The material available through business.gov.au has been provided by a variety of federal, state, territory and local government agencies and private bodies. The federal government retains copyright in all material on the site that is authored by the federal government, however copyright in the material provided by other government agencies and private bodies belongs to those agencies and bodies. Please contact the relevant agency or body for copyright queries regarding their material.
The information on the business.gov.au is not to be passed off as your own. We advise against framing of any parts of business.gov.au without permission. You may link to the homepage, provided that your intention is consistent with the aims and objectives of the Business Entry Point initiative.
The information on the site is not to be republished without permission. If you would like to republish versions of business.gov.au in other publications, for example by using a picture of the home page, please contact the firstname.lastname@example.org . Requests will be assessed on a case-by-case basis.
Back to top
The material on this website is presented by GovForms for the purpose of disseminating form design and development information and standards free of charge for the benefit of government agencies, private bodies and members of the general public.
The material is for reference purposes only. GovForms does not accept liability should any loss or damage occur as a result of using this information. It is recommended that users exercise their own judgement with respect to their use of this website and that users carefully evaluate the accuracy, currency, completeness and relevance of the material on the website for their purposes.
GovForms takes reasonable care in linking to websites but has no direct control over the content presented in those sites. It is the responsibility of the user to make their own decisions about the accuracy, reliability, currency and correctness of information contained in linked external websites. GovForms makes no representation that the material on the linked websites does not infringe the intellectual property rights of any person; GovForms is not authorising the reproduction of such material.
Links to external websites, or content within the site provided by external parties, do not constitute an endorsement or a recommendation of any material in those sites or content or of any third party products or services offered by, from or through those sites or content. Users of links provided by this site are responsible for being aware of which organisation is hosting the website they visit.
By entering the site, you will be assuming all risks associated with the use of this site, including risks to your computer, software or data damaged by any virus which might be transmitted, downloaded or activated via the GovForms SmartForms site and/or its contents and your access to it.
Back to top
General principles and practices applying in this policy
The Australian government's business.gov.au initiative is an internet based, whole-of-government, one-stop service to business. The business.gov.au initiative is designed to reduce red tape for business and make it easier for users to interact with all levels of Australian governments. It is the principal Australian Government online business portal.
The business.gov.au initiative is managed by the Online eBusiness Services programs team in the Australian Department of Innovation, Industry, Science and Research.
The primary delivery mechanism used for the business.gov.au initiative is the Internet. Businesses or individuals without Internet access can use the service through community Internet access facilities.
Further information about the business.gov.au initiative is published on the About business.gov.au page.
Users should note there are inherent risks associated with transmission of information via the internet. Therefore users should make their own assessment of the potential risks to the security of their information when making a decision as to whether or not they should utilise the business.gov.au facility. There are alternative ways to obtain government information and transact business with governments for those users who do not wish to use public networks such as the Internet.
Most Australian government agencies and their personnel are governed by the Privacy Act 1988 and the Crimes Act 1914. Personnel who are mainly Australian public servants operate the business.gov.au facility. In addition, some private sector consultants work on the business.gov.au facility under contracts with terms and conditions by which they agree to comply with the Information Privacy Principles in the Privacy Act relevant to their work. Consultants are also required in their contracts to acknowledge their awareness of the relevant provisions of the Crimes Act.
As part of the business.gov.au initiative's whole-of-government approach, the business.gov.au facility provides access to state and territory government agencies which do not come within the scope of the Australian privacy legislation (except for the ACT Government which is subject to the Privacy Act). Some of these agencies are subject to state privacy legislation. The business.gov.au facility endeavours to encourage all agencies to observe high standards of privacy protection. However the Australian government cannot guarantee the privacy of information once data has left the business.gov.au facility.
Therefore, all users are strongly advised to investigate the level of privacy protection provided by each particular state or territory agency accessible through the business.gov.au website. This should be done before users decide whether to proceed to transact with the particular agency online, by examining their Privacy and Security policies, that may be provided online or by contacting the agency directly.
Users seeking more information about personal privacy protection in the states and territories are also referred to Federal Privacy Commissioner's Information Sheet.
The business.gov.au personnel welcome questions and feedback in relation to the business.gov.au initiative's design and practices, which should be addressed to email@example.com .
