Privacy

Privacy

Welcome to Defence's privacy page where you'll find the privacy policy, a version of the privacy impact assessment register and other useful information about privacy in Defence.

Defence Privacy Policy - overview

The complete Defence Privacy Policy is designed to inform individuals about the way Defence collects, stores, uses and discloses personal information. This policy also provides guidance about how you can access, or seek correction of, personal information held by Defence.

Who should read this privacy policy?

You should read this Privacy Policy if you:

• are, or are considering becoming:
• an Australian Defence Force (ADF) member;
• an Australian Public Service (APS) employee of Defence;
• a Defence civilian;
• a Defence locally engaged employee;
• an outsourced service provider, contractor or consultant to Defence; or
• a Cadet, Officer or Instructor of Cadets in the Australian Navy Cadets, Australian Army Cadets and the Australian Air Force Cadets.
• are involved in an Australian Government security clearance process, conducted by the Australian Government Security Vetting Agency (AGSVA), for example as a clearance subject or a referee;
• are seeking to export Defence strategic goods and technologies;
• seek a licence, permit or approval under Defence's legislative or regulatory framework; or
• are an individual whose personal information has been, or will be, collected or held by Defence.

The Australian Privacy Principles (APPs) contained in Schedule 1 of the Privacy Act 1988 (Privacy Act), regulate how Defence, as an APP entity, collects, holds, uses and discloses personal information.

Generally, Defence collects personal information about individuals within Defence, including:

• members of the ADF;
• Defence APS employees;
• Defence civilians;
• a Cadet, Officer or Instructor of Cadets in the Australian Navy Cadets, Australian Army Cadets and the Australian Air Force Cadets; and
• Defence locally engaged employees, and individuals external to Defence, including:
  • dependants, next of kin and emergency contacts of ADF members and Defence APS employees;
  • contractors, consultants and outsourced service providers;
  • candidates seeking entry into the ADF and prospective Defence APS employees;
  • individuals requiring an Australian Government security clearance, or otherwise involved or associated with a clearance process, undertaken by the Australian Government Security Vetting Agency (AGSVA);
  • people and agents of organisations doing business with Defence;
  • individuals involved in disciplinary proceedings, investigations and/or inquiries;
  • people seeking a licence, permit or approval under Defence's legislative or regulatory framework; and
  • people who make contact with Defence or the Minister for Defence.

Defence collects personal information both directly from the individual concerned, and from other persons, bodies or entities, including an individual's commander, manager and supervisor, and from specialist service providers, such as medical practitioners.

The purposes for which Defence collects personal information are outlined in Part 4.

You are entitled to request access to personal information Defence holds about you or to request correction of that information. Information about how to do this is provided in Part 7.

Enquires regarding the Defence Privacy Policy or Defence's privacy practices in general should be directed to the Defence Privacy Officer.

Detailed information on the APPs can be found on the website of the Office of the Australian Information Commissioner.

The Defence Privacy Policy is reviewed annually to ensure the information it contains is accurate, complete, relevant and up-to-date.

Defence website privacy statement

Visiting our website

When you access the Department of Defence's web servers, the following information is logged:

• the visitor's machine unique Internet Protocol (IP) address;
• the visitor's domain name (for example .com, .gov, .au, .uk, etc);
• the date and time of the visit to the site;
• the pages accessed and documents downloaded;
• the previous site visited; and
• the type of website browser used.

This information is primarily used for statistical purposes. However, this information may also be disclosed to an Australian Federal, State or Territory investigative authority to support investigations.

Sending us emails

When you send Defence an email, our email servers will collect and hold your email address and the content of the email for the purpose of responding to your enquiry and, where necessary, taking subsequent action. Your email address will not be added to a mailing list unless supplied for that reason. If you fail to provide all relevant information in your email, Defence's ability to respond to your enquiry will be limited.

Privacy Impact Assessment Register

A privacy impact assessment is a systematic assessment of a project that identifies the impact that the project might have on the privacy of individuals, and sets out recommendations for managing, minimising or eliminating that impact.

Defence as a Commonwealth agency has an obligation to conduct a privacy impact assessment (PIA) for all high privacy risk projects. Conducting PIAs helps Defence to ensure privacy compliance and identify better practice within the organisation.

Defence is also obligated to maintain an internal register of the PIAs [XLS-20KB] it conducts and publish a version of the register on the Departmental website.

Further information

For information about how Defence holds your personal information, how you can apply for access to, or seek a correction of personal information Defence holds about you, or to make a complaint about how Defence has managed your personal information, you should refer to the Defence Privacy Policy.

Questions regarding the Defence Privacy Policy, or privacy within Defence, should be emailed to the Defence Privacy Office or sent via regular mail to:

Defence Privacy Office
BP35-1-065
PO Box 7927
CANBERRA BC ACT 2610

Additional Resources

• Office of the Australian Information Commissioner
• The Privacy Act 1998
• Australian Government Agencies Privacy Code
• The Notifiable Data Breaches scheme
• Guide to undertaking privacy impact assessments
• The Privacy Impact Assessment eLearning course