Threshold compliance checklist - GDPR and the Privacy Act

Introductory note:
The General Data Protection Regulation (GDPR) is a regime of personal data protection requirements adopted by the European Parliament which regulates “personal data”. While GDPR is EU law, it has unprecedented extra-territorial reach. If the GDPR applies to your organisation, you must ensure that your organisation complies with both the GDPR and the Australian Privacy Act 1988 (Cth) (the Privacy Act).

How to use this checklist:
This checklist will guide you through the key threshold considerations for your organisations to ensure compliance with both the GDPR and the Privacy Act.

Links to related content:
For further detailed guidance on the Privacy Act and the GDPR, see Overview — Complying with both the Privacy Act and the GDPR.
For guidance on whether the GDPR applies to your organisation, see Overview — What is the GDPR and when does it apply to Australian organisations?