In recent years and even recent months, major retailers’ privacy teams have been tasked to respond and address regulatory scrutiny from the Office of the Australian Information Commissioner  (OAIC) for potential violations of the Privacy Act of 1988. The OAIC scrutiny of major retailers (Bunnings and Kmart) have addressed the alleged gathering of sensitive information in the form of “biometric information” and the need for best or better practices.  

To add to the considerations of retailers, there is a new private cause of action for "serious invasion of privacy," including intrusion upon seclusion, which  became law in Australia as of June 10, 2025.

Where we stand.

Viana ™ by meldCX avoids such intrusions with its Privacy by Design product that does not gather biometric/sensitive information, but instead, makes inferential insights on de-identified and anonymous data from the inception in compliance with the Australian Privacy Practice Guidance APP 2.  APP 2 provides that individuals must have the option of dealing anonymously or by pseudonym.

The key of APP 2 is that the entity should not be able to identify the individual at the time of the dealing or subsequently. Viana is designed to only allow anonymity of consumer inferential data, that which cannot be identified or re-identified as Viana does not collect personal information or identifiers.

How does Viana avoid intrusion: meldCX has designed the Viana™ Anonymous Audience Measurement (AAM) and Content Effectiveness software platform in compliance with the privacy directives of the Office of the Australian Information Commissioner.

No image or video storage: AAM does not capture or store images or video. All processing occurs in real time and Viana captures only de-identified, anonymised audience data not biometric or sensitive information. Gathered is inferential data assigned a temporary ID automatically discarded of an inferred person-like-object (PLO) but not a person and not their sensitive data in the form of biometrics.

Compliance with the Australian Privacy Act 1988. 

AAM is designed and operated to ensure ongoing compliance with the Australian Privacy Act 1988 (Cth)(“ACT”), including its definitions of “personal information” and “reasonable steps” for data protection and the ACT’s guidance on de-identification under APP2. It also aligns with global best-practice privacy frameworks and incorporates safeguards, guardrails, and compensating controls to prevent misuse or unintended identification.

Read more in depth on how we safeguard individual privacy in this article: Navigating Retail & Hospitality Analytics with Confidence.