Search

A privacy-by-design approach is built into digital.gov.au using best practice to comply with the Privacy Act. This approach embeds the latest security requirements, while providing for a fast, intuitive and inclusive user experience for all.

This summary sets out key points about how digital.gov.au handles the collection of information, including personal or sensitive information.  

Note: no information will be requested or published that is classified above Official Sensitive.

When any information is collected, held, used, disclosed or stored, it is done so in accordance with the:

• Privacy Act 1988 (Cth) (Privacy Act)
• Australian Privacy Principles (APPs)
• Privacy (Australian Government Agencies – Governance) APP Code 2017 (the Code).

More information can be found in the DTA's main privacy policy.

Collection

digital.gov.au may collect or hold personal information that is reasonably necessary for, or directly related to, the performance of its functions and activities. This may include your name, phone number, email and address and information about your interactions with the site through our services or the pages you visit.

Note: Personal information will usually be collected directly from you, unless there is an exception in the Privacy Act that permits digital.gov.au to collect personal information from a third party.

Site feedback

There is the opportunity to make enquiries or provide feedback, commentary and comments throughout the site. This drive improvements and new features. No personal or identifying information is required from you to participate.

Site interactions

Some data may be collected that includes details about your interactions with digital.gov.au, site features or the pages you visit, for example Google Analytics, the Custom Satisfaction Tool, and so on. This is collected as de-identified information, with no capacity to trace the interactions back to you.

Storage and protection

All information received by the DTA is held in secure online systems. Physical access to our offices is restricted and limited to authorised personnel only. Staff have access to personal information on a need-to-know basis only.

When personal information no longer needs to be retained as part of a Commonwealth record, it is generally destroyed in accordance with the Archives Act 1983.

Use and disclosure

Your personal information will primarily be used and disclosed for the purpose for which it was collected, unless you give your consent.

However, there may be a requirement to use or disclose your personal information for another purpose in certain circumstances.

For example, if required or permitted by law or for a purpose related to, or directly related to, the purpose of collection where you would reasonably expect that this to occur.

Sometimes your personal information will be passed to other government agencies or organisations such as the Australian Taxation Office or Department of Home Affairs, including overseas governments or organisations, for the purpose of assisting with your enquiry or application.

Access and correction

You can request access to, or correction of, your personal information by contacting digital.gov.au using the details below.

All request for access or correction will be actioned quickly, unless there is a sound reason under law to refuse.

If your personal information is not corrected, reasonable steps will be taken to associate a statement with your file upon request.

Complaints

Your privacy is taken seriously. All efforts have been made to protect your personal information.

To make a complaint about how your personal information is handled, please contact digital.gov.au using the details below.

How to contact us

• Telephone: 02 6120 8595 
• Email: privacy@dta.gov.au
• Mail: Privacy Officer
  Digital Transformation Agency,
  PO Box 457
  Canberra City
  ACT 2601

Privacy Impact Assessments

The Australian Government Agencies Privacy Code requires agencies to conduct a Privacy Impact Assessment (PIA) for all high privacy risk projects. A high privacy risk project is one that involves a new or changed way of handling personal information that is likely to have a significant impact on the privacy of individuals.

Currently there are no projects associated with this site, that have required a PIA. If this should occur in the future, it will be captured on this page as part of a digital.gov.au Register of Privacy Impact Assessments.

A PIA is a systematic assessment of a project that identifies the impact that the project might have on the privacy of individuals. It sets out recommendations for managing, minimising or eliminating that impact.

PIAs assess a project’s risk of non-compliance with privacy legislation and identifies controls to mitigate the risk. A PIA is much more than a simple compliance check. It should ‘tell the full story’ of a project from a privacy perspective, going beyond compliance to consider the broader privacy implications and risks, including whether the planned use of personal information in the project will be acceptable to the community. PIAs are key to building community trust and have a range of other benefits, such as demystifying the project and its objectives.