Privacy Act 1988
Note: See section 14 .
View history note
Hide history noteOverview of the Australian Privacy Principles
Overview
This Schedule sets out the Australian Privacy Principles.
Part 1 sets out principles that require APP entities to consider the privacy of personal information, including ensuring that APP entities manage personal information in an open and transparent way.
Part 2 sets out principles that deal with the collection of personal information including unsolicited personal information.
Part 3 sets out principles about how APP entities deal with personal information and government related identifiers. The Part includes principles about the use and disclosure of personal information and those identifiers.
Part 4 sets out principles about the integrity of personal information. The Part includes principles about the quality and security of personal information.
Part 5 sets out principles that deal with requests for access to, and the correction of, personal information.
Australian Privacy Principles
The Australian Privacy Principles are:
The object of this principle is to ensure that APP entities manage personal information in an open and transparent way.
Compliance with the Australian Privacy Principles etc.
1.2
An APP entity must take such steps as are reasonable in the circumstances to implement practices, procedures and systems relating to the entity ' s functions or activities that:
(a) will ensure that the entity complies with the Australian Privacy Principles and a registered APP code (if any) that binds the entity; and
(b) will enable the entity to deal with inquiries or complaints from individuals about the entity ' s compliance with the Australian Privacy Principles or such a code.
APP Privacy policy
1.3
An APP entity must have a clearly expressed and up-to-date policy (the APP privacy policy ) about the management of personal information by the entity.
1.4
Without limiting subclause 1.3, the APP privacy policy of the APP entity must contain the following information:
(a) the kinds of personal information that the entity collects and holds;
(b) how the entity collects and holds personal information;
(c) the purposes for which the entity collects, holds, uses and discloses personal information;
(d) how an individual may access personal information about the individual that is held by the entity and seek the correction of such information;
(e) how an individual may complain about a breach of the Australian Privacy Principles, or a registered APP code (if any) that binds the entity, and how the entity will deal with such a complaint;
(f) whether the entity is likely to disclose personal information to overseas recipients;
(g) if the entity is likely to disclose personal information to overseas recipients - the countries in which such recipients are likely to be located if it is practicable to specify those countries in the policy.
Availability of APP privacy policy etc.
1.5
An APP entity must take such steps as are reasonable in the circumstances to make its APP privacy policy available:
(a) free of charge; and
(b) in such form as is appropriate.
Note:
An APP entity will usually make its APP privacy policy available on the entity ' s website.
1.6
If a person or body requests a copy of the APP privacy policy of an APP entity in a particular form, the entity must take such steps as are reasonable in the circumstances to give the person or body a copy in that form.
This information is provided by CCH Australia Limited Link opens in new window. View the disclaimer and notice of copyright.