Skip to main content Skip to home page
menu
privacy

Privacy

About this policy

This policy sets out how personal information held by the Department of Foreign Affairs and Trade (DFAT) is managed and protected in compliance with the Privacy Act 1988 (Cth) (Privacy Act), the Australian Privacy Principles (APPs) and the Privacy (Australian Government Agencies – Governance) APP Code 2017 (the Code).

DFAT promotes and protects Australia’s international interests to support our security and prosperity. DFAT works with international partners and other countries to tackle global challenges, increase trade and investment opportunities, protect international rules, keep our region stable and help Australians overseas.

DFAT provides consular and passport services, as well as foreign, trade and development policy advice to government.

This Policy contains information about DFAT's collection, use, disclosure and storage of personal information, including sensitive information, and how you may access and correct personal information that we hold.

We take your privacy seriously and make all efforts to protect your personal information from misuse, interference and loss; and from unauthorised access, modification or disclosure. If you wish to make a complaint about DFAT's handling of your personal information, please refer to the Complaints section of this Policy.

Who should read this Policy

This Policy is relevant to people whose personal information is collected, stored, used or disclosed by DFAT including:

  • Australian Passport and travel document holders and applicants
  • Australians living and travelling overseas, including those who have registered via Smartraveller.gov.au
  • Current and former scholarship, Australia Award and grant applicants and recipients
  • Current and former tenderers, contractors and sub-contractors to DFAT
  • Invitees to public diplomacy events held in Australia and overseas whose details may be in contact databases
  • People who have made enquiries or complaints to DFAT or our portfolio Ministers
  • Visa applicants and DFAT sponsored travellers
  • Foreign diplomatic and consular staff (for protocol-related purposes)
  • Current and former DFAT employees (including those posted overseas)
  • Board members
  • Other individuals whose personal information is provided in, or in connection with, a passport, scholarship, employment or other application.

Remaining anonymous or using a pseudonym

You have the option of not identifying yourself, or using a pseudonym, when dealing with DFAT, for example, to make an enquiry or complaint. However, in circumstances where we are required or authorised to deal with an identified individual by or under law, or where it is impracticable for us to deal with you anonymously or pseudonymously (such as when you apply for a passport, scholarship or employment), this option will not be available to you.

What kinds of personal information do we hold

DFAT may collect or hold personal information that is reasonably necessary for, or directly related to, the performance of our functions and activities, including

  • names and signatures
  • personal contact details such as address, email address, phone and electorate
  • proof of identity documents
  • next of kin contact information
  • information about citizenship, visa status and visa application details
  • gender
  • dates and places of birth
  • photographs of people
  • travel arrangement details
  • Tax File Numbers (TFNs)
  • CVs, employment history, transcripts and referee reports
  • financial information provided by contractors and consultants
  • bank details where DFAT is required to make payments
  • information about individuals subject to financial sanctions and travel bans, including information about financial activities and transactions
  • child exploitation and abuse notifications under the Australian Government’s Child Protection Policy
  • social media username, IP address and email address when responding to online comments or enquiries (for more information about DFAT’s social media pages please see Disclaimer)
  • details provided by individuals registering on Smartraveller.

DFAT may also collect or hold sensitive information, including

  • photographs used for biometric matching purposes to confirm identity on passport applications (biometric information)
  • health information provided by individuals, for example when seeking consular assistance or applying for a scholarship
  • political opinions or membership of political associations, for example when provided by individuals in correspondence
  • information about your racial identity or indigenous status for example when making a passport application
    allegations of criminal conduct and police and criminal history information, for example in mutual assistance or kidnap cases or when vetting employees, board members, scholarship applicants  or contractors
    religious or philosophical beliefs, for example when provided by staff as part of a security assessment process.

In this policy, personal information and sensitive information has the meaning given to these terms in the Privacy Act.

Why we might collect your personal information

DFAT's role is to advance the interests of Australia and Australians internationally. Personal information is collected where it is necessary for, or directly related to, the performance of our functions and activities. These include:

  • providing foreign, trade and development policy advice to government
  • working with other government agencies to ensure that Australia's pursuit of its global, regional and bilateral interests is coordinated effectively
  • managing Australia’s aid program and other operations in, or in partnership with, another country
  • managing Australia's international presence
  • developing and implementing foreign, trade and development policy
  • facilitating safe and secure travel for Australians overseas through timely and responsive travel advice, consular services and a secure passport system

Some examples of why we might collect your personal information include:

  • to process your passport or travel document application
  • to process your registration on the Smartraveller website
  • to facilitate processing of your visa application
  • to assist you if you seek or require consular assistance overseas
  • to process your application for a scholarship or grant
  • to enter into an agreement/contract with you
  • to respond to your complaint
  • to respond to your enquiry or request for information
  • in order to invite you to an event
  • to support diplomatic and consular accreditations
  • to manage the recruitment, personnel and corporate functions of DFAT
  • to conduct surveys and stakeholder consultation purposes
  • to administer policies and the delivery of goods or services
  • to administer privileges and immunities
  • to process your security clearance.

