PRIVACY POLICY

The Defence Abuse Response Taskforce (the Taskforce) is an APP entity for the purposes of the Privacy Act 1988 - an APP entity is defined to be an agency or an organisation. As theTaskforce is an agency, it is subject to the Australian Privacy Principles (APPs) in the Privacy Act which set out standards, rights and obligations for APP entities that are agencies in relation to handling, holding, accessing and correcting personal information.

  • Personal information means any information or an opinion about an identified individual, or an individual who is reasonably identifiable:
  • whether the information or opinion is true or not, and
  • whether the information or opinion is recorded in a material form or not.

This Privacy Policy has been prepared in accordance with APP 1 which requires agencies subject to the Privacy Act to have a publicly available policy about their management of personal information.

Kinds of personal information that the Taskforce collects and holds, and the purpose of collection

Broadly, the Taskforce collects personal information where it is relevant to discharging our obligations under the Taskforce Terms of Reference. It also collects personal information about employees and contractors.

Taskforce obligations under its Terms of Reference – complainants and related parties

The Taskforce collects personal information for the purpose of discharging its obligations under the Taskforce Terms of Reference. This personal information includes the names, addresses, contact details, dates of birth, gender, occupations, employment histories, family backgrounds and financial records of individuals who have made complaints about abuse in the Department of Defence to the Taskforce, as well as information about alleged abusers and other third parties such as witnesses to the abuse or individuals to whom the abuse was reported.

The information which the Taskforce collects and holds includes some types of sensitive information (which is a subset of personal information). This may include sensitive information about an individual’s racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices, criminal record or physical or mental health.

Taskforce employees and contractors

The Taskforce collects and holds personal information about staff, who are employed by the Attorney-General’s Department to work on the Taskforce, for the purposes of staff recruitment, performance management and professional and personal development, as well as general staff administrative functions such as payroll operations.

This personal information may include an employee’s name, address, contact details, date of birth, gender, qualifications, occupation, employment history, next of kin, financial information (including tax file number and banking details), performance agreements and appraisals, conduct, salary and allowances, superannuation details, leave details, references and character checks and security clearances.

Similarly the Taskforce collects and holds personal information about contractors and suppliers who are engaged by the Attorney-General’s Department to provide goods and services to the Taskforce under a contract. The information relates to individual contractors and suppliers, and the employees of firms that are contracted to provide or supply goods and services to the Taskforce. The purpose of the information is to enable the Taskforce to select contractors and suppliers that are assessed as offering the best value for money to the Taskforce, and to effectively manage its contracts with contractors and suppliers.

This personal information may include the contractor/supplier’s name, address, contact details, employer, previous projects undertaken, financial background, references, contract details, payment details, security checks and performance assessments.

How the Taskforce collects personal information

At all times the Taskforce tries to only collect the information we need for the particular function or activity we are carrying out under our Terms of Reference. Where it is reasonably practicable to do so, we collect this information directly from the employee or individual concerned.

Complainants to the Taskforce provide us with personal information to enable us to assess their complaints of abuse and take appropriate action in accordance with our Terms of Reference. In appropriate circumstances, personal information may be collected indirectly or from other sources, such as the Department of Defence, the Department of Veteran’s Affairs or from public records.

The Taskforce requests prospective employees to provide certain personal information to the Taskforce as part of our recruitment processes. New employees provide further personal information on joining the Taskforce, which is added to during the normal course of their employment working on the Taskforce.

Contractors and suppliers provide personal information to the Taskforce as part of our procurement processes. They provide further personal information in giving effect to their contract.

Anonymity

Where possible, we will allow individuals to interact with us anonymously or using a pseudonym. However, for most of our functions and activities associated with assessing and responding to complaints received against our Terms of Reference, we will need an individual’s name and contact information and enough information about them to enable us to fairly and efficiently handle their complaint.

How the Taskforce holds personal information

The Taskforce uses a range of physical and electronic security measures to protect personal information from misuse and loss, and from unauthorised access, modification or disclosure. These measures include restricted physical access to our offices, security containers, firewalls, secure databases, computer-user identifiers and passwords.

The Taskforce also requires all staff to have a minimum Baseline security clearance.

The requirements of the Archives Act 1983 relating to Commonwealth records (including the disposal, alteration and destruction of such records) apply to Taskforce records, including personal information held by the Taskforce. The National Archives of Australia (Archives) has imposed a disposal freeze on Commonwealth records potentially related to allegations, handling and consequences of sexual and other forms of abuse in Defence. Further information regarding the disposal freeze is available at the Archives website:

How the Taskforce uses and discloses personal information

The Taskforce uses and discloses personal information for the primary purpose for which it was collected, namely to enable us to discharge our obligations under the Taskforce Terms of Reference. We may also use and disclose personal information for reasonably expected secondary purposes directly related (for sensitive information) or related (for other personal information) to the primary purpose of collection, or for other purposes permitted under the Privacy Act.