The federal and ACT agencies participating in the business.gov.au initiative are collectors and record-keepers for the purposes of the Privacy Act. The Department of Innovation, Industry, Science and Research is the Australian agency that is the initial collector and record-keeper of personal information gathered by the business.gov.au facility.
More detailed information on the specific applications hosted on the business.gov.au website are provided in Part 2 of this Policy.
The Privacy Act 1988 and the Crimes Act 1914 may provide redress mechanisms and sanctions if users of the business.gov.au facility suffer loss or damage as a result of a breach of those Acts by the business.gov.au facility.
Users inquiring about their rights and remedies for breaches of privacy can access detailed information at the Federal Privacy Commissioner's website.
Collection of Personal Information
Under the Privacy Act, Information Privacy Principles 1-3 regulate collection of personal information.
The main way in which the business.gov.au facility collects information from users is through forms provided on web pages.
The user's information is not collected by the business.gov.au facility without the user's consent, for example, the user must click on a button provided on a particular web page to submit their information to the business.gov.au facility.
At or before the time the business.gov.au facility collects personal information, the business.gov.au facility will take reasonable steps to inform the user of the business.gov.au website as follows:
- whether they are on the business.gov.au facility
- when they leave the business.gov.au facility by following a link from the business.gov.au site to another site.
At or before the time the business.gov.au facility collects personal information, the business.gov.au facility will give notice to the user of the business.gov.au website as follows:
- the purposes for which the information is collected
- to whom, or the types of individuals or organisations to which, the business.gov.au facility might usually disclose information of this kind
- any law that requires the particular information to be collected, and the main consequences for the user if all or part of the information is not provided.
The business.gov.au facility, like most other web servers, collects clickstream data. This data enables us to approximate the numbers of users visiting the site, the pages accessed and documents downloaded. Our clickstream data does not in itself identify individuals, and is collected by us to improve the business.gov.au services.
The business.gov.au website provides cookie tools in some applications, to filter information for a user during a browser session. A "cookie" resides on the user's own computer. It is a piece of information sent by a web server to the user's web browser that the browser software saves and sends back to the server whenever the browser makes additional requests from the server. Cookies on the business.gov.au website are session based and are provided to assist session management by the user. The information collected by cookies used in the business.gov.au website does not include personal information but includes the industry sector and the states or territories the user has selected. Where cookies are provided that are optional, a decision by a user not to use such cookies will not limit the user's access to any information, but will limit their ability to refine large lists of search results to suit the user's specific requirements. Users should note that the cookies used in GovForms are not optional, being necessary for session management by the individual user. GovForms is described in more detail in Part 2 of this Policy.
The business.gov.au facility will not retain information from cookies.
Users seeking more information about cookies in general are referred to W3C "The World Wide Web Consortium" where a search on the word "cookie" will provide current discussions.
Under the Privacy Act, Information Privacy Principle 4 regulates storage and security of personal information.
The business.gov.au initiative has a Security Policy which complies with Information Privacy Principle 4.
The business.gov.au facility is protected by SSL (Secure Socket Layer) encryption while the user remains on the business.gov.au facility. Users should be aware that sites that the business.gov.au facility links to may not use encryption technology, and that information transferred from the business.gov.au facility to an unsecured site will be passed on an unsecured link. Users seeking more information about SSL in general are referred to W3C "The World Wide Web Consortium" where a search on the word "SSL" or browsing the Security FAQs will provide current information.
The business.gov.au facility generally stores data as follows:
- completed transaction details are removed from the database upon transmission to the receiving agency, and are stored in a highly secured environment for up to 14 days
- incomplete transactions are stored for a maximum of 7 days in a highly secured environment
- the non-personal transaction log will be retained in archival storage for up to 7 years
- voluntary site feedback will be retained in archival storage for up to 7 years
- cookies (which are session based and do not store any personal information) are deleted when the user logs off.
Access to and Alteration of Records Containing Personal Information
Under the Privacy Act, Information Privacy Principles 6 and 7 provide for individuals' access to and alteration of records containing their personal information.
The Freedom of Information Act 1982 provides the mechanism and process by which users of the business.gov.au facility are allowed to have access to records containing their personal information, and to have their records changed or annotated if necessary.
A key objective of the business.gov.au facility is to provide in the specific applications described in Part 2 of this Policy, routine transactions that enable users to access and alter their data without having to exercise their legal rights under the Freedom of Information legislation.
Under the Privacy Act, Information Privacy Principles 7 and 8 regulate data quality.
