Our Privacy Vision <p>At Australia Post, we know privacy is important to you – it is to us too.
That’s why we’re committed to maintaining your trust by protecting your privacy, keeping you informed about how we handle your personal information and keeping your personal information safe and secure.
This Privacy Statement applies to Australia Post and all Australian-based subsidiaries of the Australia Post Group.</p> How do we collect and hold personal information? <p>Australia Post does more than just deliver your mail.
That means there are lots of ways you interact with us, and many ways we might collect personal information about you.
We may collect your personal information when you:</p>
<ul>
<li>shop online and order a parcel through a merchant that uses our delivery services</li>
<li>contact our customer services team</li>
<li>are sent a parcel by someone else</li>
<li>create or update an account with us, such as your MyPost or MyPost Business account</li>
<li>order, purchase or use one of our products or services</li>
<li>interact with us in person, on our website or on our mobile apps</li>
<li>fill in an application online or in one of our Post Offices</li>
<li>undertake a transaction in our Post Offices or online, such as an identity check or a banking transaction.</li>
</ul> What personal information do we collect? <p>The information we collect may include:</p>
<ul>
<li>
<b>Contact information</b> – for example, your name, address, phone number or email for purposes such as providing our services, communicating with you or providing delivery tracking</li>
<li>
<b>Identity information </b>– for example, your ID document details for purposes such as facilitating some financial transactions or for us to verify your identity on behalf of another organisation</li>
<li>
<b>Financial information </b>– for example, your account name, credit card details, BSB and account number for purposes such as when you make a payment or undertake a Bank@Post transaction</li>
<li>
<b>Information when you visit our websites or use our mobile apps</b> – for example browser type, web pages visited, or your IP address</li>
<li>
<b>Information about your use of our products and services </b>– such as which products you use, and your preferences relating to those products</li>
</ul> Why do we collect, hold, use and share personal information? <p>The primary reason we collect, use or share your personal information is to enable the delivery, development and improvement of our products and services and to keep you informed.</p>
<p>We may also collect, use, or share this personal information for other purposes, such as:</p>
<ul>
<li>to send you parcel notifications and service messages about important updates impacting our services</li>
<li>to contact you or reach customers like you about our other products and services, either directly, such as via email or mail, or via other channels, including social media platforms and websites.
Sometimes, you might tick a box to let us know you would like to receive marketing, and sometimes we might gather from your interactions and relationship with us, that you would like to hear about our other products and services.
You can always opt out of marketing by following the instructions on the message, email or letter you receive or by reaching out to our customer services team on the contact details below</li>
<li>to develop and improve our products and services and improve the safety of our people, customers and community.
Sometimes this may involve combining data that we have with other sources of data and information from other sources and organisations such as the Australian Bureau of Statistics (ABS)</li>
<li>to produce and provide insights, trends, and other relevant information to the public and our customers in a way that does not identify you to anyone receiving the insight and trend information</li>
<li>where permitted, authorised or required by an applicable law, such as to Australian Government agencies, overseas postal and delivery services and international governmental agencies, AUSTRAC to meet transaction reporting obligations, or to the Australian Crime Intelligence Commission (ACIC), State or Federal Police or Border Force for crime related investigations</li>
<li>to verify your identity in person or digitally, using third-party business partners to check your details back to the source</li>
<li>to undertake a commercial credit check when you apply for a business credit account</li>
<li>to process your application for our products or services, or on behalf of third parties such as merchants, banks, or government agencies</li>
<li>to better understand your personal preferences when you use our products, services, and website, and to adapt your experience to best suit you</li>
<li>to link your accounts and product or service holdings, to provide you with a more seamless user experience</li>
<li>to identify and better interact with your device using cookies or other similar technologies.<br>
</li>
</ul> When do we share personal information? <p>To fulfil some of the activities we’ve mentioned, we may need to share your personal information with other parties.
These may include specialist information technology companies, cloud service providers, mail houses or other contractors helping us to deliver our services.
We require these parties to protect your information as carefully as we do.
Sometimes, this may also include our own subsidiaries.</p>
<p>Where you undertake a transaction processed by us on behalf of an agency or merchant, we may also share some information back with that third party to complete the transaction or keep them informed.</p>
<p>
<b>Overseas use and disclosure:</b>
</p>
<p>When you send letters or parcels overseas, we may send personal information to countries outside Australia to facilitate the delivery.
This information may be handled in line with the laws and customs of those countries.
Similarly, when you receive an article from overseas, delivery to you within Australia is under Australian privacy laws, even though you may have provided your personal information under the laws of another country.</p>
<p>Sometimes, we use systems or service providers located in other countries.
When we do this, we will ensure your personal information is managed in a way that is consistent with Australian privacy law and this Privacy Statement, even if we need to undertake to comply with the applicable laws of those other countries.</p>
<p>We use service providers in other countries, including:</p>
<ul>
<li>Japan</li>
<li>United States of America</li>
<li>Singapore</li>
<li>European Union</li>
<li>New Zealand</li>
<li>India</li>
<li>the Philippines<br>
</li>
</ul> Other obligations of Australia Post <p>Australia Post has privacy and information management obligations in addition to those in the Privacy Act, which may impact how we handle information, including your personal information.
These include:</p>
<p>The Archives Act – As a Government Business Enterprise, Australia Post has obligations under the Archives Act 1983, which requires us to keep information for varying lengths of time.</p>
<p>Australian Postal Corporations Act – The Australian Postal Corporation Act 1989 includes limitations on how we use information as well as some permitted situations where we may disclose articles and their contents, such as where reasonably necessary for law enforcement activities.</p> Children’s privacy <p>Australia Post believes it is important to provide added protection for children.
