Accessibility Contact us
Log in

Log in or Register

Log in Register

Online Services

Manage your account

Book and check licences

Get a permit

Can’t find what you’re looking for? Find out more about our online services or view our licensing page.

Log in or Register

Register Log in

Privacy policy

Policy overview

The Department of Transport and Major Infrastructure (DTMI) connects people and places to keep Western Australians moving towards a safer, healthier and sustainable future. DTMI has many functions involving the collection and use of personal information. These include driver and vehicle licensing, traffic infringement processing, issuing Western Australia (WA) photo cards, driving instructor licensing, regulating the taxi and ride share industries, recreational vessel and skipper regulation, jetty and mooring licensing, grant schemes, community surveys and engagement programs, managing travel subsidy schemes including for people with disabilities, and managing large maritime facilities. 

DTMI is committed to protecting the privacy of the personal information it holds and is transparent in how this information is collected, used, disclosed and secured.  

DTMI aligns with the Australian Privacy Principles (APPs) in the Commonwealth’s Privacy Act 1988 with a primary focus on Principle 6 “use or disclosure of personal information” to the extent that DTMI is not already operating under statutes that contain specific provisions about the collection, use and disclosure of personal information. 

Most of the personal information collected by DTMI is collected while performing functions under legislation which provides specific powers and obligations for the use and disclosure of that information. The APPs specifically recognise that agencies will in many contexts be acting in accordance with requirements or authorisations under another law. 

Any collection, use or disclosure of personal information will only occur where required or authorised by law, ensuring that personal information is handled securely and responsibly.

Principles

  • DTMI manages the personal information it collects and uses in way that ensures privacy, security, and integrity.
  • DTMI only collects and uses personal information for the purpose of performing its functions unless required or authorised to do otherwise by law. 
  • DTMI does not collect, use or disclose personal information in any manner contrary to law. 
  • DTMI will facilitate access to anonymised information where it is lawful to do so without compromising any of our principles.

Objective

To inform the WA community, interested parties and employees how personal information is collected, used, disclosed and secured by DTMI and action to be taken should a concern or complaint be raised about DTMI’s management of personal information. 

To ensure DTMI has appropriate processes to manage private and personal information of customers, staff and stakeholders collected in the process of DTMI undertaking its business.

What is personal information

Personal information is information or an opinion, whether true or not, that relates to an individual, whether living or dead, whose identity is apparent or can be reasonably ascertained from the information or opinion. For more detail, please see our Frequently Asked Questions (FAQs).

What types of personal information do DTMI collect?

Personal information that DTMI collects include:

  • name (including previous name)
  • address (including address history)
  • date of birth and contact information
  • driver licensing information, learner’s permit information, driving restrictions and demerit points
  • recreational vessel and jetty ownership
  • vehicle ownership
  • occupational qualifications (e.g. procurement, driving instructors and assessors)
  • financial information – such as bank account details and for commercial leasing
  • traffic infringement records; and
  • entitlements for Government benefits – such as pension and concession details.

Personal information we collect may be historical or current information.

The extent of the personal information collected by DTMI may vary depending on which of our functions or services an individual interacts with.

DTMI also collects and holds sensitive personal information if required or authorised to do so for the purpose of performing a statutory function, or where a person consents. This may include information such as:

  • racial or ethnic origin (e.g. to help us provide inclusive and accessible services to WA’s diverse community)
  • country of birth
  • gender identity, in a case where the individual’s gender identity does not correspond with their designated sex at birth
  • health information, including impairments that are relevant to decisions about licences, permits, functions, authorisations and subsidy schemes we administer
  • height, build, eye and hair colour
  • criminal history; and
  • photographs and signatures.

DTMI also uses biometric data derived from driver’s licence, learner’s permit, and Western Australian photo cards to detect fraudulent applications for new learner’s permits, driver’s licences and photo cards.

In the case of driver licences, and Western Australian photo cards, DTMI is required by law to retain a person’s name, address, signature, and photograph. 

