This NSW Government website is maintained by Service NSW, which operates the website using the name ‘Service NSW’.
This Privacy notice applies to all the publicly accessible pages located at site. Service NSW does not have any responsibility for the privacy policies or practices of third party sites linked to the Service NSW site.
You can use the Service NSW website to provide feedback, questions, comments and complaints.
You may be asked to give us personal information to help resolve your feedback or query. This information is collected from you on a voluntary basis and may be shared with the relevant teams in Service NSW and other government agencies in order to provide a response to you.
Our website is protected by advanced access control mechanisms to prevent unauthorised access. Strong data encryption mechanisms are also used to protect your personal information during data transmission and when your data is stored.
We may collect, use and disclose personal information, in the following circumstances:
- unauthorised tampering or interference with files published on the Service NSW site
- attempts to intercept messages of other users of the Service NSW site
- communications that are defamatory, abusive, vilify individuals or groups, or which give rise to a suspicion that an offence is being committed, and
- attempts to otherwise compromise the security of the web server, a breach of law, or interfere with the enjoyment of the Service NSW site by other users.
Service NSW reserves the right to make disclosures to relevant authorities where the use of the Service NSW site raises a suspicion that an offence is being, or has been, committed. In the event of an investigation, Service NSW will provide access to data to any law enforcement agency that may execute a warrant to inspect our logs.
Reporting security bugs or issues
Service NSW takes the security of our customer data very seriously. If you have identified any issues or potential vulnerabilities with our website that might pose a risk to our services or the information trusted to us, then we encourage you to disclose it to us as quickly as possible in a responsible manner.
Service NSW also utilises a vulnerability reporting program through Bugcrowd (a crowdsourced cybersecurity platform).
To report a vulnerability in the Service NSW Vulnerability Reporting Program:
- email your username and account to the Service NSW Security Team at firstname.lastname@example.org.
We will then be able to see your submissions and findings which our dedicated security team and engineers will respond to.
Service NSW will collect your personal information in order to contact you and communicate with you both through the Bugcrowd platform and separately about the bug or issue that you have raised.
If you have any issues with this process, email your questions or concerns to our Security Team at email@example.com.
If you have any feedback regarding the functionality or features on our website that do not relate to a security concern, please use our online feedback form.
Website analytics and cookies
Our website uses Google Analytics and Mixpanel to help us analyse and provide reporting on how our customers use our websites and improve the user experience.
We collect use and disclose data about your interactions with our website to these analytics services for this purpose. This data does not contain information that identifies you.
The type of data that we may collect and disclose to these services includes:
- your device’s IP address
- type of device and browser used to visit the websites
- geographic location
- search terms and pages visited
- date and time when website pages were accessed.
We use this data for the purpose of improving website user experience and monitoring use of our websites.
Most browsers allow you to choose whether to accept cookies. You can manage or disable cookies in the common browsers by following the links below:
You can block cookies by setting your browser to refuse all or some cookies. However, blocking all cookies may impede full functionality of our websites.
We use technologies from FullStory to improve the user experience of our website and help ensure that our content is relevant through aggregated analytics and 'session replay'. This allows us to improve and optimise features and make our product easier for you to use.
No personal user information is collected, ensuring that your privacy remains protected.
For our website, anonymised website usage data is captured and sent to a FullStory server in the United States of America.
We utilise privacy processes to minimise the risk of capturing sensitive or unwanted data, including 'exclusion’ and ‘masking.’
- Exclusion is the most private setting. It refers to a process that specific pieces of information are ignored entirely from being captured.
- Masking refers to a process in which text is replaced by irreversibly transformed ‘placeholder’ text. Whilst the interaction events on the webpage are recorded, the actual text is not collected where elements are masked.
Service NSW will collect and disclose data about your interactions with our website, and when you click on a Service NSW advertisement on the internet, with our third-party advertising partners. This data does not contain information that identified you. We use this data for the purpose of tracking advertising performance and remarketing.
Facebook and LinkedIn Pixel
We use Facebook and LinkedIn remarketing pixels to aid in customised, targeted follow-up advertising. This tool allows us to personalise our ads based on interests, demographics, location, or any previous interactions with us within Facebook or within LinkedIn.
Our website uses the Conversion Tracking Facebook Pixel or LinkedIn’s Insight Tags to allow us to follow a user’s actions if redirected by clicking on one of our Facebook or LinkedIn ads. This assists us in recording the effectiveness of Facebook or LinkedIn ads for reporting, analysis and market research purposes.
The data collected through the Facebook Pixel or LinkedIn Tag and provided to us is aggregated and remains anonymous, meaning that we cannot see the personal information of the individual user. However, the collected data is also saved and processed by Facebook and/or LinkedIn and used in accordance with their respective Data Use Policy (Facebook and/or LinkedIn).
We may also share information about the use of this website and interactions with our Facebook or LinkedIn ads with our trusted social media, advertising and web analytics partners, including Google Analytics.
LinkedIn may extend sponsored content to users that are active in LinkedIn’s Audience Network (trusted third-party publishers’ apps).
Facebook and its partners may also show you advertisements on and outside Facebook – using the Facebook Conversion Tracking. A cookie will be saved onto your computer or device for these purposes.