Information collected for a primary purpose may sometimes be used or disclosed for a related secondary purpose. For example, information collected from contractors during a tender process may be used as part of an evaluation or review of a particular aid project delivered by that contractor. Personal information collected from scholarship recipients may be used to invite those recipients to alumni events. Employee information collected to administer an individual's employment may be used or disclosed during a workplace investigation initiated by that individual.

How we collect personal information

DFAT collects personal information only by lawful and fair means. It is our usual practice to collect personal information directly from you or your authorised representative when you deal with us by telephone, letter, email, face-to-face or online. In particular, DFAT collects your personal information when you use one of the websites maintained by DFAT, including the following websites and their sub-domains

More information about privacy and the Smartraveller website is available at Smartraveller privacy.

We may collect the personal information provided to us via online forms on these websites including when you subscribe to a list, register your travel details or purchase a publication. We may also collect cookies, IP addresses and cached information from forms.

Content on DFAT's social media pages is publicly viewable and searchable and is not confidential. More information about how DFAT will handle your personal information when engaging via our website or social media is available at Disclaimer.

We may collect personal information from another source including a third party where you consent, where it is unreasonable or impractical to collect the information only from you or where we are required or authorised to do so by law. For example:

  • in assessing a special circumstances child passport application, we may seek to contact a non‑consenting parent or other persons for further information.
  • we will collect the name and contact detail of guarantors provided by passport applicants on their passport application forms as it is unreasonable or impractical to collect this information directly from a guarantor.
  • we may collect personal information from third parties or publicly available sources, for example in the course of assessing competitive tender and grant applications.
  • we may collect information about individuals whose personal information is collected in the course of, or in connection with DFAT’s aid program and other operations, including in partnership with another country.
  • we may collect personal information from Australian Government agencies and State and Territory Government agencies where required or authorised to do so by law. A list of common agencies are set out below.

DFAT may collect 'sensitive information' about you with your express or implied consent, where the collection is required or authorised by law or where DFAT is otherwise permitted under the Privacy Act.

We may also collect personal information when you communicate with us through social networking services such as Twitter, Facebook, Instagram and YouTube. For example, we may collect your name, social media handle and text or images you post to help us communicate with you and for public outreach and diplomacy activities. See our Social Media Terms of Use for further details.

We may also collect your personal information through monitoring services that access open-source information, such as media monitoring services.

How we store and protect personal information

Personal information held by DFAT in Commonwealth records is managed securely through our recordkeeping system. We take physical and electronic security measures to protect your personal information from misuse, interference and loss; and from unauthorised access, modification or disclosure.

DFAT’s electronic records management system, network drives and virtual server environment are hosted by DFAT within Australia. We secure electronic information using firewalls, secure databases, secure online systems, password protection for electronic files, and multi-factor authentication.

We restrict physical access to our offices and secure physical files using secure cabinets and containers.

Staff members across DFAT have access to personal information on a need to know basis only. Sensitive personal information stored in our databases can only be accessed by authorised users to work on particular enquiries, complaints, applications, and/or cases. These databases have an audit trail whenever personal information is included, amended, or deleted.

When no longer required to be retained as part of a Commonwealth record, personal information may be destroyed. Any destruction of personal information will be made in accordance with the Archives Act 1983.

How we use and disclose personal information

We will generally only use your personal information for the primary purpose for which it was collected. For example, to provide individuals with consular assistance, to assess an application, or to respond to enquiries.

We may also use or disclose your personal information in accordance with the Privacy Act, including where:

  • you have consented to use or disclosure for a secondary purpose
  • you would reasonably expect the information to be used or disclosed for a secondary purpose which is related to the primary
  • purpose, or in the case of sensitive information, where the secondary purpose is directly related to the primary purpose
  • it is required or authorised by or under law
  • it is necessary for our diplomatic or consular functions or activities
  • it is reasonably necessary for an enforcement activity conducted by or on behalf of an enforcement body.

The following are some examples of how we may use and disclose personal information:

  • in a crisis overseas, we may use personal information provided by family members to locate, identify and assist Australians in distress. We may disclose personal information to other agencies and bodies directly involved in the crisis response.
  • if you make an enquiry for information or write to DFAT or one of our portfolio Ministers making representations on a particular issue, we may disclose your personal information to another government department or Minister so that your enquiry or correspondence is addressed by the appropriate entity within parliament or government.
  • if you apply for a scholarship, the personal information provided in your application will be used to assess your application and administer the programme if you are successful. We may disclose your personal information to Australian educational institutions.
  • if you apply and are successful in receiving a grant, we are required by law to pass on your personal information to the Australian Taxation Office.
  • if you apply for an Australian passport we may disclose your personal information in accordance with the law to the immigration department, civil registries and licensing authorities to verify information and assist to establish your identity and eligibility for a passport.

