TOURISM AUSTRALIA EXTERNAL PRIVACY POLICY

Tourism Australia (TA) is the Australian Government statutory authority responsible for international and domestic tourism marketing as well as the delivery of research and forecasts for the tourism sector.

TA understands that privacy is important to you. We are bound by the Information Privacy Principles (IPP's) in the Privacy Act 1988 (Australia). If TA communicates with you by email, it is also bound by the Spam Act 2003 (Australia).

TA also strives to handle personal information in a manner which is consistent with the local privacy laws that apply in the various international jurisdictions in which Tourism Australia operates.

This External Privacy Policy applies to TA's handling of personal information across all its offices (in Australia and internationally). Section 6 contains specific provisions relating to online privacy (this applies to personal information that is collected through TA websites).

1. What Personal Information Does TA Collect?

The types of personal information that we collect will depend on the nature of your dealings with us. For example, we may collect personal information directly from you when you:

subscribe to a newsletter or register to receive brochures (eg through TA's website);
apply to attend or exhibit at a TA event, or enter a promotion at such an event; register to participate in the Visiting Journalists Program, or the Aussie Specialist Program; Have business dealings with us (whether as an employee of one of our external service providers, or if you work for a Government agency we deal with, or in the context of a transaction, or if you volunteer personal information to us).

In each case, we only collect the personal information that we need to carry out our specific functions. For example:

if you are a travel agent who registers for the "Aussie Specialist Program" through our website, we will collect your name, gender, date of birth, job title, email address and business contact details;
if you are a traveller or tourist who registers to receive electronic newsletters from us we will collect your name, address, email address, age group and information about what type of holiday you are looking for. This is so we can make sure we can provide you with material which is likely to be of the most interest to you; and

if you deal with us in the course of business, we will generally only collect your business contact details (so we can communicate with you for normal business purposes).

We also collect personal information about our employees and contractors (personnel records). Details about the personal information contained in personnel records and in other records held by TA are contained in TA's entry in the Register of Federal Personal Information Digests, maintained by the Office of the Federal Privacy Commissioner (see at http://www.privacy.gov.au/government/digest/index.html).

2. How do we use Personal Information?

We need to collect personal information so that we can provide you with the publications or services you have requested, or so that we can carry out specific statutory functions (or both). The particular purpose for which we collect personal information will either be explained when we collect that information, or will be obvious from the context in which it is collected. Under the IPP's, we must only use personal information for the particular purpose we collected it for, or for other purposes that are directly related to that purpose. If we want to use personal information for any other purpose we must obtain your consent. If we use your personal information to send you information by email (including e-newsletters), we will always give you an opportunity to "unsubscribe", and we will respect your wishes.

3. Will Your Personal Information be Given to Anyone Else?

TA makes only limited disclosures of personal information. Examples of these disclosures are explained below. TA does share personal information that it has collected in the course of conducting trade events with other Australian State Government and Australian Territory Government tourist authorities. These authorities are Tourism Western Australia, Tourism Tasmania, Tourism NT, South Australian Tourism Commission, Tourism New South Wales, Tourism Queensland, Tourism Victoria and Australian Capital Tourism. Such disclosure is notified when that personal information is collected. We may also disclose personal information to external service providers who help us operate our business (eg IT consultants, publishing houses). If TA engages external service providers, we require those contractors to comply with contractual privacy obligations that reflect TA's own strict privacy obligations under the IPP's. In the context of TA's Aussie Specialist Program, personal information may only be disclosed with the consent of participants in that program. For example, with consent, personal information about participants may be disclosed to organisations involved in the Australian tourism industry such as airlines, hotels, tour operators and product suppliers. However, there will be no disclosure of this personal information without consent.Otherwise, TA will only disclose personal information with your express consent, or if this is required by law or permitted under the Privacy Act.One example of where disclosures may be required by law will be where a request is made under the Freedom of Information Act 1982 (FOI Act). However, if access is sought to a record containing your personal information by a third person, FOI Act procedures that are designed to protect your privacy will apply.

