Key privacy messages

We are committed to ensuring that your privacy is protected.

The Privacy Act 2020 requires us to tell you certain things about the personal information we need to carry out our tasks and responsibilities. In line with that, some key privacy messages to note are:

  • We only collect personal information where this is necessary to carry out our functions.
  • We may collect personal information about you either directly from you or from other people or agencies, and we may generate personal information about you when we carry out our functions.
  • We store all of our data (including your personal information) on secure cloud platforms. We protect your data with technical and process controls.
  • You can ask us for a copy of your personal information at any time.
  • We will be as open as we can with you about what information we are collecting and why.
  • We will only use and share personal information where necessary to carry out the functions for which we collected it, or if required by law.

Our privacy practices

We use Google Analytics to help us analyse how visitors use our website, so we can make improvements to our site structure, navigation and content. Google Analytics uses 'cookies', which are text files placed on your computer, to collect standard internet log information and information about how people use our site. This information is collected in an anonymous form and doesn't identify you.

The anonymous information generated by Google Analytics' cookies about your use of this website is transmitted to Google. This information includes the Internet Protocol (IP) address of your computer — the unique number the internet uses to identify and connect with your computer. This is not the same as your email address and is not linked to any personal information about you.

We use Google Analytics information to determine how many people use our website and subsidiary websites. This helps us improve our online services and information to better meet your needs. For example, we can identify how many users visit a particular page and what pages of information they may visit. Google provides this data to us without identifying individual users.

We don't use statistical analytics tools to track or collect any Personally Identifiable Information (PII) from you. Google doesn't associate your IP address with any other data held by Google. We also don't associate any data gathered from this site with PII from any other source, unless you explicitly submit that information using a fill-in form on our website.

Google's privacy policy

Social media cookies

We use external social media sites to provide educational messages and materials, and news for our primary audience — farmers. We also promote events and share events and other relevant information from our shareholder organisations.

Check Facebook, Twitter and YouTube for their cookie policies, which we are not responsible for.

We collect personal information about you when you:

  • register to use the NAIT Information System or MyOSPRI
  • request a herd number
  • enter data about stock movements of animals you are associated with.

We collect this personal information to administer the:

  • National Animal Identification and Tracing Act 2012 (the NAIT Act)
  • Biosecurity (National Bovine Tuberculosis Pest Management Plan) Order 1998.

We are governed by both pieces of legislation, and by the Privacy Act 2020.

If you use eASD, you can access the privacy information, and terms and conditions from the application.

National Animal Identification and Tracing Act 2012

Biosecurity (National Bovine Tuberculosis Pest Management Plan) Order 1998

Privacy Act 1993

MyOSPRI terms and conditions

NAIT terms and conditions

Using eASD

Entities may choose to become accredited under the NAIT Standards.

Information about entities is not subject to the Privacy Act 2020. However, personal information may be collected, stored and used as part of the application, assessment, compliance, or complaint investigation processes.

Terms of use for information providers

Personal information we collect about you

Information we collect as part of the accreditation process may include:

  • personal details of the nominated person at the accredited entity
  • business records from the accredited entity that may contain personal information
  • contact details of people making enquiries or providing feedback
  • personal details of people when investigating complaints related to NAIT accredited entities, or the accreditation process.

We may also receive information about a person from:

  • an audit agency that is completing an assessment against the NAIT Standards
  • other agencies that relate directly to NAIT, compliance with the NAIT Act, and any investigations under the NAIT Act that could impact on an entity’s accreditation.

We may generate information about individuals while assisting people through our support centre, responding to any queries you may have, or completing an investigation/audit under the NAIT Standards.

How we use your personal information

To meet our responsibilities under the NAIT Standards, we use personal information to:

  • assess the accreditation application
  • contact the nominated person about a complaint, enquiry, or update to our processes
  • decide whether to investigate a potential breach of the NAIT Standards
  • investigate and resolve a potential breach of the NAIT Standards
  • review and improve the delivery of our services
  • conduct internal statistical analysis and meet our reporting requirements.