Users should note that when they provide data to the business.gov.au facility, including data entered by them on the website, the business.gov.au initiative relies on the accuracy of that data.
Use and Disclosure of Information
Under the Privacy Act, Information Privacy Principles 9 and 10 regulate the use of personal information.
Under the Privacy Act, Information Privacy Principle 11 regulates the disclosure of personal information.
Generally the business.gov.au facility does not itself use information, other than feedback to improve the business.gov.au service. Instead the business.gov.au facility passes information to other government agencies participating in the business.gov.au initiative. The information is passed by the business.gov.au facility in accordance with the Information Privacy Principles, and normally with the user's consent (for example, the user must click on a button provided on the business.gov.au web page), so that the transaction for which the user is on the business.gov.au website can proceed.
The business.gov.au facility will only disclose personal information in accordance with the Information Privacy Principles, for example, as required or authorised by or under law.
Back to top
As part of its service to business, business.gov.au deals heavily with information. It provides information to business and it processes information received from business in the course of performing transactions and giving feedback. In some instances the facility also stores information relating to transactions that have been carried out.
We take strong steps to protect the confidentiality of your information and to ensure information is uncorrupted and is available when you need it.
As business.gov.au is being developed based on a cooperative model, it relies on cooperation between government agencies. Although the development of the Business Entry Point Initiative is coordinated by the federal Department of Industry, Tourism and Resources, many interactions with business.gov.au occur on systems outside our control. These systems are usually under the control of other government agencies at either the federal, state/territory or local government levels. Our boundaries of responsibility are defined by the following:
- we are responsible for the security of information while it is collected by, stored on or passing through our systems
- participating agencies are responsible for the security of information while it is collected by, stored on or passing through systems within their control
- we are responsible for the security aspects of the links from our systems to systems under the control of participating agencies. We will ensure that where you carry out a transaction through business.gov.au, it will be at least as secure as if you had carried out that transaction directly through the relevant agency's website.
We will encourage participating agencies to apply relevant elements of this policy to systems within their control. We will also disseminate information to participating agencies to assist them in this process.
Where connection to a system outside our control compromises the objectives of this Security Policy, we will take steps to rectify the situation. Where appropriate, we may sever links to that system pending rectification.
User Awareness of Location
Given the division of responsibility for security between us and other participating agencies, we will use our best endeavours to ensure that users of business.gov.au be able to determine whether, at any given time, they are interacting with our systems (which are covered by this policy), other federal systems (covered by the Commonwealth Protective Security Manual) or non-federal systems.
Ownership of Information Assets
Each piece of information, which either passes through or is stored in any part of business.gov.au, will have a clearly identifiable owner.
For information owned by business (such as information entered by a user of business.gov.au in carrying out a transaction), we will determine the appropriate level of security in consultation with business. Where information is owned by a government agency, that agency will determine the appropriate level of security.
Before a document or a transaction becomes available through business.gov.au, these issues will be addressed to ensure that an appropriate level of security is provided in relation to that document or transaction.
Confidentiality of Information
Only authorised personnel and users will be permitted access to information which you provide to business.gov.au. All information collected or passing through our systems will be treated in accordance with relevant legislation or other legal requirements for the protection of the confidentiality, privacy or secrecy of that information.
We will ensure that appropriate safeguards are in place and that, as necessary, the classification of information is undertaken in accordance with identified policies. We will keep the amount of your information collected by, stored on or passing through our systems to an absolute minimum and will only use information for the purpose for which it is provided (see also the Privacy Statement).
Integrity of Information
We will use appropriate safeguards to prevent the unauthorised modification of any information that is collected by, stored on or passing through our systems.
Availability of the Service
We will determine the availability requirements of our systems in consultation with business users, participating agencies and service providers and will ensure that these requirements are met.
Some transactions will provide you with a 'receipt' after you have submitted the transaction. The receipt is intended to inform you that the transaction has been successfully processed by the agency to which you have sent it. Transactions which provide receipts are clearly identified at the outset, so that you will know what kind of receipt to expect and what to do if you do not receive one.
We will undertake auditing and logging of all security related events, including the recording of all necessary information to identify the causes of an event and the person or entity which was responsible for the event. Where such an event occurs, we will take steps to minimise the risk of such an event from occurring in the future. Such steps may lead to further investigation and possible prosecution.
Back to top