Victoria government logo
data.vic.gov.au

Privacy

Information about privacy - what information we collect and why.

The Victorian Government values and is committed to protecting your privacy.

We handle your personal information in accordance with the Privacy and Data Protection Act 2014 (Vic) (PDP Act), Public Records Act 1973 (Vic), Health Records Act 2001 (Vic) and other applicable legislation.

This Privacy Statement applies to information collected through the vic.gov.au website ( www.vic.gov.auExternal Link ). For information about our broader collection, use and disclosure of personal information, email contact@dpc.vic.gov.au

We may update this privacy statement from time to time. Any changes to this privacy statement will be published on this website.

What information do we collect?

There are 3 main ways that we may collect personal information from you:

1. Requests to provide information

In most circumstances, you will know if we are collecting personal information from you because you will be requested to provide it. For instance, if you submit a form to contact us through the website, we will ask you to provide your name and email address.

2. Automatic collection through the website

Some personal information is automatically collected as a result of your visit to our website. This information is collected using software techniques such as web server log file analysis, cookies and web beacons.

3. Automatic collection by third party software vendors

We use some third party software that collects information about your interaction with our website.

When you visit our website, your web browser automatically sends certain information to these software providers.

This statement covers each of these instances of personal information collection in more detail below.

Requests to provide information

We may collect personal information that you choose to give us, or which may be required to access a particular service. This includes information collected via online forms, events and training registration, or when subscribing to receive newsletters.

The information you provide by completing an online form on vic.gov.au is collected by the Drupal 9 content management system (CMS) and is stored on the Microsoft Azure infrastructure in Sydney, Australia. The Product and Editorial team within Digital Victoria have a process in place to delete this data from the CMS on a regular basis.

Automatic collection through the website

Use of cookies

We use first-party cookies and JavaScript code to collect information about visitors to this website. We use these to track how our visitors interact with this website, including where they came from, what they did on the site and whether they completed any transactions on the site.

If you don't want to have cookies placed on your computer, you can disable them using your web browser. You will need to customise each web browser you use to turn off cookie tracking.

If you opt out of using cookies, you will still have access to all the information and resources provided by this website, though some features may not work as expected.

Automatic collection by third party software vendors

This website uses several online tools to measure website use, which are provided by third party software vendors. We use these tools to help us make our site better.

We use software by third parties, including:

For further information on how these third party software vendors handle your personal information, please review their privacy policies. Personal information may be provided to third parties when accessing this website. Information that may be shared to third parties includes:

  • network location and IP address
  • the date and time of your visit to our website
  • the types of web browser (e.g. Internet Explorer, Google Chrome, Safari) and operating system (e.g. Windows 10, Mac OS X etc.) you are using
  • flash version, JavaScript support, screen resolution and screen colour processing ability
  • referring site details (such as the URL that you came through to arrive at our website)
  • page visited and the time spent on each page
  • documents downloaded and search terms used
  • the forms accessed on our website
  • unique device identifier
  • cookies and data about which page you visited
  • device information, hardware model, operating system information, app version, app usage, debugging information, browser information
  • geo-location information (if enabled by user)
  • may assign a unique user identifier.

The information we disclose to some of our third-party vendors may travel outside Victoria. We take steps to ensure that when your personal information travels, privacy protections travel with it.

Third party software vendors may alter how they collect and handle personal information at any time.

Use and disclosure

Use of web analytics data

We use web analytics data for statistical purposes, such as to analyse, measure, and report on data about our website traffic and visits. This information helps us understand general user trends at an aggregate level, and improve our website, content, and user experience.

We may also use this information for security audits to protect against threats from hackers or other security purposes.

We do not use this information to identify you or match it with any other personal information that we may collect from you, unless required to do so as part of an internal investigation or for a law enforcement-related purpose, in accordance with the PDP Act.

Your site visit data is collected under the authority of Information Privacy Principle 1.1 of the PDP Act for the purposes stated above.

Disclosure of web analytics data

Apart from the third party tools described in this Privacy Statement, we do not disclose your site visit data to any other third parties without your consent, unless we are required or authorised to do so by law. In the event of an investigation into suspected unlawful or improper activity, a law enforcement or government agency may use its legal authority to inspect our web server’s records (e.g. in relation to hacking or abusive messages).

Can I opt out of the collection of web analytics data?

You cannot opt out of the automatic collection of information that is used for analytical purposes, however you may choose to disable cookies or delete any individual cookie. If you choose to disable cookies, the website may not function fully and your ability to browse, read, and download information contained on our website may be impaired. However, you may still access our services by contacting our office via other methods such as telephone, email, or mail.