We must publish a register of accredited entities on our website. This includes contact details for the organisation. If the organisation has provided personal information as part of their contact details, this may be included on our website

When we share your personal information

We share personal information where necessary to complete duties under the NAIT Standards.

For example, we may share personal information with the:

  • Ministry for Primary Industries
  • police or another government agency, if required by law (for example, to help with investigating a criminal offence), to report significant misconduct or breach of duty, or where there is a serious threat to health or safety. If our staff are threatened or abused, we may refer this to the police.

Personal information we collect about you

We may collect, use and share personal information when we engage with the public and agencies. This can happen when we:

  • manage our enquiries function
  • run public consultations and receive submissions
  • engage with the community in other ways — through our website or communications activities (such as events, surveys, newsletters and industry groups).

The information we may collect when you engage with us includes:

  • your name (if you choose to provide it)
  • your contact details, including your address, email address or phone number
  • the content of your enquiry (our support centre does record calls)
  • any questions or comments you submit via our consultation documents
  • details of any events you have registered for, including dietary or other specific requirements
  • your responses to surveys or focus group discussions (usually these will be captured in an anonymised form).

We only collect the personal information you choose to give us — for example, you can decide how much detail to provide us as background to an enquiry. You can also opt out of our communications activities, such as receiving our newsletter, at any time.

How we use your personal information

We will only use the personal information you provide to:

  • deliver the services you have requested (such as registering you for an event, responding to an enquiry, or processing your submission)
  • carry out our lawful functions.

We may use your personal information to:

  • contact you about your request, query or registration
  • consider and respond to your enquiry
  • improve our website and the delivery of our online services
  • do internal statistical analysis and meet our reporting requirements.

When we share your personal information

We do not generally share your personal information with third parties (other than third parties providing services to us). However, we may share your personal information in the following circumstances:

  • To appropriately respond to your enquiry.
  • If you make a submission to us as part of a public consultation process, such as commenting on a change to a standard, we may publish your submission as a standard part of the consultation process. If there is any personal information in that submission or if we want to publish any personally identifiable information alongside the submission, we will either tell you that is our intention upfront before you submit, or get your consent first.
  • We may make consultation submissions available in response to requests under the Official Information Act.
  • We may share personal information with the police or another government agency, if required by law (for example, to help with investigating a criminal offence), to report significant misconduct or breach of duty, or where there is a serious threat to health or safety. If our staff are threatened or abused, we may refer this to the police.

Links to social media services

We use social media services, such as Facebook, to communicate with the public about our work. When you communicate with us using these services, the social media service may collect your personal information for its own purposes.

These services may track your use of our website on pages where their links are displayed. If you are logged into those services (including any Google service) while using our site, their tracking will be associated with their profile of you.

Storage and retention

We use third-party providers to store and process our data.

Security

We take all reasonable steps to ensure the personal information we collect is protected against loss, unauthorised access and disclosure or any other misuse.

We ensure that our third-party data processors can meet our privacy and security requirements. We are satisfied, for example, that Microsoft has adequate security and privacy safeguards in place to protect information it holds on our behalf.

Your privacy rights

The Privacy Act gives you a range of rights.

Requesting access to, or correction of your information

You have the right to request a copy of the personal information we hold about you (whether we have collected it from you directly or from a third party). You also have the right to ask us to correct your information if you think it is wrong.

We will process your request as soon as possible, and no later than 20 working days after we receive it. We will be as open as we can with you. We may occasionally need to withhold personal information under sections 49 to 53 of the Privacy Act — for example, where the information appears in legal advice, or releasing the information could threaten someone's safety. However, we will only ever withhold information where necessary.

Opting out of certain uses of your information

You can opt out of receiving our newsletter or being included on any other subscription list or newsfeed by following the unsubscribe link at the end of the email, or contacting us.

Complaining about our privacy practices

Let us know if you have concerns about our privacy practices, whether they relate to the way we collect or share information about you, or our decision on your access request. This allows us to try and resolve things for you, and helps us to identify and fix any problems with our processes.

If we can't resolve your concerns, you have the right to complain to the Privacy Commissioner about our actions.

How to contact us

You can contact us by: