Public Sector Commission Privacy Policy

Date approved: Monday, 29 June 2026
Last updated:

Privacy at the Public Sector Commission

The Public Sector Commission is committed to protecting your privacy and handling personal information openly, lawfully and responsibly.

About this policy

This Privacy Policy explains how we collect, use, disclose, store and protect personal information in accordance with the Privacy and Responsible Information Sharing Act 2024 (WA) (PRIS Act).

Personal information

In this policy, personal information means information or an opinion, whether true or not, and whether recorded in a material form or not, that relates to an individual, whether living or dead, whose identity is apparent or can reasonably be ascertained from the information or opinion.

Sensitive information

Sensitive personal information is a subset of personal information and includes information or an opinion about an individual’s:

  • racial or ethnic origin
  • gender identity, in a case where the individual’s gender identity does not correspond with their designated sex at birth
  • sexual orientation or practices
  • political opinions
  • membership of a political association
  • religious beliefs or affiliations
  • philosophical beliefs
  • membership of a professional or trade association
  • membership of a trade union
  • criminal record
  • health information.

The Commission only collects personal information that is reasonably necessary to perform its functions, deliver services, meet legal obligations and improve public sector capability and integrity.

In addition to its obligations under this privacy policy, the Commission is subject to a number of legal requirements that affect how it collects, uses and discloses personal information. Those legal requirements include legislative frameworks like the Public Sector Management Act 1994, the Freedom of Information Act 1992 and the State Records Act 2000, as well as legal documents like court orders. The Commission must comply with any legal requirements even if they are inconsistent with this policy.

Our functions involving personal information

The Commission strengthens the efficiency, effectiveness and integrity of the Western Australian public sector. It supports agencies, public sector bodies and individuals through standards, advice, capability programs, workforce data, integrity functions and public sector reform.

The Commission aims to collect only the personal or sensitive information it needs to carry out its functions and role, including:

  • performing its statutory functions under the Public Sector Management Act 1994; Corruption, Crime and Misconduct Act 2003; Integrity (Lobbyists) Act 2016; and Public Interest Disclosure Act 2003
  • supporting leadership, workforce capability and organisational development across the Western Australian public sector
  • setting standards of conduct, integrity and performance
  • receiving, assessing and managing complaints, disclosures and breach claims
  • assessing, referring and investigating allegations of misconduct
  • conducting reviews, inquiries and evaluations
  • regulating lobbyist registration and compliance
  • collecting, analysing and reporting workforce data
  • delivering leadership, learning and development programs
  • providing advice, guidance and resources to public sector agencies
  • maintaining subscription services so that individuals who subscribe can receive information and other communications
  • undertaking recruitment and managing employment (including job applications, staff performance, pay, superannuation and tax information, diversity information including age, sexual orientation, ethnicity, employment history and medical certificates)
  • operating websites, online services and digital platforms.

We also handle personal information to manage our workforce, facilities, contractors, service providers and business operations.

Types of personal information collected

In performing its functions, the Commission may collect and hold personal information. The type of information collected depends on the service, activity or function involved.

The Commission may collect:

  • identity and contact details for individuals (e.g. name, phone number, email and postal address)
  • information relating to individuals’ personal circumstances and health (e.g. age, gender and family circumstances including spouses, carers and dependents) 
  • information relating to individuals’ financial affairs (e.g. payment details, bank account details) 
  • other information relating to identity (e.g. date of birth, signatures, citizenship and visa status) 
  • information about employment (e.g. employment status and work history, education status, referee comments, salary)
  • government identifiers (e.g. tax file number).

The Commission may also collect sensitive personal information where authorised or required by law, including:

  • health information, including disability information where relevant to a service, program or employment matter
  • racial, ethnic, cultural or linguistic background information where collected for lawful reporting or service purposes
  • information about criminal history or related background where relevant to integrity, complaint, investigation or employment functions
  • information about professional association or union membership where relevant to a matter before the Commission.

The Commission may also collect information about how you use our online services. For example, the Commission uses social networking services such as Facebook, Instagram and LinkedIn to communicate with the public. When you communicate with the Commission using these services personal information may be collected to respond to you and the public. These social networking services will also handle your personal information for their own purposes. These services have their own privacy policies. You can access the privacy policies for these services on their websites. 

Remaining anonymous

Where lawful and practical, you may interact with the Commission anonymously or using a pseudonym. Examples may include making general enquiries or accessing publicly available information. However, in some instances it will be necessary for you to provide some personal information.

For example, the Commission would require personal information for employment or when confirming your identity for the release of personal information. You will be informed if you are not able to remain anonymous or use a pseudonym when dealing with us.

De-identification

Where required and deemed appropriate, the Commission may de-identify personal information for sector capability evaluation, system performance monitoring and integrity monitoring. It takes reasonable steps to prevent re-identification.

How personal information is collected

The main way that the Commission collects personal information about you is when you provide it. The Commission may collect personal information about individuals through surveys, email and phone communications, correspondence and submissions, forms and notices (including online systems) and via our websites. This includes: 

  • from the individual directly or through their authorised representative
  • via a third party if permitted by law.