Sometimes, we will pass your personal information to other government agencies or organisations, including overseas governments or organisations, for the purpose of assisting with your enquiry or application, including:

  • Australian Taxation Office
  • Department of Home Affairs
  • Department of the Prime Minister and Cabinet
  • Attorney-General's Department
  • Australian Federal Police and State and Territory police
  • Australian Criminal Intelligence Commission
  • Department of Infrastructure and Regional Development and Cities
  • National Capital Authority
  • Department of Human Services (including Centrelink)
  • Department of Social Services
  • State and Territory child protection agencies.

Disclosure of personal information to overseas recipients

DFAT's core functions include the provision of consular assistance to Australian citizens and the administration of the Australian aid program. In order to fulfil these functions, it is likely that some personal information will be disclosed to overseas recipients. For example, we may disclose your name and travel details to a foreign emergency service so that they may locate or assist you in the event of a crisis or emergency in that country. We operate a network of offices via our overseas posts in order to deliver our services globally.

We do not disclose your personal information to any overseas recipient unless one of the following applies:

  • the recipient is subject to a law or binding scheme substantially similar to the APPs, and you can access mechanisms for protecting their privacy
  • you have consented to the disclosure after being expressly informed that DFAT will not be responsible for the overseas recipient’s handling of your personal information
  • it is required or authorised by or under law
  • we reasonably believe it is necessary for our diplomatic or consular functions and activities or another permitted general situation applies
  • it is required or authorised by an international agreement relating to information sharing to which Australia is a party
  • it is reasonably necessary for an enforcement related activity conducted by, or on behalf of, an enforcement body and the recipient performs similar functions.

How to access or correct your personal information held by DFAT

You can request access to, or correction of, personal information we hold about you by contacting us on the details below. We may ask you to verify your identity before we give you access to, or correct, your information.

We will allow access or correct the information unless we are required or authorised under the Privacy Act, the Freedom of Information Act 1982 or other relevant law to refuse access or correction.

If we do not correct your personal information, we will take reasonable steps to associate a statement with your file which addresses the personal information you believe to be inaccurate, out-of-date, incomplete, irrelevant or misleading upon request.

How to opt-out from email subscription lists

If you receive emails via a subscription to one of our mailing lists you are able to manage your subscription or opt-out (unsubscribe) from further emails using the links provided in the message. If you are unable to find opt-out instructions or you continue receiving messages after opting out, please send an email to subscription.management@dfat.gov.au for assistance.

Complaints

We take your privacy seriously and make all efforts to protect your personal information from misuse, interference, and loss; and from unauthorised access, modification or disclosure.

If you wish to make a complaint about how DFAT deals with your personal information, you can contact us on the details below.

To assist DFAT to gather relevant information about your complaint, please provide as much information as possible in describing how you think your privacy has been interfered with, including:

  • What happened
  • When it happened (including dates)
  • What personal information of yours was affected
  • Who did it (include individual names if known)
  • How and when you found out about it
  • Your contact details
  • Any other relevant information, including what, if any, outcome you might be expecting from the complaint process.

If the alleged privacy breach involves personal information which does not belong to you, we will ask for evidence that you have authority to act on behalf of the person before proceeding any further. Your complaint will be considered by a DFAT officer who has not been involved in the conduct about which you are complaining.

We will provide a written response to your complaint. If a breach of the APPs has been identified as a result of your complaint, we will advise you of the findings. We aim to provide you with a response within 30 days.

If you are not satisfied with our response, you may wish to submit a complaint to the Office of the Australian Information Commissioner:

Telephone: 1300 363 992
Email: enquiries@oaic.gov.au 
Mail: 
Director of Privacy Case Management
Office of the Australian Information Commissioner
GPO Box 5218
SYDNEY NSW

You may also complain directly to the Office of the Australian Information Commissioner (OAIC) rather than to the Department. If you make a complaint directly to the OAIC the OAIC may recommend that you try to resolve the complaint directly with the Department in the first instance.

How to contact us

Telephone: +61 2 6261 1111
Email: privacy@dfat.gov.au
Mail: 
Director, Privacy Law, Legislation and Assurance Section
Department of Foreign Affairs and Trade
RG Casey Building
John McEwen Crescent
BARTON ACT 0221

From time to time, we will review and revise this Privacy Policy. We reserve the right to amend this policy at any time and any amendments will be notified by posting an updated version on our website.

Last updated: January 2024

Privacy Impact Assessment Register

Privacy Impact Assessment (PIA) Register
 

Back to top Back to top