On behalf of the Minister for Transport, DTMI administers the following Acts and regulations that authorise the collection, use, or disclosure of personal information:

  • Harbours and Jetties Act 1926*
  • Jetties Act 1926*
  • Jetties Regulations 1940
  • Lights (Navigation Protection) Act 1938*
  • Marine and Harbours Act 1981*
  • Marine and Harbours (Departmental Areas) Regulations 1998
  • Marine and Harbours (Fuelling) Regulations 1985
  • Marine Navigation Aids Act 1973*
  • Maritime Navigation Aids Regulations 1985
  • Mooring Regulations 1998 **
  • Motor Vehicle Drivers Instructors Act 1963
  • Motor Vehicle Drivers Instructors Regulations 1964
  • Navigable Waters Regulations 1958 **
  • Owner-Drivers (Contracts and Disputes) Act 2007 
  • Perth Parking Management Act 1999
  • Perth Parking Management Regulations 1999
  • Pollution of Waters by Oil and Noxious Substances Act 1987*
  • Road Traffic Act 1974 (Part 6A only)
  • Road Traffic (Towing of Vehicles) Regulations 2020
  • Road Traffic (Administration) Act 2008
  • Road Traffic (Administration) Regulations 2014
  • Road Traffic (Authorisation to Drive) Act 2008
  • Road Traffic (Authorisation to Drive) Regulations 2014
  • Road Traffic (Vehicles) Act 2012
  • Road Traffic (Vehicles) Regulations 2014
  • Sea Carriage of Goods Act 1909*
  • Shipping and Pilotage Act 1967*
  • Shipping and Pilotage (Mooring Control Areas) Regulations 1983
  • Shipping and Pilotage (Ports and Harbours) Regulations 1966
  • Towing Services Act 2024
  • Towing Services Regulations 2025
  • Transport Co-ordination Act 1966*
  • Transport Co-ordination Regulations 1985
  • Transport (Road Passenger Services) Act 2018
  • Transport (Road Passenger Services) Regulations 2020
  • Western Australian Marine Act 1982*
  • Western Australian Coastal Shipping Commission Act 1965*
  • Western Australian Photo Card Act 2014
  • Western Australian Photo Card Regulations 2014

* These Acts and regulations made under them are the subject of the information use and disclosure power in section 108(2)(a) of the Western Australian Marine Act 1982. The Transport Co-ordination Act 1967 is too but only to the extent that it relates to ferries and ships.

** The regulations subject to that power include the Mooring Regulations 1998 and the Navigable Waters Regulations 1958 both of which are made under more than one of the Acts with an asterisk.


Whether collection of personal information is compulsory

The collection of certain types of personal information will be compulsory regarding the enforcement of infringements under legislation administered by DTMI and some powers to compel the production of information using powers under legislation (e.g. investigative powers held by specifically empowered officers for limited purposes).

In other instances, individuals will only need to provide personal information when opting to apply for licences, permits, authorisations, boat pens, vessel registration, WA photo cards and travel subsidies under legislation or when participating in some surveys and engagement programs DTMI administers.

How DTMI collects personal information

DTMI may collect personal information directly from an individual, their representative or a third party. We collect personal information in a variety of ways, including:

  • paper or electronic correspondence and forms
  • phone calls
  • online, such as web based forms, DoTDirect and payment systems
  • our websites, online forms, surveys and feedback systems
  • in person
  • closed-circuit television at DTMI’s premises (including marinas); and
  • traffic cameras operated by the Police or the Road Safety Commission (DTMI processes the infringements).

DTMI may collect your personal information from third parties in the following circumstances:

  • with your consent
  • where it is unreasonable or impractical to collect the information from you; or
  • if we are required or authorised to do so by law.

DTMI may also collect personal information from publicly available sources while performing our functions.

For more detail, please see our FAQs.

Cookies 

When you visit the DTMI websites, some information is collected about how you interact with the website (e.g. when you visited, where you go on the site or whether you download any materials). We use 'cookies' to collect this type of information. A cookie is a small block of data that is shared between a web server and your computer's browser.

You can disable cookies using your web browser. If you opt out of using cookies, some of the features on this website may not function fully and your ability to browse, read and download information may be impaired.

Read our website privacy statement.

Use and disclosure of personal information

The purposes for which DTMI uses or discloses your information

DTMI will only use or disclose your personal information:

  1. for the primary purpose for which we collected it (that is, performance of a function conferred by the written law under which the information was collected)
  2. for a secondary purpose related (or directly related in the case of sensitive personal information) to the primary purpose
  3. where you have consented to that use or disclosure
  4. where lawful and necessary for investigating suspected offences and for enforcement purposes
  5. where it is necessary to lessen or prevent serious threats to health or safety (including pandemics)
  6. in a de-identified form where lawful and necessary for research, or the compilation or analysis of statistics, in the public interest; or
  7. where we are otherwise required or authorised to do so by law which may include under a subpoena, or a court order, or a specific section in an Act.

