• Criterion 1

    Placeholder

  • Criterion 2

    Placeholder
  • ""

    Criterion 3

    Placeholder
  • ""

    Criterion 4

    Placeholder
  • ""

    Criterion 5

    Placeholder
  • ""

    About the Digital Access Standard

    Find out about the services covered, the transition, meeting the Standard and measuring success.

  • I am an Australian business

    I want support and advice for working with and engaging government.

  • Buying and selling

    Procuring services for government & engaging with and selling to government.

  • Working for government

    Supporting our employees to deliver world class digital services.

  • Architecture of government

    Support digital transformation by aligning to the digital direction of government.

  • Tell us what you think and help us make it better.

  • test

    content test

     

    dfs

    ffdsfdsfsfd

  • Explore the Digital Inclusion Standard

    • Content type
      Select a content type to filter by
    • Topics
      Select a topic to filter by.
    • Title
      Enter a keyword within the title

  • The digital.gov.au website is managed by the Digital Transformation Agency (DTA). In most instances, the DTA Privacy Officer will be the first point of contact for any queries, requests or issues relating to the site.

  • A privacy-by-design approach is built into digital.gov.au using best practice to comply with the Privacy Act. This approach embeds the latest security requirements, while providing for a fast, intuitive and inclusive user experience for all.

    This summary sets out key points about how digital.gov.au handles the collection of information, including personal or sensitive information.  

    Note: no information will be requested or published that is classified above Official Sensitive.

    When any information is collected, held, used, disclosed or stored, it is done so in accordance with the:

    More information can be found in the DTA's main privacy policy.

    Collection

    digital.gov.au may collect or hold personal information that is reasonably necessary for, or directly related to, the performance of its functions and activities. This may include your name, phone number, email and address and information about your interactions with the site through our services or the pages you visit.

    Note: Personal information will usually be collected directly from you, unless there is an exception in the Privacy Act that permits digital.gov.au to collect personal information from a third party.

    Site feedback

    There is the opportunity to make enquiries or provide feedback, commentary and comments throughout the site. This drive improvements and new features. No personal or identifying information is required from you to participate.

    Site interactions

    Some data may be collected that includes details about your interactions with digital.gov.au, site features or the pages you visit, for example Google Analytics, the Custom Satisfaction Tool, and so on. This is collected as de-identified information, with no capacity to trace the interactions back to you.

    Storage and protection

    All information received by the DTA is held in secure online systems. Physical access to our offices is restricted and limited to authorised personnel only. Staff have access to personal information on a need-to-know basis only.

    When personal information no longer needs to be retained as part of a Commonwealth record, it is generally destroyed in accordance with the Archives Act 1983.

    Use and disclosure

    Your personal information will primarily be used and disclosed for the purpose for which it was collected, unless you give your consent.

    However, there may be a requirement to use or disclose your personal information for another purpose in certain circumstances.

    For example, if required or permitted by law or for a purpose related to, or directly related to, the purpose of collection where you would reasonably expect that this to occur.

    Sometimes your personal information will be passed to other government agencies or organisations such as the Australian Taxation Office or Department of Home Affairs, including overseas governments or organisations, for the purpose of assisting with your enquiry or application.

    Access and correction

    You can request access to, or correction of, your personal information by contacting digital.gov.au using the details below.

    All request for access or correction will be actioned quickly, unless there is a sound reason under law to refuse.

    If your personal information is not corrected, reasonable steps will be taken to associate a statement with your file upon request.

    Complaints

    Your privacy is taken seriously. All efforts have been made to protect your personal information.

    To make a complaint about how your personal information is handled, please contact digital.gov.au using the details below.

    How to contact us

    • Telephone: 02 6120 8595 
    • Emailprivacy@dta.gov.au
    • Mail: Privacy Officer
      Digital Transformation Agency,
      PO Box 457
      Canberra City
      ACT 2601

    Privacy Impact Assessments

    The Australian Government Agencies Privacy Code requires agencies to conduct a Privacy Impact Assessment (PIA) for all high privacy risk projects. A high privacy risk project is one that involves a new or changed way of handling personal information that is likely to have a significant impact on the privacy of individuals.

    Currently there are no projects associated with this site, that have required a PIA. If this should occur in the future, it will be captured on this page as part of a digital.gov.au Register of Privacy Impact Assessments.

    A PIA is a systematic assessment of a project that identifies the impact that the project might have on the privacy of individuals. It sets out recommendations for managing, minimising or eliminating that impact.

