What is personal information?
Personal information is information or an opinion about an identified individual or an individual who is reasonably identifiable.
Why do we collect and handle personal information?
We collect and handle personal information (other than sensitive information) when it is directly related to, or reasonably necessary for, our functions or activities.
Whose personal information do we collect?
We may collect personal information about you:
when you contact us with an enquiry or complaint
when you use our websites
when you deal with us as part of a consultation. For example, as part of a reference group, a representative of the community or a stakeholder organisation
if we deal with you as part our managing the day-to-day business of the Agency
if you supply goods and services to us (including potential, current, former and potential contractors)
when you are a current, former or potential employee.
How do we collect personal information?
We may collect personal information about you:
by telephone, video conferencing or online collaboration applications, facsimile, mail or email
from websites we own or operate
from other government organisations or third parties providing services to us
from third party software platforms we use to conduct business activities such as Microsoft Teams, Survey Manager, Seek, APS Gazette or JobAdder
Wherever possible, we collect personal information directly from you. Unless it is unreasonable or impracticable to do so, we only collect personal information from a third party with your consent or where authorised under an Australian law.
What personal information do we collect?
The type of personal information that we may collect include your:
name and other identifying information
evidence of identity documents
contact information such as an address, email and contact number
images and voices
resumes and other work history information provided to us
employee records as defined in the Privacy Act.
Do we collect sensitive personal information?
We only collect sensitive information (including health information) where it is reasonably necessary for, or directly relates to, one of our functions or activities. We will only collect sensitive information with your consent or where collection is required or authorised by law.
Where relevant, this may include your:
membership of a professional association, for example, where you represent a professional association in their dealings with us or include that information as part of a job application
sensitive information collected as part of consultation, or as part of a complaint
sensitive information collected as part of creating content, for example, communications campaigns for us and our activities
other sensitive information collected from employees and job applicants to meet our employment obligations. For example, a National Police Check or your health information relevant to the workplace
health information where first aid is administered to you on our premises.
How do we use and disclose personal information?
We may disclose personal information where you would reasonably expect us to do so and the information relates to the primary purpose of collection. We may also disclose personal information with your consent or where disclosure is required or authorised by law. We may use or disclose the personal information we collect in order to:
respond to enquiries and complaints and otherwise engage with stakeholders
communicate information to you about any initiative offered by or associated with us, including invitations to consultation or engagement events
provide marketing information about goods, services, events or initiatives which may be of interest
improve products and services by using information you have provided us
conduct business with our business associates and contractors
manage our employment relationships and responsibilities
promote our activities through communications material
engage and manage our workforce
deliver on our functions and meet our legal obligations. This may include for example, disclosing employee personal information to the Australian Government Security Vetting Service.
If you receive marketing materials from us you may opt out of further communications of this nature.
Information provided via our websites or third-party applications
We will collect your personal information if it is provided when using our websites. We will use and disclose this information for the purpose for which you provided it. We sometimes use third party applications to collect personal information from you. This includes the following:
Social networking services
We use social networking services such as Twitter, Facebook and YouTube to communicate with the public about our work. When you communicate with us using these services we may collect your personal information, but we only use it to help us to communicate with you and the public. The social networking service will handle your personal information for its own purposes. These services have their own privacy policies which are accessible on their websites.
Website analytics and cookies
Our websites use Google Analytics to help us to continually improve the user experience.
Google Analytics is hosted by a third party. We use Google Analytics to collect data about an your interaction with our websites. The type of data that we may collect using this tool includes your device’s IP address, type of device and browser used to visit the websites, geographic location, search terms and pages visited, as well as date and time when website pages were accessed. We use this data for the purpose of improving website user experience and monitoring use of our websites.
Most browsers allow an you to choose whether to accept cookies. Please find further information on how to manage or disable cookies in common browsers below:
You can block cookies by setting your browser to refuse all or some cookies. However, blocking all cookies may impede full functionality of our websites.
Access and correction
You have the right to request access and/or correct the personal information we hold about you. If you wish to request access to or a correction of your personal information, you can contact us using the details below. We may request evidence of identity before granting a request for access or correction.
Storage and security
We take steps to protect the security of the personal information we hold from both internal and external threats. We regularly assess the risk of misuse, interference, loss, and unauthorised access, modification or disclosure of that information. For example, we use multi-factor authentication to authenticate employees before they can remotely access our systems. We also take measures to assess those risks; for example, we keep a record (audit trail) of when someone has added, changed or deleted personal information held electronically on our corporate file system.
Web traffic information is disclosed to Google Analytics when you visit our websites. Google stores information across multiple countries.
When you communicate with us through a social network service such as Facebook, Twitter, LinkedIn or YouTube, the social network provider and its partners may collect and hold your personal information overseas.
Where possible, we will allow you to interact with us anonymously or by using a pseudonym. For example, if you contact our support centre with a general question we will not ask for a name unless this is needed to adequately handle the question.
However, for most of our functions and activities, we usually need your name and contact information and enough information about the particular matter to fairly and efficiently handle the enquiry, request, complaint or application, or to act on the report.
Enquiries and complaints
If you wish to make an enquiry or complaint relating to the handling of your personal information, please contact us using the details below. If you have a complaint, we will respond as quickly as possible and inform you of the progress of your complaint. We may collect additional personal information to investigate and resolve your complaint. If you are not satisfied with our response to your complaint, you may complain to the Office of the Australian Information Commissioner.
Healthcare providers can contact us by calling 1300 901 001. For further information on how to contact us, visit our contact page.
Changes to policy