The above statements will not apply to the extent that there are any different requirements, powers, or limitations set out in the legislation that authorises the collection of the personal information. In some circumstances, legislation authorises DTMI to disclose or use that personal information for much wider purposes than the purpose for which it is collected. In other respects, the legislation specifically limits the use or disclosure of personal information to a narrower range of purposes than the APPs.    

How DTMI uses and discloses personal information

DTMI may disclose personal information to organisations that provide services on our behalf under contracts for those organisations to perform functions on DTMI’s behalf. These include very limited disclosure to third parties such as Australia Post (offices in regional areas), authorised agents, authorised vehicle inspection stations, new car dealers, and driving assessors. 

DTMI discloses more personal information to the company contracted to make driver’s licence, and WA photo cards and the company contracted to print and send all vehicle and driver licence notices, as well as small number of companies providing ICT services.

Personnel of those organisations who have access DTMI’s personal information are required to provide police clearances, and their access is closely tracked.  It may only be accessed or used by the organisations for the purposes set out in the contract.

DTMI is required under statute to provide personal information collected under some Acts with the Police and some other law enforcement officials. The Commissioner of Police has authority to disclose that information at his or her discretion to others for limited purposes.

DTMI is authorised to disclose driver and vehicle licensing information to other licensing authorities in other states and territories 

DTMI is authorised to disclose personal and other information collected under some of its legislation to other government departments and agencies at State and Commonwealth level as well as some other entities for purposes set out in that legislation. The typical purposes include performing functions under a written law and purposes related to the administration or enforcement of a written law, but more specific purposes may be set out in regulations. There are specific offences for misuse or unlawful disclosure of that information in the legislation authorising the disclosure.

Those other entities include local governments, four of WA’s five universities (the fifth does not have any parking by-laws), registered liquidators, registered trustees in bankruptcies, and Austroads Ltd, a company owned by Australia’s road authorities that operates the National Exchange of Vehicle and Driver Information System (NEVDIS). NEVDIS is a central Australian database that facilitates the exchange of information about vehicles and driver licenses, but not photos or signatures, across state borders, primarily to prevent fraud and theft.

DTMI also discloses personal information to comply with court orders including subpoenas as well as to government agencies with the power to compel the production of information. The court orders can and do include orders requiring the disclosure of licence plate information to parking companies.

DTMI strictly manages and monitors the release of personal information. Under no circumstances will DTMI disclose personal information to a third party for the purpose of direct marketing.

DTMI works in accordance with its road laws and a national arrangement for the provision of driver licensing information (excluding photographs or signatures) to some corresponding driver licensing authorities in overseas countries to assist DTMI in the delivery of its statutory objectives, including road safety and identity security. The protection of personal information is considered on a case-by-case basis.

Privacy Policy breaches

DTMI fosters a culture of integrity and accountability, ensuring all personnel adhere to high ethical and legal standards.

Persons, including employees and third-party service providers, who breach this policy may be dealt with in accordance with the Public Sector Management Act 1994, DTMI’s Code of Conduct, the Corruption, Crime and Misconduct Act 2003, the Criminal Code 1913, and any other applicable legislation.

Storage and protection

How we store and protect personal information

Consistent with the requirements of the APPs, we take reasonable steps to ensure the personal information we collect is held in a safe and secure manner. This includes:

  1. storing and managing records securely as required under applicable legislation and aligned with industry standards. 
  2. restricting access to personal information only to personnel authorised to carry out specific DTMI business activities or services. 
  3. restricting system access to authenticated credentials only. 
  4. ensuring persons with access to personal information understand their legal and ethical requirements not to access, use or disclose information for unauthorised purposes. 
  5. requiring any third-party providers to have security measures to keep personal information secure. 
  6. monitoring and auditing system access. 
  7. ensuring that paper-based files are physically secured.
  8. ensuring our buildings are secure and only accessed by authorised persons; and 
  9. regularly updating and auditing our storage and data security systems.

The requirements of the State Records Act 2000 and relevant DTMI data retention policy determine how long DTMI holds personal information and when we dispose of it. 

Credit card information used to process payments is managed in accordance with the international Payment Card Industry Data Security Standard.

Unique identifiers

DTMI uses unique numbers on many of the licence and authorisation documents it provides under legislation.  These include driver’s licences, learner’s permits, WA photo cards, Recreational Skipper’s Tickets, and Passenger Transport Driver authorisation documents for taxi, ride share, charter vehicle, and commercial bus drivers. The seven-digit number that is marked on a driver’s licence card as ‘LICENCE NUMBER’ is an example of a unique identifier.