You can enable a “Do Not Track” setting on your browser to help protect your privacy. When Do Not Track is tuned on, your browser will send a Do Not Track request to the sites you visit, and to the third parties whose content is hosted on those sites. However, many websites will still collect and use your browsing data regardless of the Do Not Track Request. This depends on individual sites’ privacy practices. Sending a Do Not Track request does not guarantee privacy protection.

Instructions on how to enable the Do Not Track setting:

You can also opt out of tracking and website analytics using a Google browser pluginExternal Link .

Social media

We use Twitter to share information and to communicate with the public about our work. We may collect personal information that you provide us via the @VicGovAu Twitter social media for the purposes of engaging and consulting with the public. Any personal information we collect via Twitter social media will be handled appropriately and in accordance with this privacy statement.

We use Sprout Social to manage the @VicGovAu Twitter account. Information collected by Twitter is also shared with Sprout Social.

Twitter may also collect your personal information for its own purposes. When you agree to Twitter’s terms of service and privacy policy, you agree to your information being transferred outside Victoria. To protect your privacy and the privacy of others, please do not post any personal information (including phone numbers and email addresses) in your comment, tweet, or reply. Additionally, please do not share personal information about others via social media.

Please be advised that information you share via social media sites may be accessible to anyone else engaging with the Victorian Government via the same social media, including non-government third parties. Each social network has inbuilt privacy settings. We recommend that you regularly check and configure your privacy settings for your profile and accounts to make sure you know what information you are making available and to which audience.

We have social media sharing links on this website. These are located on the right-hand side of a webpage under the heading 'Share this'. By clicking these links, you are given the option to share the webpage as a post on your social media account (Twitter, Facebook, or LinkedIn). These social media networks have channel-specific privacy policies and may collect your personal information if you choose to share a post, so we recommend viewing their privacy policies at the links below.

This privacy statement does not apply to any external websites that are linked on the vic.gov.au website.

The icon we provide to let you know when you are leaving vic.gov.au and visiting an external website is displayed below.

This is what an external link looks likeExternal Link

We are not responsible for the privacy practices or content of external websites. When you visit other websites, we recommend you read the privacy statements or policies of these websites before providing personal information.

Security of your personal information

Under the PDP Act, we have a responsibility to protect your personal information. We take reasonable steps to make sure that your personal information is protected from misuse, loss, and unauthorised access, modification, or disclosure. Access to systems, applications, and the information that we collect is limited to authorised staff members only.

Further, any personal information that we collect and use for identifying user trends (for example, IP address) is aggregated and anonymised when generating reports.

Access and correction

You may request access to, or correction of, documents that contain your personal information which are in our possession. For information on how to make a request for access or correction, please contact us via the details below.

In some cases, requests for access or correction will be handled in accordance with the Freedom of Information Act 1982 (Vic).

Additional privacy notices for specific vic.gov.au websites

  • The Architects Registration Board of Victoria (ARBV) is established by the Architects Act 1991 (Vic) (Act)External Link .

    The ARBV’s role is to administer the Act which provides for the registration of architects (including companies and partnerships) and the regulation of their professional conduct.

    Any reference to ‘we’ or ‘our’ in this Privacy Statement (Statement) is a reference to the ARBV.

    What does this Statement do?

    When you access the ARBV website, we may collect a range of personal and/or sensitive information. This Privacy Statement sets out how we handle that information. It also tells you how you can access and correct the personal and/or sensitive information that the ARBV holds about you and how to make a complaint about a privacy matter.

    This Statement does not address how we handle personal and/or sensitive information which may be obtained from other sources, for example, when you contact us in person, by telephone or email, or where information is obtained from a third party. Any personal and/or sensitive information that we collect or obtain from other sources will be handled in accordance with the ARBV’s privacy policyExternal Link .

    What information does ARBV collect, use and disclose?

    We may collect, use and disclose the personal and/or sensitive information in the course of carrying out our regulatory and enforcement functions under the Act.

    The type of personal and/or sensitive information that we may collect, use and disclose includes:

    • name, address and other contact details
    • date of birth
    • qualification and employment information
    • criminal history details
    • complaint or enquiry details
    • professional indemnity insurance details

    If you do not provide all or any part of the information requested by the ARBV we may be unable to process or respond to your query, application or complaint.

