Skip to main content Skip to main navigation

Privacy and Personal Information Statement

1. Overview

As the capital city of Western Australia, Perth is the business, government, transport, cultural and entertainment hub of the metropolitan area.  The City of Perth (the City) provides and supports a wide range of services, facilities and activities, including community centres, public places, environmental management, waste services, events, and regulatory and compliance functions.

Many of these activities rely on the responsible collection, use, storage, and disclosure of personal information.

This Privacy and Personal Information Statement sets out, at a high level, how the City collects, uses, discloses, stores, and protects personal information, and how you can exercise your privacy rights.

It is supported by the City’s Information Management Governance Framework and other internal policies, procedures and governance processes to demonstrate the City’s commitment to protecting information while enabling effective service delivery.

2. Our obligations

The City collects and uses personal information for services to the public and protects against the unauthorised use of, access to, and disclosure of that information.

The City is a Western Australian local government and a public sector entity for the purposes of the Privacy and Responsible Information Sharing Act 2024 (the PRIS Act).

Under the PRIS Act, the City follows the eleven Information Privacy Principles (IPPs) that govern how personal information is:

  • collected;
  • used and disclosed;
  • stored and protected; and
  • accessed and corrected.

Oversight of PRIS Act information protection and sharing and WA Freedom of Information Act 1992 requirements is provided by the Office of the Information Commissioner Western Australia.

The Office of the Australian Privacy Commissioner is the national regulator for Privacy Act 1988 (Cth) Schedule 2 and Commonwealth Freedom of Information Act 1982 requirements.

3. What is Personal Information?

Personal information is information or an opinion, whether true or not, whether recently recorded or not and whether recorded in a material form or not, about an individual, whether living or dead, whose identity is apparent or can reasonably be ascertained from the information or opinion.

Depending on the function or activity being provided, personal information collected may include:

  • names and contact details;
  • date of birth;
  • residential or postal addresses;
  • employment or business information;
  • information about a person’s location;
  • technical or behavioural information in relation to a person’s identity or their activities and preferences;
  • account, reference or identifying numbers;
  • unique identifiers, online identifiers and pseudonyms; and
  • other information that infers or identifies, or could reasonably identify, an individual.

Some personal information is classified as Sensitive Personal Information. This includes information such as health information, racial or ethnic origin and other information that requires a higher level of protection. The City only collects sensitive personal information where consent has been given or where collection is required or authorised by law.

4. Why the City collects personal information

The City collects and uses personal information so it can effectively carry out its functions and activities for services to the Community, and as an employer and an outsourcing entity.

The extent of personal information collected by the City varies, depending on which City function or service you require.

If you choose to not provide or consent to the City’s collection, use or release of Personal Information, the City may not be able to complete all of the services it usually undertakes.  This may prevent you from being able to participate in some City arrangements, or to receive a City service.

The City’s functions and activities in part are set out in legislation and regulations with which the City is to comply, such as the Local Government Act 1995, the City of Perth Act 2016, the State Records Act 2000 and freedom of information legislation.

The functions and activities below broadly set out when the City will collect, use and disclose personal information:

  • Council elections;
  • arrangements for rate notices and payments;
  • community services and activities, including at Citiplace, the Town Hall and the Library;
  • responding to enquiries, complaints, and service requests;
  • building and planning applications and approvals, and building preservation;
  • health and safety requirements including inspections for clean food and retail premises;
  • protection of the environment, parks and outdoor areas, including fauna and flora;
  • protection of public spaces, such as dealing with graffiti and vandalism;
  • safe use of public spaces including for community events;
  • managing fines, permits, and licences;
  • registration and facilities for domestic animals including cats and dogs;
  • waste collection and recycling services;
  • parking and related services;
  • road and footpath maintenance and design;
  • employment of staff and engagement of contractors; and
  • authorisations and delegations given by the Western Australian government to Council, the CEO and other City employees, including under the Environmental Protection Act 1986 for noise control, the Strata Titles Act 1985, and the Road Traffic (Vehicles) Act 2012.

The City is also responsible for a range of Local Laws including for activities on land, cats, dogs, fencing, health, outdoor dining, parking, public trading, thoroughfares and public places, and waste.

5. How the City collects personal information

The City collects personal information when it is reasonably necessary to carry out its functions and services or to meet legal obligations.

Personal information may be collected:

  • directly from individuals or their authorised representatives;
  • from contracted service providers, including hosts of online apps and websites;
  • from other government agencies or statutory authorities;
  • from financial institutions for payment and verification purposes; and
  • from publicly available sources where lawful.

