Sign in
Privacy Policy AU Inc.

Australia Privacy Policy —

Privacy Policy for Australian Citizens

Effective November 17, 2023
This AU Privacy Policy supplements the main Privacy Policy available at

Australia Federal Privacy Act

The Privacy Act 1988 (Cth) applies to Federal Government agencies and to private organizations (APP Entities) that, among other things, (a) handle personal (including health and other sensitive information) and (b) do business in Australia.

The Privacy Amendment (Enhancing Privacy Protection) Act 2012 made changes to the 1988 Act and was in force on 12 March 2014.

There is an active review by the Attorney-General regarding changes to the Privacy Act to bring it current with the modern digital age. The AU government is seeking feedback on scores of proposals and a new privacy law may be proposed by the end of 2023.

The Privacy Act includes 13 Australian Privacy Principles (APPs) that set out (a) binding standards and obligations that APP Entities must meet and (b) rights of individuals in relation to handling, holding, accessing, collecting, using, disclosing, storing and correcting personal information.

The APPs are principles-based law, which provides APP Entities with a degree of flexibility and allows them to adapt their information handling to the needs of their business. This allows APP Entities to operate without undue restrictions. Each APP entity (the Provider) needs to consider how the principles apply to its own situation.

What follows are key points in the Privacy Act and Our obligations to comply. The list is not exhaustive.

The principles require, among other things, that:

  • (APP 1) We manage personal information in an open and transparent way.
  • (APP 2) Individuals have the option of not identifying themselves when dealing with an APP Entity.
  • (APP 3) We only collect personal information that is reasonably necessary for one or more of its functions or activities; and if collecting health or other sensitive information, the individual consents to that collection, unless another exception applies.
  • (APP 5) We take reasonable steps to inform individuals about the collection of their personal information. This is done in a sales contract and in the Terms of Service.
  • (APP 6) Personal information is only used or disclosed by Us for the primary purpose for which We collected it. However, the individual may consent to use the personal information for a secondary purpose that is related to the primary purpose (or directly related if sensitive information) and the individual would reasonably expect Us to use or disclose it for that secondary purpose.
  • (APP 10) Reasonable steps must be taken by Us to keep personal information We hold, use and disclose accurate, up-to-date and complete.
  • (APP 11) We must take reasonable steps to keep protect personal information from misuse, interference and loss, unauthorized access or modification. This may include notifying affected individuals and the Privacy Commissioner in the event of a data breach.
  • (APP 12 and 13) Individuals have the right to access personal information We hold about them and to have that personal information corrected.

There are also separate APPs that deal with the use and disclosure of personal information for the purpose of direct marketing (APP 7) and the adoption, use, and disclosure of government related identifiers (APP 9).

Cross border disclosures: There are no prohibitions of overseas disclosures of personal information by APP Entities.

We will remain accountable for the handling of the information We disclose overseas unless an exception applies in which case We must take reasonable steps to ensure that the overseas recipient does not breach the APPs in relation to the personal information

With some exceptions, an APP entity that discloses personal information to an overseas recipient is generally required to ensure that the recipient will comply with the Australian Privacy Principles (APPs) when handling that information.

We generally meet or exceed the APPs that relate to Our processing of all data—specifically, only using personal information for the purposes of providing the Services (as described in Our main Privacy Policy) while maintaining a high level of security.

Changes to this Privacy Policy

We may update our privacy policies from time to time. We will notify You of any changes by posting the updated policy on this page.

We will let You know via email and/or a prominent notice on Our Service, prior to the change becoming effective and update the "Last updated" date at the top of this policy.

We encourage You to review this policy periodically for any changes. Changes to this policy are effective when they are posted on this page.

Contact Us

If You have any questions about this Privacy Policy, You may contact us by visiting the contact page: