Key points to remember
- Some businesses in certain industries are required to disclose this information regardless of their size.
- health service providers
- businesses trading in personal information
- a contractor providing services under a Commonwealth contract
- a reporting entity for the purposes of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) (“AML/CTF Act”)
- an operator of a residential tenancy database
- a credit reporting body
- employee associations registered or recognised under the Fair Work (Registered Organisations) Act 2009 (Cth)
- businesses that conduct protection action ballots
- businesses that are related to a business that is covered by the Privacy Act 1988 (Cth)
- businesses prescribed by the Privacy Regulation 2013 (Cth)
- businesses that have opted into being covered by the Privacy Act 1988 (Cth)
- the kind of personal information that is collected and held;
- how the personal information is collected (both directly and indirectly) and held;
- the purpose for which the personal information is collected, held and used;
- how an individual may access information that is about them;
- how an individual may request correction of information that is about them;
- how an individual may complain about a breach of the APP or any APP codes;
- how the organisation will manage complaints of breaches;
- whether any personal information will likely be disclosed to overseas entities; and
- if practicable, which overseas countries will receive personal information.
How we can help
The above information may have been collected from relevant government websites or other sources and is subject to change. For the latest information regarding new or amended legislation or government policy, please refer to state and federal government websites.