Privacy Policy

The Be Connected website is produced and maintained by the Office of the eSafety Commissioner in partnership with the Department of Social Services (DSS).

The eSafety Commissioner is responsible for promoting online safety for all Australians. This policy describes how the eSafety Commissioner and staff assisting her (‘the Office’) handles, manages and protects personal information.

The Privacy Act 1988 (Cth) (the Privacy Act) contains 13 Australian Privacy Principles (the APPs) that regulate how private sector organisations and government agencies collect, use, disclose, hold and de-identify or destroy personal information, and how individuals may request to access and correct their personal information.

The Privacy Act defines personal information as information or an opinion about an identified individual or an individual who is reasonably identifiable. It also defines sensitive information, which is a subset of personal information that is generally afforded a higher level of protection than personal information. This includes health information and information relating to a person’s racial or ethnic origin and sexual orientation or practices.

The eSafety Commissioner is covered by the Privacy Act.

As Be Connected is a Federal Government initiative undertaken jointly by the Office and the DSS, you may also be interested in the DSS’s privacy policy.

Collection of personal information

Purposes of collection

The Office collects personal information if it is reasonably necessary for, or directly related to, one or more of the eSafety Commissioner’s functions or activities.

The Office is collecting your personal information for the purpose of registering your with the Be Connected service. If we don’t collect this information, you may be unable to register fully with the service.

How personal information is collected

The Office collects personal information by lawful and fair means to undertake a regulatory function or activity or for activities consistent with a regulatory function.

The Office collects personal information directly from you, for example, when you provide us your details during website registration, updating your profile, completing feedback surveys, through an enquiry form or in relation to a complaint.

The Office may also obtain information about you from third parties in certain circumstances, including where:

  • the eSafety Commissioner is required or authorised by law, for example, obtaining information for the purposes of handling a complaint or report (from a complainant, parent, guardian or school)
  • the eSafety Commissioner has your consent to do so, or
  • it is not reasonably practicable to collect the information from you.

Kinds of personal information collected and held

The Office collects personal information to enable us to carry out our regulatory functions and activities.

For the Be Connected project, this includes the information you provide us via the registration form, such as your name, date of birth and email address.

Procurement

The Office collects and holds personal information as part of our procurement processes. This includes the names and contact details of tenderers or contracting parties and is done to ensure we comply with the Public Governance, Performance and Accountability Act 2013 (the PGPA Act) and the Commonwealth Procurement Rules.

More information on the PGPA Act and the Commonwealth Procurement Rules is available at the Department of Finance’s PGPA associated instruments and policies page.

Public consultation and engagement

The Office engages with the public and our stakeholders through a number of mediums, including consultations, surveys, conferences and forums.

When the Office undertakes formal consultation, the documentation will make clear the purpose of the consultation and the purpose of the collection of personal information. Generally, the Office publishes the submissions we receive, including any personal information, unless otherwise claimed as confidential.

If you wish to make a submission anonymously or through the use of a pseudonym, you should contact the Office to see whether it is practicable to do so. Each confidentiality claim is assessed by the Office on a case-by-case basis.

Use of services

The Office collects and holds personal information used to register for a service, such as the Be Connected website, or an online safety program or newsletter subscription. This may include details such as name, organisation, contact details and communication preferences. This helps the Office manage user access and provide the service requested.

Information about how your personal information will be handled and other terms and conditions for using a service will be provided before any personal information is collected.

Website traffic, cookies and analytics

The Office uses a range of tools to collect and view our website traffic information. This includes cookies and analytics. This helps the Office improve our website, customise our information and services, and pursue research and development.

The information collected by these tools may include the IP address of a device, the date and time a page was visited, the pages accessed and how long pages were viewed.

You can set browsers that will notify you before you receive a cookie. This may allow you to refuse to accept it. Users can also turn off or delete cookies.

The Office also uses Google Analytics. You can opt out of this collection by using the Google Analytics Opt-out Browser Add-on.

The Office does not attempt to identify users or their browsing activities, unless the user has signed up to an online service or a law enforcement agency or other government agency exercises its legal authority to inspect our internet web server logs for an investigation.

The eSafety Commissioner’s website uses both Australian Government and commercial web-hosting facilities.

Social Media

The Office uses social networking services, including Twitter, Facebook, YouTube, Instagram and Snapchat, to engage with the public. The Office may collect your personal information if you engage with us on these services, but we will only use it to help us communicate with you and the public.

