The Australian Industrial Chemicals Introduction Scheme (the Scheme) is established by the Industrial Chemicals Act 2019 (IC Act). The Scheme’s Executive Director (the Executive Director) is a statutory office-holder appointed by the Governor-General, who performs functions set out in the IC Act, and is thus an ‘agency’ for the purposes of the Privacy Act 1988.
Find out more about the Scheme and the role of the Executive Director.
It also explains how the Executive Director ensures compliance with the Privacy Act 1988 (the Privacy Act) and how privacy enquiries and complaints are managed.
The Privacy Act and the Executive Director’s obligations
The Privacy Act protects personal information and requires that the Executive Director and staff comply with the Australian Privacy Principles (APPs).
This policy describes how the Executive Director collects and holds your personal information in compliance with the APPs.
What is personal information?
‘Personal information’ is information or an opinion about an individual, whether the information or opinion is true or not and whether it is recorded in a material form or not.
Read more about personal information on the Office of the Australian Information Commissioner's (OAIC) website.
Sensitive personal information
'Sensitive information' is a category of personal information. For example, sensitive information could include information about your health or information about your membership of a trade union.
Read more about sensitive information on the OAIC website.
The kinds of personal information the Executive Director collects are discussed below.
How the Executive Director collects and holds your personal information
Most of the time, your personal information is collected straight from you. Sometimes we might also collect personal information about you from someone acting on your behalf. Whenever possible, we collect your personal information with your consent.
People and organisations acting on the Executive Director’s behalf may also collect your personal information – contracted service providers for example.
The Executive Director may also get your personal information from other Australian Government agencies.
This table sets out the Australian Government agencies and bodies from which Executive Director may collect personal information about you.
The Executive Director may also obtain your personal information from international organisations such as overseas chemical or environmental regulatory agencies.
Ways we collect personal information
- forms you complete (online or paper)
- face to face meetings
- telephone, email and facsimile
- our website
- social media
Where it is reasonable to do so, a privacy notice explaining how your personal information is handled, will be provided to you.
Use and disclosure of personal information
The purpose for which your personal information is collected is important as it governs how the Executive Director can use and disclose your personal information, unless an exception in the Privacy Act applies.
Unless an exception applies:
- your personal information is only used and disclosed for the purpose we collected it for
- we will either tell you this purpose when we collect your personal information, or as soon as we can after we collect it
- when we collect your personal information, we will generally give information about how we will handle it, for example via a privacy notice
- we will only use or disclose your personal information for another purpose if we can under the Privacy Act.
This table outlines the purpose for which information is usually collected, including how it is used and disclosed. For any other information gathering, not listed in this table, we will handle your personal information in accordance with the APPs and the Privacy Act.
The Executive Director may also disclose your personal information as required or authorised under law or court order or where otherwise allowed under the Privacy Act and the APPs.
This table sets out what Australian Government agencies and other bodies the Executive Director may give your personal information to.
The kinds of personal information collected and held by the Executive Director
The Executive Director collects and holds personal information relating to:
- employment, occupational health and safety and personnel matters
- the performance of the Executive Director’s statutory and administrative functions and activities
- the management of contracts, funding agreements and procurement processes
- a range of non-statutory committees, and working groups
- individuals signed up to distribution and mailing lists
- the management of fraud and compliance investigations and audits
- correspondence from the public to the Executive Director, the Scheme, the Department, Ministers and Assistant Ministers
- correspondence referred to the Executive Director or the Department by other departments, Ministers or Assistant Ministers
- complaints made and feedback provided to the Executive Director or the Department
- requests for access to documents held by the Executive Director or the Department
- requests under the Freedom of Information Act 1982 (FOI Act)
- the provision of legal advice by internal and external lawyers
The personal information that the Executive Director collects may include:
- your name, address and contact details
- financial information (for example, payment details and bank account details)
- information about your identity (for example, date of birth and driver’s licence)
- information about your employment
- information about your background
The sensitive information that the Executive Director collects may include:
- membership of a professional association where it is an eligibility criterion for a position in the Department
The Executive Director will take reasonable steps to ensure that personal information collected about you is accurate, up-to-date, complete, relevant and not misleading.
The Executive Director will take reasonable steps to keep the information protected - read more below.
Unsolicited personal information
If the Executive Director receives unsolicited personal information about you, it will be destroyed unless it is a Commonwealth record or if it is lawful for us to collect it (refer APPs).
