Privacy Act 1988 (Cth)

APP 5 — Notify individuals about collection

Cth · Office of the Australian Information Commissioner (OAIC)Supports

At or before the time of collection, the venue must take reasonable steps to notify the individual about the collection, its purposes, and their rights.

Working draft, not legal advice

The plain-English summary above is drafted by Venue Axis as a navigation aid. The citation is the authoritative source — treat it as the definitive reference. For a legal interpretation of this obligation in your venue's context, talk to your counsel.

Operational metadata

How this obligation operates.

Citation
Privacy Act 1988 (Cth), Schedule 1 — APP 5 (notification of collection)
Read on legislation.nsw.gov.au →
Frequency
Continuous
Binds
venue, rgo
Strategic tier
Supports
Venue Axis hosts the workflow, templates, and evidence ledger; an external party (counsel, auditor, RGO, vendor) performs the underlying action.
Consequence of breach

What can go wrong.

OAIC determination.

Consequences are summarised from the underlying legislation. Specific penalties depend on the breach pattern, prior history, and the regulator's enforcement posture. Talk to a liquor and gaming lawyer for a definitive view of your venue's exposure.

Related obligations

Other items in Privacy Act 1988 (Cth).

Supports

APP 1 — Open and transparent management of personal information

The venue must have a clearly expressed and up-to-date privacy policy describing how personal information is collected, used, stored, disclo

Does (enforced)

APP 3 — Limit collection to what is reasonably necessary

Personal information must only be collected where reasonably necessary for the venue's functions and by lawful and fair means.

Does (enforced)

APP 6 — Use and disclosure limited to collection purpose

Personal information collected for one purpose may only be used or disclosed for a secondary purpose in specified circumstances (consent, re

Does (enforced)

APP 11.1 — Security of personal information

The venue must take reasonable steps to protect personal information from misuse, interference, loss, unauthorised access, modification, or

Does (triggered)

APP 11.2 — Destroy or de-identify when no longer needed

When personal information is no longer needed for a permitted purpose, the venue must take reasonable steps to destroy or de-identify it — s

Does (triggered)

APP 12 — Patron right of access

An individual has a right to request access to the personal information the venue holds about them, and the venue must respond within the pr

Working references

Browse + take with you.

Free tool · Filterable explorer

Browse all 85 obligations →

Filter by jurisdiction, strategic tier, who's bound. The search-and-skim view; this page is the per-obligation deep link.

L&GNSW · the working surface

CL1002 framing →

The 75-Part Self-Audit Checklist L&GNSW inspectors walk through, and how Venue Axis is structured around it.

Library

All working references →

Free tools, comparisons, regulatory explainers — the full Venue Axis library, organised by category.

See it wired into a working venue.

The browseable tree is the inventory. The in-product working surface adds live evidence linkage, CL1002 alignment, and freshness scoring on top. First three months free, no card up front.

Get started →See the working surface