We encourage parents and guardians to spend time online with their children to participate in and monitor their online activity.</p>
<p>When we provide a product or service that intentionally collects personal information from children, such as a police check, we will use reasonable efforts to confirm parent or guardian consent prior to the collection and use of personal information.
The way we do this may vary depending on the information, product, service, or event that the child wishes to participate in.
Consent may take a variety of forms such as printing and submitting a permission form by mail, or online consent such as by ticking an online check box that parental or guardian consent has been obtained.</p>
<p>Parents or guardians may, subject to any applicable laws, request that information collected from their child be deleted.<br>
</p> Access to personal information <p>You have a right to request access to your personal information, and we want to make it easy for you to do so.
The information you would like access to may be on your MyPost account, or easily accessible by contacting our customer services team.</p>
<p>If you can’t find what you’re after, you can contact us via our details below.
Once we receive your request, and subject to relevant privacy laws, we will respond to your request within a reasonable time – usually within 30 days.
We ask that you identify, as clearly as possible, the type/s of information requested.
In some cases, we may need to verify your identity before we share information with you.</p>
<p>We may not be able to provide access to all your personal information.
In some situations, the law permits us to refuse your request to provide you with access to your personal information.
For example, where giving access to your information would have an unreasonable impact on the privacy of other individuals, or would pose a serious threat to the life, health, or safety of any individual or to public health or public safety.<br>
</p> Correction of personal information <p>Ensuring your personal information is accurate and up to date is crucial for the delivery of many of our services, and you have a right to request the correction of your personal information.
We try to make this easy for you, and you’ll see opportunities to update your details throughout our product and service offerings, such as our MyPost app.
If you’re unsure about how to do this, you can contact our customer services team on the contact details listed below.</p> Complaints and how complaints are handled <p>We understand that from time to time, you may have queries or concerns about how we handle your personal information.
We’re committed to working with you to obtain a fair resolution of any of your complaints or concerns about privacy.<br>
</p>
<p>Our customer services team is well equipped to assist and respond to many requests and if you raise a privacy concern requiring further escalation, your enquiry is sent through to our Privacy Office for review and guidance.
</p> How to contact us <p>To contact us with a privacy related complaint or a privacy question, you can:</p>
<ul>
<li>call our Customer Contact Centre on<b> 13 POST</b> (13 76 78) between 9.00am and 5.00pm EST Monday to Friday</li>
<li>write to us at:</li>
</ul>
<p>Australia Post Group<br>
Privacy Contact Officer<br>
GPO Box 1777<br>
Melbourne Vic 3000</p>
<ul>
<li>email us</li>
</ul>
<p>If you remain unsatisfied after your complaint has been addressed by our Privacy Office, you may contact the Office of the Australian Information Commissioner by:</p>
<ul>
<li>calling their Privacy Hotline on 1300 363 992</li>
<li>visiting the Office of the Australian Information Commissioner (OAIC) website.</li>
<li>writing to:</li>
</ul>
<p>The Australian Information Commissioner<br>
GPO Box 5218<br>
Sydney NSW 1042<br>
</p> Changes to this Privacy Statement <p>We may update this Privacy Statement from time to time.
The version you are reading now was updated in June 2021.</p> Privacy Impact Assessment Register <p>The Privacy Impact Assessment (PIA) Register records PIAs undertaken since the commencement of the Privacy (Australian Government Agencies – Governance) Code 2017, which requires we undertake a PIA on high privacy risk initiatives.
The PIA Register below has details of assessments completed since the Code came into effect on 1 July 2018.</p>
<p> </p> Date of Completion
Title of Privacy Assessment
September 2018
<p>
<b>Title of Privacy Assessment</b>
</p>
<p>Digital iD</p> December 2018
<p>
<b>Title of Privacy Assessment</b>
</p>
<p>Trust Check</p> January 2019
<p>
<b>Title of Privacy Assessment</b>
</p>
<p>Enterprise Data Analytics Platform</p> March 2019
<p>
<b>Title of Privacy Assessment</b>
</p>
<p>Workforce Verification</p> August 2019
<p>
<b>Title of Privacy Assessment</b>
</p>
<p>Time and Attendance</p> February 2020
<p>
<b>Title of Privacy Assessment</b>
</p>
<p>Learning Management System Phase 3</p> March 2020
<p>
<b>Title of Privacy Assessment</b>
</p>
<p>Secure Email Gateway</p> April 2020
<p>
<b>Title of Privacy Assessment</b>
</p>
<p>Temperature Checks</p> April 2020
<p>
<b>Title of Privacy Assessment</b>
</p>
<p>COVID 19 Safety Investigations</p> August 2020
<p>
<b>Title of Privacy Assessment</b>
</p>
<p>Financial Crimes Platform</p> September 2020
<p>
<b>Title of Privacy Assessment</b>
</p>
<p>Extended Workforce Compliance Management System</p> December 2020
<p>
<b>Title of Privacy Assessment</b>
</p>
<p>Visitor and Contractor COVID Declarations</p> March 2021
<p>
<b>Title of Privacy Assessment</b>
</p>
<p>Even Management Reimagined</p> April 2021
<p>
<b>Title of Privacy Assessment</b>
</p>
<p>Modernise Injury Management and Safety Systems (MIMSS)</p> April 2021
<p>
<b>Title of Privacy Assessment</b>
</p>
<p>Digital iD TDIF Privacy Assessment</p> May 2021
<p>
<b>Title of Privacy Assessment</b>
</p>
<p>Business Credit Account</p> June 2022
<p>
<b>Title of Privacy Assessment</b>
</p>
<p>Digital iD</p>