We protect your privacy

How Queensland Rail protects your privacy

If you engage with us in person or use our online services, from visiting our website to booking online or applying for a job with us, then this Privacy Policy (Policy) applies to you. This Policy also applies to Queensland Rail staff.

We are committed to protecting your personal information. We respect your privacy and we will take steps to secure any personal information you give us.

The way we do this is governed by the Information Privacy Act 2009 (Qld) (IP Act), and the Queensland Privacy Principles (QPPs) in Schedule 3 of the IP Act.

The QPPs govern how we may collect, store, allow individuals to access and amend, use and disclose your personal information.

What is "personal information"?

“Personal information” means information or an opinion about an identified individual or an individual who is reasonably identifiable from the information or opinion, whether the information or opinion is true or not, and whether the information or opinion is recorded in a material form or not.

Collection and use of personal information

The personal information that we collect may include your name, address, phone number, email, other contact details, complaint, incident, comment or other answers or opinions provided; payment, financial institution or bank account details; age, gender, drivers licence, medical information or history, image and other identification details as required. We may collect these types of personal information either directly from you, or from third parties, such as your travel agent.

We will only collect sensitive information about a person, if we obtain consent to collect that information.

We may collect, hold, use or disclose your personal information to:

help you with your enquiries, complaints, reported incidents, entry forms, bookings and other requests;
get in touch with you if we need to and verify any information you have provided to us;
protect your safety, security and wellbeing on our property;
research and develop our services, including new or improved services;
return lost property to you;
provide you with travel services and information; or
recommend other services that our selected partners offer which may be of interest to you

We may collect your personal information when you:

visit our website or social media sites;
complete a form for us, such as lost property, concession claim, medical clearance, claim and unaccompanied minor forms;
register or operate as a travel agent selling travel on our behalf;
provide personal information to us directly, e.g. entering a competition, providing feedback or booking a ticket;
apply for a position with us; or
talk to us - through calling our call centre, Rail Management Centre or using our emergency phones or call buttons. We record these interactions.

In certain circumstances, you can choose to use a pseudonym or remain anonymous, but without your personal information we may not be able to assist you.

Working at Queensland Rail

If you have applied for employment at Queensland Rail, we will collect your personal information to process your employment application (for example, to verify employment information). As a Queensland Rail employee, we collect your personal information to perform employment related tasks (for example, to grant you building and IT access, manage your salary arrangements and monitor employee conduct).

Our marketing and your personal information

If you opt-in to receive our marketing, we may use personal information that we hold about you to identify services and products that may be of interest to you.

We may contact you by email, text message or other digital service (e.g. an application), phone or post to let you know about specials, offers and promotions; or any new or existing products or services that may be of interest to you. You can contact us at any time if you no longer wish to receive marketing materials from us or our related entities. If you receive a marketing email from us, you can opt-out by clicking on the “Unsubscribe” link at the bottom of the email.

Storage and security of your personal information

We keep your personal information in various forms – including electronic records, hard copies and telephone recordings. Third party service providers may store some personal information on our behalf.

In all cases, we take our obligation to secure your personal information seriously and take reasonable steps to protect your personal information from misuse, interference and loss, and from unauthorised access, modification or disclosure.

We also take reasonable steps to ensure the personal information we collect is accurate, up to date and complete.

We use strong network and online security systems. We also limit who can access your personal information, both in physical form and electronically. That said, no transmission of data over the internet can ever be guaranteed to be secure and so, we cannot guarantee the security of your personal information.

Where we no longer need your personal information for the purpose for which it was collected, and where permitted by law to do so, we will take reasonable steps to destroy your personal information, or ensure it is de-identified.

Closed Circuit Television (CCTV) Recordings and Online Privacy

When you visit our stations or premises

We collect: Video recordings, we use signs to tell you when they’re in use and where you can find them.

Why we collect it: Monitor your safety and network security, as well as investigate incidents involving employees when the law says we can.

How we store it: We use closed circuit television (CCTV) systems for 24-hour video surveillance at our stations, premises, and on some of our trains.

Why we may disclose it: The images are only accessible to authorised staff and law enforcement agencies when the law says we can or we have to.

When you visit our website

We collect: Your server address, top-level domain name, date and time of visit, pages accessed, documents downloaded, previous site visited browser used, and cookies.

Why we collect it: For statistical purposes. Don’t worry, we won’t attempt to identify you or your browsing activity.

How we store it: With our website service provider.

Why we may disclose it: We will allow law enforcement agencies to view the service provider's logs if the law (or a warrant) says we have to.

Disclosure of personal information

We may give your personal information to someone else but we’ll only do it if permitted by law.

Some examples of who we might give your information to are:

Banks or other financial institutions to process payments.

Businesses providing prizes to competitions you have won through us.

Courier companies if we are required to make a delivery to you.

Our related entities which are controlled by us.

Our professional advisers, contractors or service providers who advise us or carry out our functions and activities.

Travel agents, accommodation and activity service providers and other carriers, tour operators and transport companies to process and make reservations for your travel, accommodation and activity arrangements.

Your representatives (for example your authorised representatives or legal advisers).

TransLink, if your query concerns a service that TransLink manages.

Queensland Police Service (QPS) or other law enforcement agency.

Government and regulatory authorities and other organisations, as required or authorised by law.

We will take reasonable steps to ensure that any person to whom we give your personal information also promises to keep your personal information private and secure.

We may disclose personal information to contracted service providers outside of Australia for the purpose of advising or carrying out functions and activities on our behalf. We will always obtain your consent unless the disclosure is authorised or required by law, to ensure the safety of yourself or others or otherwise in accordance with the IP Act. We will take reasonable steps to ensure the recipient of the personal information is subject to a law, binding scheme or contract that effectively upholds principles for the fair handling of personal information substantially similar to the QPPs.

Other important bits

Cookies

We do use internet cookies on our website that allow our website to remember your machine. Cookies used by us have no way of disclosing your name or any information that could personally identify you.

Security - Transmission of personal information

Our website uses encryption for secure transmission of personal information over the Internet. There can be risks with transmitting information across the Internet.

Where our website contains links to other websites not managed by us, we are not responsible for the privacy or security practices or the content of those websites.

Access and correction of your personal information

You may ask to access your personal information held by us. You also have the right to ask us to correct your personal information if it is inaccurate, out of date, incomplete, irrelevent or misleading.

For more information about access to, or correction of you personal information:

Visit - www.queenslandrail.com.au/aboutus/rti
Call - 07 3072 8650
Email - rti@qr.com.au

Contact us

If you need to contact us for other privacy matters, please contact:

Senior Advisor, RTI and Privacy
Queensland Rail
Legal
GPO Box 1429
Brisbane QLD 4000

Email: rti@qr.com.au

Phone: 07 3072 8650

Privacy complaints

If you believe we have not dealt with your personal information in the way the IP Act requires, you may make a complaint to us using the above details. A privacy complaint should:

be made in writing; and
state an address to which Queensland Rail may respond to the complaint; and
give particulars of the act or practice the subject of the complaint.

A privacy complaint must be made within 12 months after you become aware of the act or the practice the subject of the complaint. We may also require you to provide proof of identification to verify that you are the individual the subject of the complaint and to ensure we can appropriately investigate and respond.

We will process the complaint within 45 Business Days. If a longer period of time is required to finalise a complaint, we will contact you to negotiate an extension of time.

We will advise you of our decision in writing.

Download Queensland Rail's Privacy Policy

Queensland Rail Privacy Policy (PDF, 918.14 KB)