These social networking services will also handle your personal information for their own purposes in accordance with their own privacy policies.

Emails and newsletters

The Office communicates with the public through email distribution lists and newsletters. With your consent, the Office will collect your email and, if you provide it, other contact details when you subscribe to an Office mailing list. The Office only uses this to update you on its activities and to administer the lists.

Notification

The Office collects personal information in order to fulfil the eSafety Commissioner’s statutory functions and obligations or to undertake activities consistent with a regulatory function.

The Office collects personal information in order to fulfil the eSafety Commissioner’s statutory functions and obligations or to undertake activities consistent with a regulatory function.

Before, at the time, or soon after collecting personal information, the Office will provide you a notice outlining certain matters, including the purposes of collection, the consequences if personal information is not collected and whether the Office Commissioner usually discloses information of this kind to another entity.

Anonymity and use of pseudonym

The Office will provide you the option of not identifying yourself, or using a pseudonym, unless it would be impractical for the eSafety Commissioner to deal with a person in that way or where a law requires or authorises the eSafety Commissioner to deal with individuals who have identified themselves.

Complaints related to offensive and illegal content can always be made anonymously.

Reports relating to image based abuse do not require a complainant to provide their name.

Use and disclosure of personal information

The Office will use or disclose personal information only for the purpose for which it was collected. The Office will only use or disclose personal information for another purpose in certain permitted circumstances, including when:

  • you consent for the Office to do so
  • the use or disclosure is required or authorised by or under an Australian law, or
  • another exception under the Privacy Act applies, including the eSafety Commissioner reasonably believes that it is reasonably necessary for one or more enforcement-related activities or a permitted general situation exists.

Part 9 of the Online Safety Act permits the eSafety Commissioner to disclose information in certain circumstances and with certain conditions, including to an authority of a foreign country responsible for regulating matters relating to online safety for children, provided it is not prohibited by Part 13 of the Telecommunications Act 1997.

The eSafety Commissioner may also disclose information to an authority if satisfied that the information will enable or assist the authority to perform or exercise any of the authority’s functions or powers, provided the information was obtained as a result of a function or power conferred on the eSafety Commissioner under the Online Safety Act or the Broadcasting Services Act 1992.

We only disclose personal information in order to help us fulfil a regulatory function, with your consent or where otherwise permitted by the Privacy Act. We may disclose your personal information to other government agencies, third parties and contract service providers participating in the Be Connected project. This may include overseas recipients and bodies undertaking research or surveys that you consent to participate in.

The Online Safety Act also lets us provide your information to certain authorities without your consent, including foreign authorities.

You may also choose to engage with us through a social networking service or our website. The companies we use for these purposes may also store information overseas.

Quality and security of personal information

The Office takes reasonable steps to ensure the quality of the personal information we collect and disclose is accurate, up-to-date and complete.

The Office have a range of measures in place to protect the personal information it holds from misuse, interference and loss, and from unauthorised access, modification or disclosure.

All information collected by the Office is secured and managed in accordance with the Australian Government’s Protective Security Policy Framework, Information Security Manual and the Archives Act. You can find further information at the National Archives of Australia’s webpage for Commonwealth Records Management).

Access to and correction of personal information

The eSafety Commissioner will consider any request you make to access, or seek the correction of, your personal information within 30 days.

The Office will take reasonable steps to correct information we hold about you, if we consider it inaccurate, out of date, incomplete, irrelevant or misleading. You may need to demonstrate how your personal information is incorrect.

The Office will ask you to verify your identity before it gives you access to your information or corrects it.

You also have the right under the Freedom of Information Act 1982 to request access to the documents the eSafety Commissioner holds.

If the information the eSafety Commissioner holds about you is incomplete, incorrect, out-of-date or misleading, you can ask it that it be changed or annotated.

Making a complaint

The Office manages personal information in accordance with its obligations and responsibilities under the APPs.

If you have a complaint about how the Office has handled your personal information, you should outline your complaint in writing and lodge it with eSafety through the details on the Contact us page.

The Office will assess your complaint within 30 days.

If you’re unhappy with how we have handled your complaint, you may be able to complain to the Office of the Australian Information Commissioner

Contact the Office

Contact the Office of the eSafety Commissioner for further information about this privacy policy.

Last modified: Monday, 13 August 2018, 1:56 PM