The Commission may also collect personal information from other sources where it is required or authorised by law, where the individual has consented, or where it is not reasonable or practical to collect the information directly. Other sources may include public sector agencies, employers, referees, authorised representatives, contractors, service providers, people involved in a matter before the Commission and publicly available sources.

When the Commission collects personal information directly, it will provide a collection notice that explains why the information is being collected, how it may be used or disclosed, whether the collection is required or authorised by law, and how the individual may access or correct the information.

There may be situations where the Commission cannot provide a collection notice. This may include where notification would be inconsistent with a legal obligation, statutory secrecy requirement, legal professional privilege or a legal obligation of confidence, or where notification may pose a serious threat to health, safety or an investigation.

How personal information is used and disclosed

The Commission uses and discloses personal information for the purpose for which it was collected, a related purpose the individual would reasonably expect, where the individual has consented, or where permitted or required by law.

The Commission may disclose personal information to public sector agencies, oversight bodies, courts or tribunals, contracted service providers, professional advisers or other parties where disclosure is necessary for the Commission’s functions or required or authorised by law.

The Commission does not use personal information for unrelated purposes unless the individual consents or the law requires or authorises the use or disclosure.

The Commission may also use third party providers to deliver or otherwise communicate content. These third parties may collect and store your personal information in servers outside of Australia, they include Google, Facebook, LinkedIn, Instagram, YouTube, Amazon Web Services and others. Such third party sites have their own privacy policies and may send their own cookies to your computer. The Commission does not control third party privacy policies or the setting of third party cookies and suggests you check their websites for more information.

The Commission does not currently employ automated decision making processes involving the use of personal information to make significant decisions about an individual.

Content on the WA.gov.au website

The Commission hosts its website content on the WA Government’s WA.gov.au website. There is a separate privacy statement for the website. 

The website may use 'cookies'. The website also uses Google Analytics to gather information about visitors to help improve the service. When you use the website the Commission will only collect anonymous information. 

No identifiable personal data is collected. By using the website, you consent to the processing of data about you by Google in the manner described in Google's Privacy Statement and for the purposes set out above. 

You can opt out of Google Analytics if you disable or refuse the cookie, disable JavaScript, or use the opt-out service provided by Google. 

The Commission’s content on wa.gov.au may include links to other websites. The Commission is not responsible for the content or privacy practices of linked websites. 

Find out more about the WA Government’s collection and use of information from websites at WA.gov.au in the privacy statement.

Access and correction of personal information

You have a right to request access to personal information the Commission holds about you under the Freedom of Information Act 1992. You can also apply to have your personal information corrected if the information is inaccurate, incomplete, out of date or misleading.

The Commission will manage requests for access to personal information and correction of personal information in accordance with the Freedom of Information Act 1992. Information about how to apply, including an application form, can be found on the Commission’s website here.

How personal information is stored and protected

The Commission takes its obligations to protect personal information seriously. It takes reasonable steps to protect personal information against misuse, interference and loss, and from unauthorised access, modification or disclosure.

These steps include: 

  • classifying and storing records appropriately following the WA Government Information Classification policy 
  • internal access to information is limited to authorised employees and may be further controlled on a need to know basis 
  • applying contractual privacy, confidentiality and security obligations to service providers
  • monitoring system access with security controls and reports 
  • ensuring the security of our buildings
  • regularly updating and auditing our storage and data systems. 

When personal information is collected from a third party, the Commission will take steps to inform you of the collection. This may occur through this privacy policy, notices or discussions on websites or as part of a contracting process.

If personal information the Commission holds is lost or subject to unauthorised access or disclosure, the Commission will respond in accordance with the WA Government Cyber Security Policy and applicable data breach processes. The Commission will aim to provide timely advice to affected individuals if a data breach is likely to result in serious harm.

The Commission retains and disposes of records, including personal information within them, in accordance with the State Records Act 2000, its recordkeeping requirements and approved retention and disposal authorities.

How to make a privacy complaint

If you are not satisfied with how the Commission has collected, held, used or disclosed your personal information, you can make a complaint using the contact information below.

Your complaint should include:

  • a short description of your privacy concern
  • any action or dealings you have had with Commission staff to address your concern
  • your preferred contact details so the Commission can contact you about your complaint.

Contact the Commission

Contact the Commission if you want to:

  • ask questions about this privacy policy
  • request a copy of this policy in an alternative format
  • obtain access to or seek correction of your personal information held by the Commission
  • make a privacy complaint about the Commission.

Contact:

Privacy Officer
Public Sector Commission
Locked Bag 3002
WEST PERTH  WA  6872

T: (08) 6552 8500 

E: admin@psc.wa.gov.au

If an individual is not satisfied with the outcome of their complaint, they should contact the Information Commissioner.

Contact:

Information Commissioner 
Office of the Information Commissioner
Albert Facey House 
469 Wellington Street
PERTH WA  6000

T: 08 6551 7888

E: info@oic.wa.gov.au

Review of this policy

Updates to this privacy policy will be made periodically, so please check back.

Have a question or want to report a problem?

Fill in the form to get assistance or tell us about a problem with this information or service.

Send feedback