Privacy Policy
About this policy
This Privacy Policy describes how the Department of Social Services (we, our, us) handles your personal information, including sensitive information, consistent with our obligations under the:
- Privacy Act 1988(Opens in a new tab/window) (Privacy Act), including the Australia Privacy Principles (APPs)
- the Australian Government Agencies Privacy Code(Opens in a new tab/window) (Privacy Code).
About our department
We have responsibility for a range of subjects. Learn more about our work.
We also have responsibility for the Community Grants Hub(Opens in a new tab/window) and the National Redress Scheme(Opens in a new tab/window) which have their own Privacy Policies.
What information we collect
We collect personal information when it is reasonably necessary for, or directly related to, our functions or activities. We may collect your personal information if you are:
- an individual whose personal information may be given to or held by us
- a service provider funded to deliver services under a grant agreement with us
- a contractor, consultant, supplier or vendor of goods or services to us
- a person seeking employment with us, or who is or was employed by us (or its predecessor agencies).
We will only collect sensitive information about you if:
- you consent
- the collection is authorised or required by law, or
- the collection is otherwise allowed under the Privacy Act.
The kinds of personal and sensitive information we may collect can include information about the following.
Remaining anonymous or using a pseudonym
Members of the public have the right to contact us without sharing their identity. They can also contact us using a pseudonym (like your initials only or an alias).
Sometimes, we will need to know your identity so we can assist you. We will let you know if this is the case.
How we collect and hold your personal information
We collect personal information in different ways, including:
- websites we own and administer
- electronic forms
- paper forms
- telephone, email and fax
- face to face, surveys and studies
- our social media channels
- Data Exchange website data sharing, matching or linking
- virtual assistants (chatbots).
Most of the time, we collect personal information directly from you. Sometimes, we may collect personal information about you from a third party (such as our grant providers or other Commonwealth and state and territory government agencies) to perform our functions or activities. We will only collect your personal information from a third party if permitted by the Privacy Act and other relevant laws (such as secrecy laws).
Unsolicited information
From time to time, we may receive personal information we did not ask to receive. If this happens, we will handle this information in accordance with the Privacy Act.
Why we collect, hold, use and disclose personal information
We collect and hold personal information for a variety of different purposes relating to our functions and activities, including:
- performing our functions and activities
- employment and personnel functions
- policy development, research and evaluation
- handling complaints and public enquires
- program management
- grant and contract management
- investigations and audits, fraud and compliance.
How we use and disclose personal information
Generally, we will only use and disclose your personal information for the same purposes for which we collected your information (the primary purpose of collection). We will give you information about the primary purpose when we collect your information.
Sometimes, we may use or disclose your personal information for another secondary purpose. We will only use and disclose your personal information for a secondary purpose with your consent, or where permitted by the Privacy Act or other relevant laws (such as secrecy laws).
Disclose to overseas recipients
Occasionally, we may provide personal information to overseas recipients, including to:
- overseas researchers or consultants (with consent or where allowed by law)
- recipients using a web-based email account where data is stored on an overseas server
- foreign governments and law enforcement agencies (where allowed by law)
Our contracted ICT service providers may access information provided through forms on the site as part of their role in the management of our websites. This includes our complaints and feedback forms.
When you communicate with us through a social network service such as Facebook or LinkedIn, the social network provider and its partners may collect and hold your personal information overseas.
Additionally, certain tools, such as Google Analytics and Google reCAPTCHA will store data overseas on Google’s servers. Read about how Google Analytics collects and stores data(Opens in a new tab/window) from our sites.
Using websites we own and administer
When you visit and use websites we own or administer, we record the following technical information for statistical and development purposes and improving our websites:
- IP or server address
- general locality
- information about your device and web browser
- date and time of site visit
Our websites use Google Analytics, a service which transmits website traffic data to Google servers outside of Australia. Google Analytics data is also shared with the Department of Finance.
