Australia Post is committed to protecting and securing your personal information.
We employ appropriate technical, administrative and physical procedures to protect personal information from unauthorised disclosure, loss, misuse or alteration.
We limit access to personal information to individuals with a business need consistent with the reason the information was provided. We keep personal information only for as long as it is required for business purposes or by the law.
APG protects your personal information by complying with Information Security Standards, Industry Schemes and Statutory obligations. We regularly conduct targeted internal and external audits on our security systems to validate the currency of our security practices.
Website security and privacy
We understand that you may be concerned about the security of the personal information we collect from you online.
Accordingly, we have systems in place to ensure our online dealings with you are as secure as your dealings with us in person, or on the telephone.
In those instances where we secure your personal information in transit to us and upon receipt, we use the industry standard encryption software, Transport Layer Security (TLS) with 256 bit encryption. The URL in your browser will change to "HTTPS" instead of "HTTP" when this security feature is invoked. Your browser may also display a lock symbol on its bottom task bar line to indicate this secure transmission is in place.
We employ security programs and services to monitor network traffic in order to identify attempts to breach our security.
Information collected on our websites
We may collect non-personal information from you such as browser type, operating system, and web pages visited to help us manage our web site.
Our internet server logs the following information which is provided by your browser for statistical and content optimisation and personalisation purposes:
- the type of browser and operating system you are using
- your Internet Service Provider and top level domain name (for example - .com, .gov, .au, .uk)
- the address of any referring website (for example - the previous web site you visited), and
- your computer's IP (Internet Protocol) address (a number which is unique to the machine through which you are connected to the internet).
All of this information is used by Australia Post for aggregated statistical analyses or systems administration purposes only. No attempt will be made to identify users or their browsing activities, except where required by law.
A "cookie" is a packet of information stored on your computer that allows the Australia Post server to identify and interact more effectively with your computer.
Our websites use two different kinds of cookies:
- Session cookies - temporary cookies that only last until you close your browser
- Persistent cookies - cookies that are stored for a longer term on your computer.
When you access our web site, we send you a temporary cookie that gives you a unique identification number. A different identification number is sent each time you use our website. Cookies do not identify individual users, although they do identify a user's internet browser type. When you close your browser, the cookie is deleted and no longer exists on your computer.
You are free to disable cookies in your browser (see details below). If you have disabled cookies you may not be able to take full advantage of all of our website features.
We use session cookies in the following manner:
- Log-on and log-off administration - Session cookies help with the log-on and log-off processes for those users who have decided to register to use one of our online services. The cookies enable us to recognize your user ID when you log on so that we do not establish a duplicate registration record for you.
- Transactions and site usability - We use session cookies to improve how you navigate through our website and conduct transactions. As examples, session cookies are used to maintain your online session as you browse over several pages; to store and pre-populate information so that you do not have to re-enter the same information twice. Session cookies may also be used to collect referral statistics when you click on a link or ad banner to or from auspost.com.au, and associated websites.
APG may also use "persistent cookies". A persistent cookie is a small piece of text stored on your computer's hard drive for a defined period of time, after which the cookie is erased. Australia Post will not collect or link to personal information through persistent cookies without your express consent.
We use persistent cookies as follows:
- Site usage measurement - Our site measurement tool uses a persistent cookie to assist us in measuring how and when our web site and its various components are used. It functions as a "visit cookie," so we can determine if you are a repeat visitor to our site. This allows us to know if we are attracting new visitors and what aspects of the site seem most useful. The cookie will expire 30 days after your last visit.
- Log-off safety function - Australia Post uses a persistent cookie to automatically log you off certain Australia Post sites if there has been no activity for 15 minutes. This is done for your safety to ensure that, if you have finished using our site but have forgotten to log off, no one else can use your computer via your log on and password. The cookie is permanently removed from your computer when you log off, or, if you have closed the browser without logging off, it is removed within 15 minutes from your last activity.
- Longer-term cookies - Persistent cookies allow us, at your request, to recognise you when you return to auspost.com.au or to remember certain information that you have provided us. The recognition feature allows you to log on to certain Australia Post sites automatically, without having to enter your name and password each visit. The cookie assigns a random number to you, and allows us to track your site activity, but this is not linked to personal information. This allows us to personalise the site for you and tailor the content to your needs, for instance to show you banner ads about products you may be interested in.