4. Security of Personal Information

TA takes security of personal information seriously.Most electronic records of personal information collected by TA are stored in databases are hosted on servers in Australia. Some records (relating to consumers) are stored in databases that are hosted on servers in our overseas offices. In each case, our IT systems are protected by appropriate IT security measures. If you do not live in Australia, and we want to store your personal information on servers that are located in Australia, we will generally ask you to consent to this at the time we collect personal information from you. If you don't want your personal information to be transferred to Australia, please don't provide us with your personal information. If you have dealt with TA in the past, and don't want your personal information stored in Australia, you can ask to be removed from our databases at any time (using the contact details at section 7 below). We also require our staff to ensure that paper records containing personal information are stored securely. TA’s personnel are bound by confidentiality obligations as a condition of their employment, and this extends to ensuring that personal information collected by TA is kept confidential.

5. Access and Correction

Under the Privacy Act, you have the right to seek access to the records of personal information that TA holds about you. You also have the right to ask us to alter your personal information to ensure it is accurate and up to date. If you wish to access the personal information that we hold about you, please set out your request in writing, and forward this to our Risk and Administration Manager, using the contact details set out at the end of this Privacy Policy.

6. Online Privacy Issues

If you use TA’s websites, you are understood to consent to the terms and conditions set out on our websites. This includes consenting to the terms of this privacy policy.In general, you can visit TA’s websites without telling us who you are or revealing any personal information about yourself. However there are times when we may need to collect personal information from you. For instance, if you register to receive our publications or to attend an event, we will need to collect some personal information from you. At the time of collection, we will seek your permission to send you further electronic communications, and for your personal information to be stored in databases that are hosted in Australia. If at any time after submitting your personal information to us you would no longer like to receive information from us, simply follow the "unsubscribe" directions at the end of any email communications you receive, or contact us using the contact details at section 7 of this External Privacy Policy. No attempt will be made by TA to identify website users or their browsing activities except in the unlikely event of an investigation, where a law enforcement agency may exercise a warrant to inspect server logs. The statistics and log files may be preserved indefinitely and used at any time and in any way necessary to prevent security breaches and to ensure the integrity of the information supplied by TA.

In general on TA’s websites, IP addresses (the Internet address of a computer) are logged to track a user's session while the user remains anonymous. We analyse this data for certain trends and statistics, such as which parts of our site users are visiting and how long they spend there. We do not link your IP addresses to anything that identifies you. In those limited cases where session information is not anonymous, TA will provide notice of the practice and an opportunity to "opt out".

When we receive information about your session or about you, we may also use it for research or to improve our site and the services we offer you.

a) Cookies

Some TA web pages use "cookies", which are small files that may be placed on your hard disk for record-keeping purposes. A cookie helps us remember who you are. Cookies can make your subsequent visits to the web page simpler and more seamless. You can set your browser to notify you when you receive a cookie, giving you the chance to decide whether or not to accept it. (However, by not accepting cookies, some web pages may not display properly or you may not be permitted to access certain information.) A server cannot find out a name or email address, or anything about a user's computer, by using cookies.

b) Online Security

TA strives to ensure the security, integrity and privacy of personal information submitted to our sites, and periodically updates its security measures in light of current technologies.

You need to be aware of inherent risks associated with the transmission of information via the Internet. TA cannot guarantee or warrant the security of any personal information you submit to our sites. If you have concerns in this regard, TA has other ways of obtaining and providing information. Normal mail, telephone and fax facilities are available.

TA sites may also be linked to websites operated by third parties. These links are meant for your convenience only. Links to third party sites do not constitute sponsorship or endorsement or approval of these sites. Visitors to those sites should refer to their separate privacy policies and practices.

7. Additional Information

If you have any questions about this Privacy Policy, or if you wish to make a complaint about how TA has handled the personal information about you, please contact our Risk and Administration Manager, using the contact details below:

By E-mail: privacy@tourism.australia.com
By Post: Level 18, Tower 2, Darling Park
201 Sussex Street,
SYDNEY NSW 2001 AUSTRALIA
By Telephone: +61 2 9360 1111

Tourism Australia periodically reviews its Privacy policy and reserves the right, at its discretion, to modify or remove portions of this policy at any time.

Policy updated: January 2007