privacy policy - clause 6.1

6. Principle 6 - Access and Correction
   1. If an organisation holds personal information about an individual, it must provide the individual with access to the information on request by the individual, except to the extent that -
      1. providing access would pose a serious and imminent threat to the life or health of any individual; or
      2. providing access would have an unreasonable impact on the privacy of other individuals; or
      3. the request for access is frivolous or vexatious; or
      4. the information relates to existing legal proceedings between the organisation and the individual, and the information would not be accessible by the process of discovery or subpoena in those proceedings; or
      5. providing access would reveal the intentions of the organisation in relation to negotiations with the individual in such a way as to prejudice those negotiations; or
      6. providing access would be unlawful; or
      7. denying access is required or authorised by or under law; or
      8. providing access would be likely to prejudice an investigation of possible unlawful activity; or
      9. providing access would be likely to prejudice -
         1. the prevention, detection, investigation, prosecution or punishment of criminal offences or breaches of a law imposing a penalty or sanction; or
         2. the enforcement of laws relating to the confiscation of the proceeds of crime; or
         3. the protection of public revenue; or
         4. the prevention, detection, investigation or remedying of seriously improper conduct; or
         5. the preparation for, or conduct of, proceedings before any court or tribunal, or implementation of its orders--
         by or on behalf of a law enforcement agency; or
      10. ASIO, ASIS or a law enforcement agency performing a lawful security function asks the organisation not to provide access to the information on the basis that providing access would be likely to cause damage to the security of Australia.