Introduction
This privacy statement explains:
- how and why the department may collect, store and disclose your personal information and for what purpose; and
- how to access and/or correct your personal information that is held by the department.
This statement explains the department's approach to personal information handling practices in recognition of our commitment to the privacy provisions under the Privacy and Responsible Information Sharing Act 2024 (“WA privacy legislation”), anticipated to commence in 2026.
Until such time as the WA privacy legislation comes into effect, this statement follows the WA government's interim privacy position that requires our actions to be consistent with applicable Australian Privacy Principles set out in Schedule 1 to the Privacy Act 1988 (Cth), with primary emphasis upon Principle 6 — “use or disclosure of personal information”.
Application
This statement applies to the Department, its employees and all persons conducting business or activities on behalf of, or with, the department, including visitors, service providers, contractors and volunteers.
Approach
The Department aims to implement a ‘privacy by design and default’ approach to managing personal information. This means that we will ensure that privacy protections are embedded into the design and architecture of our information technology systems and physical infrastructure from conception.
As a standard business practice, the department will identify and minimise privacy risks associated with any policy changes or new projects This will assist the department’s aim of managing your personal information in an open and transparent way.
In this statement, the term “personal information” is used to refer to any information or opinion about an individual (living or deceased) that could reasonably be used to identify them. The information or opinion does not have to be true or in a written form.
An individual could be a member of the public, an employee, contractor, supplier or any other stakeholder the department corresponds or engages with.
What is sensitive information?
‘Sensitive information’ is used in this statement to refer to a specific type of personal information which generally has a higher level of privacy protection than other personal information.
Sensitive information is personal information that contains information or an opinion about specific characteristics of a person including:
- racial or ethnic origin;
- political opinion or association;
- religious beliefs or affiliations;
- philosophical beliefs;
- trade or professional associations and memberships;
- union membership;
- sexual orientation or practices;
- criminal record;
- health or genetic information; or
- certain biometric information.
The department will typically collect your personal information directly from you. Sometimes the department may collect personal information obtained from your authorised representative or a third party.
The department collects and holds different types of personal information, such as:
- Who you are:
- Name, signature
- age, date of birth, gender
- photographs, videos, audio-visual recordings
- Your contact details:
- street and/or postal address
- telephone/mobile number, email address
- emergency contact details, next of kin, referee details
- If you were, or currently are, an , contractor or service provider:
- current and/or former employer, contractor and volunteer roles
- education, training, qualifications and experience
- hours of work, remuneration, leave records
- current and/or past performance, professional development, discipline or performance case management
- tax file number and superannuation fund details
- records of engagement, resignation and termination
- Financial information:
- bank account
- credit card details
- Licensing, approvals and permits:
- driver’s licence, fishing licence, equipment licence, and other approvals, licences and permits
- vessel and vehicle details
- citizenship, passport and/or visa information, travel details
- Information you give to the department via our surveys, forms (hard copy and electronic), attendances at department events or visits by our representatives
- The products and services you have applied for or enquired to the department about, together with any information provided that was necessary to deliver those products and services to you or respond to your enquiries
- Online information including information posted on our websites and social media platforms, cookie and clickstream data (unless disabled by you)
- Other types of personal information as may be collected from time to time in connection with carrying out the department’s functions and activities.
Sensitive information collected
The department may also collect a range of sensitive information about you, including your:
- Criminal records, for example as part of a WA national criminal history check
- Health information, for example health information collected under the Workers Compensation and Injury Management process
- Racial or ethnic origin, for example Indigenous background
- Religious beliefs or sexual orientation, for example, where volunteered by participants in the department’s diversity, equity and inclusion programs
- Other types of sensitive information as may be collected from time to time in connection with carrying out the department’s functions and activities.
The Department collects and uses your personal information to perform its powers, functions and activities, including for the following purposes:
- Administering its legislation (related to agriculture, fisheries and regional development) including for the grant of licences, permits and authorisations. We may collect personal information from applicants for the purpose of compliance with legal and regulatory standards.