The City collects personal information through a wide range of interactions, including:

  • applications for services, approvals, permits and licences;
  • complaints, service requests and enquiries;
  • community consultations, surveys, and engagement activities;
  • attendance at City‑managed facilities, programs, and events;
  • employment, volunteer, and advisory group applications;
  • procurement, tender and grant processes;
  • correspondence, telephone calls, LiveChat, websites and social media;
  • recordings, including footage from Closed Circuit Television (CCTV) and Body Worn Cameras (BWC); and
  • access requests made under legislation, including Freedom of Information applications, court orders and subpoenas.

6. Collection Statement

The City will provide a collection notice to you at the time personal information is collected, explaining the purpose of collection and how the information will be used and disclosed.

All Collection Notices are also set out on the City’s webpage.

7. Use and disclosure of personal information

The City uses personal information primarily for the purpose for which it was collected, or for a directly related purpose authorised by law, taking into account what is fair and reasonable. This includes to:

  • administer local government elections, rates, and property records;
  • assess and manage applications, approvals, and registrations;
  • issue notices, correspondence, and statutory communications;
  • deliver community services, facilities, and programs;
  • manage public spaces, infrastructure, and assets;
  • conduct compliance, investigation, and enforcement activities;
  • engage, employ, and manage staff, contractors, and volunteers; and
  • meet legal, reporting and records management obligations.

Personal information may be also used or disclosed:

  • with an individual’s consent;
  • where authorised or required by law;
  • as part of responsible information‑sharing arrangements with other government agencies; and
  • in response to lawful requests, such as court orders or Freedom of Information applications.

Where appropriate and practicable, the City takes steps to limit, de‑identify or aggregate personal information before it is used for secondary purposes or disclosed.

The City may also share personal information between public sector agencies where lawful, proportionate and in the public interest.

8. Unique Identifiers

The City will only assign a unique identifier where it is necessary for the efficient performance of the City’s functions or activities.  Where unique identifiers are assigned, they will be managed in accordance with IPP 7 of the PRIS Act.

9. Automated processes

Some routine administrative activities rely on automated or system‑assisted processes, such as issuing rates notices, invoices, or reminders.

These processes operate under legislative authority with established controls and human oversight.  Enforcement or regulatory decisions are not made solely by automated means where this would not be lawful or appropriate.

10. Disclosure outside Australia

The City will only disclose personal information outside Australia where required for a contractual purpose, with your consent or authorised by law, as set out in IPP9 of the PRIS Act.

11. Storage and protection of personal information

The City takes reasonable steps to protect personal information from loss, unauthorised access, use or disclosure.

Measures include:

  • physical, administrative, and technical security controls;
  • access to personal information is restricted to elected members, staff, contractors and volunteers who have a legitimate requirement to access the information in the course of performing their role;
  • secure record‑keeping and retention practices; and
  • compliance with State record‑keeping requirements.

The City has controls in place and reviews its information management practices reflecting evolving operational, legal, and cyber security requirements.

12. Accessing and correction of personal information

The City takes reasonable steps to ensure the personal information we collect, and hold is accurate, up-to-date, and complete. This may include correcting personal information where it is appropriate to do so.

You may request access to personal information held by the City, or request corrections if information is inaccurate, incomplete, or out of date.

Requests can be made for example:

  • informally, where appropriate;
  • under the PRIS Act; and
  • under the Freedom of Information Act 1992 (WA).

Some legal exceptions may apply.

To request access to your personal information please contact the City’s Enterprise Information Governance Team by:

13. Privacy complaints and your review rights

The City aims to deal with privacy concerns fairly, promptly and in accordance with guidance issued by the WA Office of the Information Commissioner.

If you have a concern about how the City has handled personal information, you may lodge a PRIS Act privacy complaint as outlined below:

  • raise the matter directly with the City’s Information Management Team for informal resolution;
  • if informal resolution is not appropriate or successful, submit a written complaint outlining the details of the concern and the outcome sought;
  • the City will assess the complaint and may undertake an internal review to determine whether privacy obligations have been met;
  • you will be informed in writing of the outcome of the review and any actions taken, which may include remedial action or changes to processes; and
  • if you are dissatisfied with the outcome, you may lodge a complaint with the Western Australian Information Commissioner.

Western Australian Office of the Information Commissioner

The Office of the Australian Information Commissioner may be contacted as follows:

The City aims to promptly acknowledge receipt of any review request and reply within 45 days.

14. Information breaches

In the event of an actual or suspected information breach, please refer to the City’s Information Breach Policy which sets out how the City prepares for, identifies and responds to information breaches, who to contact and what you can expect if your personal information is affected.