Our Privacy Policy

Our privacy commitment to you

Queensland Treasury (Treasury) is committed to protecting your privacy. We recognise the importance of your privacy and understand that people are concerned about the security and confidentiality of their personal information.

Treasury owes an obligation of privacy to every individual it holds personal information about. The purpose of this privacy policy is to explain how Treasury handles personal information. The privacy policy for the Motor Accident Insurance Commission and the Nominal Defendant (statutory bodies administered within Queensland Treasury) is available here.

What legislation applies to us?

Personal information is any information or opinion which identifies an individual or allows an individual to be reasonably identified. The Information Privacy Act 2009 (IP Act) outlines the rules we must comply with when handling personal information. These rules include the Queensland Privacy Principles (QPPs). The QPPs tell us how we can collect, use, disclose, and secure your personal information. We handle your personal information in accordance with the IP Act.

Other pieces of legislation also tell us how we can handle your personal information. These include:

How do we collect your personal information?

We may collect personal information about you in the following ways:

  • directly from you (e.g. in-person, when you call one of our call centres, email us, or submit a form to us)
  • from a representative for you (e.g. a lawyer representing you or someone authorised to act for you)
  • from third parties (e.g. another government department or local council)
  • from your interactions with us via our websites, forms, or our social media.

We will generally only collect personal information about you when we need it to perform an agency function. Treasury facilitates economic growth and creation of jobs, fiscal sustainability, and public sector improvement. We will collect the information lawfully and only collect the type and amount of information necessary to perform that function.

Will I be told about what you are collecting?

When we collect personal information about you, we will take reasonable steps to advise you:

  • why the information is being collected
  • the circumstances in which the information is collected
  • the consequences if we do not collect the information
  • any law that allows us to collect the information
  • whether we normally disclose the information and, if we do, who it is disclosed to (and if they are likely to be located outside of Australia)
  • how you can access or correct the personal information we hold about you or make a privacy complaint to us.

This information is usually contained in a privacy statement which may be a recording you can listen to when you contact one of our call centres or a written statement on a form we give to you. Here is an example of a privacy statement:

Queensland Treasury is collecting your personal information for the purpose of investigating and responding to your customer complaint. We will handle your personal information in accordance with the Information Privacy Act 2009. We may need to give your personal information to other business units within Queensland Treasury or disclose your personal information to third parties for the purposes of investigating and responding to your customer complaint. For more details about how we handle your personal information, including how you can access or correct the personal information we hold about you, please refer to our privacy policy.

What personal information do we collect and why?

Different areas within Treasury collect personal information. Below are some examples of the information we may collect in different areas of Treasury and the reasons why we may collect it. Generally, we collect information to:

  • provide our services to you, to other members of the public, and to the State of Queensland
  • meet your needs (e.g. answer your questions, provide a Treasury service to you, assess an application from you)
  • meet our needs (e.g. assess queries, provide our services to the public, contact you, analyse demographics).

Sometimes, we may need to collect sensitive information about you to perform our agency functions. We have included a definition of sensitive information below; it is personal information that is particularly private and it may include your health information or information about your criminal record.

Personal information is any information or opinion which identifies you or allows you to be reasonably identified.

A subset of personal information is sensitive information. This is personal information that is particularly private and which could have a more harmful impact if it is mishandled. Sensitive information means:

  • information about an individual’s race or ethnicity, political opinions or associations, religious or philosophical beliefs, membership of a professional or trade association or trade union, sexual orientation, or criminal record
  • health information or other genetic information about the individual, and
  • biometric information used for verification/identification or biometric templates.

Some examples of when we might need to collect personal information, and why, are included below.

Types of personal information (including sensitive information) collected

Queensland Treasury• Name
• Date of birth
• Contact information e.g. address or phone number
• Identity documents e.g. driver’s licence
• Occupation, employment history and educational background
• Financial information
Queensland Revenue Office (QRO)• Name
• Date of birth
• Contact information e.g. address or phone number
• Identity documents e.g. driver’s licence
• Recordings of your telephone contact with us
• Body worn camera recordings of your interactions with us
• Financial details
• Medical or health information
• Relationship details and family circumstances
Queensland Government Insurance Fund (QGIF)• Name
• Date of birth
• Contact information e.g. address or phone number
• Identity documents e.g. driver’s licence
• Medical, injury, or health information
• Relationship details and family circumstances
• Family history
• Employment information
• Criminal record
• Other claims-related information
Queensland Government Statistician’s Office (QGSO)• Name
• Date of birth
• Contact information e.g. address or phone number
• Raw data relating to individuals, populations, and industries e.g. social issues, tourism, import / export, immigration, environment, local government
Energy & Climate• Name
• Date of birth
• Contact information e.g. address, phone number, email
• Information about enquiry
• Financial information
• Information about electrical mechanic licences and other industry accreditations and certifications

