A body corporate, a body corporate committee or body corporate manager needs to comply with the Privacy Act. The Act contains 13 principles that govern how people or agencies should collect, handle, and use personal information.

Find out more about these principles(external link) — Privacy Commissioner

Where personal information might be found

Bodies corporate hold personal information about unit owners and others. Personal information could be found within minutes of meetings, body corporate databases such as the register of owners, body corporate newsletters and in email correspondence.

The Unit Titles Regulations 2011 (the Regulations) sets out specific privacy rules for the register of unit owners. Only the chairperson of the body corporate, the body corporate committee or a person approved by the body corporate can search the register for the limited purposes stated in the Regulations. This protects the privacy interest of unit owners.

Disclosing personal information

Disclosure of personal information is governed by information privacy principle 11 of the Privacy Act. Personal information may only be disclosed for one of the reasons set out in the Act.

The Unit Titles Regulations require a body corporate committee to provide copies of the minutes of its meetings to all unit owners. The Regulations also require pre-contract disclosure provided to prospective buyers to include the body corporate and body corporate committee minutes. The Regulations provide that information in the minutes may be redacted for various reasons, including if disclosing the information in the minutes would be a breach of the Privacy Act.

Providing information to prospective buyers

Governance of bodies corporate

In order to assess whether a release of personal information contained in the minutes may breach the Privacy Act, the body corporate committee should consider whether the disclosure is permitted based on the privacy principles. For example, the person who the information is about can give their permission for the release of the information.

The Privacy Commissioner, an independent Crown entity, is the expert on the privacy interests of individuals. The Privacy Commissioner has a variety of guidance and resources to help you learn about body corporates obligations under the Privacy Act.

Guidance and resources(external link) — Privacy Commissioner

If you believe there has been a breach of privacy and have not managed to resolve your complaint with the body corporate, you may be able to file a complaint with the Office of the Privacy Commissioner.

Complaining to the Privacy Commissioner(external link) — Privacy Commissioner