    PIAs assess a project’s risk of non-compliance with privacy legislation and identifies controls to mitigate the risk. A PIA is much more than a simple compliance check. It should ‘tell the full story’ of a project from a privacy perspective, going beyond compliance to consider the broader privacy implications and risks, including whether the planned use of personal information in the project will be acceptable to the community. PIAs are key to building community trust and have a range of other benefits, such as demystifying the project and its objectives.

  • Historical training

    To get a copy of the following historical training, contact observatory@dta.gov.au

    • Google Analytics Privacy and Security Refresher
    • Google Cloud Platform Products
    • Future proofing for Google Analytics 4
    • Setting up your GA4 Report Library
    • Deep Dive into GA4 Reporting & Visualisations
    • Google Analytics 4 Event Tracking
    • Migrating Looker reports to GA4
    • Overview of Google Tag Manager
    • Campaign (UTM) Tracking in GA4
    • Deep dive into Looker Studio
    • What's new in GA4
    • Universal analytics data export

    Monthly training

    Find out more about monthly training and register for an upcoming event, visit Eventbrite.  

    Google training 

    Google offers a range of free training courses and certification programs from beginner to advanced levels.   
      
    Visit Google Marketing Platform Academy, Skill Shop and Google Cloud Courses to find out more.  

  • Managing Data Deletion Requests

    Why would you need to delete data?

    GA & your responsibilities

    • Managing accounts, properties, user access and data. It is a requirement under the Observatory Terms of Service to regularly review accounts and properties.
    • Ensuring that information captured in Google Analytics is not personally identifiable and that all employees and contractors comply with the Australian Privacy Principles and obligations under the Privacy Act 1988 (Cth).
    • Following the Observatory Terms of Service, Google Analytics Terms of Service and Google Cloud Platform Terms of Service information relating to privacy.
    • Undertaking an independent privacy threshold / impact assessment.
    • Compliance with the Information Security Manual (ISM), which includes not storing personal or sensitive information on Google Analytics or Google Cloud Platform Services, and protecting information from cyber threats.
    • Google is constantly changing and while we do our best to keep you informed, it is your responsibility to monitor for product, privacy and security updates which may impact your privacy and security assessments and agency risk tolerance.

    What is PII and where it can show up in GA4

    PII is any information that could be used on its own to directly identify, contact, or precisely locate an individual. This includes:

    • Email addresses
    • Mailing addresses
    • Phone numbers
    • Precise locations (such as GPS coordinates)
    • Full names or usernames

    PII may also include other types of information that are considered personal or sensitive under the Australian Privacy Act, such as:

    • A person’s name, signature, home address, email address, telephone number, personal IP address, date of birth
    • Health information, bank account details, credit information and employment details
    • Sensitive information’ (includes information or opinion about an individual’s racial or ethnic origin, political opinion, religious beliefs, sexual orientation or criminal record, provided the information or opinion otherwise meets the definition of personal information)

    Why you should care:

    • You are obligated to comply with the Privacy Act, as previously discussed, and to protect user privacy
    • Google policies mandate that no data be passed to Google that Google could use or recognise as PII
    • Continued collection of PII data in a GA4 property can result in suspension and/or permanent deletion of that property by Google
    • As such, it’s crucial you regularly check your property for PII and delete any data that may contain it

    In GA4, PII may occur in:

    • Page URLs and titles
    • Campaign (UTM) dimensions (e.g. Source, Medium, Keyword, Campaign, Content, Term)
    • Site search dimensions
    • Event dimensions (e.g. Event Name and Event Parameters)
    • Any other fields where users can input information, and this is sent to GA4
    • Custom dimensions, if using
    • User IDs, if using
    • Data imports, if using

    As GA4 records all URLs visited by users, it will also record URLs that potentially have PII in them. This can happen on forms, or any sections of a website where the user is required to provide information. If the user submits PII such as their email address, name, etc. as part of a form submission, site search, and so on, that data may be sent to GA4 (within a page URL, an event or custom dimension, and so on). While on-site design features and GA configurations can be used to limit such vulnerabilities, individual agency Privacy Notices should clearly outline the type of data that could be collected, and also call out any potential inadvertent mechanisms for data collection.

    How to access the data deletion feature and what are the prerequisites?

    To access the data deletion feature in GA4, you need to have Editor or Admin access to the property. You can check your access level by going to Admin > Data Deletion Requests. If the option is greyed out, you do not have the required access level.

    If you have the required access level, you can click on Data Deletion Requests and then click on Schedule Data Deletion Request to start the process.

