Security

Web privacy statement

The Privacy Act 1988 defines personal information as meaning information or an opinion about an identified individual, or an individual who is reasonably identifiable: whether the information or opinion is true or not; and whether the information or opinion is recorded in a material form or not.

This website is managed by the Department. We take our obligation to protect your privacy seriously.

The Privacy Act 1988 is the key law designed to protect your rights and prevent misuse of your personal information collected by government agencies such as this department.

Also, information received by us is protected from unauthorised use and disclosure by virtue of specific provisions in the Migration Act 1958Crimes Act 1914Public Service Act 1999 and the Public Service Regulations 1999.

A breach of these laws might incur criminal and/or civil liability.

We might collect personal information from you when you visit this site. You can generally visit this site without telling us who you are, unless you choose to provide such information.

Our website contains links to other sites. We are not responsible for the content and the privacy practices of other websites and we encourage you to read each sites privacy policy.

Security of information

We operate under the Protective Security Framework (PSPF), published by the Attorney-Generals Department, which provides direction on our information security management policies.

The PSPF ensures that:

  • all official information is safeguarded to ensure its confidentiality, integrity, and availability by applying safeguards so that:
    • only authorised people, using approved processes, access information
    • information is only used for its official purpose, retains its content integrity, and is available to satisfy operational requirements
    • information is classified and labelled as required.
  • all information created, stored, processed, or transmitted in or over government information and communication technology (ICT) systems is properly managed and protected throughout all phases of a systems life cycle, in accordance with the protocols and guidelines set out in the PSPF, which includes the Australian Government Information Security Manual, produced by the Australian Signals Directorate.

Site visit data

A record of each visit to our site is logged. Information is recorded for statistical purposes and is used by us to monitor the use of the site, discover what information is most and least accessed and to make the site more useful.

The information we log when you access our website includes:

  • your IP or server address
  • the date and time of your visit to the site
  • the pages or files accessed by you
  • your operating system
  • your web browser version and type
  • the time taken to transmit the information to you
  • the previous internet address from which you were referred to our website.

The information we collect is analysed to show broken links on our website, bottlenecks, and other site problems. We use this information to maintain the site for efficient use.

We might also collect information about the IT device you use. This information could be used to identify you to assist us to carry out our functions and activities.

Cookies

We use cookies for maintaining contact with a user through a website session. An explanation of what cookies are and how they work can be found at the site of the Privacy Commissioner. Cookies allow us to recognise the sequence of connections from browsers as they access our website.

We use two cookie types - session cookies and persistent cookies.

Session cookies

These files are used only for the duration of a web browser session with our website. All cookies will be immediately removed when you end your internet session or shut down your computer. Our copy of your information will be automatically deleted twenty minutes after you have last used our system.

This information is only used to help you use our website systems more efficiently, not to track your movements through the internet, or to record your personal information.

Persistent cookies

These files stay in one of your browser subfolders until you delete them manually or your browser deletes them based on the duration period contained within the persistent cookie’s file (usually beyond the termination of the current session).

No personal information is stored within cookies used by our website. No attempt will be made to identify anonymous users or their browsing activities unless we are legally compelled to do so.

Qualtrics

We use Qualtrics, a third party software supplier, to administer online surveys to help us improve our services.

Access to survey response data is tightly controlled and restricted to nominated Departmental personnel.

Data collected by Qualtrics is securely collected and managed onshore in Australia in accordance with their privacy statement and cookie statement.

Further information

You can find more information on the Privacy Commissioners website.

You can also view our Privacy Policy for more information about how we manage the personal information we collect and the information flows associated with that personal information.

If at any time you believe we have not adhered to the principles referred to in this privacy statement, contact us through our online form.

The Privacy Officer will only respond to queries on privacy matters. Enquiries about other matters will not be answered.