Direct marketing

<!doctype html> <html lang="en"> <head> <title>Direct marketing | OAIC</title>  <meta charset="utf-8"> <meta name="mobile-web-app-capable" content="yes"> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0"> <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">  <meta name="dcterms.title" content="Direct marketing"> <meta name="dcterms.creator" content="OAIC"> <meta name="dcterms.created" content="2022-08-18T13:04:23+10:00"> <meta name="dcterms.modified" content="2024-09-05T11:52:17+10:00"> <meta name="dcterms.issued" content="2023-03-10T16:36:14+11:00"> <meta name="dcterms.format" content="HTML"> <meta name="dcterms.identifier" content="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/organisations/direct-marketing">    <meta name="publishedDate" content="10 March 2023"> <meta name="publishedDate_ISO" content="2023-03-10T00:00:00+11:00"> <meta name="description" content="APP 7 applies to organisations that use or disclose personal information for direct marketing, but not to direct marketing that the Do Not Call Register Act 2006 or Spam Act 2003 covers" /> <meta name="pdISO" content="2023-03-10T00:00:00+11:00" /> <meta name="robots" content="" />  <meta name="chapter-nav" content="no" /> <meta name="chapter-nav-prev" content="" /> <meta name="chapter-nav-next" content="" /> <meta name="chapter-nav-prev-btn-text" content="Previous chapter" /> <meta name="chapter-nav-next-btn-text" content="Next chapter" /> <meta name="background_color" content="chapter-navigation__wrapper--white" />  <meta name="show-related-articles" content="no" /> <meta name="topic" content="" /> <meta name="contentType" content="" /> <meta name="featuredNews" content="no" /> <meta name="author-name" content="" /> <meta name="author-title" content="" /> <meta name="author-image" content="" />  <meta name="type" content="web" />  <meta name="showFeedbackWidget" content="yes" /> <meta name="showShareWidget" content="yes" />  <meta itemprop="name" content="Direct marketing" /> <meta itemprop="description" content="APP 7 applies to organisations that use or disclose personal information for direct marketing, but not to direct marketing that the Do Not Call Register Act 2006 or Spam Act 2003 covers" /> <meta itemprop="image" content="" />  <meta name="twitter:card" content="summary" /> <meta name="twitter:site" content="@OAICgov" /> <meta name="twitter:title" content="Direct marketing" /> <meta name="twitter:description" content="APP 7 applies to organisations that use or disclose personal information for direct marketing, but not to direct marketing that the Do Not Call Register Act 2006 or Spam Act 2003 covers" /> <meta name="twitter:image" content="" />  <meta property="og:title" content="Direct marketing" /> <meta property="og:type" content="website" /> <meta property="og:url" content="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/organisations/direct-marketing" /> <meta property="og:image" content="" /> <meta property="og:description" content="APP 7 applies to organisations that use or disclose personal information for direct marketing, but not to direct marketing that the Do Not Call Register Act 2006 or Spam Act 2003 covers" /> <meta property="og:site_name" content="OAIC" /> <meta property="article:published_time" content="2023-03-10T16:36:14+11:00" /> <meta property="article:modified_time" content="2024-09-05T11:52:17+10:00" /> <meta property="article:tag" content="" /> <meta name="theme-color" content="#fafafa">  <script src="//cdn-oc.readspeaker.com/script/9755/webReader/webReader.js?pids=wr" type="text/javascript" id="rs_req_Init"></script>  <script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start': new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0], j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src= 'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f); })(window,document,'script','dataLayer','GTM-PTH9SP3B');</script>   <meta name="google-site-verification" content="sQVHBUKhjuCjBjithPialZYhGQ5SPKwjb1_rY8OqsjA" /> <link rel="stylesheet" href="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/main.css?h=06ed308"> <link rel="stylesheet" href="https://www.oaic.gov.au/__data/assets/css_file/0024/240585/custom.css?v=0.1.202">  <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap-icons@1.11.3/font/bootstrap-icons.min.css"> <link rel="preconnect" href="https://fonts.googleapis.com"> <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin> <link href="https://fonts.googleapis.com/css2?family=Source+Code+Pro:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap" rel="stylesheet">  <link rel="shortcut icon" href="https://www.oaic.gov.au/__data/assets/image/0016/14182/favicon-32x32.png"> <link rel="apple-touch-icon" href="https://www.oaic.gov.au/__data/assets/image/0015/14181/apple-touch-icon.png">  </head> <body class="inside">  <section class="cookie-banner" aria-labelledby="cookie-heading"> <h2 class="visuallyhidden" id="cookie-heading">We use cookies on this site</h2> <div class="cookie-banner__content"> <div> <p>We use cookies to analyse traffic and to improve your browsing experience on our website. To find out more, read our <a href="https://www.oaic.gov.au/about-the-OAIC/our-corporate-information/plans-policies-and-procedures/privacy-policy">privacy policy</a>.</p> </div> <button class="cookie-banner__close primary-button" id="close-cookie-banner" aria-label="Close and accept cookie policy">Close</button> </div> </section>   <div class="skip-to-content"> <a href="#main-content-area" class="skip-to-content__link visuallyhidden focusable">Skip to main content</a> </div>  <div class="page-wrapper">     <header class="site-header"> <div class="utility-nav"> <div class="utility-nav__wrapper"> <a href="/news" class="utility-nav__link ">News</a> <a href="/about-the-OAIC/join-our-team" class="utility-nav__link ">Join our team</a> <a href="/contact-us" class="utility-nav__link ">Contact us</a> </div> </div> <div class="header-content"> <a href="https://www.oaic.gov.au" class="header-logo"> <img src="https://www.oaic.gov.au/__data/assets/file/0020/13664/oaic-header-logo.svg" alt="OAIC - Australian Government - Office of the Australian Information Commissioner"> </a> <button class="mobile-menu" aria-controls="header-nav" aria-expanded="false"> <img class="menu-icon menu-icon--burger" src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/mysource_files/hamburger-menu.svg" alt="open menu"> <img class="menu-icon menu-icon--close" src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/mysource_files/cancel-icon-white.svg" alt="close menu"> </button> <div class="search-container search-container--header"> <form class="input-form" action="https://www.oaic.gov.au/search" data-action="https://www.oaic.gov.au/search?SQ_ASSET_CONTENTS_RAW"> <input name="query" autocomplete="off" id="autoComplete" placeholder="Search…" class="search-box" aria-label="Search input" data-autocomplete-endpoint="https://dxp-au-search.funnelback.squiz.cloud/s/suggest.json?collection=113e9365-ffcc-4320-a995-5c1b98bea3bb~sp-oaic-web-new&profile=auto-completion-global&fmt=json%2B%2B&alpha=0.5&show=10"> <input type="hidden" name="form" value="result"> <button type="button" id="clear-text-btn" class="cancel-logo" aria-label="Clear text"> <img src="https://www.oaic.gov.au/__data/assets/file/0022/13666/cancel-icon.svg" alt="clear text cancel icon"> </button> <button type="submit" aria-label="Submit search"> <img class="search-icon" src="https://www.oaic.gov.au/__data/assets/file/0023/13667/search-outline.svg" alt="search icon thst submits form"> </button> </form> </div> <div id="header-nav" class="header-nav"> <nav class="header-nav__nav"> <div class="header-nav__item"> <a href="https://www.oaic.gov.au" class="header-nav__link " > Home </a> </div> <div class="header-nav__item"> <button class="header-nav__button current" aria-expanded="false" > Privacy <div class="header-nav__mobile-toggle"> <img src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/mysource_files/icon-plus-white.svg" class="icon-plus" alt="expand