Skip to main content Skip to footer

Privacy Statement

Privacy at INSW

INSW is required to comply with the Information Protection Principles (IPPs) in the Privacy and Personal Information Act 1998 (PPIP Act). These principles regulate the collection, storage, use and disclosure of personal information held by government agencies.

If you would like more information about how INSW manages your personal information and the processes we have in place to respond to data breaches, please read our:

Privacy Policy

Infrastructure NSW is committed to protecting the personal privacy of anyone visiting this website or interacting with Infrastructure NSW through community engagement.

Read INSW's Privacy Policy

Privacy Management Plan

This plan sets out how we collect and manage personal and health information in accordance with the requirements of the Privacy and Personal Information Protection Act 1998 and the Health Records and Information Privacy Act 2002.

Read the Privacy Management Plan

Data Breach Policy

Our data breach plan sets out the steps INSW will take in the event we experience a data breach involving personal information.

Read the Data Breach Policy

If you have any questions or concerns about how INSW manages your personal information, please contact INSW’s Privacy Officer at:

Advice and guidance on privacy and management of personal information by public sector agencies can be found on the Information and Privacy Commission NSW website.

Public notification register

The following table provides details of public notifications of eligible data breaches made by INSW under the PPIP Act.

A public notification is provided when it is not reasonably practicable to directly notify any or all of the individuals affected by the breach.

Date of breach

Description of breach

(including how it occurred and type of breach – unauthorized disclosure, unauthorized access or loss of information)

Personal information involved

(including time personal information disclosure for)

Action taken or planned
n/a – no notifications made       

Complaints and review rights

If you are not satisfied with how INSW has handled a data breach or you have experienced harm as a result, you can make a privacy complaint by contacting INSW’s Privacy Officer at

You may be entitled to seek internal review of INSW’s conduct in relation to your personal information under section 53 of the PPIP Act. Please see the fact sheet Privacy Complaints: your review rights issued by the NSW Information and Privacy Commissioner in September 2020.