Privacy Statement for CPDP Website

The Office of the Commissioner for Privacy and Data Protection (CPDP) is committed to protecting your privacy. CPDP collects, uses and discloses personal information in accordance with the Privacy and Data Protection Act 2014 (PDPA) and other applicable legislation. ‘Personal information’ is defined broadly in the PDPA as recorded information about an identifiable individual. This privacy statement relates only to the information automatically collected from you as a result of your visit to (CPDP website). Refer to our Privacy Policy for the broader collection, use and disclosure of personal information by CPDP.


This privacy statement does not apply to external websites that are linked to the CPDP site. CPDP is not responsible for the privacy practices or content of external websites. When you link to another site, we recommend you read the privacy statement of that site to familiarise yourself with its privacy policy.

Collection of site visit data

When you visit the CPDP website, the web server collects a small amount of information to facilitate its operation. The information collected about your site visit includes:

    • • the Internet Protocol (IP) address (e.g. and network domain name (e.g. .com, .au, .gov) of the internet connection you are using
    • • the date and the time of your visit to the site
    • • the country you are located in
    • • the web browser (e.g. Explorer, Safari, Firefox) and operating system you are using (e.g. Windows XP, Mac OS X)
    • • the CPDP pages or services you accessed and downloaded
    • • if you use the advanced search tool, the search term used
    • • the referring site (if any) through which you clicked through to this site.
Use of Cookies

A cookie is a small file containing certain pieces of information that a website creates when you visit the site. It can track how and when you use a site, which site you visited immediately before, and it can store that information about your computer. Cookies cannot be used to run programs or deliver viruses to your computer. There are two types of cookies, session cookies and persistent cookies. The CPDP website may use session cookies which are stored in temporary memory and are not retained after you close the browser session.

Can I opt out of the collection of my site visit information?

You cannot opt out of the site visit information that is collected for analytics purposes. If you choose to disable cookies in your browser this may impair your ability to browse, read, and download information contained on the CPDP website, and CPDP may be unable to personalise your web experience. However, you may still access CPDP services by contacting the office through other methods such as telephone, fax or mail.

Use of site visit data

The CPDP website collects site visit data as identified above to better understand general user trends at an aggregate level and improve web performance, web services, and website maintenance.

To the extent that site visit data could make you identifiable, CPDP will not attempt to identify individuals from the records the server automatically generates, unless required to do so as part of an internal investigation or for another law enforcement-related purpose, and then, only in compliance with PDPA.

CPDP may also use site visit information for security audits to protect against threats from hackers, and for other law enforcement and security purposes.

Disclosure of site visit data

CPDP will not disclose the personal information collected as part of your site visit to a third party without your consent, unless we are required or authorised to do so by law or other regulation. In the event of an investigation into suspected unlawful or improper activity, a law enforcement agency or government agency may exercise its legal authority to inspect the web server's records (e.g. in relation to hacking or abusive messages).


Any personal information you post may be collected by The Commissioner for Privacy and Data Protection under section 103 of the Privacy and Data Protection Act 2014 (Vic) for the purposes of engaging and consulting with the public. Please be aware that when an individual agrees to the Terms of Service and Privacy Policy of Twitter they are agreeing to their information being transferred outside of Victoria.

To protect your own privacy and the privacy of others, please do not include any personal information including phone numbers and email addresses in the body of your comment, tweet or reply to CPDP. Please do not share personal information about others.

Any personal information collected by CPDP will be handled appropriately and in line with CPDP’s general privacy policy.

Security of your personal information

CPDP and all employees have a statutory duty to protect your personal information by taking reasonable security steps against such risks as misuse and loss of information and from unauthorised access, modification or disclosure. Specifically, access to systems, applications and the collected data is restricted to authorised personnel only. Furthermore, any personal information collected and used for identifying user trends (e.g. IP address) is aggregated and made anonymous during report generation.

Authority to collect personal information

CPDP collects your site visit data under the authority of Information Privacy Principle 1.1 in the PDPA for the purposes stated above.

Access and Correction

Requests for access to documents containing your personal information which are held by CPDP, are handled under the Freedom of Information Act 1982 and can be addressed to the FOI officer, c/o Office of the Commissioner for Privacy and Data Protection, PO Box 24014 Melbourne Victoria 3000, Australia.

Contact Us

Please contact us for further information or questions regarding this privacy statement.