menu"> <img src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/mysource_files/icon-plus-white.svg" class="icon-minus" alt="collapse menu"> </div> <div class="header-nav__desktop-toggle"> <img src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/mysource_files/chevron-down-white.svg" alt="expand menu"> </div> </button> <div class="header-nav__sub"> <div class="header-nav__sub-wrapper"> <div class="header-nav__sub-first"> <a href="https://www.oaic.gov.au/privacy" class="header-nav__sub-link"> Privacy </a> </div> <div class="header-nav__sub-grid"> <a href="https://www.oaic.gov.au/privacy/your-privacy-rights" class="header-nav__sub-link"> Your privacy rights </a> <a href="https://www.oaic.gov.au/privacy/privacy-complaints" class="header-nav__sub-link"> Privacy complaints </a> <a href="https://www.oaic.gov.au/privacy/australian-privacy-principles" class="header-nav__sub-link"> Australian Privacy Principles </a> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies" class="header-nav__sub-link"> Privacy guidance for organisations and government agencies </a> <a href="https://www.oaic.gov.au/privacy/notifiable-data-breaches" class="header-nav__sub-link"> Notifiable data breaches </a> <a href="https://www.oaic.gov.au/privacy/privacy-legislation" class="header-nav__sub-link"> Privacy legislation </a> <a href="https://www.oaic.gov.au/privacy/privacy-assessments-and-decisions" class="header-nav__sub-link"> Privacy assessments and decisions </a> <a href="https://www.oaic.gov.au/privacy/privacy-registers" class="header-nav__sub-link"> Privacy registers </a> </div> </div> </div> </div> <div class="header-nav__item"> <button class="header-nav__button " aria-expanded="false" > Freedom of information <div class="header-nav__mobile-toggle"> <img src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/mysource_files/icon-plus-white.svg" class="icon-plus" alt="expand menu"> <img src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/mysource_files/icon-plus-white.svg" class="icon-minus" alt="collapse menu"> </div> <div class="header-nav__desktop-toggle"> <img src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/mysource_files/chevron-down-white.svg" alt="expand menu"> </div> </button> <div class="header-nav__sub"> <div class="header-nav__sub-wrapper"> <div class="header-nav__sub-first"> <a href="https://www.oaic.gov.au/freedom-of-information" class="header-nav__sub-link"> Freedom of information </a> </div> <div class="header-nav__sub-grid"> <a href="https://www.oaic.gov.au/freedom-of-information/your-freedom-of-information-rights" class="header-nav__sub-link"> Your freedom of information rights </a> <a href="https://www.oaic.gov.au/freedom-of-information/how-to-access-government-information" class="header-nav__sub-link"> How to access government information </a> <a href="https://www.oaic.gov.au/freedom-of-information/freedom-of-information-guidance-for-government-agencies" class="header-nav__sub-link"> Freedom of information guidance for government agencies </a> <a href="https://www.oaic.gov.au/freedom-of-information/freedom-of-information-legislation-and-determinations" class="header-nav__sub-link"> Freedom of information legislation and determinations </a> <a href="https://www.oaic.gov.au/freedom-of-information/information-commissioner-decisions-and-reports" class="header-nav__sub-link"> Information Commissioner decisions and reports </a> <a href="https://www.oaic.gov.au/freedom-of-information/freedom-of-information-statistics-for-the-oaic" class="header-nav__sub-link"> Freedom of information statistics for the OAIC </a> </div> </div> </div> </div> <div class="header-nav__item"> <button class="header-nav__button " aria-expanded="false" > Consumer Data Right <div class="header-nav__mobile-toggle"> <img src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/mysource_files/icon-plus-white.svg" class="icon-plus" alt="expand menu"> <img src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/mysource_files/icon-plus-white.svg" class="icon-minus" alt="collapse menu"> </div> <div class="header-nav__desktop-toggle"> <img src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/mysource_files/chevron-down-white.svg" alt="expand menu"> </div> </button> <div class="header-nav__sub"> <div class="header-nav__sub-wrapper"> <div class="header-nav__sub-first"> <a href="https://www.oaic.gov.au/consumer-data-right" class="header-nav__sub-link"> Consumer Data Right </a> </div> <div class="header-nav__sub-grid"> <a href="https://www.oaic.gov.au/consumer-data-right/information-for-consumers" class="header-nav__sub-link"> Information for consumers </a> <a href="https://www.oaic.gov.au/consumer-data-right/consumer-data-right-complaints" class="header-nav__sub-link"> Consumer Data Right complaints </a> <a href="https://www.oaic.gov.au/consumer-data-right/consumer-data-right-guidance-for-business" class="header-nav__sub-link"> Consumer Data Right guidance for business </a> <a href="https://www.oaic.gov.au/consumer-data-right/consumer-data-right-legislation,-regulation-and-definitions" class="header-nav__sub-link"> Consumer Data Right legislation, regulation and definitions </a> <a href="https://www.oaic.gov.au/consumer-data-right/consumer-data-right-assessments" class="header-nav__sub-link"> Consumer Data Right assessments </a> </div> </div> </div> </div> <div class="header-nav__item"> <a href="https://www.oaic.gov.au/digital-id" class="header-nav__link " > Digital ID </a> </div> <div class="header-nav__item"> <button class="header-nav__button " aria-expanded="false" > Engage with us <div class="header-nav__mobile-toggle"> <img src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/mysource_files/icon-plus-white.svg" class="icon-plus" alt="expand menu"> <img src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/mysource_files/icon-plus-white.svg" class="icon-minus" alt="collapse menu"> </div> <div class="header-nav__desktop-toggle"> <img src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/mysource_files/chevron-down-white.svg" alt="expand menu"> </div> </button> <div class="header-nav__sub"> <div class="header-nav__sub-wrapper"> <div class="header-nav__sub-first"> <a href="https://www.oaic.gov.au/engage-with-us" class="header-nav__sub-link"> Engage with us </a> </div> <div class="header-nav__sub-grid"> <a href="https://www.oaic.gov.au/engage-with-us/consultations" class="header-nav__sub-link"> Consultations </a> <a href="https://www.oaic.gov.au/engage-with-us/submissions" class="header-nav__sub-link"> Submissions </a> <a href="https://www.oaic.gov.au/engage-with-us/translations" class="header-nav__sub-link"> Translations </a> <a href="https://www.oaic.gov.au/engage-with-us/events" class="header-nav__sub-link"> Events </a> <a href="https://www.oaic.gov.au/engage-with-us/networks" class="header-nav__sub-link"> Networks </a> <a href="https://www.oaic.gov.au/engage-with-us/research-and-training-resources" class="header-nav__sub-link"> Research and training resources </a> </div> </div> </div> </div> <div class="header-nav__item"> <button class="header-nav__button " aria-expanded="false" > About the OAIC <div class="header-nav__mobile-toggle"> <img src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/mysource_files/icon-plus-white.svg" class="icon-plus" alt="expand menu"> <img src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/mysource_files/icon-plus-white.svg" class="icon-minus" alt="collapse menu"> </div> <div class="header-nav__desktop-toggle"> <img src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/mysource_files/chevron-down-white.svg" alt="expand menu"> </div> </button> <div class="header-nav__sub"> <div class="header-nav__sub-wrapper"> <div class="header-nav__sub-first"> <a href="https://www.oaic.gov.au/about-the-OAIC" class="header-nav__sub-link"> About the OAIC </a> </div> <div class="header-nav__sub-grid"> <a href="https://www.oaic.gov.au/about-the-OAIC/what-we-do" class="header-nav__sub-link"> What we do </a> <a href="https://www.oaic.gov.au/about-the-OAIC/who-we-are" class="header-nav__sub-link"> Who