What is the Privacy Act?
The Privacy Act 1988 (Privacy Act) is Australian legislation that protects the way your personal information is handled.
Australian privacy principles
The Privacy Act contains 13 Australian Privacy Principles (APPs). The APPs regulate how we collect, store, provide access to and use personal information.
1. Open and transparent management of personal information
2. Anonymity and pseudonymity
Notes that people must be given the option to remain anonymous or use a pseudonym, except in limited cases.
3. Collection of solicited personal information
Outlines when solicited personal information can be collected. It enforces higher standards for sensitive information.
4. Dealing with unsolicited personal information
Determines how unsolicited personal information is dealt with.
5. Notification of personal information collection
Highlights when and what you must be told about when your information is collected.
6. Use or disclosure of personal information
Outlines the way and times that your personal information can be used or disclosed.
7. Direct marketing
Explains that personal information can only be used for direct marketing in certain circumstances.
8. Cross-border disclosure of personal information
Outlines what needs to be done to protect your personal information before it's disclosed overseas.
9. Adoption, use or disclosure of government related identifiers
Specifies when your government-related identifier can be used and disclosed by a government department or third party.
10. Quality of personal information
Requires that stringent measures are taken to ensure the accuracy and quality of personal information before it's disclosed to other parties.
11. Security of personal information
Ensures your personal information is protected from misuse, interference, loss, unauthorised access, modification and disclosure. It also details circumstances where personal information should be destroyed or de-identified.
12. Access to personal information
Describes how your requests to access your personal information must be handled.
13. Correction of personal information
Specifies how requests to correct the personal information must be handled.
an applicant of an intellectual property (IP) right
an owner of an IP right
an attorney or agent for an applicant or owner
an individual whose personal information may be given to, or held, by IP Australia
a contractor, consultant, supplier or vendor of goods or services to IP Australia
a person seeking employment with IP Australia
an IP Australia employee.
Your personal information
We collect personal information about you only when it's necessary for, or directly related to, our functions or activities.
We're committed to protecting your personal details and the security of your information.
How we handle your information
We don't give your personal information to other government agencies or private-sector organisations unless one of the following applies:
You've given us your permission.
You're aware that information of this kind is usually passed to those bodies or agencies.
The disclosure is required or authorised by law (such as our IP rights legislation).
It's a special situation that:
will prevent or lessen a serious and imminent threat to somebody's life, health or safety
relates to suspected unlawful activity or serious misconduct.
We only disclose personal information to overseas recipients:
with your consent
where legally authorised
when required by an international treaty or convention.
When personal information is no longer required, we destroy or delete it in a secure manner.
How we use your information online
We use a number of online platforms and third party software as part of our business operations. They allow us to:
monitor the performance of our systems
improve our online customer experience
communicate with you.
Dynatrace application performance monitoring (APM) platform
Our online services platform uses Dynatrace Application Performance Monitoring (APM) to monitor technical faults. This allows our systems support team to quickly rectify issues and identify improvements.
Dynatrace doesn't collect personally identifiable information.
Clickstreams record your path when navigating a web page or the internet.
When you visit our website, our internet service provider (ISP) makes a record of your visit and logs your clickstream information.
We use this information to see what pages you've visited on our website. We analyse it to improve overall customer experience, establish priorities and allocate resources.
We don't identify you or your browsing activities, except if a law enforcement agency provides a warrant to inspect our ISP logs as part of an official investigation.
We use Survey Monkey to administer online surveys. These surveys use third party cookies.
Neither we or Qualtrics retain control over, or access to, the information supplied by the cookies to third parties.
You can find out how to amend your cookie setting to suit your preferences in Qualtrics privacy statement and Qualtrics Cookie Statement.
Google Analytics doesn't track any application processes or procedures from online services.
We have a number of subscription-based email lists to keep you informed about what's happening at IP Australia. If you choose to subscribe to any of these lists, you'll need to provide us with personal information such as your contact details and email address. We don't share this information with anyone.
SpendConsole is a cloud-based supplier invoice management and compliance system that supports Pan-European Public Procurement On-Line (PEPPOL) invoicing standards and provides some automation to IP Australia’s Accounts Payable processes.
Any personal information you provide and stored in SpendConsole will be used for the purposes of:
processing and paying invoices received via any channel (including PEPPOL, email or mail)
managing vendor information/records
maintaining financial records.
how you may seek access to and correction of the personal information we hold
how we protect your personal information
how you may make a complaint about a breach of the Privacy Act and how we'll deal with your complaint
the contact details for IP Australia’s Privacy Contact Officer.
IP Australia will not otherwise use or disclose your personal information without your consent, unless authorised or required by or under law, and will also not disclose any personal information collected through this process to any overseas recipients.
If you don't consent to your personal information being handled in the manner described above, please contact the Assistant Director Accounting Operations at email@example.com.
How we handle high privacy risk projects
Under the Privacy (Australian Government Agencies – Governance) APP Code 2017 (Cth) (APP Code), we're required to conduct a privacy impact assessment (PIA) for each high privacy risk project.
|Date of completion
|TM-Link — release 1
|Smart trade mark
|RIO auto user provisioning
|Performance management system and recruitment system
|Customer satisfaction survey
|Digital access service
|Transactional digital services party address book
|Patent landscape reports
|Business intelligence and analytics platform
|New support ticket portal
|Adobe Acrobat update
|New fax system
|Transactional digital services – web build
|Interactive voice response
|Contact centre transition
|ICT advisory services (DTA Marketplace)
|LXP learning experience platform (replacing Learnhub)
|ServiceNow ITMS tool (replacing LANdesk)
|EDRMS Replacement Project (Recordpoint replacing BRIK)
|360 degree feedback survey for ITG directors
Last updated 29 June 2023.