    How to make a data deletion request step-by-step

    There are four steps to make a data deletion request in GA4:

    1. Select the deletion type
    2. Select the deletion range
    3. Select the deletion filter
    4. Confirm the data deletion request

    Let’s go through each step in detail.

     

  • Step 1: Select the deletion type

    This is where you need to specify what type of data you want to delete from your GA4 property. There are four options to choose from:

    • Delete all parameters on all events
    • Delete all registered parameters on selected events
    • Delete all selected parameters on all events
    • Delete selected registered parameters on selected events
    • Delete selected user properties

    To understand these options, you need to have a basic understanding of the GA4 data structure, which consists of events and event parameters, and users and user properties.

    Events and event parameters

    Events are any user action on your site/app that is tracked in GA4. These can include page views, link clicks, downloads, video plays, or form submissions, and more. Event parameters are additional information that is associated with each event, such as the page title, page URL, link URL, engagement time, etc. For example, a page_view event fires each time a page is viewed on your site, and it may have parameters such as page_location, page_referrer, and page_title.

    Users and user properties

    Users are individual people who visit your site/app and are tracked in GA4. User properties are attributes that describe each user, such as their country, browser, language, device category, etc. For example, a user may have a user property of country with a value of Australia. User properties can also be customised to capture specific information about your users, such as their preferences, interests, or behaviours.

    Deletion type options

    Depending on what type of data you want to delete, you can choose one of the following options:

    • Delete all parameters on all events: This option will remove all the event parameters from all the events in your GA4 property. This means you will lose all the context and details about the events that happened on your site/app. You will only know how many events of each type occurred, but not any other information about them. This option is not recommended unless you want to delete all your data.
    • Delete all registered parameters on selected events: This option will remove all the event parameters from the events that you select in your GA4 property. This means you will lose all the context and details about the selected events that happened on your site/app. You will only know how many events of the selected types occurred, but not any other information about them. This option may be useful if you want to delete data from specific events that are not relevant or useful for your analysis.
    • Delete all selected parameters on all events: This option will remove the event parameters that you select from all the events in your GA4 property. This means you will lose some of the context and details about all the events that happened on your site/app. You will still know how many events of each type occurred, and some information about them, but not the information that is contained in the selected parameters. This option is recommended if you want to delete data that may contain PII or other unwanted data, such as page URLs, link URLs, site search terms, etc.
    • Delete selected registered parameters on selected events: This option will remove the event parameters that you select from the events that you select in your GA4 property. This means you will lose some of the context and details about the selected events that happened on your site/app. You will still know how many events of the selected types occurred, and some information about them, but not the information that is contained in the selected parameters. This option may be useful if you want to delete data that is specific to certain events, such as custom dimensions, custom parameters, etc.
    • Delete selected user properties: This option will remove the user properties that you select from all the users in your GA4 property. This means you will lose some of the attributes that describe your users, such as their country, browser, language, device category, etc. You will still know how many users visited your site/app, and some information about them, but not the information that is contained in the selected user properties. This option may be useful if you want to delete data that may contain PII or other unwanted data, such as user IDs, custom user properties, etc.
    Off
  • Step 2: Select the deletion range

    This is where you need to specify the time range for the data deletion request. You can choose a start date and an end date for the deletion, or select all time to delete all the data in your GA4 property. The time range must be within the data retention period of your GA4 property, which is usually 14 months by default. You can check your data retention settings by going to Admin > Data Settings > Data Retention.

    Off
  • Step 3: Select the deletion filter

    This is where you need to specify the filter for the data deletion request. You can choose to delete data from all streams in your GA4 property, or select specific streams to delete data from. Streams are the sources of data that are sent to your GA4 property, such as your website, app, or Firebase project. You can check your streams by going to Admin > Data Streams.

    If you choose to delete data from specific streams, you can also apply additional filters to narrow down the data deletion request. You can filter by:

    • Event name: The name of the event that you want to delete data from, such as page_view, click, scroll, etc.
    • Event parameter name: The name of the event parameter that you want to delete data from, such as page_location, link_url, engagement_time_msec, etc.
    • Event parameter value: The value of the event parameter that you want to delete data from, such as [URL], mailto:info@example.com, 3000, etc.
    • User property name: The name of the user property that you want to delete data from, such as country, browser, language, device_category, etc.
    • User property value: The value of the user property that you want to delete data from, such as Australia, Chrome, English, desktop, etc.

    You can use the filter operators to match the exact value, or use the contains, starts with, or ends with operators to match partial values. You can also use the and/or operators to combine multiple filters.

    Off

Connect with the digital community

Share, build or learn digital experience and skills with training and events, and collaborate with peers across government.

Join the Digital Profession