we are </a> <a href="https://www.oaic.gov.au/about-the-OAIC/join-our-team" class="header-nav__sub-link"> Join our team </a> <a href="https://www.oaic.gov.au/about-the-OAIC/access-our-information" class="header-nav__sub-link"> Access our information </a> <a href="https://www.oaic.gov.au/about-the-OAIC/our-regulatory-approach" class="header-nav__sub-link"> Our regulatory approach </a> <a href="https://www.oaic.gov.au/about-the-OAIC/our-corporate-information" class="header-nav__sub-link"> Our corporate information </a> <a href="https://www.oaic.gov.au/about-the-OAIC/information-policy" class="header-nav__sub-link"> Information policy </a> <a href="https://www.oaic.gov.au/about-the-OAIC/serving-legal-documents-on-the-australian-information-commissioner" class="header-nav__sub-link"> Serving legal documents on the Australian Information Commissioner </a> </div> </div> </div> </div> <div class="header-nav__item header-nav__item--mobile-only"> <a href="/news" class="header-nav__link">News</a> </div> <div class="header-nav__item header-nav__item--mobile-only"> <a href="/about-the-OAIC/join-our-team" class="header-nav__link">Join our team</a> </div> <div class="header-nav__item header-nav__item--mobile-only"> <a href="/contact-us" class="header-nav__link">Contact us</a> </div> </nav> </div> </div> </header> <div class="nav-close-overlay"></div>   <main class="main"> <div class="breadcrumb__wrapper"> <div class="section "> <div class="section-item flex-box "> <div class="breadcrumb breadcrumb--separator-chevron"> <nav class="breadcrumb__nav" aria-label="Breadcrumb"> <ul class="breadcrumb__list"> <span class="breadcrumb__list-item"><a href="https://www.oaic.gov.au" class="breadcrumb__list-item-link" aria-label="Go to home page"><svg xmlns="http://www.w3.org/2000/svg" version="1.0" viewBox="0 0 50 50" height="24" width="24"><path d="M25 9.0937 7.281 25.3747h5.563v15.531h24.312v-15.531h5.563L25 9.0937z" fill="currentColor"></path></svg></a></span> <li class="breadcrumb__list-item"> <a class="breadcrumb__list-item-link" href="https://www.oaic.gov.au/privacy">Privacy</a> </li> <li class="breadcrumb__list-item"> <a class="breadcrumb__list-item-link" href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies">Privacy guidance for organisations and government agencies</a> </li> <li class="breadcrumb__list-item"> <a class="breadcrumb__list-item-link" href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/organisations">Organisations</a> </li> <li class="breadcrumb__list-item"> <a class="breadcrumb__list-item-link" href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/organisations/direct-marketing">Direct marketing</a> </li> </ul> </nav> </div> </div> </div> </div> <div class="content-wrapper"> <div class="lhs-wrapper"> <div class="lhs-nav"> <a href="https://www.oaic.gov.au/privacy" class="lhs-nav__level-1"> Privacy </a> <div class="lhs-nav__nav-wrapper"> <div class="lhs-nav__level-2"> <h4> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies"> Privacy guidance for organisations and government agencies </a> </h4> <button class="lhs-nav__level-2-toggle" aria-expanded="false" aria-label="Expand Level 2 submenu: Privacy guidance for organisations and government agencies"> <img src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/mysource_files/icon-plus-white.svg" class="icon-plus" aria-hidden="true" /> <img src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/mysource_files/icon-minus-white.svg" class="icon-minus" aria-hidden="true" /> </button> </div> <ul class="lhs-nav__level-3"> <li class="lhs-nav__level-3-link current has-children"> <div class="lhs-nav__level-3-accordion"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/organisations"> Organisations </a> <button class="lhs-nav__level-3-toggle" aria-expanded="false" aria-label="Expand Level 3 submenu: Organisations"> <img src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/mysource_files/icon-plus.svg" class="icon-plus" aria-hidden="true" /> <img src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/mysource_files/icon-minus.svg" class="icon-minus" aria-hidden="true" /> </button> </div> <ul class="lhs-nav__level-4"> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/organisations/credit-reporting" class=""> Credit reporting </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/organisations/direct-marketing" class="current"> Direct marketing </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/organisations/employee-records-exemption" class=""> Employee records exemption </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/organisations/id-scanners" class=""> ID scanners </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/organisations/opting-in-to-the-privacy-act" class=""> Opting in to the Privacy Act </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/organisations/privacy-for-not-for-profits,-including-charities" class=""> Privacy for not-for-profits, including charities </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/organisations/privacy-management-plan-template" class=""> Privacy management plan template </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/organisations/selling-a-business" class=""> Selling a business </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/organisations/small-business" class=""> Small business </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/organisations/sporting-clubs" class=""> Sporting clubs </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/organisations/start-ups" class=""> Start-ups </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/organisations/tips-for-good-privacy-practice" class=""> Tips for good privacy practice </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/organisations/trading-in-personal-information" class=""> Trading in personal information </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/organisations/guidance-for-edr-schemes-when-handling-complaints-about-notifiable-data-breaches" class=""> Guidance for EDR schemes when handling complaints about notifiable data breaches </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/organisations/tracking-pixels-and-privacy-obligations" class=""> Tracking pixels and privacy obligations </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/organisations/facial-recognition-technology-a-guide-to-assessing-the-privacy-risks" class=""> Facial recognition technology: a guide to assessing the privacy risks </a> </li> </ul> </li> <li class="lhs-nav__level-3-link has-children"> <div class="lhs-nav__level-3-accordion"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/government-agencies"> Government agencies </a> <button class="lhs-nav__level-3-toggle" aria-expanded="false" aria-label="Expand Level 3 submenu: Government agencies"> <img src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/mysource_files/icon-plus.svg" class="icon-plus" aria-hidden="true" /> <img src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/mysource_files/icon-minus.svg" class="icon-minus" aria-hidden="true" /> </button> </div> <ul class="lhs-nav__level-4"> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/government-agencies/agency-referee-reports" class=""> Agency referee reports </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/government-agencies/australian-government-agencies-privacy-code" class=""> Australian Government Agencies Privacy Code </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/government-agencies/conducting-surveys" class=""> Conducting surveys </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/government-agencies/guidelines-on-data-matching-in-australian-government-administration" class=""> Guidelines on data matching in Australian Government administration </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/government-agencies/privacy-impact-assessment-register-assessment-program" class=""> Privacy impact assessment register assessment program </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/government-agencies/privacy-code-checklist" class=""> Privacy