Page title

Intro

On this page

Tags

1 Purpose

In performing its functions and administering its portfolio legislation, the Department of Creative Industries, Tourism and Sport (CITS; department) deals with personal and sensitive information about individuals.

2 Scope

This Privacy Policy (Policy) applies to any personal and sensitive information collected, held, used, disclosed, secured, stored, and protected by CITS.

3 Objectives

This Privacy Policy aims to:
  • communicate CITS information handling practices
  • enhance the transparency of CITS operations
  • give individuals a better and more complete understanding of the personal and sensitive information CITS holds and how the department deals with that information.

4 Definition of terms

Personal information: Means information or an opinion about an identified, or reasonably identifiable individual.

Sensitive information: Refers to a subset of personal information, which includes information or an opinion about an individual’s health, genetics, race, ethnicity, political opinion or association, religion, philosophical beliefs, union membership, sexual preference, and criminal record.

with that information. 

5 Policy requirements

5.1 What privacy law does CITS comply with?

The Privacy Act 1988 (Cth) (Privacy Act) applies to various Commonwealth entities. Schedule 1 of the Privacy Act sets out 13 Australian Privacy Principles (APPs) which regulate the collection, use, disclosure and storage of personal information by such entities, as well as how individuals can access and correct personal information about them that is held by an entity.

The Privacy Act does not currently extend to State Government agencies, nor is there currently WA legislation implementing a data privacy regime. Until such time as more substantial guidance and/or legislative measures are available, the Interim Privacy Position for the WA public sector is that agencies should ensure their actions are consistent with applicable APPs with primary emphasis upon Principle 6 — ‘use or disclosure of personal information.’ 

CITS therefore complies with the State’s Interim Privacy Position when dealing with personal and sensitive information to the extent possible and where the information is not regulated by other laws or confidentiality obligations.

Some information collected by CITS may be protected by confidentiality and disclosure obligations under the department’s portfolio legislation or other State legislation. These provisions contain rules for the collection, use and disclosure of information (which may include personal information) and generally override the department’s obligations under the Interim Privacy Position and the APPs.

 

5.2 How CITS collects personal information

CITS only collects personal information for purposes reasonably necessary for, or directly related to the department’s functions or activities, or when the information is knowingly or voluntarily provided by an individual.

CITS collects personal information directly from individuals’ or their authorised representative(s) through (among other ways):
  • forms
  • correspondence
  • interactions in person, online or over the phone
  • surveys or questionnaires
  • partner and service providers
  • events hosted by CITS
  • CITS website and social media channels.
CITS may also collect personal information from other sources including: 

  • third parties where it is unreasonable or impractical to collect it from the individual.
  • publicly available source.

Third parties may include other Commonwealth, State and local government agencies, law enforcement agencies, foreign governments, sponsors, legal or medical practitioners, organisations that a person has nominated, education providers, employers, and members of the public who contact us with information.

5.3 Kinds of personal information collected at CITS

Examples of the types of personal information CITS may collect include:

  • an individual’s name, address and contact details 
  • information about a person’s identity (e.g. date of birth, country of birth, passport details, visa details, drivers’ licence, birth certificates, ATM cards)
  • information about an individual’s personal circumstances (e.g. marital status, age, gender, occupation, accommodation and relevant information about their partner or children)
  • information about a person’s financial affairs including funding arrangements
  • information about a person’s employment (e.g. work history, referee comments, remuneration)
  • information about a person’s background (e.g. educational qualifications, the languages they speak and their English proficiency)
  • government identifiers (e.g. Centrelink Reference Number or Tax File Number)
  • photographs, video recordings and audio recordings
  • voice print and facial recognition biometrics
  • location information from a mobile device information recorded by the CITS webserver when an individual visits the CITS website, including the individual’s:
  • server address
  • top level domain name (e.g. .com, .au, .gov) 
  • the date and the time of the visit to the site
  • the pages accessed and downloaded
  • the address of the last site visited
  • operating system
  • the type of browser in use

5.4 Purposes for which CITS collects and holds personal information

CITS collects personal information (other than sensitive information) where it is reasonably necessary for one or more of its functions and activities, including:

  • performing employment and personnel functions in relation to staff and contractors
  • performing legislative and administrative functions
  • policy development, research, and evaluation
  • complaints handling
  • program management
  • managing correspondence with the public
  • providing services to the community, such as:
    • helping Aboriginal people to locate historical records about themselves and their direct ancestors through family history research requests
    • Combat sports permits and registrations
    • Camp bookings for CITS recreational camps

CITS will only collect sensitive information about an individual if the individual consents to the sensitive information being collected, except in limited circumstances permitted under the Privacy Act (e.g., where authorised by an Australian law or court/tribunal order). 

In some circumstances, members of the public may have the right to remain anonymous or adopt a pseudonym when dealing with CITS, for example when completing some online forms or making public submissions. 

5.5 Purposes for which CITS uses and discloses personal information

CITS will generally only use and disclose personal information for the purpose for which it was collected (primary purpose). 

CITS may use or collect the information for another purpose, and for (secondary purpose) where permitted under the APPs, for example where:

  • the individual has consented
  • the individual would reasonably expect the APP entity to use or disclose their personal information for the secondary purpose, and that purpose is related to the primary purpose of collection, or, in the case of sensitive information, directly related to the primary purpose
  • the secondary use or disclosure is required or authorised by or under an Australian law or a court/tribunal order
  • CITS reasonably believes that the secondary use or disclosure is reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body
  • CITS has reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to the department’s functions or activities has been, is being or may be engaged in.

5.6 How CITS protects personal information

CITS takes reasonable steps to ensure that the personal information that the department holds is kept confidential and secure, including by: 

  • maintaining robust physical security of its premises
  • maintaining robust security of its electronic systems
  • limiting access to certain information to only those who require it
  • having robust cyber security measures in place.

6 Requesting access to or amendment of your personal information

CITS will endeavour to ensure the personal information it collects, uses or discloses is accurate, complete and up to date. 

The Freedom of Information Act 1992 (WA) (FOI Act) provides persons with the right to access certain information held by CITS.

The FOI Act also provides individuals with a right to apply for amendment of their personal information, or the personal information about a dead person where the applicant is the dead person’s closest relative, if the information held by CITS is inaccurate, incomplete, out of date or misleading.  

Further information about applications for access to or amendment of personal information under the FOI Act, as well as the application form, is available on the CITS FOI webpage.

7 Retention of personal information

The retention and destruction of records of personal information held by the Western Australian Government is governed by legislation, including the State Records Act 2000 (WA), and supporting policies and procedures. 

The department will not keep personal or sensitive information for longer than is needed. In most cases, this means that the department will only retain your personal information for the duration of your relationship with us, or where it is no longer required for the purpose for which it was collected, unless the department is required to retain your personal information to comply with applicable laws and policies.

8 Complaints, compliments and suggestions

If a person has a complaint about how CITS has handled their personal information, or wishes to allege a breach of the APPs, they may do so by lodging an online form. The complaint will be dealt with in accordance with the CITS Complaint Handling Policy and Procedure. 

To access a copy of the Privacy Policy in another form, or provide feedback on the Policy, contact CITS by emailing info@cits.wa.gov.au

This policy aligns with the:

Effective date: 24 July 2024   

Page reviewed 20 January 2025
Thank you for your feedback. Loading animation
Was this information helpful?
Do not check this box if you are a human.