2002-10 - Privacy Policy

PDF version

Policy No: 2002-10
Publication Date: 11/06/2002
Status: Replaced by Policy No 2010-02

1. BACKGROUND

1.1 This document sets out auDA's privacy policy, drafted in response to the Privacy Amendment (Private Sector) Act 2000 to codify auDA's commitment to the responsible collection and use of personal information by auDA.

1.2 auDA strongly advocates the protection of all personal information, and believes that the adoption and implementation of this policy represents good business practice. auDA's commitment to this policy ensures that individuals are made aware of:

a) when information about them is being collected;

b) the purpose for which it is being collected;

c) whether the information may be passed on to third parties; and

d) the rights of individuals to have some control over the way any information about them is handled and maintained.

1.3 This policy has been drafted to adhere to the National Privacy Principles outlined in the Privacy Act. More information about the Act is available on the Australian Privacy Commissioner’s web site at http://www.privacy.gov.au or on the Privacy Hotline number 1300 363 992.

1.4 This policy applies only to the collection and use of personal information by auDA. It does not apply to the collection and use of personal information by members of the domain name industry operating within the .au domain. Under auDA's Registry Licence Agreement and Registrar Agreement, registry operators and registrars are required to develop their own privacy policy in accordance with the requirements of the Privacy Act.

2. COLLECTION OF PERSONAL INFORMATION

2.1 The personal information held by auDA is collected for the purpose of meeting its objectives as the manager of the .au domain, and providing the services necessary for meeting those objectives.

2.2 In the course of managing the .au domain, auDA may collect personal information in order to:

a) appoint and license registry operators;

b) accredit and license registrars;

c) field and deal with consumer enquiries and complaints;

d) refer persons to appropriate bodies according to the nature of the person's inquiry; and

e) canvas stakeholders for their views, opinions and suggestions in relation to the .au domain.

2.3 auDA limits the collection of personal information to that which is required to perform the functions listed above. auDA may also collect personal information in order to process applications for membership of, or employment with, auDA.

2.4 auDA does not require or collect personal information which would be considered "sensitive" under the Act.

2.5 auDA's web site does not utilise "cookies" or other technology to collect user information or track usage. auDA's web site may feature links to other web sites. auDA is not responsible for the content and privacy practices of other such web sites.

3. USE OF PERSONAL INFORMATION

3.1 The way in which auDA uses personal information is dictated by the purpose for which the information was collected. As most information is collected directly from the relevant individual, that individual will normally be aware of the purpose of the collection.

3.2 auDA will only use personal information for a purpose other than the primary purpose (ie. a secondary purpose) where:

a) that individual has consented;

b) the secondary purpose is directly related to the primary purpose and the individual would reasonably expect auDA to use or disclose the information in such a way; or

c) we are permitted or required by law, or it is in the interests of public safety to do so.

3.3 People who subscribe to one of auDA's mailing lists (such as the auDA Announcements List) may decide at any time to unsubscribe from the list. Instructions for unsubscribing will appear in the footer of all list emails, as well as on the auDA web site.

4. PROTECTION OF PERSONAL INFORMATION

4.1 Access to personal information held by auDA is limited to those employees who specifically require it to carry out their work responsibilities. This extends to protecting personal information from misuse and loss, as well as from modification and disclosure.

4.2 Commercially sensitive information (for example, information provided by a prospective registrar for the purpose of accreditation) will held by auDA staff and will not be disclosed to any director of the auDA Board.

4.3 All personal information will only be retained for a reasonable period of time. auDA endeavours to maintain the security and integrity of all facilities by which personal information is stored.

5. ACCESS TO PERSONAL INFORMATION

5.1 auDA is committed to processing personal information promptly and accurately. As part of this commitment, individuals who have provided personal information to auDA may request access to their information in order to verify that it is accurate, complete and up-to-date.

5.2 Requests for access or correction to personal information should be directed to auDA's Chief Policy Officer. auDA reserves the right to refuse a request if it is vexatious or frivolous, or if we are legally entitled to do so.

6. REVIEW OF POLICY

6.1 auDA reserves the right to revise this policy at any time and those people who volunteer their personal details to auDA are deemed to acknowledge and be bound by this policy and any changes made to it. This is no way affects the protection afforded under the relevant laws, according to which this policy was developed.