Privacy and security
This information below is specific to the EPA website and online newsletters.
Your rights to privacy
The EPA must comply with the Privacy and Personal Information Protection Act 1998 (NSW), which regulates the collection, storage, quality, use and disclosure of personal information.
Information that in some way identifies you may be gathered when you use our website or send us an email.
Collection of information
Information collected from web browsing
When you view this website, we collect the following information:
- your IP (internet protocol) address or host name eg. 18.104.22.168 or xxx.yyy.com.au
- the date and time you visited the website
- the pages or documents you attempted to view or download, and whether those pages or documents were displayed
- the web browser and operating system you are using
- the previous site you visited, if you reached our website by clicking on a link
- whether you have previously visited our website (only if you accept cookies).
Information collected from online forms and services
When you submit a form on this website (see feedback), or provide information as part of using an online service, we collect information from this activity. This information may include personal and organisational details such as your full name, phone number, business name and ACN details, email address and street address.
Clicking on the ‘submit’ button on the form acts as your consent for the EPA to collect the information you have provided. Before you submit this information we will take reasonable steps to inform you of:
- where applicable, any law that requires the particular information to be collected
- which fields are mandatory and which are optional.
Information collected from email
If you send us an email, we will record your email address for the purpose of responding to you.
Use and disclosure of information collected
Information collected from web browsing is used to identify patterns of usage of this website. This will help us to improve our website and the electronic services offered on it.
Information collected from forms, newsletters and email will only be used for the purpose for which you have provided it. We will not use it for any other purpose, nor will we disclose it, unless with your consent or in other circumstances where such use or disclosure is permitted under the Privacy and Personal Information Protection Act 1998. For example, we may provide the information you have submitted to another public authority in the course of administering environment protection legislation.
Your personal information (including your email address) will not be automatically added to a mailing list, or sold or otherwise transferred to a third party for commercial purposes.
Government Information (Public Access) Act 2009
The Government Information (Public Access) Act 2009 (GIPA Act) confers on the public a right to access information held by a government agency, including electronic information like transactions through the web. If information is sought by a third party under the GIPA Act that affects your research, business, commercial, professional or financial interests or your personal information, we will seek your views if you are likely to have concerns about the disclosure of the information before making any decision about releasing the information.
Storage of personal information
Access – under the Privacy and Personal Information Protection Act 1998 you have the right to access and change personal information the EPA holds about you, such as your address and phone number(s).
Accuracy – we are committed to ensuring that the information we hold is accurate, complete and up to date, so we encourage you to advise us if the information you have given us has changed. If you believe our information is inaccurate, please contact us and we will correct the information.
Retention – we will retain the information you have provided for a period that is appropriate for the purpose for which it was provided. Your information will be archived and disposed of in accordance with EPA policies, legislative requirements and guidelines based on the NSW State Records Act 1998.
We take reasonable steps to protect information during transfer and storage. Physical measures, such as building and equipment security, are used in conjunction with digital technology, such as data encryption and firewalls, to minimise unauthorised access to information.