myGovID will soon have a new name and look. Find out why myGovID is changing to myID.

Relationship Authorisation Manager privacy notice

Find out about our privacy notice for Relationship Authorisation Manager (RAM).

Last updated July 2024

On this page

About RAM and this privacy notice

RAM is a digital service administered by the Australian Taxation Office (ATO) as part of the Australian Government's Digital ID System. It gives Australian citizens and residents a single and secure way to access online government services.

RAM can be used to:

  • link your business to a single digital identity
  • manage your business authorisations in one place
  • grant others authority to act on behalf of your business when interacting with government online services.

By using RAM, you agree that we may collect, hold, use and disclose your personal information, as set out in this privacy notice. Separate privacy notices apply to other government departments or agencies participating in the Digital ID program.

The ATO is subject to the Privacy Act 1988 (Privacy Act), incorporating the Australian Privacy Principles (APPs), the Australian Government Agencies Privacy Code 2017 (APP agency code registered under the Privacy Act), and the Trusted Digital Identity Framework in respect of personal information it collects, uses and discloses about you when you use the RAM service.

Collection of personal information

We are authorised by the Privacy Act to collect personal information about you for the purpose of operating the RAM service. The types of personal information collected by RAM include your:

  • first and last name
  • email address
  • date of birth
  • address
  • digital identity details
  • relationship to the business.

Personal information may also include:

  • information about services you have accessed or attempted to access 
  • information on the method of access
  • your internet provider number (IP address)
  • the date and time your identity was verified.

This personal information must be collected before you can use RAM to link your digital identity to your business. Your business must have an active Australian Business Number (ABN) on the Australia Business Register (ABR) to successfully complete a link in RAM.

RAM will create and store a record of the business, or businesses, that are successfully linked to your digital identity.

If we do not collect your personal information, you will not be able to use RAM. It will also affect your ability to enable authorised users and to represent your business or businesses with any government agencies and services.

Use and disclosure of personal information

Personal information held in RAM will be used by the ATO and disclosed to:

  • the Department of Finance in its capacity as the System Oversight Authority
  • Services Australia in its capacity as the System Interim Oversight Authority, and 
  • other state and Australian Government entities participating in the Australian Government’s Digital ID System. 

This is for the purpose of verifying, creating and maintaining the relationship between your digital identity and business, as well as the authorisations linked to the business to access government online services on behalf of the business.

Your personal information may be used to compile statistics and reports to enhance the RAM system and services, assist to identify and respond to issues that indicate authentication integrity risks; and to analyse, detect, manage and investigate fraudulent activity and suspected system misuse of RAM, which may lead to criminal prosecution.

We will not use or disclose your personal information for any other purpose unless you have consented or we are required or authorised to do so under an Australian law or a court/tribunal order, including to an enforcement body for an enforcement related activity.

We will not disclose personal information collected through RAM to overseas recipients. Your personal information will be stored securely in Australia.

We will not use or disclose personal information for the purpose of direct marketing.

You can remove your authorisation and withdraw your express consent in RAM at any time; however, some personal information may be retained as required by the Archives Act 1983. By withdrawing your express consent, you will no longer be able to use RAM. It may also affect your ability to enable authorised users and to represent your business or businesses with any government agencies and services.

How we hold personal information

We take reasonable steps to protect your personal information against:

  • loss
  • interference
  • misues, or
  • unauthorised access, unauthorised modification or unauthorised disclosure.

We use a range of physical and technological controls to ensure only staff needing access to your personal information can access it.

To protect the personal information we hold, we apply industry-best security methods, including:

  • information technology and physical security audits
  • penetration testing and industry best practice risk management
  • system security technologies.

Personal information used to create, verify and manage your relationships and authorisations in RAM is stored separately from other records the ATO holds to protect the confidentiality of your personal information.

Further information

The RAM privacy policy contains further information about how we handle your personal information, including information about:

  • how you can access and seek correction of your personal information held by us
  • how to make a complaint if you think we have breached the Australian Privacy Principles or APP agency code, and
  • how we will deal with complaints.

For more information about RAM and your privacy, or if you believe your privacy has been breached, you can:

  • phone 1300 661 542 and ask for the Privacy Hotline
  • phone the ATO Complaints and Feedback Line on 1800 199 010
  • write to

Australian Taxation Office
GPO Box 9990
[insert the name and postcode of your capital city]

For example:

Australian Taxation Office
GPO Box 9990
SYDNEY  NSW  2001