Code checklist </a> </li> </ul> </li> <li class="lhs-nav__level-3-link "> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/guidance-on-privacy-and-developing-and-training-generative-ai-models"> Guidance on privacy and developing and training generative AI models </a> </li> <li class="lhs-nav__level-3-link "> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/guidance-on-privacy-and-the-use-of-commercially-available-ai-products"> Guidance on privacy and the use of commercially available AI products </a> </li> <li class="lhs-nav__level-3-link has-children"> <div class="lhs-nav__level-3-accordion"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/health-service-providers"> Health service providers </a> <button class="lhs-nav__level-3-toggle" aria-expanded="false" aria-label="Expand Level 3 submenu: Health service providers"> <img src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/mysource_files/icon-plus.svg" class="icon-plus" aria-hidden="true" /> <img src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/mysource_files/icon-minus.svg" class="icon-minus" aria-hidden="true" /> </button> </div> <ul class="lhs-nav__level-4"> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/health-service-providers/communications-with-patients" class=""> Communications with patients </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/health-service-providers/data-breach-action-plan-for-health-service-providers" class=""> Data breach action plan for health service providers </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/health-service-providers/guide-to-health-privacy" class=""> Guide to health privacy </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/health-service-providers/individual-healthcare-identifiers" class=""> Individual healthcare identifiers </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/health-service-providers/my-health-record" class=""> My Health Record </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/health-service-providers/privacy-action-plan-for-your-health-practice" class=""> Privacy action plan for your health practice </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/health-service-providers/taking-photos-of-patients" class=""> Taking photos of patients </a> </li> </ul> </li> <li class="lhs-nav__level-3-link has-children"> <div class="lhs-nav__level-3-accordion"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/handling-personal-information"> Handling personal information </a> <button class="lhs-nav__level-3-toggle" aria-expanded="false" aria-label="Expand Level 3 submenu: Handling personal information"> <img src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/mysource_files/icon-plus.svg" class="icon-plus" aria-hidden="true" /> <img src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/mysource_files/icon-minus.svg" class="icon-minus" aria-hidden="true" /> </button> </div> <ul class="lhs-nav__level-4"> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/handling-personal-information/anti-money-laundering-obligations" class=""> Anti-money laundering obligations </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/handling-personal-information/centrelink-requests-for-information" class=""> Centrelink requests for information </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/handling-personal-information/dealing-with-requests-for-access-to-personal-information" class=""> Dealing with requests for access to personal information </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/handling-personal-information/dealing-with-requests-for-correction-of-personal-information" class=""> Dealing with requests for correction of personal information </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/handling-personal-information/de-identification-and-the-privacy-act" class=""> De-identification and the Privacy Act </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/handling-personal-information/de-identification-decision-making-framework" class=""> De-identification Decision-Making Framework </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/handling-personal-information/guide-to-securing-personal-information" class=""> Guide to securing personal information </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/handling-personal-information/guide-to-the-privacy-persons-reported-as-missing-rule-2024" class=""> Guide to the Privacy (Persons Reported as Missing) Rule 2024 </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/handling-personal-information/guidelines-for-state-and-territory-governments-creating-nationally-consistent-requirements-to-collect-personal-information-for-contact-tracing-purposes" class=""> Guidelines for state and territory governments: creating nationally consistent requirements to collect personal information for contact tracing purposes </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/handling-personal-information/national-relay-service" class=""> National Relay Service </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/handling-personal-information/posting-photos-and-videos" class=""> Posting photos and videos </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/handling-personal-information/protecting-customers-personal-information" class=""> Protecting customers' personal information </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/handling-personal-information/sending-personal-information-overseas" class=""> Sending personal information overseas </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/handling-personal-information/the-privacy-tax-file-number-rule-2015-and-the-protection-of-tax-file-number-information" class=""> The Privacy (Tax File Number) Rule 2015 and the protection of tax file number information </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/handling-personal-information/transfer-of-financial-adviser-records" class=""> Transfer of financial adviser records </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/handling-personal-information/what-is-personal-information" class=""> What is personal information? </a> </li> </ul> </li> <li class="lhs-nav__level-3-link has-children"> <div class="lhs-nav__level-3-accordion"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/preventing-preparing-for-and-responding-to-data-breaches"> Preventing, preparing for and responding to data breaches </a> <button class="lhs-nav__level-3-toggle" aria-expanded="false" aria-label="Expand Level 3 submenu: Preventing, preparing for and responding to data breaches"> <img src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/mysource_files/icon-plus.svg" class="icon-plus" aria-hidden="true" /> <img src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/mysource_files/icon-minus.svg" class="icon-minus" aria-hidden="true" /> </button> </div> <ul class="lhs-nav__level-4"> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/preventing-preparing-for-and-responding-to-data-breaches/data-breach-preparation-and-response" class=""> Data breach preparation and response </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/preventing-preparing-for-and-responding-to-data-breaches/preventing-data-breaches-advice-from-the-australian-cyber-security-centre" class=""> Preventing data breaches: advice from the Australian Cyber Security Centre </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/preventing-preparing-for-and-responding-to-data-breaches/guidance-for-entities-in-preparing-for-and-responding-to-cyber-incidents" class=""> Guidance for entities in preparing for and responding to cyber incidents </a> </li> </ul> </li> <li class="lhs-nav__level-3-link has-children"> <div class="lhs-nav__level-3-accordion"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/privacy-impact-assessments"> Privacy impact assessments </a> <button class="lhs-nav__level-3-toggle" aria-expanded="false" aria-label="Expand Level 3 submenu: Privacy impact assessments"> <img