The people or organisations with whom we may share personal information include:

  • the Department of Defence and the Chief of the Defence Force;
  • the Minister for Defence;
  • any relevant Senate Committees; and
  • other agencies, bodies or persons with the consent of the individual.

The Taskforce will not use or disclose personal information for a secondary purpose (i.e. a purpose other than the primary purpose for which the information was collected) unless permitted exceptions under the Privacy Act apply.

It is unlikely that the Taskforce will send personal information overseas, however if that is required, for example in order for us to discharge one of our obligations under the Terms of Reference, it will be done in compliance with APP 8 (cross-border disclosure of personal information).

Access to personal information held by the Taskforce

The Taskforce has established an Administrative Access Scheme (the Scheme) for the release of documents held by the Taskforce relating to complaints of abuse in Defence. Complainants can make a written request to the Taskforce to access documents it holds about their complaint. Proof of a complainant’s identity will be required before access is given to any documents. Access may not be given to documents or parts of documents where access would not be required under the FOI Act.

The Taskforce will deal with requests by complainants for access to their own information within 30 days of receiving the written request. There is no charge for the costs associated with providing access to documents under the Scheme.

Individuals also have the right under the FOI Act and the Privacy Act (Australian Privacy Principles 12 and 13) to request access to documents that we hold and ask for information that we hold about them to be changed or annotated if it is incomplete, incorrect, out-of-date or misleading (see below).

Correction of personal information held by the Taskforce

We endeavour to ensure that personal information sought and held by the Taskforce is accurate, up-to-date, complete, relevant and not misleading. However, if an individual is able to establish that information held by the Taskforce about them is not correct, we will take reasonable steps to amend it.

If we disagree with their view about the correctness of the information, we will provide reasons for our refusal to amend the information and, where requested, take reasonable steps to record a statement on our files that the individual have a contrary view.

Visiting the Taskforce’s website

When an individual looks at the Taskforce's website, the server makes a record of their visit and logs the following information:

  • their server address;
  • their top level domain name (for example .com, .gov, .au, .uk);
  • the date and time of the visit to the site;
  • the pages accessed and documents downloaded;
  • the previous site they visited; and
  • the type of browser used.

This information is collected to facilitate website and system administration, including monitoring to prevent security breaches, and to facilitate enhancement of the website.

The Taskforce does not attempt to identify users or their browsing activities except in the unlikely event of a criminal investigation, for example if a law enforcement agency has issued a warrant to inspect our server’s logs.

We do not use cookies when people make general visits to our website. Cookies are small text files that may be transferred to your computer’s memory by the servers of some of the websites you visit. Their purpose is to track and store information about a visitor’s usage of a website.

External sites that are linked to or from the Taskforce website are not under our control and people are advised to view their privacy statements separately.

Where our websites allow you to subscribe to email updates of the Taskforce, we will collect your name and email address off our website. We only use this information for the purpose of sending you regular updates on the activities and work of the Taskforce, and to administer the lists. We store this personal information on servers located in Australia.

Complaints procedures

If an individual wishes to complain about the way the Taskforce handles their personal information, they should contact the Privacy Contact Officer– see below. We will endeavour to respond within 30 days of receiving the complaint.

Under the Privacy Act, the Australian Information Commissioner has the power to investigate complaints, or acts or practices that may be a breach of privacy even if there is no complaint. If an individual has made a complaint to the Taskforce about a Taskforce practice which they think amounts to an arbitrary or unreasonable interference with their privacy, and they do not believe that the matter has been resolved satisfactorily, they should write to the Office of the Australian Information Commissioner (OAIC), preferably using the online Privacy Complaint form. Further information about making a privacy complaint to the OAIC is at:

Individuals are able to make a complaint directly to the OAIC rather than to the Taskforce. In most cases, however, it is likely that the OAIC would refer the individual to the Taskforce, in the first instance, to see if their complaint can be resolved without requiring the involvement of the OAIC.

Further information

To find out more about how the Taskforce manages personal information, contact:

Privacy Contact Officer
Defence Abuse Response Taskforce
PO Box 6010
KINGSTON ACT 2604

Email:

For more general information on the Privacy Act and the APPs:

  • visit the website the Office of the Australian Information Commissioner - OAIC; or
  • contact the OAIC on 1300 363 992 or at .

As necessary, the Taskforce will, from time to time, review this policy and may amend it at any time. Any amendments will be notified by posting an updated version on the website.

4 National Circuit BARTON ACT 2600  Telephone: (02) 6141 4550 email: