Translink, a division of the Department of Transport and Main Roads (TMR) is committed to protecting your privacy. Translink is bound by the Information Privacy Act 2009 (the IP Act) which regulates the way in which Queensland government agencies must manage personal information. It addresses concerns about any unauthorised use of this information and gives individuals a right of access to personal information held about them. TMR’s Information Privacy Plan sets out details of the types of personal information we hold and how we handle this information.
Collection
Translink collects personal information about you in a number of different ways. We collect personal information directly from you, for example when you:
- provide personal information to us;
- ask to receive updates from us;
- sign up for a go card or apply for concession fares;
- use our services; or
- contact and correspond with us, for example to ask for information or to ask for assistance through our call centre.
We may collect personal information that you choose to give us via online forms, email or by subscribing to Translink services. A subscriber's email address is collected using Vision6 in order to deliver requested news, updates and alerts.
We may also collect personal information about you from third parties. This will depend on the circumstances, the organisation that issues you with credentials that make you eligible for concession fares, and other government departments and third party service providers which provide criminal and other checks where relevant.
Generally, it is optional for you to provide your personal information. However, if we are not able to collect personal information about you, we may not be able to provide you with products, services and assistance to the extent that they require us to collect, use or disclose personal information.
Registered smart cards
If you choose to register your smart card, your personal information will be securely stored and linked to the serial number of your smart card. Your physical smart card will not store any personal information.
Unregistered smart cards
If you have an unregistered smart card the following information will be retained:
- travel history
- financial transactions such as top-ups; and
- contact details for data-matched concession fare card holders.
Contactless credit and debit cards
Contactless credit or debit cards cannot be registered at this time.
If you use a contactless credit or debit card, or a linked device such as a smart phone or watch, to pay for your journey the following information will be retained:
- travel history; and
- financial transactions associated with your travel.
Online services
Where relevant, the department may record information about your use of Translink’s websites for statistical purposes and to improve your digital experience. As a general rule, unless you provide your information for a specific purpose, no attempt will be made to identify users or their browsing activities.
Use and disclosure
The purposes for which we collect your information may include:
- contacting you (including via SMS and email,);
- providing you with account functionality to manage your public transport ticketing cards and products;
- managing and planning the public transport network;
- top ups, fare adjustments, refunds, balance transfers, replacement cards or cancellation of a lost or stolen registered card (where you have a registered smart card);
- notifying you of changes to your smart card (for example impending card expiry);
- monitoring and taking enforcement action in relation to fare evasion on the public transport network and fraud – our authorised representatives are entitled to collect identity information in this context under the Transport Operations (Passenger Transport) Act 1994 (Qld);
- developing and improving our services and obtaining feedback; and
- where you have opted in, provide you with relevant surveys to improve Translink services and/or a product offering.
Translink regularly engages external entities to perform some of its functions and activities. Where these arrangements require access to, or collection of personal information on behalf of Translink, we will take all reasonable steps to ensure that these entities are bound to comply with relevant sections of the IP Act.
TransLink will not disclose your personal information to another person or third party unless one of the following reasons applies:
- you have given us your consent to do so
- the disclosure is permissible under the IP Act
- Translink is required or authorised to do so under a legislative authority
- that person or third party is providing a service to Translink and is required to maintain the same or similar privacy principles
Email and SMS
We will not use your personal contact details you provide such as email address, SMS device number or phone number other than for the purpose for which you provided it. Where assistance is requested, your enquiry will be forwarded to the relevant departmental officer and/or our contractor and business partner. If you have received communication from Translink and no longer wish to receive updates from us, you can unsubscribe via:
- using the “unsubscribe” and “update your preferences” link included in our electronic messages (for example, email, SMS); or
- logging into your go card account to manage your email and SMS preferences related to your go card account notifications.
Mobile applications
For information about how your personal information is managed through the My Translink app, including information in relation to push notifications, please visit our MyTranslink app page.