src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/mysource_files/icon-plus.svg" class="icon-plus" aria-hidden="true" /> <img src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/mysource_files/icon-minus.svg" class="icon-minus" aria-hidden="true" /> </button> </div> <ul class="lhs-nav__level-4"> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/privacy-impact-assessments/10-steps-to-undertaking-a-privacy-impact-assessment" class=""> 10 steps to undertaking a privacy impact assessment </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/privacy-impact-assessments/assessing-privacy-risks-in-changed-working-environments-privacy-impact-assessments" class=""> Assessing privacy risks in changed working environments: privacy impact assessments </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/privacy-impact-assessments/guide-to-undertaking-privacy-impact-assessments" class=""> Guide to undertaking privacy impact assessments </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/privacy-impact-assessments/privacy-by-design" class=""> Privacy by design </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/privacy-impact-assessments/privacy-impact-assessment-tool" class=""> Privacy impact assessment tool </a> </li> </ul> </li> <li class="lhs-nav__level-3-link has-children"> <div class="lhs-nav__level-3-accordion"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/covid-19"> COVID-19 </a> <button class="lhs-nav__level-3-toggle" aria-expanded="false" aria-label="Expand Level 3 submenu: COVID-19"> <img src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/mysource_files/icon-plus.svg" class="icon-plus" aria-hidden="true" /> <img src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/mysource_files/icon-minus.svg" class="icon-minus" aria-hidden="true" /> </button> </div> <ul class="lhs-nav__level-4"> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/covid-19/coronavirus-covid-19-understanding-your-privacy-obligations-to-your-staff" class=""> Coronavirus (COVID-19): understanding your privacy obligations to your staff </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/covid-19/coronavirus-covid-19-vaccinations-understanding-your-privacy-obligations-to-your-staff" class=""> Coronavirus (COVID-19) vaccinations: understanding your privacy obligations to your staff </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/covid-19/covidsafe-reports" class=""> COVIDSafe Reports </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/covid-19/guidance-for-businesses-collecting-personal-information-for-contract-tracing" class=""> Guidance for businesses collecting personal information for contract tracing </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/covid-19/national-covid-19-privacy-principles" class=""> National COVID-19 privacy principles </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/covid-19/privacy-update-on-the-covidsafe-app" class=""> Privacy update on the COVIDSafe app </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/covid-19/retention-and-deletion-of-personal-information-collected-during-covid-19" class=""> Retention and deletion of personal information collected during COVID-19 </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/covid-19/guidance-for-businesses-collecting-covid-19-vaccination-information" class=""> Guidance for businesses collecting COVID-19 vaccination information </a> </li> </ul> </li> <li class="lhs-nav__level-3-link has-children"> <div class="lhs-nav__level-3-accordion"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/more-guidance"> More guidance </a> <button class="lhs-nav__level-3-toggle" aria-expanded="false" aria-label="Expand Level 3 submenu: More guidance"> <img src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/mysource_files/icon-plus.svg" class="icon-plus" aria-hidden="true" /> <img src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/mysource_files/icon-minus.svg" class="icon-minus" aria-hidden="true" /> </button> </div> <ul class="lhs-nav__level-4"> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/more-guidance/australian-bushfires-disaster-emergency-declaration-understanding-your-privacy-obligations" class=""> Australian Bushfires Disaster Emergency Declaration: understanding your privacy obligations </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/more-guidance/australian-entities-and-the-european-union-general-data-protection-regulation" class=""> Australian entities and the European Union General Data Protection Regulation </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/more-guidance/emergencies-and-disasters" class=""> Emergencies and disasters </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/more-guidance/guide-to-data-analytics-and-the-australian-privacy-principles" class=""> Guide to data analytics and the Australian Privacy Principles </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/more-guidance/guide-to-developing-an-app-privacy-policy" class=""> Guide to developing an APP privacy policy </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/more-guidance/how-to-develop-an-app-privacy-policy-poster" class=""> How to develop an APP privacy policy (poster) </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/more-guidance/guidelines-for-developing-codes" class=""> Guidelines for developing codes </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/more-guidance/guidelines-for-recognising-external-dispute-resolution-schemes" class=""> Guidelines for recognising external dispute resolution schemes </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/more-guidance/handling-privacy-complaints" class=""> Handling privacy complaints </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/more-guidance/keeping-records-of-disclosures-under-the-telecommunications-act-1997" class=""> Keeping records of disclosures under the Telecommunications Act 1997 </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/more-guidance/mobile-privacy-a-better-practice-guide-for-mobile-app-developers" class=""> Mobile privacy: a better practice guide for mobile app developers </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/more-guidance/privacy-management-framework-enabling-compliance-and-encouraging-good-practice" class=""> Privacy management framework: enabling compliance and encouraging good practice </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/more-guidance/privacy-public-interest-determination-guide" class=""> Privacy public interest determination guide </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/more-guidance/self-assessment-checklist-privacy-obligations-under-the-data-retention-scheme" class=""> Self-assessment checklist: privacy obligations under the Data Retention Scheme </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/more-guidance/telecommunications-service-providers-obligations-arising-under-the-privacy-act-1988-as-a-result-of-part-5-1a-of-the-telecommunications-interception-and-access-act-1979" class=""> Telecommunications service providers' obligations arising under the Privacy Act 1988 as a result of Part 5-1A of the Telecommunications (Interception and Access) Act 1979 </a> </li> <li class="lhs-nav__level-4-link"> <a href="https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/more-guidance/privacy-considerations-for-financial-services-entities-receiving-data-from-a-carrier-or-carriage-service-provider-under-the-telecommunications-regulations" class=""> Privacy considerations for financial services entities receiving data from a carrier or carriage service provider </a> </li> </ul> </li> </ul> </div> </div> </div> <div class="middle-wrapper">  <div id="main-content-area" class="page-content"> <div class="toc"> <ul class="toc__list"> <li class="toc__heading"> <h2 class="toc-exclude">On this page</h2> </li> </ul> </div> <section class="banner-grey-newsroom__wrapper"> <div class="banner-grey-newsroom__content"> <h1 class="banner-grey-newsroom__title">Direct marketing</h1> </div> </section>  <script> if(document.querySelector('.banner-grey-newsroom__wrapper .banner-grey-newsroom__content')) { document.querySelector('.breadcrumb__wrapper').insertAdjacentElement('afterend',document.querySelector('.banner-grey-newsroom__wrapper .banner-grey-newsroom__content').closest(' .banner-grey-newsroom__wrapper')) } </script> <div class="gov-numbered-paragraphs" id="component_20566"> <p>Publication date: 1 May 2019</p><div><div id="page-content"><p>Australian Privacy Principle 7 (APP 7) applies to organisations that use or disclose personal information for direct marketing. It does not apply to direct marketing communications that are covered by the <em>Do Not Call Register Act 2006</em> (DNCR Act) or the <em>Spam Act 2003</em>.