Our commitment to privacy and security

This information below is specific to the EPA website and online newsletters.

Your rights to privacy

The EPA must comply with the Privacy and Personal Information Protection Act 1998 (NSW), which regulates the collection, storage, quality, use and disclosure of personal information. Information that in some way identifies you may be gathered when you use our website or send us an email.

The Privacy Management Plan (PDF 911KB) defines personal information and provides details about the privacy principles that the EPA follows when dealing with personal information.

Collection of information

Information collected from web browsing

When you view this website, we collect the following information:

  • your IP (internet protocol) address or host name eg. 123.123.123.12 or xxx.yyy.com.au
  • the date and time you visited the website
  • the pages or documents you attempted to view or download, and whether those pages or documents were displayed
  • the web browser and operating system you are using
  • the previous site you visited, if you reached our website by clicking on a link
  • whether you have previously visited our website (only if you accept cookies).

Facebook Pixel Re-Marketing

We use, from time to time, Facebook Pixel Re-Marketing on our website to collect analytics and deliver ads to make them more relevant to you if you are a Facebook user.  We do not collect any personal information or data that identifies you through Facebook Pixel Re-Marketing.

However, the data collected by Facebook Pixel Re-Marketing is stored on Facebook’s servers and is accessible by Facebook. For more information about this, please see Facebook’s data use policy.

If you are a Facebook user, you can opt-out of Facebook Pixel Re-Marketing through the settings on your Facebook Account.

Information collected from online forms and services

When you submit a form on this website (see feedback), or provide information as part of using an online service, we collect information from this activity. This information may include personal and organisational details such as your full name, phone number, business name and ACN details, email address and street address.

Clicking on the 'submit' button on the form acts as your consent for the EPA to collect the information you have provided. Before you submit this information we will take reasonable steps to inform you of:

  • where applicable, any law that requires the particular information to be collected
  • which fields are mandatory and which are optional. 

Information collected from email

If you send us an email, we will record your email address for the purpose of responding to you.

Use and disclosure of information collected

Information collected from web browsing is used to identify patterns of usage of this website. This will help us to improve our website and the electronic services offered on it.

Information collected from forms, newsletters and email will only be used for the purpose for which you have provided it. We will not use it for any other purpose, nor will we disclose it, unless with your consent or in other circumstances where such use or disclosure is permitted under the Privacy and Personal Information Protection Act 1998. For example, we may provide the information you have submitted to another public authority in the course of administering environment protection legislation.

Your personal information (including your email address) will not be automatically added to a mailing list, or sold or otherwise transferred to a third party for commercial purposes.

Government Information (Public Access) Act 2009

The Government Information (Public Access) Act 2009 (GIPA Act) confers on the public a right to access information held by a government agency, including electronic information like transactions through the web. If information is sought by a third party under the GIPA Act that affects your research, business, commercial, professional or financial interests or your personal information, we will seek your views if you are likely to have concerns about the disclosure of the information before making any decision about releasing the information.

Storage of personal information

Access - under the Privacy and Personal Information Protection Act 1998 you have the right to access and change personal information the EPA holds about you, such as your address and phone number(s).

Accuracy - we are committed to ensuring that the information we hold is accurate, complete and up to date, so we encourage you to advise us if the information you have given us has changed. If you believe our information is inaccurate, please contact us and we will correct the information.

Retention - we will retain the information you have provided for a period that is appropriate for the purpose for which it was provided. Your information will be archived and disposed of in accordance with EPA policies, legislative requirements and guidelines based on the NSW State Records Act 1998.

We take reasonable steps to protect information during transfer and storage. Physical measures, such as building and equipment security, are used in conjunction with digital technology, such as data encryption and firewalls, to minimise unauthorised access to information.

Data Breach Policy and Public Notification Register

Data Breach Policy

The EPA has developed a Data Breach Policy which will outline our approach to complying with the Mandatory Notification of Data Breach Scheme, including role and responsibilities for:

  • containing, assessing and managing data breaches  
  • notifying and reporting on 'eligible data breaches'.  

Public Notification Register

A public notification of a data breach will be made when it is not reasonably practicable to directly notify anyone affected by the breach.

Notifications will remain on the register for 12 months.

There are no current public notifications.

 

 

Page last updated