DTMI uses the names of the holders of those licences and authorisations when performing its functions rather than those numbers. Unique identifiers enable us to detect and deter the creation and use of fraudulent copies of those licences and authorisations.  Drivers licence numbers are required to be used under some other WA legislation as a means of verifying identity in several contexts. They are also specifically protected in the part of the Criminal Code headed ‘Identity crime’.

De-identification 

When information is permitted to be used for statistical and research purposes, DTMI takes reasonable steps to ensure that the information cannot be used to identify any individual. These steps incorporate various deidentification techniques like: 

  1. redacting information and or aggregating data.
  2. micro-aggregating (e.g. group in fours, so ages 31, 32, 33 and 34 are each replaced by average values of 32.5).
  3. removing variables and or replacing identifiers with unique, artificial codes.
  4. using one-way encryption of identifiers.
  5. generalising (e.g. by replacing a date of birth with an age bracket); and
  6. suppressing (e.g. by replacing some values with ‘missing’).

DTMI also make deidentified data available to others depending on the purpose of the request, the nature of the entity requesting it, and our legislative powers to provide the information.

Identity verification systems

DTMI participates in the Document Verification Service (the DVS), an Identity Verification Service (IVS) operated by the Australian Government to enable authorised third parties, such as other government agencies, banks and similar parties, to verify documents such as driver’s licences using licence numbers and names. 

The information in the National Exchange of Vehicle and Driver Information System (NEVDIS) is also used as part of this process. As part of participation in the DVS, DTMI is subject to the obligations set out in the Identity Verification Services Act 2023 (Cth). These obligations include the use of written agreements between participating agencies and entities, which contain safeguards for the privacy of individuals whose identification information is used in requesting identity verification services or responding to such requests. A person seeking to have their identity verified using the DVS must provide their consent before doing so.

Automated decision-making processes

DTMI does not use automated processes to exercise any powers that require a decision, but they are used to assist in DTMI’s traffic infringement management process.

Software is used to automatically review images and associated information from the Police Force’s speed cameras and visual detection devices to detect potential offences (i.e. speeding, traffic light, seatbelt and mobile phone offences). Those images are then reviewed by DTMI officers designated as issuing officers under the road laws who must decide whether an infringement notice is created and served on a driver.  

DTMI also use automated processes for routine statutory actions that use personal information as factors. An example includes sending out licence renewal notices which the DTMI is obliged to renew unless certain factors specified in road law legislation prohibit DTMI from doing so e.g. unpaid fines as recorded in the Fines Enforcement Registry. 

DTMI also use automated processes to record administrative details of applicants for some authorities under statute and to provide them with information on factors that may impact a decision made by a human at a later stage of the decision-making process. For example, the online process for receiving applications for a passenger transport driver authority to drive a taxi/ride share vehicle which can only be granted to people without convictions for disqualification offences set out in legislation.

Accessing personal information

To apply for access to personal information, a person may:

  1. Log into their DoTDirect account, or
  2. Make an application under the Freedom of Information Act 1992 (fees may be applicable).

DTMI cannot disclose personal information about another person under the Freedom of Information Act 1992. A person should review our Freedom of Information page before making an application for personal information.

Accuracy of personal information 

We take reasonable steps to ensure the personal information we collect, and hold is accurate, up-to-date, and complete. This may include correcting personal information where it is appropriate to do so.

If a person believes that any personal information we hold is inaccurate or out of date, they should contact us, and we will review and update the relevant information. They may be required to provide evidence to support their request. Find out more about changing personal details.

Principal Officer 

DTMI’s Director General as the Chief Executive Officer is DTMI’s principal officer for the purposes of section 9 of the Privacy and Responsible Information Sharing Act 2024.

Contact us

Questions, comments, concerns or complaints about DTMI’s management of privacy or its practices, can be directed to:

Department of Transport and Major Infrastructure

Attention:    Privacy Officer

Email:         privacy@transport.wa.gov.au   

Mail:           GPO Box C102 PERTH WA 6839

If this does not satisfy any query or complaint, it can be directed to the Office of the Western Australian Information Commissioner by:

•    phone on (08) 6551 7888; or

•    visit the website

This Privacy Policy was last updated on 10 September 2025. From time to time, it may be necessary to update this Privacy Policy, and any amendments will apply to all the information we hold at the time of the update. 

If you need access to this Privacy Policy in a different format, please email privacy@transport.wa.gov.au.

Hi, I’m T-Bot! How can I help you?