</p><p>This resource provides general information about how the requirements in each of these laws apply when an organisation direct markets to an individual. It is not a substitute for legal advice.</p><h2>What is direct marketing?</h2><p>Direct marketing involves the use or disclosure of personal information to communicate directly with an individual to promote goods or services. It can encompass any communication made by or on behalf of an organisation to an individual, including fundraising communications. The communication may occur through a variety of channels, including telephone, SMS, mail, email, social media, and online advertising.</p><p>Examples of using or disclosing personal information to direct market to an individual include:</p><ul><li>sending a catalogue in the mail addressed to an individual by name</li><li>targeting online advertising at an individual using their personal information</li></ul><p>More examples of when an entity uses or discloses personal information for direct marketing are in the <a href="https://www.oaic.gov.au/_old/privacy/australian-privacy-principles-guidelines/chapter-7-app-7-direct-marketing">APP guidelines.</a></p><h2>When is direct marketing allowed?</h2><p>This depends on the type of direct marketing communication used, and the type of organisation involved. The <a href="https://www.oaic.gov.au/_old/privacy/guidance-and-advice/direct-marketing#WhatRequireApplyDirectMarComms">flowchart below</a> will help you determine which requirements apply to a direct marketing communication.<br /> In summary:</p><ul><li>Telemarketers and fax marketers must not call or fax numbers listed on the Do Not Call Register (DNCR) as required in the DNCR Act (some exemptions apply). The DNCR Act does not apply where:</li><ul><li>calls or faxes are made by exempt entities, such as registered charities or political parties</li><li>calls or faxes are made by market researchers conducting opinion polling and social research, or</li><li>an individual has consented to the call or fax.</li></ul><li>Organisations that send messages of a commercial nature by email, SMS instant message, or MMS must comply with the Spam Act.</li><li>Where the DNCR Act and Spam Act do not apply, an organisation may need to comply with APP 7 to direct market to an individual.</li></ul><h2>When does APP 7 apply?</h2><p>APP 7 only applies to:</p><ul><li>private sector organisations covered by the Australian Privacy Principles. This means all businesses and not-for-profit organisations with an annual turnover of more than $3 million and some small businesses, including private sector health service providers and businesses that buy or sell personal information. These businesses are known as ‘organisations’ under the Privacy Act and may also be referred to as ‘APP entities’</li><li>marketing communications that use or disclose an individual’s personal information to direct market to them. Personal information is information that identifies an individual, or could reasonably identify them</li><li>direct marketing communications that are not covered by the DNCR Act or Spam Act</li></ul><p>This means APP 7 generally will apply to:</p><ul><li>direct marketing calls or faxes where the number is not listed on the DNCR, or the call is made by a registered charity</li><li>direct marketing by mail (whether sent by post or hand delivered) and door-to-door direct marketing</li><li>targeted marketing online, but only where using or disclosing an individual’s personal information (i.e. where direct marketing occurs)</li><li>marketing via a mobile application, if personal information is used to target that marketing.</li></ul><p>APP 7 generally will not apply to:</p><ul><li>direct marketing calls or faxes using numbers listed on the DNCR, except where the entity is exempt from the DNCR Act (such as registered charities), or where the individual has consented</li><li>direct marketing to an individual using a commercial electronic message, such as an email, instant message, SMS or MMS</li></ul><p>Individuals who receive direct marketing communications may not be aware that different requirements apply to different direct marketing communications. You can meet customer expectations and demonstrate privacy best practice if you adopt the standards of APP 7 for all direct marketing communications.<br /> Where APP 7 does not apply to a direct marketing communication, APP entities will still need to comply with other APPs, for example APP 6 (use and disclosure of personal information).</p><h2>How do you comply with APP 7?</h2><p>When APP 7 applies, you can only use or disclose an individual’s personal information for direct marketing in certain circumstances.</p><p>You can only use or disclose an individual’s <a href="https://www.oaic.gov.au/_old/privacy/australian-privacy-principles-guidelines/chapter-b-key-concepts#sensitive-information">‘sensitive information’</a> (which includes personal information about their health, political opinions, their racial or ethnic origin or their sexual orientation) for direct marketing if the individual has given their <a href="https://www.oaic.gov.au/_old/privacy/australian-privacy-principles-guidelines/chapter-b-key-concepts#consent">consent</a>.</p><p>You can only use or disclose other types of personal information for direct marketing if:</p><ul><li>you collected the personal information directly from the individual and the individual would reasonably expect their personal information to be used or disclosed for direct marketing</li><li>the individual has consented to their personal information being used or disclosed for direct marketing, or</li><li>it is impractical to get the individual’s consent to their personal information being used or disclosed for direct marketing</li></ul><p>More information about when an individual would ‘reasonably expect’ their personal information to be used or disclosed for direct marketing, what constitutes ‘consent’, and when it would be ‘impractical’ to get an individual’s consent can be found in the <a href="https://www.oaic.gov.au/_old/privacy/australian-privacy-principles-guidelines/chapter-7-app-7-direct-marketing">APP guidelines.</a> <br /> When you use or disclose an individual’s personal information for direct marketing, you must do all of the following:</p><ul><li>provide the individual with a simple means of opting out of future direct marketing communications</li><li>give the individual information about how to opt out in each direct marketing communication (such as by including an obvious statement in the marketing material) – this only applies where you collected an individual’s personal information from someone else, or where the individual would not reasonably expect their personal information to be used or disclosed for direct marketing purposes</li><li>if requested, stop using or disclosing an individual’s personal information for direct marketing within a reasonable period of the individual making the request, and</li><li>if requested, tell the individual where you got their personal information from (unless this is not reasonable or practical). You must provide the individual with a response within a reasonable period of time – generally within 30 days of the request</li></ul><p>More information about these obligations, including providing a simple means for opting out, is contained in the <a href="https://www.oaic.gov.au/_old/privacy/australian-privacy-principles-guidelines/chapter-7-app-7-direct-marketing">APP guidelines.