We do not attempt to identify users or their browsing activities except in exceptional circumstances, such as an investigation into the improper use of our website.
You can reduce the information we collect about your interactions by using privacy tools similar to Google Analytics opt-out browser add-on(Opens in a new tab/window).
External sites and third parties
We use third parties and their online tools to run some of our website functionality. Such third-party tools include:
- Website analytics tools such as Google Analytics, that help us to collect data about how you interact with our website. This information will not ordinarily be personal information because you will not be identified or reasonably identifiable from it.
- Antispam tools such as Google reCAPTCHA, to distinguish a real user from bots. The tool may collect data about how you interact with the website and its forms and may be stored on Google’s servers outside of Australia. Content that you enter in the department’s online forms will not be collected through this tool.
- Mailing list tools such as Swift Digital, that help us to manage our communication with you and how you interact with that communication.
- Event management tools such as Eventbrite, to facilitate your attendance at events that we host.
- Social media outlets such as LinkedIn, YouTube, and Facebook.
Wherever possible, we have taken contractual measures to ensure that these third parties only use your personal information for the purposes of delivering their services to us (for example Swift Digital and Eventbrite). There are times that we would not be able to control the way that they handle your personal information and we encourage you to review their privacy statements separately (for example in the case of the social media platforms).
Cookies
We use cookies to recognise and maintain a website session for an individual user. A cookie is a small file supplied by us, and stored by your web browser when you access websites owned and administered by us. You may disable cookies by adjusting the settings on your web browser, but if you do this, you may not be able to use the full functionality of websites owned and administered by us.
How we store and protect your personal information
We take reasonable steps to protect your personal information from misuse, interference, loss, and from unauthorised access, modification or disclosure. This includes the following.
Notifiable Data Breach Scheme
We take seriously and deal promptly with any accidental or unauthorised disclosure of personal information. We are subject to the Notifiable Data Breaches Scheme (NDB Scheme) under the Privacy Act. We will handle any suspected or actual data breach in accordance with the requirements of the NDB Scheme and the Privacy Act.
Secrecy laws
Our staff are bound by secrecy provisions that regulate certain information we collect under the laws we administer. Secrecy provisions contain rules for the collection, use and disclosure of information (which may include personal information) governed by the relevant legislation. These rules operate alongside the rules in the Privacy Act.
How to access or correct your personal information
Where we hold your personal information, you have the right to access that information or correct that information if that information is inaccurate, out of date, incomplete, irrelevant or misleading.
If you wish to access or seek a correction of your personal information, contact us.
In some circumstances, we may be unable to provide access or correct your information. In that case, we will write to you and explain our decision.
You can also request access to documents held by us under the Freedom of Information Act 1982 (FOI Act). You can also make an application for amendments or annotation of a document that we hold and contains your personal if the information is incomplete, incorrect, out of date or misleading and is available for, has been or is being used for administrative purposes. Find out more about making an FOI request.
How to make a privacy complaint
If you wish to make a complaint about our handling of your personal information, you can contact us using the contact details below. We will respond to your complaint quickly, and work with you to resolve your complaint. We will keep you updated on the progress of your complaint.
If you are not happy with our response to your complaint, you may make a complaint to the Office of the Australian Information Commissioner (OAIC) by calling 1300 363 992 or visiting the OAIC website(Opens in a new tab/window).
Usually, the OAIC recommend you try to resolve your complaint with us first.
Contact us
You can contact us to:
- ask for access to or correction of your personal information
- make a privacy complaint
- ask a question about this policy or about how we handle your personal information
- access this policy in an alternative format (free of charge).
Online: fill in our feedback form
Email: complaints@dss.gov.au
Call: 1800 634 035
Write to:
DSS Feedback
GPO Box 9820
Canberra ACT 2601
This Privacy Policy will be reviewed regularly and updated as required. This privacy document is current as at 20 November 2024.