Privacy Policy

Version 1.0, 22nd June 2015

In this Privacy Policy, “NICTA” refers to National ICT Australia Limited (ABN 62 102 206 173).

“We”, “Us” and “Our” refer collectively to “NICTA” and “Coviu”, which is a related body corporate as Coviu Pty Ltd (ACN 601 027 570).

We are committed to protecting your privacy in accordance with the Australian Privacy Principles contained in the Privacy Act 1988 (Cth) (“Privacy Act”).

Our Privacy Policy provides you with information about how “personal information” may be collected, accessed, used, stored, disclosed or otherwise handled by NICTA and Coviu.

1. What is “personal information”?

“Personal information” is defined in the Privacy Act to mean any “information or an opinion about an identified individual, or an individual who is reasonably identifiable”:

What constitutes personal information will vary, depending on whether an individual can be identified or is reasonably identifiable in the particular circumstances.

Information that includes a person’s first name, mailing address, telephone number, title or e-mail address may be personal information, for example.

In this Privacy Policy we also use the term “sensitive information”. Sensitive information includes personal information relating to health, as well other kinds of personal information to which higher standards apply under the Privacy Act.

2. Purposes for which we may collect and use personal information

We collect personal information when reasonably necessary for one or more of our functions or activities. Purposes for which we collect, hold, disclose and otherwise use personal information include, but are not limited to, the following:

We may share any of the information we gather about you with third party agents and service providers to facilitate the operation of the Site and Service, to provide the Site and our Service or functions on our behalf and to perform related services (e.g., without limitation, maintenance services, database management, web analytics and improvement of the Service's features, or to process credit card payments), or to assist us in analyzing how our Site and Service is used. Unless we tell you differently, such third parties do not have any right to use the Personal Information we share with them beyond what is necessary to assist us.

Our practices in relation to electronic mailing lists

We do not send “commercial electronic messages” by email, SMS or other means unless the relevant electronic account holder consents or we are otherwise permitted to send them under the Spam Act 2003 (Cth). We include certain information about ourselves and an unsubscribe facility in any commercial electronic messages that we send.

If you provide your email address to us via one of our websites (for instance, by sending an electronic message or by completing a web form), we will only use your email address for the purposes for which you provided it or agreed it may be used. Your email address will not be subscribed to a mailing list without your consent. If you subscribe to one of our mailing lists, you will be sent a confirmation message before your email address is added to that mailing list.

3. How we collect personal information

If we collect personal information about you we will take reasonable steps to notify you or to ensure your awareness of at least the following:

We may collect personal information about you in a number of ways, including:

Sensitive information

We will collect sensitive information only with the consent of the individuals concerned, subject to limited exceptions permitted by the Privacy Act.

For example, if it is impracticable to obtain consent, we may collect and use health information for research purposes relevant to public health or public safety in accordance with the guidelines approved under section 95A of the Privacy Act. The guidelines require (among other things) obtaining an ethics approval from a human research ethics committee that is constituted and functioning in accordance with the National Statement of Ethical Conduct in Research Involving Humans.

Anonymity and pseudonymity

You can interact with us anonymously or by using a pseudonym when it is lawful and practicable to do so.

For example, you may be able to provide comments or make certain inquiries anonymously or by using a pseudonym. However, if you choose to remain anonymous or use a pseudonym, it may be impracticable for us to respond to some inquiries (e.g. investigate a complaint) without knowing your identity.

Where you interact with us via one of our websites, we may automatically collect various connection parameters, such as your IP address and details about your internet service provider, in order to administer and improve the performance of the website. If the website uses “cookies” you may choose to configure your web browser to access our websites without accepting the cookies, but it may reduce your user experience and require you re-enter certain information from time to time.

4. How we hold personal information

We will take reasonable steps to protect any personal information that we hold from misuse, loss, unauthorised access, modification or disclosure. We will also take reasonable steps to destroy or permanently de-identify personal information that is no longer needed for the purpose for which the information was collected.

Your personal information may be stored in hardcopy documents, as electronic data, in our internal software or systems, or using a third party under an outsourced arrangement for data storage or backup.

Our practices in relation to emails

NICTA’s IT Department logs and stores email messages by capturing each email log file on a mail server. The details captured are date, sender, receiver, subject, size of email message, routing information and group that the sender belongs to. This information may be stored on a server for up to 10 years, after which time it is deleted. This information may be “de-identified” (so that it is no longer personal information) and then used in its de-identified form for internal research purposes and aesthetic purposes approved through applicable NICTA processes. Further, if an investigation is necessary, NICTA, a law enforcement agency or other government agency may inspect the above information for the purposes of the investigation. We do not otherwise use or disclose the above information except in accordance with applicable laws, including the Privacy Act.

5. Disclosure of personal information

NICTA and Coviu may disclose your personal information (including to each other) for the primary purpose for which it was collected, for a related purpose as you would reasonably expect, with your consent, or otherwise as required or authorised by law.

For example, we may disclose your personal information to:

In general, we are not likely to disclose your personal information to overseas recipients, although we may from time to time engage, under an outsourcing arrangement, the data storage or backup services of a cloud service provider that hosts (or may host) data outside of Australia.

In some cases we may also expressly seek your consent to disclose your personal information to an overseas recipient, for the purpose of excluding any potential liability to you for acts or practices done by the overseas recipient in breach of applicable Australian Privacy Principles.

Our usage of

As part of our provision of the Services to you, we provide a limited amount of your End User Customer Information to Intercom, Inc. (“Intercom") so that Intercom can provide customer engagement services. Intercom is located outside Australia and therefore it is beyond the jurisdiction of the Australian privacy laws. We believe that Intercom nevertheless adheres to laws and binding schemes which impose a standard of protection of your Personal Information which is of a comparable standard to the requirements under Australian law. You can find Intercom’s privacy policy here, and we invite you to review it carefully and satisfy yourself that it is acceptable to you, given that Intercom will not be accountable under the Australian Privacy Act and therefore you will not be able to hold Intercom responsible under Australian laws nor easily seek redress if they breach your privacy.

6. How to access and correct your personal information

You have a right under the Privacy Act to request access to your personal information, and to request its correction.

We will provide you with access to personal information that we hold about you, subject to any exceptions allowed by law. We may charge you for providing access, but the charge (if any) will not be excessive and we will never charge you for making a request for access.

If you are aware that personal information which we hold about you is inaccurate, incomplete or out-of-date, please contact us and we will take reasonable steps to correct the information or, if necessary, to associate a statement that the personal information is inaccurate, out-of-date, incomplete, irrelevant or misleading, in such a way that will make the statement apparent to users of the personal information.

We will also respond to each request within a reasonable period after it is made. If we do not provide access or make corrections as requested, then we will notify you of our reasons except to the extent that it would be unreasonable to do so.

7. Updates to this Privacy Policy

We may change or modify this Privacy Policy from time to time. We encourage you to check our websites regularly for updates.

8. How to contact us

For any matter relating to this Privacy Policy or your personal information, including if you wish to complain about a breach of the Australian Privacy Principles, please contact:

Postal Address:
Locked Bag 9013
Alexandria NSW 1435
Phone: +61 2 9376 2207

We will respond to you, and we will try to resolve any complaints, as soon as possible.

To opt out of receiving marketing communications from NICTA or Coviu, such as via a mailing list or other information stream, please send an email to

Return To Home