</a></p><h2>What are the requirements when you facilitate direct marketing?</h2><p>APP 7 also includes requirements for organisations that use or disclose individuals’ personal information to facilitate direct marketing by other organisations. An entity facilitates direct marketing where it collects personal information for the purpose of providing that personal information to other entities, so those entities can undertake direct marketing of their own products or services.</p><p>One of the APP 7 requirements is that organisations must stop using or disclosing an individual’s personal information to facilitate direct marketing if requested by the individual.</p><p>Examples of when an entity facilitates direct marketing, and more information about the obligations when doing so, are contained in the <a href="https://www.oaic.gov.au/_old/privacy/australian-privacy-principles-guidelines/chapter-7-app-7-direct-marketing">APP guidelines.</a></p><h2><a name="WhatAreRequirementsDNCRspamActs"></a>What are the requirements of the DNCR Act and the Spam Act?</h2><p>Two key rules set out in the DNCR Act are:</p><ul><li>you cannot make direct telemarketing calls to a number listed on the DNCR unless the individual has consented or you are an exempt entity (such as a registered charity), and</li><li>you must ensure that all agreements for the purpose of making telemarketing calls include an express provision that requires compliance with the DNCR Act</li></ul><p>The Telecommunications (Telemarketing and Research Calls (Industry Standard 2017 sets out rules that apply to any person or business intending to make telemarketing or research calls, regardless of whether they are exempt from the DNCR Act. These rules cover:</p><ul><li>when telemarketing and research calls cannot be made</li><li>information that must be provided during a telemarketing or research call</li><li>when calls must be terminated</li><li>the use of calling line identification</li></ul><p>If you direct market using a commercial electronic message such as an email, instant message, SMS or MMS, it must comply with the Spam Act. This requires:</p><ul><li>commercial electronic messages to be sent with the consent of the recipient</li><li>accurate sender identification including the sender’s contact information</li><li>a functional unsubscribe mechanism</li></ul><p>A partial exemption from these requirements applies with respect to certain messages (such as messages of a factual nature only, without a commercial element).</p><h2>Can a business use customer information for marketing purposes?</h2><p>Generally, organisations covered by the Australian Privacy Principles must not use the personal information they hold for the purpose of <a href="https://www.oaic.gov.au/_old/privacy/australian-privacy-principles-guidelines/chapter-7-app-7-direct-marketing">direct marketing</a>. However, there are some exceptions.</p><p>For example, a business may use the personal information it collects for marketing if it has collected the information directly from its customers, and the customers would reasonably expect the business to use it for marketing or if its customers have consented. It must also provide a way to easily opt out of receiving marketing messages, and must stop sending marketing offers if asked.</p><h2>Can a business create personal profiles of business associates or clients to help build a relationship?</h2><p>Yes, a business can do this, even if it is subject to the Australian Privacy Principles. But there are some restrictions:</p><ul><li>a business cannot use unfair means to collect the information, so it cannot trick someone into giving the information or spy on them</li><li>a business can use the information for building a relationship but if it wants to use the information for some other purpose it can only do so if the client would reasonably expect that to happen or has consented</li></ul><p>If a business is collecting sensitive information (racial origin, political opinions, religion, philosophical beliefs, sexual preferences, criminal record, or health information) it will need the consent of the individual.</p><h2>Can a business use public sources of personal information, like the internet or public registers, to approach potential customers?</h2><p>Yes, the Australian Privacy Principles do not prevent a business from using publicly available personal information for marketing purposes.</p><p>The business will still be required to comply with the <a href="https://www.oaic.gov.au/_old/privacy/australian-privacy-principles/australian-privacy-principles-quick-reference">APPs</a>, in particular APP 7 which requires the business to have the individual’s consent (or it must be impracticable to obtain the individual’s consent) and it must provide a simple means by which the individual may easily request not to receive further direct marketing communications. It will also need to consider any obligations it may have under the DNCR Act and Spam Act.</p><p>Some public registers have specific laws that limit the use of the information on the register. The business should check any restrictions with the relevant body, for example, the Australian Electoral Commission or the state land title office.</p><h2>Can a business use random number dialling to market products?</h2><p>The Australian Privacy Principles do not prevent a business from using random number dialling to market products.</p><p>If a business is collecting personal information during the call it will need to comply with the Australian Privacy Principles, and consider any obligations it may have under the DNCR Act and Spam Act.</p><h2><a name="WhatRequireApplyDirectMarComms"></a>What requirements apply to direct marketing communications?</h2><p><img title="" src="https://www.oaic.gov.au/__data/assets/file/0004/1120/appendix-a-flowchart.svg" alt="What requirements apply to direct marketing communications?" width="872" height="1490" /></p></div></div> </div> </div>  </div> </div> </main>   <div class="footer"> <div class="footer__upper"> <div class="footer__upper--wrapper"> <div class="back-to-top__wrapper"> <button class="back-to-top" aria-label="Back to top"> <svg class="back-to-top__icon" aria-hidden="true" focusable="false" width="28" height="47" viewBox="0 0 28 47" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M6 8.82715L14 1.00106" stroke="white" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/><path d="M22 8.82715L14 1.00106" stroke="white" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/><path d="M14 21L14 1" stroke="white" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/><path d="M2.94 41V33.41H0.36V31.25H8.1V33.41H5.52V41H2.94ZM13.2027 41.18C12.5227 41.18 11.9027 41.065 11.3427 40.835C10.7927 40.605 10.3177 40.275 9.9177 39.845C9.5277 39.405 9.2227 38.87 9.0027 38.24C8.7827 37.6 8.6727 36.88 8.6727 36.08C8.6727 35.28 8.7827 34.57 9.0027 33.95C9.2227 33.32 9.5277 32.795 9.9177 32.375C10.3177 31.945 10.7927 31.62 11.3427 31.4C11.9027 31.18 12.5227 31.07 13.2027 31.07C13.8727 31.07 14.4877 31.18 15.0477 31.4C15.6077 31.62 16.0827 31.945 16.4727 32.375C16.8727 32.805 17.1827 33.33 17.4027 33.95C17.6227 34.57 17.7327 35.28 17.7327 36.08C17.7327 36.88 17.6227 37.6 17.4027 38.24C17.1827 38.87 16.8727 39.405 16.4727 39.845C16.0827 40.275 15.6077 40.605 15.0477 40.835C14.4877 41.065 13.8727 41.18 13.2027 41.18ZM13.2027 38.96C13.7927 38.96 14.2527 38.705 14.5827 38.195C14.9227 37.675 15.0927 36.97 15.0927 36.08C15.0927 35.19 14.9227 34.505 14.5827 34.025C14.2527 33.535 13.7927 33.29 13.2027 33.29C12.6127 33.29 12.1477 33.535 11.8077 34.025C11.4777 34.505 11.3127 35.19 11.3127 36.08C11.3127 36.97 11.4777 37.675 11.8077 38.195C12.1477 38.705 12.6127 38.96 13.2027 38.96ZM19.4784 41V31.25H23.0484C23.5784 31.25 24.0834 31.305 24.5634 31.415C25.0434 31.515 25.4634 31.695 25.8234 31.955C26.1834 32.205 26.4684 32.54 26.6784 