store, use, and sell;
  • Be transparent about your data practices;
  • Develop safe data sharing, storing, and management practices;
  • Notify customers if their personal information is accessed by someone without authorisation to access it.
  • Embedding good privacy governance and privacy hygiene practices can set your business up to be compliant with global privacy laws without much, or any, further intervention.

Why is compliance with privacy law important?

Privacy breaches come with legal risk, but the reputational damage can be costly in the long term too. Consumers are increasingly demanding more transparency and better privacy practices from organisations. Developing strong privacy law compliance alongside privacy positive data practices is the best way forward for future-focused businesses.

Other benefits of complying with global privacy laws – and in line with consumer expectations – include:

  • Increased innovation (from thinking outside the box);
  • Increased consumer trust and loyalty;
  • Improved comprehension of collected data (since you’re collecting data with intention and purpose);
  • Better business processes and easier automation;
  • Streamlined data management; and
  • It’s a competitive advantage.

Which businesses and organisations rely on Privacy108 for privacy law advice?

Privacy 108 serves medium to large organisations that support a national or international client base.

Privacy 108 works extensively with universities, software companies, and technology companies on the development of data privacy compliance, planning, and management and data breach notification scheme compliance. We also work with utilities providers on the application of data and security-related legislation, including consumer data rights & critical infrastructure security legislation.

Our clients operate across industry with different data needs and focus, which means we are skilled at working not only across multiple jurisdictions, but with different types of information handling.

Why choose Privacy 108?

Privacy 108 are specialists in privacy and information security – it’s all we do!

We are familiar with the privacy and security issues commonly faced by organisations and have developed practical and cost-effective solutions for those issues.

Our team has invested in developing templates, questionnaires and guidance documents, using best practices and published standards, that help ensure that all our reports and other deliverables are targeted, practical and easy to understand.  We also keep up to date with all the latest changes to privacy law and practice so we can provide current and timely advice.

The team understands sophisticated technology, IT systems and concepts, complex relationships with service providers and the importance of developing the right organisational culture. We provide practical guidance and advice so organisations achieve their goals while meeting their compliance obligations.

Who are Privacy 108?

Privacy 108 is owned and led by one of Australia’s leading security and privacy professionals, Dr Jodie Siganto. The Privacy108 team includes lawyers, consultants and trainers who between them hold many years of experience in delivering privacy and security solutions for Australian organisations.

We have worked as in-house counsel and senior executives, and understand the pressures faced by executives, CISOs, Chief Privacy Officers, procurement teams and in-house lawyers. Our team’s industry experience is complemented by extensive legal knowledge and a desire to assist our clients with high quality practical advice.

Contact Us

  • We collect and handle all personal information in accordance with our Privacy Policy.

  • This field is for validation purposes and should be left unchanged.