Get in touch
Fill in the form below to submit an enquiry, feedback or complaint to the Office of the National Data Commissioner. You will receive a copy of your submission to your email.
When a submission has been lodged, the ONDC will assess it. We will reach out you in a timely manner to provide a response or go through any next steps.
Use the Contact Us form on this page and the Office of the National Data Commissioner will be in touch about your request.
Scheme participants or the general public may make a complaint to the Commissioner about issues such as data scheme entity compliance with their obligations, and the administration of the DATA Scheme.
Once a complaint is lodged, the Commissioner will assess the complaint and endeavour to advise the complainant on the next steps of the complaints process in a timely manner. The Commissioner may ask the complainant for further information if needed.
The Commissioner will work with the Australian Information Commissioner to protect personal information under the DATA Scheme, with a ‘no wrong door’ approach taken to complaints. Where a complaint is about how personal information has been handled in the DATA Scheme, it may be transferred to the Australian Information Commissioner.
The Commissioner handles complaints about the DATA Scheme, including the operation and administration of the DATA Scheme, the conduct of participants in the DATA Scheme, and the Commissioner’s actions and operation of ONDC.
If a complaint is about a specific entity or respondent, the complainant should contact the respondent and attempt to resolve the issue prior to lodging a complaint with the Commissioner, unless it is not appropriate to do so.
The complainant should:
- lodge a complaint with the respondent
- provide a reasonable time for a response
- follow up with the respondent, if no response is received.
If there is no response given or the complainant is not satisfied with the response, the complainant might then make a complaint to the Commissioner, by submitting a Contact Us form or by emailing email@example.com.
Under the DATA Scheme, a data breach occurs where there is unauthorised access to or disclosure of data that was shared under the DATA Scheme, data is lost in circumstances that may lead to such unauthorised access or disclosure, or an event prescribed by the data code occurs.
In circumstances where a Scheme participant reasonably suspects or becomes aware that a data breach has occurred, they are responsible under the Act for:
- taking reasonable steps to prevent or reduce any risks resulting from a data breach as soon as practicable; and
- if the data breach involves scheme data that is personal information, giving the Commissioner a copy of its statement to the Australian Information Commissioner about an eligible data breach under section 26WK of the Privacy Act 1988; or
- if the data breach involves scheme data that is not personal information, notifying the Commissioner as soon as practicable after the end of the financial year.
In addition to these requirements, entities are encouraged to inform the ONDC as soon as possible if a data breach occurs, so that we can provide any necessary assistance in managing the risks of the breach.