Privacy, Protected.

Australian Privacy Act readiness and data breach response — so you meet your obligations before the OAIC asks.

$50M

maximum Privacy Act penalty

Serious or repeated privacy interference can attract penalties up to $50 million or 30% of adjusted turnover.

72hr

breach notification deadline

Ransomware payments must be reported to the Australian Signals Directorate within 72 hours under the Cyber Security Act 2024.

13

Australian Privacy Principles

Your privacy policy and data handling practices must address all 13 APPs. Most Australian businesses cover fewer than half.

Services & Pricing

Know what data you hold. Prove you protect it.

Start with a free privacy health check. Book a scoping call for a fixed-price quote.

Policy & Compliance

Privacy Health Check

Automated scan of your website for privacy policy gaps, missing consent mechanisms, and data collection issues.

Free

Delivery: 48 hours

Get Started

Privacy Policy & Notice Package

Custom privacy policy drafted to meet all 13 APPs, plus cookie policy and collection notice templates.

Custom quote

Delivery: 3–5 business days

Get a Quote

Readiness & Response

Privacy Act Readiness

Full gap assessment against all 13 Australian Privacy Principles with scoring, data mapping, and remediation roadmap.

Custom quote

Delivery: 5–7 business days

Get a Quote

Full Privacy & NDB Programme

Complete privacy programme with NDB readiness, breach response plan, notification templates, and staff training materials.

Custom quote

Delivery: 7–10 business days

Get a Quote

Need Essential Eight or cyber insurance too?

Privacy readiness pairs well with Essential Eight compliance and cyber insurance documentation. Contact us for bundled pricing.

See Compliance Studio

Our Process

Four steps to privacy confidence.

01

Website Scan

Automated audit of your privacy policy, data collection points, cookies, and trackers.

02

Client Questionnaire

Short intake form covering your internal data practices, retention periods, and third-party sharing.

03

APP Assessment

Gap analysis against all 13 Australian Privacy Principles with compliance scoring.

04

Report & Roadmap

Plain-English findings, remediation priorities, and policy templates ready to implement.

Frequently Asked Questions

How do AI-powered cyber attacks affect my privacy obligations?+
AI has made data breaches faster and more frequent. In April 2026, Project Glasswing showed AI discovering thousands of zero-day vulnerabilities across major software. When breaches happen faster, your Notifiable Data Breaches response plan needs to work instantly — not be drafted under pressure. A privacy readiness programme ensures you have the response plan, templates, and procedures in place before an AI-accelerated breach forces you to improvise.
Does the Privacy Act apply to my business?+
If your business has annual turnover over $3 million, yes — you must comply with all 13 Australian Privacy Principles. Some smaller businesses are also covered: health service providers, businesses that trade in personal information, credit reporting bodies, and contractors to government agencies. Our free privacy health check will tell you where you stand.
What are the penalties for non-compliance?+
Serious or repeated interference with privacy can result in penalties up to $50 million, three times the benefit obtained, or 30% of adjusted turnover — whichever is greatest. The OAIC can also accept enforceable undertakings and issue infringement notices. Beyond penalties, a privacy breach damages customer trust and reputation.
What is the Notifiable Data Breaches scheme?+
Since February 2018, organisations covered by the Privacy Act must notify the OAIC and affected individuals when a data breach is likely to result in serious harm. Under the Cyber Security Act 2024, ransomware payments must also be reported within 72 hours. Our NDB readiness programme gives you the response plan, templates, and staff checklists to meet these obligations.
Can you write our privacy policy?+
Yes. Our Privacy Policy & Notice Package includes a custom privacy policy drafted to cover all 13 APPs, based on a full audit of your website and a short questionnaire about your data practices. We also provide cookie policies and collection notice templates. We recommend having a lawyer review the final policy before publishing — our work is compliance guidance, not legal advice.
What does the free privacy health check include?+
We scan your website for privacy policy completeness, data collection points (forms, cookies, analytics, third-party trackers), cookie consent mechanisms, and collection notices. You receive a branded PDF report with a privacy score from 0–100, specific findings, and recommendations — delivered within 48 hours, no commitment required.
How is this different from your Compliance Studio services?+
Privacy Studio focuses specifically on the Australian Privacy Act, data protection, and breach readiness. Compliance Studio covers broader frameworks like Essential Eight, SMB1001, and cyber insurance. If you need both, we offer bundled pricing — contact us for a combined quote.

Start with a free privacy scan

We scan your website for privacy gaps and deliver a scored report within 48 hours — no commitment, no sales pitch.

Get Your Free Privacy Health Check