Privacy Policy

IWA Web Privacy Policy

The Institute of Water Administration, ABN 96 103 789 875 (“IWA”) is committed to protecting the privacy of your personal information and we comply with the Privacy Act 1988.
The contents of this page relates more specifically to information obtained from visiting our website. We are also governed by a broader IWA Privacy Policy (See Below).

Collecting personal information

Personal details are only collected if provided by you (eg. registering for access to the member area of our website, registering for an event or subscribing to a publication).


Cookies are sent from our website and will be stored in your web browser when you visit our website. Various cookie controls are available to you; depending on your browser (eg. you can allow all cookies, be notified when one is issued or not accept them at all, you can also delete cookies at any time).
If you don’t allow our cookies or delete them and are a member of our member area you will be asked to re-enter your username and password every time you log on to the member area.

Google Analytics

We collect and analyse some website statistics for our internal use only. This is done to assist us in the continuous improvement of our website. The tool we use is Google Analytics. Google Analytics may automatically record some of your computer’s details such as:

  • IP address
  • domain name
  • browser type
  • date and time of access
  • details of the information downloaded

IWA Privacy Policy

This Policy has been endorsed by the IWA Executive Council.

The following summary paraphrases the Information Privacy Principles contained in the Information Privacy Act 1988 at Schedule 1. Not all the requirements of the Information Privacy Principles are detailed. Reference should be made to the Information Privacy Act for the full text.

This policy is designed to ensure that Institute of Water Administration will always endeavour to collect and handle personal information in a manner compliant with the Information Privacy Act 1988.

An organisation can only collect personal information where this is necessary for the performance of its functions. Personal information may only be collected by fair and lawful means and not in an unreasonably intrusive way.

Use and Disclosure
An organisation can only use or disclose personal information for the primary purpose for which it was collected unless it obtains the consent of the individual concerned, subject to some exceptions.

Data Quality
An organisation must take reasonable steps to ensure that the personal information it holds is accurate, complete and up to date.

Data Security
An organisation must safeguard personal information against misuse, loss and unauthorised access and modification. An organisation must destroy or de-identify personal information it no longer needs.

An organisation must document clearly expressed policies on management of personal information and make this statement available on request.

Access and Correction
On request by an individual, an organisation must provide access to any personal information it holds about that individual, subject to some exceptions.
If an individual is able to establish that the personal information held by an organisation is not accurate, complete and up to date, the organisation must take reasonable steps to correct the information.
Privacy Policy
Unique Identifiers
Unless necessary, an organisation must not:

• assign unique identifiers to individuals,

• adopt as its own unique identifier of an individual the unique identifier of another organisation,

• use or disclose a unique identifier assigned by another organisation, or

• require an individual to provide a unique identifier to obtain a service.

An organisation must allow individuals the option of entering transactions anonymously wherever lawful and practicable.

Transborder Data Flows
An organisation can only transfer personal information out of Victoria if the recipient is subject to laws that are substantially similar to the Information Privacy Principles, subject to some exceptions.

Sensitive Information
The collection of sensitive information is restricted.
Sensitive information means information or an opinion about an individual’s:

• racial or ethnic origin; or

• political opinions; or

• membership of a political association; or

• religious beliefs or affiliations; or

• philosophical beliefs; or

• membership of a professional or trade association; or

• membership of a trade union; or

• sexual preferences or practices; or

• criminal record.

When collecting personal information, an organisation must take reasonable steps to ensure that the individual is aware of the identity of the organisation and how to contact it, that they may have access to the information, why the information is collected, to whom it may be disclosed, any law requiring collection and the consequences of not providing the information.