3rd parties we may collect personal information from

Queensland Treasury• Other government departments, government owned corporations (GOCs), or government agencies
• A current or former employer (including company representatives)
• Ministerial offices
• Your authorised representatives
Queensland Revenue Office (QRO)• Your authorised representatives
• Other government departments or agencies
• Local councils
• Banks or other financial institutions
• A current or former employer
• Courts or tribunals
• Utilities suppliers
Queensland Government Insurance Fund (QGIF)• Your authorised representatives
• Insurers and insurance brokers
• Other government departments or agencies
• A hospital, ambulance or other emergency services provider
• A doctor or other healthcare provider
• An educational institution or a current or former employer
• Investigators
Queensland Government Statistician’s Office (QGSO)• Other government departments or agencies
• Private sector entities such as banks or retailers
• Other non-government entities such as community support services
Energy & Climate• Other government departments, GOCs, or government agencies
• Ministerial offices

Why we collect, use, and disclose personal information

Queensland Treasury• Recruitment and employment purposes
• To address a complaint
• To process an information access application
• To assess your eligibility for a grant or other financial assistance or service
• To answer enquiries or questions you may have
• To perform our agency functions or activities and associated business processes
Queensland Revenue Office (QRO)• To manage fines or unpaid penalties
• To process transfer duty and vehicle registration duty relating to your home or vehicle ownership
• To assess your eligibility for a grant or other financial assistance
• To manage (and remind you of your obligations in relation to) state taxes, grants, or fines
• To answer enquiries or queries you have
• To protect you and our staff in your interactions with us
Queensland Government Insurance Fund (QGIF)• To process an insurance claim related to a government service or asset
• To answer enquiries or questions you may have
• To undertake premium setting, claims analysis, forecasting, and trend reporting
• To fulfil our functions as the government insurance fund
Queensland Government Statistician’s Office (QGSO)• To collect and publish official statistics
• To undertake surveys (including on behalf of other government agencies)
• For the Government Statistician to issue approved forms and ask questions
• To prepare sampling frames
Energy & Climate• To assess eligibility for, and to audit performance and progress of, energy programs and rebates
• As part of developing energy policy, engagement with the community, and in administering regulations
• To respond to enquiries from the public and industry relating to energy (including sustainable fuels) and emissions policy matters
• To receive information and respond to queries from a GOC

How do we use and disclose your personal information?

We will use and disclose your personal information for the purpose it was collected – the reason why we collected it. For example, we may disclose your personal information to other government agencies, your authorised representatives, or the 3rd parties referred to in the table above.

We are also allowed to use or disclose your personal information for another purpose when:

  • you have provided your consent, either expressly or impliedly
  • the secondary purpose is related (or, for sensitive information, directly related) to why we originally collected your information and you would reasonably expect the secondary use or disclosure
  • we are required or authorised by law
  • we are required to for law enforcement purposes
  • it is required for limited research purposes in the public interest
  • the Australian Security Intelligence Organisation has asked for the information to perform its functions
  • a permitted general situation exists such as lessening or preventing a serious threat to the life, health or safety of an individual or the public, or locating a missing person.

Prior to using or disclosing your personal information, we will ensure that:

  • we have taken reasonable steps to verify the currency, accuracy and completeness of the information, having regard to the purpose for which the information is proposed to be used or disclosed
  • we only use or disclose the parts of the personal information that are relevant to fulfilling our function or activity.

How do we store and hold your personal information?

We understand the importance of safeguarding personal information and keeping both digital and physical information secure. We are committed to continuously improving our systems and processes to protect your personal information. Preserving the security, confidentiality, and integrity of personal information is part of Treasury’s operations, and this is crucial to ensure we can continue to deliver our government services. We maintain and dispose of public records in accordance with our obligations under the Public Records Act 2023 (Qld).