- Managing biosecurity measures to protect the State’s agriculture and aquatic resources. For example, we may gather personal information from individuals who report pests, diseases, or participate in control programs to monitor and manage biosecurity threats.
- Conducting research to advance the State's primary industries. We may collect personal data from farmers, fishers, and community members to facilitate participation in surveys, trials, or consultations.
- Offering programs, grants or subsidies to support regional communities and industries. We may collect personal information to assess eligibility and provide assistance.
- Managing reports made to the department related to such matters as animal welfare, biosecurity, fish kills, or illegal fishing activities. We may collect personal information from a person reporting to enable us to undertake follow-up actions and ensure effective incident management.
- Engaging with the public through consultation, surveys, and feedback forms to inform policy and program development. We may collect personal information which allows us to facilitate further communications if necessary.
- Providing training and accreditation for industry participants. We may collect personal details to assist us to manage registrations, certifications, and maintain training records.
In certain circumstances, you may choose to remain anonymous when interacting with us unless we require some of your personal information for us to do our work. For example, we may require personal information when investigating offences under the legislation we administer or to assess your eligibility for a grant or a licence, or other authorisation.
The department endeavours to not disclose personal information for purposes other than the primary purpose for which it was originally collected except in some specified circumstances such as:
- where you have consented to disclosure for a secondary purpose, different to the one which you had originally agreed to;
- where the secondary disclosure is authorised or required by law;
- where the department believes the secondary disclosure is necessary for such things as law enforcement activities or managing public safety;
- to take part in, initiate, or respond to legal proceedings; or
- where you would reasonably expect the Department to use it for that secondary purpose, for example in emergency situations.
The department does not ordinarily disclose personal information overseas. We will inform you before collecting your personal information if, at the time of collection, we intend to use that information for overseas-based services or activities.
The department holds personal information in a range of electronic, paper based and audio-visual records (including in cloud-based applications and services). We take reasonable steps to ensure the personal information we collect is held in a safe and secure manner to protect personal information from:
- unauthorised access or disclosure;
- changes;
- misuse; and
- loss and harm.
Personal information that we hold is managed securely through our record-keeping systems. We ensure that we safeguard our IT systems against unauthorised access and physically secure our paper-based files in on-site or off-site locations.
The department complies with the WA Government Cyber Security Policy, related security standards, and risk management practices. Personal information is protected by an appropriate level of cyber security controls documented within the department’s Cyber Security Manual.
We also ensure that we appropriately control staff access to personal information within our systems.
The department will comply with all legal requirements in relation to the retention and destruction of records containing personal information, including information management requirements in the State Records Act 2000 and the State Records Commission Standards.
When personal information is no longer required to be retained, we will delete or destroy it in accordance with the approved Retention and Disposal Authority and the department’s Recordkeeping Plan.
You have a right to request access to personal information we hold about you, and if that personal information is not correct, you may request we correct it.
- If you are a member of the public, you can download an application form for access or correction of personal information from our Freedom of Information at DPIRD There is generally no charge associated with making a request and we will process these requests as soon as possible, or in most cases within 45 days.
- If you are a current or former employee, a workforce contractor or an external stakeholder then, in the first instance, you can submit a request via email or letter to the relevant business area within the department. For example, applicants for a grant program may first contact the program administrator. You may also use the contact details at the end of this statement or, if the nature of your request is less straightforward, apply using the Freedom of Information process.
You can browse the general content of the department’s website without disclosing your personal information. However, some of the functionality of the site may require you to provide personal information.
Examples of this include where you wish to make an enquiry. We may need to collect, use or disclose your personal information to allow us to answer your enquiry or process your transaction.
The department’s website terms of use are available to view at: www.dpird.wa.gov.au.
Privacy enquiries and complaints
You can contact our Privacy Officer if you have questions, need information or would like to lodge a complaint about the way the department has handled your personal information.
-
Privacy OfficerDepartment of Primary Industries and Regional Development
Locked Bag 4, Bentley Delivery Centre WA 6983