Privacy Policy

In 1998, the Commonwealth Government enacted the Privacy Act 1988, which provided the legislative and legal framework for the collection and use of personal information in Australia. In Queensland, the legislation has been handled administratively, that is, the State Government has chosen not to enact its own privacy laws, but has put in place an administrative framework such that the Commonwealth Act applies in Queensland. Oversight of the laws governing privacy rests with the Office of the (Federal) Privacy Commissioner, based in Sydney.

The Privacy Act 1988 adopts a set of 13 Australian Privacy Principles (APPs), which apply to businesses. These APPs provide guidance as to what constitutes personal information, and how personal information should be treated, accessed, handled, stored and disposed of.

Under the provisions of the Act, businesses and organisations which collect information of a personal nature are required to develop and maintain their own Privacy Policy, which meets the requirement of the Act and the APPs.


Whenever a business or organisation collects information of a personal nature (definition available), the Privacy Act requires it to:

  • Collect only necessary information;
  • Provide information about why personal information is being collected and how it is handled;
  • Only use or disclose the personal information for the purpose of the collection, unless an exception applies;
  • Only retain the information for as long as necessary, consistent with the purpose of collection; and
  • Store the information securely, and provide for it to be accessed by the individual if requested.


Join QHA