We use secure systems to hold your personal information in accordance with the requirements of the Queensland Government information and cyber security policy (IS18), and we take all reasonable steps to protect your personal information from misuse, interference, loss, and unauthorised access, modification or disclosure.

Do we use contracted service providers (contractors)?

We may contract with an entity to perform some of our functions and activities. If the entity will deal with personal information as part of providing us with these services, we generally use a contract to bind them to comply with our privacy obligations. For example, bound contracted services providers are expected to comply with the IP Act. If the contractor breaches one of the privacy rules, individuals may be able to hold them accountable for the breach.

Do we disclose your personal information outside Australia?

We hold your personal information within Australia. We will only disclose your personal information outside Australia if:

  • you consent
  • we are authorised or required to by law
  • it will protect your life, health, safety or welfare or the public’s health, safety or welfare
  • two or more of the following apply
    • the recipient is subject to equivalent privacy obligations
    • the disclosure is necessary to perform a function of Treasury
    • the disclosure is for your benefit
    • we have taken reasonable steps to ensure the information is protected by equivalent privacy obligations.

There are some circumstances where parts of Treasury may disclose personal information to entities outside Australia:

  • if our Investment Group collects your personal information, they may disclose it to the international offices of Trade and Investment Queensland (TIQ)
  • if QGIF collects your personal information, they may disclose it to reinsurance entities that are located in the United Kingdom or Singapore.

How can you access your personal information?

You have the right to request access to your personal information held by us. There are different ways for you to request access to your personal information.

Administrative access

In some cases, personal information of individuals can be released without the need for a formal access application to be made under the Right to Information Act 2009 (Qld) (RTI Act). Where possible, we seek to facilitate the proactive release of information through administrative release as a faster and easier way for you to access your information.

If you would like to discuss applying for administrative release of your personal information, please contact us by:

Application for access under the RTI Act

If we hold personal information about you and we consider access via administrative release is not available to you, you can request access to your information under the RTI Act. You can apply to access your personal information by:

RTI Officer, Queensland Treasury
GPO Box 611, Brisbane Qld 4001

You will need to provide certified identification with your application (certification obtained within the last 12 months). In most instances, we can give you access to your personal information. However, the RTI Act may prevent us from releasing the information if it is exempt or not in the public interest to release. If this applies to you, we will provide you with a decision letter explaining why the information cannot be released to you.

More information is available from Treasury’s RTI webpage here.

How can you correct your personal information?

We take all reasonable steps to ensure the personal information we hold about you is current and accurate. However, if you consider the personal information we hold about you is inaccurate, incomplete, out of date or misleading, you can request that we correct it. There are different ways for you to request correction of your personal information.

Administrative amendment

In some cases, personal information can be amended without the need for a formal amendment application to be made under the RTI Act. If you would like to discuss applying for administrative amendment of your personal information, please contact us and we will assess your request:

Application for amendment under the RTI Act

If we hold personal information about you and we consider amendment via administrative amendment is not available to you, you can request an amendment to it under the RTI Act. You can apply to amend your personal information by:

RTI Officer, Queensland Treasury
GPO Box 611, Brisbane Qld 4001

You will need to tell us what document you want amended, the amendments you want made, and provide certified identification (certification obtained within the last 12 months) with your application. If an agent is acting for you, the agent will need to provide evidence of their authority to act for you.

More information is available from Treasury’s RTI webpage here.

How can you make a privacy complaint to us?

Privacy complaints to Treasury

You can make a privacy complaint to us if you believe we have not handled your personal information in accordance with the rules under the IP Act, including the QPPs. You may make your privacy complaint:

  • if your privacy complaint relates to the Queensland Revenue Office (QRO), including the State Penalties Enforcement Registry (SPER), by:
    • sending an email to QROprivacy@treasury.qld.gov.au addressed to the QRO Privacy Contact Officer,
    • mailing your complaint, addressed to the QRO Privacy Contact Officer to:
      • for SPER: GPO Box 1387, Brisbane QLD 4001
      • for QRO: PO Box 15931, City East QLD 4002
  • if your privacy complaint relates to an area within Treasury other than QRO or SPER by:
    • sending an email to privacy@treasury.qld.gov.au addressed to the Treasury Privacy Contact Officer
    • mailing your request, addressed to the Treasury Privacy Contact Officer, to GPO Box 611, Brisbane QLD 4001