- Click stream data - "Click stream data" is information which is derived from an analysis of your website activity based on the sequence of links which you click on while browsing our Website. When you visit the Website or use our products and services, we will collect this information for analysis, maintenance or reporting purposes and to improve the performance of our Website. This can include information such as your IP address, the duration of your visit and the date and time of your visit.
Other cookies allow us to remember certain information related to prior transactions, such as package tracking numbers, or mailing or address lists, so we may pre-populate those fields for you on return visits.
Links to other sites
The Australia Post site contains links to other sites. We are not responsible for the privacy practices or the content of such websites. We encourage you to read and understand the privacy policies on those websites prior to providing any information to them.
Some of the content appearing on the Australia Post website may be supplied by third parties, for example, by framing third party web sites or the incorporation through "framesets" of content supplied by third party application service providers. In such cases, Australia Post will ensure that our contractual arrangements with these third parties protect your personal information in compliance with privacy laws.
Search terms that you enter when using our search engine are collected, but are not associated with any other information that we collect. We use these search terms for the purpose of aggregated statistical analyses so we can ascertain what people are looking for on our website, and to improve the services that we provide.
We may use external companies to provide us with detailed aggregate statistical analyses of our website traffic. At no time is any personal information made available to these companies, nor is the aggregate information ever merged with personal information such as your name, address, email address or other information you would consider sensitive or would compromise your privacy.
Loss of personal information
Despite our every effort to protect your personal information, there remains the possibility that a breach of our security could occur. In the event of loss of personal information Australia Post will:
- Seek to rapidly identify and secure the breach to prevent any further breaches
- Engage the appropriate authorities where criminal activity is suspected
- Assess the nature and severity of the breach including the type of personal information involved and the risk of harm to affected individuals
- Notify the affected individuals directly if appropriate and where possible
- If appropriate, put a notice on our website advising our customers of the breach
- Notify the Privacy Commissioner (at the OAIC) if the breach is significant.
Australia Post believes it is important to provide added protection for children online. We encourage parents and guardians to spend time online with their children to participate in and monitor their online activity.
When we provide a product or service that intentionally collects personal information from children, we will give a notice specifying what information we are requesting, how we will use it, whether it will be shared with a third party, and a contact at Australia Post for questions. We will utilise the information only for the particular purpose for which it was given to us.
We will use reasonable efforts to verify parental consent prior to the collection and use of personal information from children under 16. The method of verification may vary according to the information, product, service or event in which the child wishes to participate. Consent may take a variety of forms including offline consent such as printing and submitting a permission form by mail or fax, or online consent such as by ticking an online check box that parental or guardian consent has been obtained.
We do not require parental or guardian consent in order to collect and use online or offline contact information to:
- respond directly to a child's request on a one-time basis, or to answer a specific request, where the information is not intended to be used to re-contact the child for other purposes
- request the name or on-line contact information of a parent/guardian for the sole purpose of obtaining verifiable parental consent or providing parental notification
- respond directly more than once to a specific request from a child and the information is not intended to be used to recontact the child beyond the scope of the request
Australia Post will allow parents or guardians to review any personal information collected from their children, subject to verifying the identity of the consenting parent/guardian.
Parents/guardians may, at their discretion, revoke their consent and delete information collected from their children.
How to contact us
Australia Post is committed to working with its customers to obtain a fair resolution of any complaint or concern about privacy.
To contact us with a compliment or complaint or a privacy question, you can:
- write to us at:
Australia Post Group
Privacy Contact Officer
GPO Box 1777
Melbourne Vic 3000
- call us at our Customer Contact Centre on +61 3 8847 9045 between 9.00am and 5.00pm EST Monday to Friday.
Further information on privacy
You can obtain further general information about your privacy rights and Commonwealth privacy law from the Office of the Australian Information Commissioner by:
- calling their Privacy Hotline on + 61 2 9284 9749
- If you do not speak English, or English is your second language, and you need assistance to communicate with us, call the Translating and Interpreting Service on 131 450 then ask for 1300 363 992.
- visiting their web site at http://www.oaic.gov.au/
- writing to:
The Australian Information Commissioner
GPO Box 5218
Sydney NSW 1042
Amended version of: https://auspost.com.au/about-us/about-our-site/online-security-scams-fraud#tab1
In this section, you'll find information about how we protect you, how to protect yourself and what to do if you're targeted.
