PRIVACY ACT 1988

SCHEDULE 1 - AUSTRALIAN PRIVACY PRINCIPLES  

Note: See section 14 .


Overview of the Australian Privacy Principles
Overview

This Schedule sets out the Australian Privacy Principles.

Part 1 sets out principles that require APP entities to consider the privacy of personal information, including ensuring that APP entities manage personal information in an open and transparent way.

Part 2 sets out principles that deal with the collection of personal information including unsolicited personal information.

Part 3 sets out principles about how APP entities deal with personal information and government related identifiers. The Part includes principles about the use and disclosure of personal information and those identifiers.

Part 4 sets out principles about the integrity of personal information. The Part includes principles about the quality and security of personal information.

Part 5 sets out principles that deal with requests for access to, and the correction of, personal information.

Australian Privacy Principles

The Australian Privacy Principles are:

  • · Australian Privacy Principle 1 - open and transparent management of personal information
  • · Australian Privacy Principle 2 - anonymity and pseudonymity
  • · Australian Privacy Principle 3 - collection of solicited personal information
  • · Australian Privacy Principle 4 - dealing with unsolicited personal information
  • · Australian Privacy Principle 5 - notification of the collection of personal information
  • · Australian Privacy Principle 6 - use or disclosure of personal information
  • · Australian Privacy Principle 7 - direct marketing
  • · Australian Privacy Principle 8 - cross-border disclosure of personal information
  • · Australian Privacy Principle 9 - adoption, use or disclosure of government related identifiers
  • · Australian Privacy Principle 10 - quality of personal information
  • · Australian Privacy Principle 11 - security of personal information
  • · Australian Privacy Principle 12 - access to personal information
  • · Australian Privacy Principle 13 - correction of personal information
  • PART 2 - COLLECTION OF PERSONAL INFORMATION  

    5   Australian Privacy Principle 5 - notification of the collection of personal information  

    5.1  
    At or before the time or, if that is not practicable, as soon as practicable after, an APP entity collects personal information about an individual, the entity must take such steps (if any) as are reasonable in the circumstances:


    (a) to notify the individual of such matters referred to in subclause 5.2 as are reasonable in the circumstances; or


    (b) to otherwise ensure that the individual is aware of any such matters.

    5.2  
    The matters for the purposes of subclause 5.1 are as follows:


    (a) the identity and contact details of the APP entity;


    (b) if:


    (i) the APP entity collects the personal information from someone other than the individual; or

    (ii) the individual may not be aware that the APP entity has collected the personal information;
    the fact that the entity so collects, or has collected, the information and the circumstances of that collection;


    (c) if the collection of the personal information is required or authorised by or under an Australian law or a court/tribunal order - the fact that the collection is so required or authorised (including the name of the Australian law, or details of the court/tribunal order, that requires or authorises the collection);


    (d) the purposes for which the APP entity collects the personal information;


    (e) the main consequences (if any) for the individual if all or some of the personal information is not collected by the APP entity;


    (f) any other APP entity, body or person, or the types of any other APP entities, bodies or persons, to which the APP entity usually discloses personal information of the kind collected by the entity;


    (g) that the APP privacy policy of the APP entity contains information about how the individual may access the personal information about the individual that is held by the entity and seek the correction of such information;


    (h) that the APP privacy policy of the APP entity contains information about how the individual may complain about a breach of the Australian Privacy Principles, or a registered APP code (if any) that binds the entity, and how the entity will deal with such a complaint;


    (i) whether the APP entity is likely to disclose the personal information to overseas recipients;


    (j) if the APP entity is likely to disclose the personal information to overseas recipients - the countries in which such recipients are likely to be located if it is practicable to specify those countries in the notification or to otherwise make the individual aware of them.




    This information is provided by CCH Australia Limited Link opens in new window. View the disclaimer and notice of copyright.