You will be required to comply with the Australian Privacy Principles (APPs) if you intend to handle or collect personal / sensitive information. Subject to some exceptions, you will be required to comply with the Australian Privacy Principles if you are a:
- Australian or Norfolk Island Government agency
- private sector and not-for-profit organisations with an annual turnover of more than $3 million
- private health service provider
- small business.
While the APPs are not prescriptive, each APP entity needs to consider how the principles apply to its own situation. The principles cover:
- an individual having the option of transacting anonymously or using a pseudonym where practicable
- the collection of solicited personal information and receipt of unsolicited personal information including giving notice about collection
- how personal information can be used and disclosed (including overseas)
- maintaining the quality of personal information
- keeping personal information secure
- right for individuals to access and correct their personal information.
Please consult the Contact Officer for more information and to ascertain the level of compliance (if any) that may be required.