You'll learn how to combat serious crimes like identity theft, as well as some of the more common types of fraud and scams.
You can also visit our Scam alerts page for examples and updates, including scams currently targeting Australia Post customers.
If you suspect that you have received a scam email pretending to be from Australia Post, you can forward it to firstname.lastname@example.org and we will investigate. Please note: this mailbox is for the reporting of scam emails only, and a personal response will not be provided.
How we protect you
Australia Post uses the latest security technology to ensure that both your personal and transaction information, as well as any account or card data, is secure.
Whether you're sending or transferring money, ordering foreign currency or filling in a form, your personal information is safe with us.
We will never:
- ask for your password
- ask you to enter information on a web page that isn't part of Australia Post
- send you an email asking for credit card details or account information
- call you out of the blue to request payment (eg. for an undeliverable mail item)
How to protect yourself
The tips below can help to protect your personal and financial security from fraud and scams.
- Do not open suspicious or unsolicited emails - delete them straight away.
- Do not click on any links in a suspicious email, or open any attached files.
- Don't rush in. Resist the urge to "act now" despite the tempting offer. Once you turn over your money, it's unlikely you'll see it (or the product or service you've paid for) again.
- Be careful when clicking unsubscribe on an email. Spammers may use the 'unsubscribe' button to validate your email address, resulting in even more spam.
- Never pay for a "free" gift. If you receive an offer asking you to pay for a free gift or prize, put it in the trash - "free" means free.
- Use up to date and comprehensive antivirus software.
- Never enter personal, credit card or bank account details on a website if you're not certain it is genuine. Always check the website address as scammers create URLs that look remarkably similar.
- Never send your personal, credit card or bank account details through an email.
- Keep your passwords and PINs safe and don't share them with anyone.
- Check your credit card and/or bank statements regularly for suspicious transactions.
- If you accidentally provide account or banking details to someone suspicious, you should contact your bank or financial institution immediately.
- If you are in doubt about the authenticity of a call, don't commit to anything. Instead, hang up and call the company directly. Never use contact details provided by the caller - find the number through their website or the White Pages.
- If a bank or any other organisation phones you, don't provide your personal details or any account or credit card numbers. Instead ask for their name and a contact number. Check with the organisation in question before calling back.
- Only send money to people you know and trust.
- If money has been transferred into your bank account from an unknown source with instructions to send it overseas, call your bank immediately. It's possible this money has been stolen from another bank account.
- If you receive a request via email from a friend or family member who says they're stranded while on holiday and need you to transfer money to them, call or contact them to verify the request is genuine.
- Shred all documents containing personal information, such as credit card applications and bank statements.
- The Australian Government's cyber security website, Stay Smart Online, provides simple steps you can take to protect your personal and financial information online.
- For further information on scams and how to protect yourself, visit the Chinese Cyber Police website.
Support, reporting & resources
Protecting yourself is only half the battle against fraudsters and scammers.
It's important to know how to respond if, despite your best efforts, you are targeted.
What to do if you're targeted
You can minimise the impact of serious crimes like identity fraud and scams by responding quickly and decisively.
You'll also be doing your bit to help authorities catch the offenders.
Responding to identity fraud
If you suspect you're a victim of identity theft or misuse, you should:
1.Inform your local police (and keep a copy of the police report)
2.Report the loss of any identity documents (e.g. passport, driver's licence) to the issuing organisation.
3.Contact your bank or financial institution to cancel any cards or accounts that may have been breached.
4.Request a copy of your credit report from a credit reporting agency.
5.Close any unauthorised or fraudulent accounts that have been flagged by your credit report.
Responding to scams
If you receive an email, phone call or letter in the mail and think it's a scam, you should record as much information without taking any action, then:
Visit the Cyber Police website to check out the latest scams and report any suspected scams.
If you have received a suspicious Australia Post branded email:
1.Do not action the email, delete the email immediately.
Please note: if you have opened/actioned the email, you can forward it to email@example.com and we will investigate. (This mailbox is for the reporting of scam emails only, and a personal response will not be provided.)
2.Visit the Cyber Police website to check out the latest scams and report any suspected scams.
For more information on how to identify and respond to fraud and scams, you may like to visit some of the websites listed below:
Chinese Cyber Police http://www.cyberpolice.cn