For annual accounts review and business tax returns contact us!+61 (03) 6272

Privacy Policy – Accounting Practice

The Tax Counter  Pty Ltdprivacy-policy-icon

ABN: 46 088  386 832

Suite 1, 398a Main Rd, (P.O. Box 19) Practitioner

Glenorchy, Tasmania 7010 Stuart Lenthall FIPA

Tel: (03) 6272 0855 Fax: (03) 6273 3407


On December 21, 2001, new rules came into force. The new rules are based on rules in force in Europe and the USA and are necessary for purposes of international trade. There are ten National Privacy Principles (NPP) which relate to different stages of the information cycle. I (including the Tax Counter Pty Ltd) have set these out below, and then I discuss the relevance and application of each to my accounting practice. The rules are mandatory for any business which turns over $3 million or more, for any business providing health services and for any contract service provider under a contract with the Commonwealth Government

1 Collection

Organisations must collect personal information fairly and lawfully and inform the individual from whom the information is being collected why the information is being collected and that the person can access their personal information.

2 Use and Disclosure

Unless an individual consents to other uses, organisations can only use or disclose the information collected for the primary purpose for which it was collected and any other purpose reasonably related to that primary purpose.

3 Data Quality

Organisations must take reasonable steps to ensure that the information collected, used or disclosed is accurate, complete and up to date.

4 Data Security

Organisations must take reasonable steps to protect the personal information they hold and destroy the information once it is no longer needed.

5 Openness

Organisations must develop information handling policies and provide information on these policies to individuals when requested.

6 Access and Correction

Individuals have a right, subject to certain exceptions, to access the personal information held by an organisation and to request its correction.

7 Identifiers

Organisations must not adopt, use or disclose an identifier that has been assigned by a Commonwealth Government agency (eg Tax File Number, Medicare or Austudy Number).

8 Anonymity

Where lawful and practicable, individuals must have the option of anonymous interaction with the organisation.

9 Transborder Data Flows

Personal information can only be transferred to a recipient in a foreign country where the information will have appropriate protection.

10 Sensitive Information

Unless the individual has consented, organisations can only collect sensitive information in very limited circumstances.



– the law only applies to information about natural persons.


– These are individuals, bodies corporate, partnerships, other unincorporated associations or trusts that are not a small business operator, a registered political party, an agency, a state or Territory authority or a prescribed instrumentality of a State or Territory. Agency has a special meaning, under the Act.

Personal Information

– Information or an opinion, whether true or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion. The Act only applies to this information if it has been collected for inclusion in a record or is held in a record; therefore if it is not recorded it is not subject to the Act. The term “Personal Information” includes sensitive information and health information subsets which are subject to additional restrictions.

I have set out the principles for you, as you may wish to enquire of other businesses you deal with as to their policy in respect to personal information.

I now set out my responses to the ten Principles. Note that I am exempt from the rules. I have, however, addressed each principle and will apply them where relevant.

1. I only collect what I need to complete your tax or other statutory return.

2. I use the information for that purpose.

3. I write to each household in June and on other occasions if warranted – I also use your postal address to send material from the ATO on to you.

4. I will not sell, rent or otherwise make available my database. I will not disclose information about any client unless the disclosure is:

• Required by law

• Authorised by law or

• Made with your written consent.

5. On occasion I also deal with the Australian Securities & Investments Commission (ASIC), the Australian Prudential Regulatory Authority (APRA) and Centrelink.

6. On occasion my software provider needs my database for repair, this use has been permitted by the ATO for many years and my software provider has a similar privacy policy.

7. The quality of my data is directly related to what you have given me. In most cases you watch me enter it in my computer, and can correct it as we go.

8. All data is held at my practice. There is no offsite storage. The building is deadlocked and alarmed when not occupied, with deadlocks or bolts on most windows and doors. Obsolete records are shredded by an authorised security shredding firm, usually in June each year, about six years after their creation

9. I do not disclose anything about you without your specific (including your spouse/partner), case by case, written permission. You receive a full copy of your tax return

10. You may inspect my copy of your file at any reasonable time (in office hours). A telephone call to confirm the time is needed. I will make any corrections necessary.

11. I file by surname only. The computer program requires an 8 character file name, this is usually your surname (or part thereof) and your initials.

12. Anonymity is not possible in this business!

13. I do not have dealings with overseas tax offices or other bodies – not a relevant item.

14. Sensitive information is held, but only for the purposes of completing your taxation and other statutory return(s).