The Privacy Act has twelve information privacy principles. For the full text of each, click on its number. As a brief guide, though:
Principle 1, Principle 2, Principle 3 and Principle 4 govern the collection of personal information. This includes the reasons why personal information may be collected, where it may be collected from, and how it is collected.
Principle 5 governs the way personal information is stored. It is designed to protect personal information from unauthorised use or disclosure.
Principle 6 gives individuals the right to access information about themselves.
Principle 7 gives individuals the right to correct information about themselves.
Principle 8 and Principle 9, Principle 10 and Principle 11 place restrictions on how people and organisations can use or disclose personal information. These include ensuring information is accurate and up-to-date, and that it isn't improperly disclosed.
Principle 12 governs how "unique identifiers" - such as IRD numbers, bank client numbers, driver's licence and passport numbers - can be used.
For more information view our Information Privacy Principles Fact Sheet