Cookies Policy Fill out the template

How does it work?

1. Choose this template

Start by clicking on "Fill out the template"

1 / Choose this template

2. Complete the document

Answer a few questions and your document is created automatically.

2 / Complete the document

3. Save - Print

Your document is ready! You will receive it in Word and PDF formats. You will be able to modify it.

3 / Save - Print

Cookies Policy

Last revision Last revision 29/11/2023
Formats FormatsWord and PDF
Size Size2 to 3 pages
Fill out the template

Last revisionLast revision: 29/11/2023

FormatsAvailable formats: Word and PDF

SizeSize: 2 to 3 pages

Fill out the template

This Cookies Policy is designed for use by website owners. It tells users of the website what cookies are active on the website, what they do, and what website users can do about them.

Cookies are small files which websites use in order to monitor the use of a website, and to provide a more personalised experience to website users.

It should be noted that this document only includes a Cookie Policy. Website owners may require further documents such as a set of Website Terms and Conditions and a Privacy Policy. However, such documents are not included and must be obtained separately.

Under Australian privacy law, some information gathered by a website through the use of cookies is likely to be considered "personal information" under the Privacy Act 1988 (Commonwealth). The Privacy Amendment (Enhancing Privacy Protection) Act 2012 also sets out a set of Australian Privacy Principles which apply to Australian organisations and provide guidance as to how businesses should handle cookies. Further information about the Australian Privacy Principles is available via the Office of the Australian Information Commissioner.

Businesses that are subject to the Australian Privacy Principles may be legally required to tell users about the types of cookies (and other data) that they collect, and how these cookies and data are used.

Furthermore, many Australian businesses find that even if they are not strictly required by law to provide a cookies policy or to obtain informed consent from their users, by using this cookies policy, they are able to answer their customers' questions about cookies, which helps to build trust with their customers.

Many website users may have heard of cookies but may not really understand them. As more and more people express concerns about general data security and online privacy, it is increasingly common for internet users to have questions about cookies and about how their data is being collected and handled. If businesses are transparent and upfront about how they use cookies, this can go a long way towards alleviating concerns and building trust and rapport with their customers.


European data protection laws may apply

Australian websites that target customers in the European Union (EU) or the United Kingdom (UK) may need to comply EU privacy laws, such as the EU ePrivacy Directive and the EU General Data Protection Regulation (GDPR).

As of 25 May 2018, the European Union General Data Protection Regulation (GDPR) contains new data protection requirements that may apply to Australian businesses.

Australian businesses (regardless of size) may need to comply with the GDPR if they have an establishment in the EU or UK, if they offer goods and services in the EU or UK, or if they monitor the behaviour of individuals in the EU or UK.

Under EU and UK privacy law, websites with a presence in the EU or UK, or which sell to customers in the EU or UK are required to obtain informed consent from website users before storing a cookie on their device. As a result, many businesses affected by these laws, use a popup box to obtain informed consent to cookies from website users when they first visit the website.

Informed consent (such as by way of a popup box) is not strictly required under Australian law, but many Australian businesses are choosing to comply with it anyway, to make sure that they are covered in the event that they fall under the EU's jurisdiction (for example, if a customer based in the EU or UK accesses their website).


How to use this document

Once this document has been prepared, it needs to be published on the website and needs to be made freely available for users.

If the website owner thinks that EU or UK law might apply, they should review the information provided by the Office of the Australian Information Commissioner as well as the UK's Information Commissioner's Office. These resources provide information about what website owners need to do in order to comply with those relevant laws.

If the website owner requires popup functionality (in order to comply with UK/EU law), this functionality will need to be created separately. This document does not have popup functionality built into it.

We have an alternative Cookies Policy (which operates under UK/EU law rather than Australian law), available on our UK site.


Doesn't my privacy policy deal with cookies?

Our Privacy Policy briefly addresses the use of cookies on the website. Other privacy policy documents may address the use of cookies to some extent, but this will entirely depend on the terms of the relevant privacy policy, and the owner of the website should have their privacy policy reviewed by a lawyer if they want to make sure.

However, it is becoming increasingly common for customers to have concerns about cookies and to seek answers to specific questions about the use of cookies on the website.

This Cookies Policy goes into much more detail than our Privacy Policy regarding the use of cookies. It is designed to provide easy answers to customers' questions about cookies, which in turn builds trust with customers.


Applicable law

The primary legislation in relation to privacy law in Australia is the Commonwealth Privacy Act 1988. This has been amended by the Privacy Amendment (Enhancing Privacy Protection) Act 2012.

The Privacy Amendment (Enhancing Privacy Protection) Act 2012 also sets out a set of Australian Privacy Principles which apply to Australian organisations and provide guidance as to how businesses should handle cookies. Further information about the Australian Privacy Principles is available via the Office of the Australian Information Commissioner.

Other relevant laws include the Privacy Regulation 2013, and the Privacy (Credit Reporting) Code 2014. A number of industries also have additional privacy rules. For example, specific laws may impose additional privacy requirements in relation to:

- email marketing
- telemarketing
- surveillance
- telecommunications
- criminal records
- data matching
- anti-money laundering
- health records, Medicare, the pharmaceutical benefits scheme, or the eHealth system
- biometric information
- the Personal Property Securities Register
- credit reporting
- financial services
- children
- tax file numbers
- information relating to racial or ethnic origin
- information relating to political opinions
- membership of a political association, professional or trade association or trade union
- religious beliefs or affiliations
- philosophical beliefs
- sexual orientation or practices

As mentioned above, the EU ePrivacy Directive and the EU General Data Protection Regulation (GDPR) may also apply. This policy does not deal with UK/EU law. It is only designed for compliance under Australian law.

Further information about how the GDPR may affect Australian businesses is available through the Office of the Australian Information Commissioner.


How to modify the template?

You fill out a form. The document is created before your eyes as you respond to the questions.

At the end, you receive it in Word and PDF formats. You can modify it and reuse it.

Fill out the template