Access, amendment and deletion
You have a right to request access to personal information held by us and may also use Translink's online services and Translink mobile applications to access, update and amend certain personal information.
You may also request deletion of:
- any accounts created using Translink Apple or Android mobile applications; and
- information held by us associated with those accounts or with any Translink online service or application integrated or connected with Meta products including Facebook.
If you wish to access, correct or update any personal information we may hold about you, or request deletion of an account or information associated with a Translink mobile application or Meta product as described above, please:
- where possible, use the relevant online service or mobile application; or
- contact us.
We may decline to provide access to or amend or delete information where we are legally permitted to refuse to do so. We will explain the basis for our decision when responding to your request or otherwise within a reasonable time.
Reasons for refusal may include, but are not limited to, where access, amendment or deletion would be:
- contrary to the public interest under the IP Act or the Right to Information Act 2009
- inconsistent with our obligations to maintain records under legislation including in the Public Records Act 2002.
If you wish to access, correct or update any personal information we may hold about you, please contact us.
Security
Translink take all reasonable steps to keep personal information we hold about you secure and protected against loss, misuse and unauthorised access.
The Department of Transport and Main Roads (which includes Translink) operates an Information Security Management System (ISMS) that conforms with the requirements of the Queensland Government Information Security Policy and International Information Security Standard (ISO/IEC 27001:2013).
The ISMS includes information security controls that have been implemented to provide a secure environment. Employees are made aware and regularly reminded of Translink's privacy obligations and our commitment to keeping personal information we hold secure. Translink’s websites securely encrypts the transmission of information across the internet by using Transport Layer Security.
Cookies and Analytics
Translink uses Google Analytics to gather anonymous statistical information about how Translink’s websites are accessed and used. Google Analytics uses cookies to gather information for the purpose of providing statistical reporting.
The information generated by the cookie about your use of the websites will be transmitted to and stored by Google on servers located outside of Australia. The information Translink receives from Google through Google Analytics is limited to aggregated information and does not identify specific users. If you are logged into your go card account, information about your user account is NOT linked to data recorded by Google Analytics and is NOT provided to Google.
Information gathered using the Google Analytics cookie includes:
- the number of visitors to Translink’s websites
- how visitors arrive at Translink’s websites; for example, did they type the address in directly, follow a link from another webpage, or arrive via a search engine
- the number of times each page is viewed and for how long
- time and date of visit
- geographical location of the visitor
- information about what browser was used to view Translink’s websites and the operating system of the computer
- information about whether the browser supports Java and Flash; and
- the speed of the user's internet connection.
We also use Google Advertising (Google Signals only) to track cross-platform behaviour if users visit our websites across multiple browsers/and or devices. This Data is aggregated, and individuals cannot be identified. You can choose not to allow Google to collect your information by opting out of Google Analytics or specifically opt out of Google Analytics display advertiser features.
External links
Translink’s websites contain links to third party websites. The Department of Transport and Main Roads is not responsible for the content, security or privacy practices of other websites.
Feedback and enquiries
For details on how you can provide feedback and enquiries please visit Translink’s Contact Us page.
Privacy complaints
If an individual believes that the department has not dealt with their personal information in accordance with the IPPs contained in the IP Act, they may lodge an information privacy complaint.
A privacy complaint is a complaint by an individual about an act or practice of a department in relation to the individual’s personal information.
Privacy complaints made to the department must:
- be in writing;
- state an address of the complainant to which notices may be forwarded under the Act;
- provide certified identification; and
- give particulars of the act or practice the subject of the complaint.
Privacy complaints are to be marked private and confidential and forwarded to:
Post:
Right to Information, Privacy and Complaints Management
Department of Transport and Main Roads
GPO Box 1549
Brisbane Qld 4001
Email: privacy@tmr.qld.gov.au
Online: the Department of Transport & Main Roads Contact Us form