Please mark your complaint as “Private and Confidential”. We will need your privacy complaint to:

  • be in writing
  • include a contact address so that we can reply (an email address is sufficient)
  • be about how we have handled your personal information (not someone else’s information)
  • provide certified identification (such certification to have been obtained within the last 12 months)
  • give specific details about your concerns/issues with how Treasury has handled your personal information
  • contain enough information to enable us to understand the nature of your complaint, the impact it has had on you, and what outcome you are seeking, and
  • be sent to us within 12 months of you becoming aware of the matter you are making the complaint about.

We will investigate your complaint and advise you of the outcome within 45 business days. To address your complaint, we may need to disclose the nature of your privacy complaint and your identity to relevant business areas within Treasury and third parties. By proceeding with your complaint, you indicate your consent for us to do this.

Privacy complaints to the Office of the Information Commissioner

If you are not satisfied with our response to your complaint, you may refer your complaint to the Privacy Commissioner in the Office of the Information Commissioner (OIC). You cannot refer the matter to the OIC until 45 business days have passed since you first made your complaint to us. The OIC does not have an investigative or determination role in privacy complaints but rather the OIC provides a mediation service to the parties to the complaint.

Other complaints

For complaints which are not privacy related visit our complaints page.

How do we manage data breaches?

A data breach means either:

  • unauthorised access to, or unauthorised disclosure of, information we hold
  • the loss of information we hold in circumstances where unauthorised access to, or unauthorised disclosure of, the information is likely to occur.

If we identify a data breach, we will handle it in accordance with our data breach policy. Our data breach policy is available here.

Do you have a right to anonymity and pseudo-anonymity?

You may be able to engage with Treasury on an anonymous or pseudo-anonymous basis if you would prefer to do so. For example, this will be possible in circumstances such as if you are making a general enquiry or making a complaint.

This option will not be available if:

  • we are required or authorised by law to deal with individuals who have identified themselves
  • it is impracticable for us to deal with people who have not identified themselves or who have used a pseudonym.

For example, it will not be available if we need to know who you are to provide you with a service or process a claim.

If you engage with us on an anonymous or pseudo-anonymous basis, there may be potential negative consequences for you. For example, we may be unable to follow up with you about the outcome of your complaint or enquiry where it is made anonymously or provide you with fulsome government services.

Do we use cookies or website analytics?

We use cookies to collect anonymous statistical information about our website visitors, including:

  • your browser, computer platform, and screen resolution
  • your traffic patterns through our sites, such as:
    • the date and time of your visit
    • the pages and documents assessed
    • the website you visited before ours
    • your IP addresses.

We do not identify users or any other browser activity outside our websites, except if we are authorised or required to do so by law (for example, if a law enforcement agency has a warrant to inspect activity logs).

We also use analytics systems such as Google Analytics (including advertising features) on our websites to gather anonymous information about visitors to our websites. When you visit our web pages, your browser automatically sends anonymous information to Google. Examples of the information include the web address of the page that you’re visiting, your IP address, and demographic information. Google may also use cookies. You can read more about how Google uses data. You can choose not to allow Google to collect your information by opting out of Google Analytics or specifically opt out of Google Analytics Display Advertiser Features.

We use the anonymous data collected from cookies and analytics to analyse the pages on our websites that are visited, to improve your experience in using the websites, and to make sure our websites are useful.

Our internet service provider or information services staff may monitor email traffic for system trouble shooting and maintenance purposes only. We have censorware software that blocks inappropriate material. The system generates an automatic message advising the originator and address that the message has been blocked.

Part of this site transmits information securely across the internet, but no security is perfect and we recognise that there may be risks. We will notify you where personal information is not transmitted securely.

This site contains links to other sites. We are not responsible for the privacy or security practices or the content of any such websites.

Do you have a right to privacy?

Under the Human Rights Act 2019 (HR Act), public entities must act compatibly with human rights and give those rights proper consideration before making a decision. The rights set out in the HR Act include a right to privacy. When carrying out our functions, including meeting our obligations under the IP Act, we will consider, and act compatibly with, your human rights including this right to privacy.

Last updated: 8 July 2025