IPC Privacy Statement & Privacy Policy

IPC Privacy Statement

Government agencies are required to comply with the Information Protection Principles (IPPs) in the Privacy and Personal Information Act 1998 (PPIP Act). These regulate the collection, storage, use and disclosure of personal information held by government agencies.

Your personal information

Any personal information you provide to us will be used and disclosed for the Information and Privacy Commission's (IPC) purposes, or a directly related purpose, unless you consent to another use or disclosure, in emergencies or as otherwise required or authorised by law. This website does not use cookies to collect personal information.

At this stage, the provision of information to the IPC is voluntary; no law requires you to provide any personal information to the IPC.

Under the PPIP Act, you have the right to access your personal information held by the IPC, without excessive delay or expense. You also have the right to have your personal information corrected in certain circumstances (e.g. if it is inaccurate). Should you wish to access or correct your personal information, please make a written request to the IPC by:

For more information, please read the IPC Privacy Management Plan.

If you have any queries about this privacy statement, please contact the IPC.

IPC Privacy Policy

How the IPC collects personal and health information

We may collect your personal and health information in order to perform our services and functions. This includes if:

  • You make an enquiry to the IPC
  • You make an application to the IPC for an external review
  • You make an application to an agency for an internal review and the agency notifies us
  • You make a complaint to the IPC about the conduct of an agency
  • You provide feedback to the IPC on the laws it administers
  • You apply to work with the IPC
  • You ask to be included on our subscriber, mailing or contact lists.

For further information on how we collect your personal and health information, see the IPC's Privacy Management Plan. The IPC’s Privacy Management Plan sets out how the IPC complies with the principles of the Privacy and Personal Information Protection Act 1998 (PPIP Act) and the Health Records and Information Privacy Act 2002 (HRIP Act). 

How information is managed by the IPC

We may use, store and disclose your personal and health information to perform our services and functions.

We may use the information  that we have collected to:

  • conduct or oversee reviews or complaints
  • refer a complaint to a relevant authority
  • advise the Commissioners, our staff and our stakeholders on recurring trends and issues
  • educate our stakeholders about particular issues through published reports.

The IPC securely stores personal information electronically and in hard copy files. 

How to access and revise your information

Under the Privacy and Personal Information Protection Act 1998 (NSW) (PPIP Act) you have the right to access your personal information held by the IPC, without excessive delay or expense.

You also have the right to have your personal information held by us corrected in certain circumstances, for example if it is inaccurate.

To access or amend your personal and/or health information that we hold, simply contact the IPC with your request.

For more information, please contact the IPC.