SCHEDULE 1
-
AUSTRALIAN PRIVACY PRINCIPLES
Note: See section
14
.
History
Sch 1 amended by No 128 of 2024, s 3 and Sch 1 item 34, applicable in relation to information held after 11 December 2024, regardless of whether the information was acquired or created before or after 11 December 2024; No 128 of 2024, s 3 and Sch 1 items 37 and 38, applicable in relation to information disclosed after 11 December 2024, regardless of whether the information was acquired or created before or after 11 December 2024.
Sch 1 amended by No 154 of 2020, s 3 and Sch 3 items 73 and 74, effective 17 June 2021. For application provisions, see note under s
6(5)
.
Sch 1 substituted by No 197 of 2012; amended by No 127 of 2019, s 3 and Sch 1 item 13.
Overview of the Australian Privacy Principles
Overview
This Schedule sets out the Australian Privacy Principles.
Part 1 sets out principles that require APP entities to consider the privacy of personal information, including ensuring that APP entities manage personal information in an open and transparent way.
Part 2 sets out principles that deal with the collection of personal information including unsolicited personal information.
Part 3 sets out principles about how APP entities deal with personal information and government related identifiers. The Part includes principles about the use and disclosure of personal information and those identifiers.
Part 4 sets out principles about the integrity of personal information. The Part includes principles about the quality and security of personal information.
Part 5 sets out principles that deal with requests for access to, and the correction of, personal information.
Australian Privacy Principles
The Australian Privacy Principles are:
•
Australian Privacy Principle 1
-
open and transparent management of personal information
•
Australian Privacy Principle 2
-
anonymity and pseudonymity
•
Australian Privacy Principle 3
-
collection of solicited personal information
•
Australian Privacy Principle 4
-
dealing with unsolicited personal information
•
Australian Privacy Principle 5
-
notification of the collection of personal information
•
Australian Privacy Principle 6
-
use or disclosure of personal information
•
Australian Privacy Principle 7
-
direct marketing
•
Australian Privacy Principle 8
-
cross-border disclosure of personal information
•
Australian Privacy Principle 9
-
adoption, use or disclosure of government related identifiers
•
Australian Privacy Principle 10
-
quality of personal information
•
Australian Privacy Principle 11
-
security of personal information
•
Australian Privacy Principle 12
-
access to personal information
•
Australian Privacy Principle 13
-
correction of personal information
PART 4
-
INTEGRITY OF PERSONAL INFORMATION
10
Australian Privacy Principle 10
-
quality of personal information
10.1
An APP entity must take such steps (if any) as are reasonable in the circumstances to ensure that the personal information that the entity collects is accurate, up-to-date and complete.
10.2
An APP entity must take such steps (if any) as are reasonable in the circumstances to ensure that the personal information that the entity uses or discloses is, having regard to the purpose of the use or disclosure, accurate, up-to-date, complete and relevant.