The Department of Education (the department) is bound by the Information Privacy Principles (IPPs) under the Privacy Act 1988 with respect to the collection, use and disclosure of personal information. The department also follows the Guidelines for Federal and ACT Government Websites published by the Office of the Australian Information Commissioner and available on the Office of the Australian Information Commissioner's website.
Collection and use of personal information
Generally, the department collects personal information in order to properly and efficiently carry out its functions, and only uses personal information for the purposes for which it was given to the department and for directly related purposes (unless otherwise required by or authorised under law).
Communication - emails and electronic forms
The department's servers may record a website viewer's email address if a message is sent to the department online. Email addresses will not be added to mailing lists unless users have provided it to the department in order to subscribe to one of the department's subscription services, such as the Site Change Subscription Service or Media Subscription Service.
Where users choose to send the department a completed electronic form that includes personal details, the department collects personally identifiable information such as names, addresses and email addresses.
The information collected by email or electronic forms will be used only for the purpose for which users provide it and the department will not disclose it unless one of the circumstances described below under the heading ‘Information sharing’ has been satisfied. Where users send the department a message online, the department will use the information provided to process enquiries and may provide that information to third parties including higher education providers and other related entities for the purpose of responding to enquiries.
Log information (browsing)
When the department's online services are used, servers automatically record information that each user's browser sends whenever a website is visited. These server logs may include information such as server addresses, top level domain names (for example, .com, .gov, .au, .uk, etc.), dates and times of website visits, pages accessed and documents viewed, previous sites visited, browser type, browser language, and one or more cookies that may uniquely identify a particular browser.
Access and alteration of records containing personal information
When personal information is provided in relation to the department's services, the department will allow access to that personal information and will correct personal information if it is inaccurate (subject to restrictions on such access/alteration of records under the applicable provisions of any law of the Commonwealth). The Freedom of Information Act 1982 also provides website visitors with an opportunity to request access to documents in the possession of the department.
The department only discloses personal information to third parties in the following circumstances:
- where users are reasonably likely to have been aware, or made aware by way of a privacy notice, that personal information is usually passed to the relevant parties
- where users have consented
- where the department believes on reasonable grounds that the disclosure is necessary to prevent or lessen a serious and imminent threat to a user's life or health or that of another person
- where the disclosure is required or authorised by or under law, or
- where the disclosure is reasonably necessary for the enforcement of the criminal law or of a law imposing a pecuniary penalty, or for the protection of the public revenue.
The department takes all reasonable steps:
- to protect the personal information that it holds against loss, against unauthorised access, use, modification or disclosure and against other misuse
- to ensure that, where the department has given personal information to a contractor (that carries out service for the department), that contractor complies with the Information Privacy Principles in the Privacy Act 1988.
The department takes reasonable steps to make sure that the personal information it collects and stores is accurate, relevant, up to date, complete and not misleading.
Privacy Contact Officer
Legal and Investigations Group
Department of Education
GPO BOX 9880
Canberra ACT 2601
Changes to the Privacy Act 1988