Knowledgebase

Tag Cloud

android apple drive ftp gmail google drive ios macosx migration security

Support

Why do you need to know my company annual gross revenue?

Privacy legislation often includes an annual gross revenue threshold to limit the scope of the law and determine which businesses must comply.

The main reasons for using a revenue threshold (like the AUD $3,000,000 in Australia or the $25 million in the California Consumer Privacy Act) are:

1. Focus on Large-Scale Data Handlers

The revenue threshold is typically used as a proxy for the size and complexity of a business's operations. Larger companies:

  • Process vast amounts of data: The assumption is that higher revenue corresponds to a larger customer base and consequently, a larger volume of personal data collected and processed.

  • Pose a higher risk: A privacy breach at a major corporation affects significantly more people and can have a greater economic impact.

  • Have more resources to invest in the complex technical and legal infrastructure required for compliance.

By setting a threshold, the law focuses its regulatory burden on the largest entities that represent the most significant risk to consumer privacy.

2. Exempting Small Businesses (The Regulatory Burden)

Small and medium-sized enterprises (SMEs) often lack the financial and legal resources to implement the elaborate compliance mechanisms required by comprehensive data privacy laws.

The threshold serves to exempt smaller businesses from the often-onerous compliance requirements, preventing the law from unduly hindering their operations and growth. This ensures the legislation is proportionate—applying primarily to businesses that can reasonably absorb the compliance costs.

3. Fines and Penalties (For other laws)

In some legislation, like the EU's GDPR (General Data Protection Regulation), a company's financial standing, specifically its global annual turnover (revenue), is used to calculate the maximum potential fine.

For a severe violation of GDPR, the fine can be up to 4% of a company's total worldwide annual turnover or €20 million, whichever is higher. This ties the penalty directly to the economic size of the company, ensuring the fine is both:

  • Proportionate to the company's financial capability.

  • Dissuasive enough to deter large, profitable companies from viewing fines as merely a "cost of doing business."

Was this answer helpful?

0 Users Found This Useful

Related Articles

How to embed the code on my Wordpress site?

Here's Hans with a helpful video on how to embed your Privacy Policy on your Wordpress website.

How to add code on my Squarespace website?

Here's Hans of Termageddon to show you how to embed your code on to a Squarespace website.

How to embed your Privacy Policy on your website

After generating your policies, you will be provided with an embed code. This embed code is...

Can I change the styling?

You can update the styling of the policy on your site. There is nothing fancy going on, it uses...

Should you consolidate all policies onto one page?

You need a separate page for each policy because the law says so. Article 7 of General Data...