The Digital Transformation Agency (DTA) is an Australian Government entity. The DTA is legally required to comply with:
- the obligations under the Privacy Act 1988 (Cth) applicable to agencies
- Australian Government Agencies Privacy Code
This statement applies to the personal information collected, used and disclosed by the DTA as part of administering the Digital Marketplace. It sets out each type of personal information that we collect and the primary purpose for which we collect that information. You should note that the Privacy Act 1988 (Cth) also allows us to use or disclose your personal information for other purposes.
DTA also has a general Privacy Statement that applies to the DTA as a whole. It includes information about:
- surveys conducted by the DTA
- how to contact DTA if you have a privacy question or issue that does not relate to the Digital Marketplace
If you contact us via the Digital Marketplace, our phone number or another channel, we will collect any name or contact details that you provide. Calls to our support team will be directed to voicemail.
This information is collected and disclosed for the purposes of responding to your feedback or request. For example, we may disclose it to another agency if it relates to a brief issued by that agency.
Collection of information from buyers - registration
We collect the following personal information from users registering on behalf of government buyer entities:
- your name (first name and surname) and email address
- if you are a contractor, the name (first name and surname) and email address of a manager who is a public servant
We collect these details in case we need to:
- get in touch with the buyer about a requirements brief that the buyer has published on the Digital Marketplace
- confirm that the user is authorised to register on behalf of a government buyer
These details are not shared with sellers.
You are responsible for ensuring that you obtain consent from your manager before providing their name and email address to the DTA.
Collection of information from sellers - registration
We collect and publish on the Digital Marketplace:
- the business name and summary for each seller entity
- whether the seller is at least 50% indigenous owned
- the seller's business address
- the name, email address and phone number of each seller's authorised representative and additional business contacts
The business name, business summary and information about indigenous ownership are visible to all users. The business address and contact details are only visible to the DTA and buyers.
This information is collected and disclosed in order to:
- promote sellers to buyers and potential buyers to consider
- facilitate communications between DTA and buyers with sellers
We also collect information about your maximum daily rates as part of your application to join the Digital Marketplace. We use this information to assess your application and to calculate price thresholds. We may disclose your maximum daily rates to buyers to allow them to verify that you are complying with the terms of the Digital Marketplace Master Agreement.
Sellers are responsible for ensuring that they obtain individuals' consent before providing personal information about them to the DTA.
Collection of sensitive information from sellers - registration
For seller entities we may also collect the following personal information in order to assess your application:
- case studies
- legal disclosures
- references to verify case studies
This may include sensitive information, such as:
- information about an individual's membership of a professional or trade association
- information about membership of political associations provided as part of legal disclosures
- health information provided as part of legal disclosures
- information about criminal convictions provided as part of legal disclosures
Case studies are visible to all buyers. We may also disclose your legal disclosures to buyers on request, if they are considering awarding a contract.
Sellers are responsible for ensuring that they obtain consent from referees, employees and any other named individuals before providing their contact or other personal information about them to the DTA. Sellers should not include sensitive information in case studies or other information that is expected to be published to buyers, unless it’s reasonably necessary to include it to assist buyers in deciding whether to invite you to respond to a brief.
Collection of information from sellers – responding to a brief
Sellers who are appointed to the Digital Marketplace have the opportunity to respond to briefs issued by government buyers.
We disclose information submitted by you to the government buyer to allow them to assess your response. This may include personal information about individual employees or contractors who are identified in your response. Some of this information may be sensitive information. We also store résumés that are approved to be provided by the client and the seller representing the client.
Sellers are responsible for ensuring that they obtain consent from any named individuals before providing their contact or other personal information about them to the DTA. Sellers should not include sensitive information in their responses to briefs, unless it’s reasonably necessary to include it to assist buyers in deciding whether to select your proposal.
How we deal with complaints and requests
- request access to personal information about you that we hold
- request the removal of personal information about you that we hold. To the extent possible, with reference to the Archives Act 1983 (Cth), the DTA will comply with this request where it does not impact the ongoing utility of the Digital Marketplace and its related activities.
- ask us to correct your personal information if you find that it is not accurate, up-to-date or complete
- make a complaint about our handling of your personal information
To protect your privacy and the privacy of others, we will need evidence of your identity before we can grant you access to information about you or change it.
You can contact us by email, post or telephone:
Position title: The Director Digital Marketplace
Telephone: 0447 024 113
Postal address: Marketplace
c/o Digital Transformation Agency
PO Box 457
Canberra City ACT 2601
We undertake to respond within 30 days. If the request or complaint will take longer to resolve, we will provide you with a date by which we expect to respond.
If you are not satisfied with how we have dealt with your complaint you can also complain to the Office of the Australian Information Commissioner (OAIC).
How long we hold your information
Information collected through the Digital Marketplace is normally retained by the Digital Marketplace team for a period of at least six months, past the end of its required business use. This is to allow review of completed processes, internal auditing, complaint management, quality assurance and business improvement.
As a government agency, the DTA is also required to comply with the Archives Act 1983 (Cth). This means that the DTA can only delete or amend records where this is consistent with the Archives Act 1983 (Cth). Information about the DTA's activities, including the personal information referred to in this privacy statement, is generally retained with the DTA's record management system for 7 years. Some records may be retained for a longer period.
How we hold and protect your personal information
The Digital Marketplace domain, https://marketplace.service.gov.au is hosted in Australia in secure, government accredited facilities. We apply a range of security controls to protect the Digital Marketplace from unauthorised access, as described in our security statement.
Access to your personal information is restricted to service providers and personnel employed by or contracted to the DTA who need it to provide services to you.
Updated: 28 September 2018