32.96C26.8984 33.37 27.0084 33.88 27.0084 34.49C27.0084 35.09 26.8984 35.605 26.6784 36.035C26.4684 36.465 26.1834 36.82 25.8234 37.1C25.4634 37.37 25.0484 37.575 24.5784 37.715C24.1084 37.845 23.6184 37.91 23.1084 37.91H22.0584V41H19.4784ZM22.0584 35.87H22.9884C23.4984 35.87 23.8734 35.75 24.1134 35.51C24.3634 35.27 24.4884 34.93 24.4884 34.49C24.4884 34.05 24.3534 33.74 24.0834 33.56C23.8134 33.38 23.4284 33.29 22.9284 33.29H22.0584V35.87Z" fill="white"/></svg> </button> </div> <div class="footer__logo-group"> <img src="https://www.oaic.gov.au/__data/assets/file/0020/12962/logo.svg" class="logo--main" alt="OAIC logo"> <a href="https://www.oaic.gov.au/about-the-OAIC/access-our-information/freedom-of-information-requests-to-the-oaic" class="footer-logo" aria-label="OAIC sub-logo"> <img src="https://www.oaic.gov.au/__data/assets/file/0021/12963/logo2.svg" class="logo--sub" alt="OAIC sub logo"> </a> <a href="https://www.oaic.gov.au/about-the-OAIC/access-our-information/our-information-publication-scheme" class="footer-logo" aria-label="OAIC Information Publication Scheme"> <img src="https://www.oaic.gov.au/__data/assets/image/0026/91385/ips_white_text.png" class="logo--sub" width="120px" alt="Information Publication Scheme"> </a> </div><div class="footer__link-group"> <ul class="link-list"> <li><a href="https://www.oaic.gov.au/sitemap" class="footer-link" aria-label="Site map">Site map</a></li><li><a href="https://www.oaic.gov.au/about-the-OAIC/copyright" class="footer-link" aria-label="Copyright">Copyright</a></li><li><a href="https://www.oaic.gov.au/about-the-OAIC/terms-and-conditions" class="footer-link" aria-label="Terms and conditions">Terms and conditions</a></li><li><a href="https://www.oaic.gov.au/about-the-OAIC/our-corporate-information/plans-policies-and-procedures/privacy-policy" class="footer-link" aria-label="Privacy policy">Privacy policy</a></li><li><a href="https://www.oaic.gov.au/about-the-OAIC/accessibility" class="footer-link" aria-label="Accessibility">Accessibility</a></li> </ul> </div> </div> </div> <div class="footer__lower"> <div class="footer__util-group"> <div class="footer__contact"> <a href="https://www.oaic.gov.au/contact-us" class="contact--link" aria-label="Contact us">Contact us</a> <a href="tel:1300 363 992" class="contact--phone" aria-label="Call 1300 363 992">1300 363 992</a> <p class="contact--hours">Monday to Thursday 10 am to 4 pm (AEST/AEDT)</p> </div> <div id="footer_language_listing_13517"> <div class="footer__language-list"> <label for="languages">Translations</label> <select name="languages" id="languages" onChange="if (this.value.startsWith('https://www.oaic.gov.au')) window.location = this.value;"> <option value="">Please select…</option> <option lang="ar" value="https://www.oaic.gov.au/engage-with-us/translations/arabic">العربية</option><option lang="zh" value="https://www.oaic.gov.au/engage-with-us/translations/chinese">中文</option><option lang="el" value="https://www.oaic.gov.au/engage-with-us/translations/greek">ελληνικός</option><option lang="it" value="https://www.oaic.gov.au/engage-with-us/translations/italian">Italiano</option><option lang="es" value="https://www.oaic.gov.au/engage-with-us/translations/spanish">Español</option><option lang="th" value="https://www.oaic.gov.au/engage-with-us/translations/thai">ไทย</option><option lang="vi" value="https://www.oaic.gov.au/engage-with-us/translations/vietnamese">Tiếng Việt</option><option lang="EN" value="https://www.oaic.gov.au/engage-with-us/translations/easy-english">Easy English</option> </select> </div> </div> <div class="footer__social"> <p class="social--header">Follow us</p> <ul class="social-list"> <li> <a href="https://www.facebook.com/OAICgov" class="social-link social-link--facebook" aria-label="OAIC on Facebook"> <img class="social-icon" src="https://www.oaic.gov.au/__data/assets/file/0025/12958/facebook.svg" alt="OAIC on Facebook"> </a> </li> <li> <a href="https://twitter.com/OAICgov" class="social-link social-link--twitter" aria-label="OAIC on Twitter" > <img class="social-icon" src="https://www.oaic.gov.au/__data/assets/file/0026/12959/x-logo.svg" alt="OAIC on Twitter"> </a> </li> <li> <a href="https://www.youtube.com/user/oaicgov" class="social-link social-link--youtube" aria-label="OAIC on Youtube" > <img class="social-icon" src="https://www.oaic.gov.au/__data/assets/file/0018/12960/youtube.svg" alt="OAIC on Youtube"> </a> </li> <li> <a href="https://au.linkedin.com/company/office-of-the-australian-information-commissioner" class="social-link social-link--linkedin" aria-label="OAIC on Linkedin"> <img class="social-icon" src="https://www.oaic.gov.au/__data/assets/file/0019/12961/linkedin.svg" alt="OAIC on Linkedin"> </a> </li> <li> <a href="https://www.instagram.com/oaicgov/" class="social-link social-link--Instagram" aria-label="OAIC on Instagram" > <img class="social-icon" src="https://www.oaic.gov.au/__data/assets/file/0023/91364/Instagram_Glyph_White.svg" alt="OAIC on Instagram"> </a> </li> </ul> </div> </div> <div class="footer__content-group"> <p class="footer__content-header">Acknowledgement of Country</p> <p class="footer__content-text">The OAIC acknowledges Traditional Custodians of Country across Australia and their continuing connection to land, waters and communities. We pay our respect to First Nations people, cultures and Elders past and present.</p> <p class="footer__content-copyright">© Commonwealth of Australia</p> </div> </div> </div>   </div>   <div id="footer_js" style="display: none !important;"> <script src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/js/runtime.js?h=06ed308"></script> <script src="https://www.oaic.gov.au/__data/assets/git_bridge/0012/12063/js/main.js?h=06ed308"></script> <script src="https://www.oaic.gov.au/__data/assets/js_file/0025/242791/custom.js"></script> <script> var lhsWrapper = document.querySelector('.lhs-wrapper'); if(lhsWrapper) { lhsWrapper.innerHTML.trim() === '' ? lhsWrapper.style.display='none' : ''; } //Readpeaker function readSpeaker() { var readButtonContent = ` <div id="readspeaker_button1" class="rs_skip rsbtn rs_preserve"> <a rel="nofollow" class="rsbtn_play" accesskey="L" title="Listen to this page using ReadSpeaker webReader" href="//app-oc.readspeaker.com/cgi-bin/rsent?customerid=9755&lang=en_au&readclass=page-content&url=https%3A%2F%2Fwww.oaic.gov.au%2Fprivacy%2Fprivacy-guidance-for-organisations-and-government-agencies%2Forganisations%2Fdirect-marketing"> <span class="rsbtn_left rsimg rspart"><span class="rsbtn_text"><span>Listen</span></span></span> <span class="rsbtn_right rsimg rsplay rspart"></span> </a> </div>`; var readButtonSearch = ` <div id="readspeaker_button2" class="rs_skip rsbtn rs_preserve"> <a rel="nofollow" class="rsbtn_play" accesskey="L" title="Listen to this page using ReadSpeaker webReader" href="//app-oc.readspeaker.com/cgi-bin/rsent?customerid=9755&lang=en_au&readclass=search-content&url=https%3A%2F%2Fwww.oaic.gov.au%2Fprivacy%2Fprivacy-guidance-for-organisations-and-government-agencies%2Forganisations%2Fdirect-marketing"> <span class="rsbtn_left rsimg rspart"><span class="rsbtn_text"><span>Listen</span></span></span> <span class="rsbtn_right rsimg rsplay rspart"></span> </a> </div>`; //for content pages var pageContent = document.querySelector('.page-content'); //for search pages var pageSearch = document.querySelector('.search-content'); if(pageContent) pageContent.insertAdjacentHTML('afterbegin', readButtonContent); if(pageSearch) pageSearch.insertAdjacentHTML('afterbegin', readButtonSearch); } readSpeaker(); </script> <script> function feedbackGrepCallback(response) { if (response.length > 0) { document.querySelector(".feedback__submit input").disabled = false } } function feedbackGrepExpiredCallback(response) { if (!response) { document.querySelector(".feedback__submit input").disabled = true } } </script> </div> <style> .page-content section.banner-grey-newsroom__wrapper, .page-content section.landing-page { display: none; } </style>   </body> </html>

CINXE.COM

Direct marketing | OAIC