Find information

Please select the jurisdictions you are interested in reading about. This will filter content on this site. Content about Federal laws will display in addition to content about laws for any state or territory selected. You can change your selection at any time. Save & Close Cancel Find out more

Privacy

Please change your location to view this page.

This page contains content that does not match your current location

Some community organisations, including those with revenue over $3mil, and those that have contractual arrangements with government (eg. funding agreements) may be required to comply with privacy laws.

It is best practice to assume that all privacy laws apply to your group. It is also important to note that there are Privacy Laws at both state and federal levels.

Privacy reforms

The Federal Government has recently made changes to the Privacy Act 1988 (Cth). These changes include new Australian Privacy Principles (APPs). The changes, including the new principles, commenced on 12 March 2014.

The Office of the Australian Information Commissioner has updated its website to reflect the new laws.

Norton Rose Fulbright has generously provided a Privacy Compliance Manual for use by Australian charities and not-for-profits when transitioning to the new privacy laws and APPs. To download the manual, go to the bottom of this page where you will be asked to complete a form to grant access to the Manual.

The Not-for-profit Law Privacy Guide has been updated to reflect the new federal privacy laws. You can download the Guide below which includes information about:

  • what is covered by privacy law, sources of privacy laws and exemptions
  • obligations under privacy law including consent, notification and storing personal information and compliance, and
  • fundraising and privacy.

There are legal issues that cross-over with privacy that are not addressed in the Privacy Guide, including:

  • Confidentiality - In some circumstances you may have an obligation to keep certain information confidential. This can be because of:
    • an agreement containing confidentiality obligation
    • the commercial or secret nature of the information itself, or
    • the circumstances in which the information was obtained.
  • Surveillance - Federal and Victorian State laws regulate surveillance, recording, monitoring and interception of communications, including when these are done in the workplace. The laws cover video, audio, computer, telephone and tracking (eg. GPS) surveillance. For information go to the Office of the Australian Information Commissioner.
  • Direct marketing and research - The Spam Act 2003 (Cth) regulates how you send promotional emails and other commercial electronic messages, while the Do Not Call Register Act 2006 (Cth) and related industry standards regulate telemarketing and telephone research. For information go to the Australian Communications and Media Authority (ACMA) and/or the Do Not Call Register website.
  • Freedom of information (FOI) - If someone has asked to access their information or told you they have a right to it under FOI laws, you will need to consider if that legislation applies to your organisation (eg. if your organisation holds personal information as a result of a contract between it and the government). For information go to the Victorian Government's Freedom of Information online and/or the Australian Government's Office of the Australian Information Commissioner.

The Not-for-profit Law Privacy Guide has been updated to reflect the new federal privacy laws. You can download the Guide below which includes information about:

  • what is covered by privacy law, sources of privacy laws and exemptions
  • obligations under privacy law including consent, notification and storing personal information and compliance, and
  • fundraising and privacy.

There are legal issues that cross-over with privacy that are not addressed in the Privacy Guide, including:

  • Confidentiality - In some circumstances you may have an obligation to keep certain information confidential. This can be because of:
    • an agreement containing confidentiality obligation
    • the commercial or secret nature of the information itself, or
    • the circumstances in which the information was obtained.
  • Surveillance - Federal and NSW State laws (including the Workplace Surveillance Act 2005 (NSW)) regulate surveillance, recording, monitoring and interception of communications, including when these are done in the workplace. The laws cover video, audio, computer, telephone and tracking (eg. GPS) surveillance. For information go to the Office of the Australian Information Commissioner.
  • Direct marketing and research - The Spam Act 2003 (Cth) regulates how you send promotional emails and other commercial electronic messages, while the Do Not Call Register Act 2006 (Cth) and related industry standards regulate telemarketing and telephone research. For information go to the Australian Communications and Media Authority (ACMA) and/or the Do Not Call Register website.
  • Freedom of information (FOI) - If someone has asked to access their information or told you they have a right to it under FOI laws, you will need to consider if that legislation applies to your organisation (eg. if your organisation holds personal information as a result of a contract between it and the government). For information go to the NSW Government Public Access to Government Information and/or the Australian Government's Office of the Australian Information Commissioner.

Privacy Compliance Manual

Norton Rose Fulbright has provided Not-for-profit Law with its Privacy Compliance Manual for use by charities and not-for-profits. The Manual contains an overview of new federal privacy laws and a template privacy policy. To access the Manual, please fill in the form below.

What are the purposes of your organisation?
This will be used to provide you with a link to the Privacy Compliance Manual, and we may send a follow-up survey link to you.
Not-for-profit Law will not disclose the contents of this form, but may use de-identified information when reporting on the types of organisations accessing this manual.

Subscribe to our newsletter