The Vision of the ACT Human Rights Commission is:
An inclusive community that respects and realises the rights of everyone
We only collect, receive, hold, use and disclose information about you to help you and to carry out our responsibilities under ACT laws including:
We will only share your information as required or allowed by law. If we share that information with other government agencies, they also have to handle your information under the Information Privacy Act.
The Commission is independent from the ACT Government. Our four Commissioners promote the human rights and welfare of all people living in the ACT. Each Commissioner and their specific responsibilities are described in our Operations Protocol (on page three).
We work in a fair and accessible way to resolve complaints, including about disability and health services, discrimination, sexual harassment, victimisation and services for older people and children and young people.
We provide individual advocacy for vulnerable members of the community and protect the rights of children and young people, and of people with disability.
We also provide support, advocacy and financial assistance to victims of crime.
We only collect information about you in ways that are lawful and fair as required or allowed by law. We only collect information about you with your informed consent or where we need it for our work.
How: We collect information from you in many ways, including through complaint forms, in letters or emails to and from you, over the telephone and by fax or in person.
From who: We usually collect information from you directly. However, we may collect your information from other people, organisations or government bodies where you agree, or the law requires or allows us to. When it is not safe or reasonable to ask you directly or we cannot find you, we can ask for information about you from others.
Social media: We can also collect information about you if we need to from social media that anyone can see.
Notice: We will usually give you notice before we collect information about you or as soon as we can after we collect it. Sometimes the law allows us not to tell you when we collect information about you.
Sensitive information: We are especially careful when we collect sensitive information about you, such as your race, your sexuality, your political opinion, your religion, your criminal record or whether you are a victim of crime.
We will not usually collect your sensitive information without telling you why we need to collect it and asking you to consent. Sometimes we can collect your sensitive information without telling you and asking for your consent if:
Health information: We can only collect information about your health for a lawful purpose directly related to our work as allowed by the Health Records (Privacy and Access) Act 1997.
Anonymous information: If you ask us, we can sometimes help you even if you do not give us your name or you use a made-up name. However, at other times, such as when you make a complaint, we will need your real name and details so we can fairly and efficiently respond.
How we use it: We will not usually use your information for a particular purpose unless you have allowed us to or would reasonably expect us to. However, sometimes, laws may mean that we can use your information, without asking you so that we can:
When we share it: We will only share your information with other people or organisations if you agree or where we must, because laws require us to, including to:
Who we share it with: The following people, organisations or government bodies sometimes ask us for your information:
How you can access information: You can ask us for access to any information we hold about you. We must respond within 30 days. We will try to provide your information in the form you want. We do not charge access fees unless required by law.
Refusing access: Sometimes we cannot give you access to information if a particular law does not allow us to. We do not generally allow access to information about complaints or our inquiries under the HRC Act.
We may also delete parts of information to respect someone else’s privacy.
Where we do not give access to information, we will tell you why in writing.
How we keep accurate information: We take steps to make sure that we collect, hold, use or share information about you that is accurate, up-to-date and complete. We may sometimes check your details with you and update our records if necessary.
Updates: If you find that our information about you is not correct, you can ask us to correct or update it, and to also suggest that agencies we have shared it with update it too.
Refusing changes or updates: At times we may decide not to change information about you. We will tell you why in writing within 30 days and let you know how to challenge our decision.
How we keep your information secure: The Information Privacy Act and the ACT Protective Security Policy Framework require us to take steps to make sure that your information is safe and secure. We limit data access on a need-to-know basis, use firewall and password protections, restrict access to our office and store paper files securely.
How we respond to loss or misuse of information: If your information is accidentally released, lost or accessed we will:
How we review and back up information: We regularly review our processes and data security so that we can prevent your information being accidentally released, lost or misused. We are also aware of the risks of natural disaster and so back up your data regularly to avoid losing it.
How long we keep it: The Territory Records Act 2002 requires us to keep records of our work and hold them for certain periods of time. If we do not need to use, share or keep information about you any longer, we will delete any information that identifies you or destroy it.
If you are unhappy with how we have handled information about you, you can complain to us in writing (by letter or email). If you ask, we will help you to write your complaint.
How we handle your complaint: We will tell you we have received your complaint as soon as we can. We then consider your complaint to work out how we can resolve it. We will usually respond in about four weeks.
If you are still unhappy: If you are still unhappy, you may be able to make a formal privacy complaint to the Office of the Australian Information Commissioner (OAIC).
The OAIC considers privacy complaints against the HRC.
The OAIC’s mailing address is GPO Box 5218 Sydney NSW 2001.
For more information about making a privacy complaint, you can contact the OAIC by email at firstname.lastname@example.org or consult the Office of the Australian Information Commissioner website.