Personal information held by third parties
To ensure third parties follow the APPs, all contracts the Executive Director enters into which relate, or potentially relate, to personal information, include privacy clauses.
Ways the Executive Director protects your personal information
Only authorised staff can access personal information on a need to know basis to help them do their job.
The Scheme operates within the Department of Health. The Department contracts to an Information and Communications Technology (ICT) service provider. This provider holds certain personal information about you. The contractor is required to protect your information in the same way as the Department.
The Department’s networks and websites have security features to protect the information the Department holds from misuse, interference, loss due to unauthorised access, modification or disclosure.
The Department stores all records, information and data on its Electronic Document and Records Management System and cloud computing solutions. We also hold personal information on paper files.
We protect all types of records under Australian Government security policies, including the:
- Attorney-General Department’s Protective Security Policy Framework
- Department of Defence Information Security Manual
Go to the National Archives of Australia website for more information.
Retention and disposal of personal information
The Executive Director will take steps to destroy or de-identify your personal information if it is no longer needed, unless:
- it is required by law or a court/tribunal order to keep the information, or
- if it is part of a Commonwealth record
Personal information is stored and disposed of in accordance with the Archives Act 1983.
You don’t always have to provide us with your personal details, for example if you have a general question for us. Sometimes it may not be practical for you to stay anonymous or we may be legally required to deal with you in an identified form. We will let you know if this is the case.
Privacy Impact Assessment (PIA)
A PIA looks at any privacy impacts and makes recommendations for managing, minimising or removing that impact. The Executive Director may at times carry out a PIA on our activities or projects that involves the handling of personal information.
The Executive Director must undertake a PIA if directed to by the OAIC.
Where appropriate, the Executive Director will publish the results of the PIA.
We do not automatically collect personal information about you when you visit our website and you can use our website without telling us who you are or revealing other personal information.
If you complete the contact us form we will collect your name, email, phone number and other details you supply. When using the form, you may choose to use a pseudonym to make an enquiry or provide feedback; however, the extent to which we may be able to respond or assist may be limited.
This site is hosted in Australia in secure, government-accredited facilities. To help protect the privacy of data and personal information we collect and hold, physical, technical and administrative safeguards are maintained.
Our website uses a range of analytics services. These services do not identify individual users or associate your IP address with any other data held for other purposes. We use reports provided by analytics providers (such as Google Analytics) to understand website traffic and web page usage.
How you can access and correct personal information held about you
You have a right under the FOI Act and the Privacy Act to access your personal information. You also have a right to request correction of your personal information including if you believe it is irrelevant or misleading.
To request access to documents that contain your personal information please email our FOI contact officer at firstname.lastname@example.org.
We will take reasonable steps to provide you with access and/or make a correction to your personal information within 30 calendar days.
If the Executive Director corrects your personal information at your request, we will take reasonable steps to tell any agencies or organisations that we have disclosed your personal information to (who are bound by the Privacy Act) of the correction.
We may not do so if there is a reason under the Privacy Act or other relevant law to withhold the information or not make the changes.
If the Executive Director does not provide you with access to your personal information or refuses to correct it, where reasonable:
- we will tell you why in writing
- we will provide you with information about how you can contest/complain about this
- at your request, the Executive Director will take reasonable steps to associate a statement with the personal information that you believe to be inaccurate, out of date, incomplete, irrelevant or misleading
General questions and complaints
If you believe we have breached the Privacy Act or the APPs or mishandled your personal information, please contact us. For us to investigate your complaint, we prefer that you make your complaint in writing. Please explain your complaint and give us your contact details. If you do not provide enough information, the Executive Director may not be able to fully investigate and respond to your complaint.
We will acknowledge your concern or complaint if you provide your contact details. The Executive Director will try to respond within 30 calendar days. We will let you know if we cannot respond within this time.
How to contact us
Use our contact us form or call us on 1800 638 528.
You can also write to the:
AICIS Privacy Contact Officer
GPO Box 5218
SYDNEY NSW 2001
If you are not happy with the Executive Director’s response, you can complain directly to the Office of the Australian Information Commissioner (OAIC) via their website or by calling them on 1300 363 992.
Please note that the OAIC prefers complaints to be raised with agencies first.
Feedback on this policy
As well as providing feedback about this Policy to the Executive Director, you can also give your feedback or express a privacy concern by contacting the Department of Health.
Contact us if you have any accessibility issues with this page.