The Personal Information Protection Act 2004 (the Act) commenced operation on 5 September 2005.

Under the Act, the Department of Treasury and Finance (the Department) is the custodian of personal information collected, and its collection, use and disclosure is governed by the Act.

Personal Information is defined under the Act as any information or opinion in any recorded format about an individual -

We value the privacy of every individual's personal information and are committed to protecting the information we collect and use. 

The following policy statement addresses the principles applied by the Department in order to protect your personal information.

Personal information collected by the Department may include names, addresses and telephone numbers, together with any specific information about a person that may be required for the purpose of discharging departmental functions.

The Department primarily collects personal information in order to perform the following functions:​

Personal information may also be collected for the administration of security controls and measures to provide and maintain a safe working environment for our employees, contractors and visitors, and for the administration of a secure physical environment for the Department's information, resources and assets.

Personal information will be used only for the purposes outlined above. Your personal information will only be disclosed with your consent, or, if it is required by or authorised by law. For example, there may be a need or requirement to disclose some or all information the Department collects to contractors and agents of the Department, law enforcement agencies, courts, or other public sector bodies.

The Act also permits the disclosure of "basic personal information" (that is, name, address, date of birth and gender) that is collected in conjunction with the provision of a service to other public sector bodies.

Some de-identified personal information the Department has collected may be used in research, statistical analysis, state or national reporting, awareness programs, public statements or training, but not in a way to compromise the protection of personal information.

Personal information in written submissions on policy matters or matters of public consultation may be disclosed in reports that are made public, unless the submission was made and/or accepted on a confidential basis.

The Department takes reasonable steps to ensure that the personal information it holds is accurate, complete and up to date. Where practicable, the Department will check on the accuracy of your personal information before it is used.

All staff are bound by confidentiality requirements under section 9 of the State Service Code of Conduct (State Service Act 2000). Treasury staff who have a requirement to access information collected by the State Revenue Office are bound by secrecy and confidentiality provisions including section 76 of the Taxation Administration Act 1997, section 40 of the First Home Owner Grant Act 2000 and section 52 of the HomeBuilder Grants Act 2020. Similarly Treasury staff who need to access information for the purposes of the administration of the Gaming Control Act 1993 are bound by the secrecy provision under section 157 of that Act.

The Department uses a number of procedural, physical, and technical safeguards, including access controls, secure methods of communication and back-up and recovery systems to protect information from misuse,loss, unauthorised access, modification and disclosure. These are administered in accordance with the Department's overarching security policy and ICT security policy.

Generally, information is destroyed or permanently de-identified when it is no longer required, and is disposed of in accordance with processes approved by the State Archivist under the Archives Act 1983.

The Department takes reasonable steps during the collection and modification process of the data to ensure personal information collected and used is accurate, complete, up to date and relevant to its functions. For this purpose, some fields/information are mandatory when providing personal information to the Department.

Sensitive information includes but is not limited to health information, criminal record, political opinions and membership of political associations, racial or ethnic origin and religious or philosophical beliefs, membership of professional or trade associations or trade unions, sexual preferences. Generally, the Department will only collect sensitive information if it is necessary and with your consent, or if the collection of that information is required by law.

If you are making a general enquiry, it may not be necessary to identify yourself. If you want to obtain a service, however, identification may be necessary in order to provide appropriate advice and/or services.

The Department does not assign unique identifiers to people unless it is necessary for us to carry out our functions efficiently or is required by law. Nor does the Department adopt as our unique identifiers the unique identifiers from another organisation. The Department may, however, collect the unique identifiers assigned to you by another organisation, but will not disclose these without lawful authority.

The Act provides that, upon request, you can access your personal information held by the Department. Any such request is to be in writing addressed to the Department and must include an address to which a response can be made as well as proof of identify to confirm the authenticity of your request.

If you consider the personal information to be incorrect, incomplete, out of date or misleading, you can request that the information be amended by specifying the amendm​ents that you want made.

If the Department refuses your request or does not respond within 20 working days, you may make a second request which will be processed in accordance with the provisions of section 13 of the Right to Information Act 2009. Depending upon the nature of the request, a fee may be charged in accordance with section 16 of the RTI Act.

For further information see our right to information page or contact the Department's Right to Information Coordinator by telephone 03 6166 4071 or by email: rti@treasury.tas.gov.au.

If you are not satisfied with the handling or outcome of your request to access your personal information (or the Department's correction of your personal information), you can lodge a complaint with the Ombudsman. The Ombudsman's Office can be contacted on 1800 001 170 (free call in Tasmania) or 1300 766 725 (cost of local call anywhere in Australia), and by email at ombudsman@ombudsman.tas.gov.au​.

Branches of the Department, including the State Revenue Office and Liquor and Gaming, are law enforcement agencies under the Act. These Branches may collect and use ‘law enforcement information’ in the course of their operations. Where personal information amounts to law enforcement information, it may not be subject to the same restrictions as other forms of personal information. In particular, a Branch may not require your consent to collect or use personal information that otherwise would be required. Further information about law enforcement information can be found in section 9 of the Act.​