    How we collect your personal and/or sensitive information

    We may collect personal and/or sensitive information when you access the ARBV website to:

    • submit an online form (registration application, complaint or enquiry form)
    • make a freedom of information request
    • apply for a job at ARBV
    • update your personal information
    • respond to a survey or sign up for newsletters/information bulletins
    • visit ARBV’s website (using automated data collection software and systems)

    In most cases, we will tell you when we collect your personal and/or sensitive information and will provide you with a collection statement identifying the ARBV and advising you about why we are collecting the information and how we intend to hold, use and disclose it.

    Sometimes we may collect or receive personal and/or sensitive information about you from a third party. For example:

    • if an online complaint is made about you, we record this information
    • if an enquiry is received, we may record the terms of the enquiry and related details

    It is not always practical for us to advise people when we receive information about them from a third party. We will only use personal and/or sensitive information received from third parties to carry out our statutory functions and will only disclose this information with the person’s consent, unless legislatively required or permitted to do otherwise.

    Why we collect your personal and/or sensitive information

    The ARBV collects personal information (that is, information identifying you) and sensitive information (such as criminal history) to enable us to:

    • process registration applications, including payments
    • respond to complaints and enquiries

    We may also use your personal and/or sensitive information:

    • to provide you with updates from the ARBV
    • to maintain the Register of Architects and the Architects Disciplinary Register (published on the ARBV’s website)
    • for law enforcement by the ARBV or other regulatory bodies
    • such other purposes required or authorised by law

    If you do not provide all or any part of the information requested by the ARBV we may be unable to process or respond to your query, application or complaint.

    How we use your personal and/or sensitive information

    We will use or disclose personal and/or sensitive information for the primary purpose for which it was collected. It may also be used for a permitted secondary purpose in specified situations. You can read more about how and when we will share your information in our Privacy Policy.

    Data quality and security

    We make every effort to ensure that the personal and/or sensitive information we collect, use or disclose is accurate, complete and up-to-date. In accordance with the Act, accurate information should be provided at all times.

    We also take reasonable steps to protect your personal and sensitive information contained in our files from outside or unauthorised access. Our information technology arrangements incorporate a range of data security measures and only staff who need to use your personal and/or sensitive information to perform their functions will have access to it.

    Personal and/or sensitive information which is collected by the ARBV is stored within Australia and our data storage system is subject to regular audits. Where your personal and/or sensitive information is transferred outside Victoria, we take steps consistent with the principles in Victoria’s privacy laws to ensure its protection from unauthorised use and disclosure.

    Where personal and/or sensitive information is disclosed or made available to a contracted service provider, we will ensure that the contract requires confidentiality, restricts the use of the information to the purposes of the contract and clarifies what happens to the personal and/or sensitive information when the contract finishes.

    As the Act does not allow for registrants (architects, partnership and/or companies) to be removed from the Architecture Register, we will hold any personal and/or sensitive information which we collect via the ARBV website (or from other sources) indefinitely. Historical records may be held by the Public Record Office Victoria, in accordance with the Public Records Act 1973 (Vic)External Link .

    You can read more about our data quality and security processes in our Privacy Policy.

    Online payments

    Our online payment services are managed in conjunction with Windcave, a third-party IT service provider. Windcave may access the personal information entered into our forms in order to process electronic transactions or to resolve a technical problem.

    If you make a payment using our website, we will process your payment with the assistance of Windcave and present you with an online receipt for your records.

    Access to your personal information

    You can view and update your personal information directly through the ARBV website. If you become aware that the personal and/or sensitive information we hold about you is not accurate, complete, or up to date, you can ask us to correct it.

    You can also request access to the personal and/or sensitive information that we hold about you. Any request to access or correct personal and/or sensitive information held by the ARBV should be addressed to:

    Email: registrar@arbv.vic.gov.au (Attention FOI Officer)

    Post:

    Attention FOI Officer
    Architects Registration Board of Victoria
    Level 10, 533 Little Lonsdale Street
    Melbourne VIC 3000

    Alternatively, a request to access or correct personal and/or sensitive information held by the ARBV can be made by completing an online enquiry formExternal Link .

    Staying anonymous

    Most of the things we do require you to provide us with personal information so that we can verify your identity. However, individuals seeking general advice from the ARBV or accessing the Architects Register using our website do not have to identify themselves.

    Unique Identifiers

    We assign registrants (architects, companies and partnerships) a unique registration number upon registration. This is a publicly available number.

    We also assign individual and entities with a unique 8 digit invoice number for online payments to assist in tracking payments for fees and/or other charges prescribed by the Act or regulations.

    How do I raise concerns about my privacy?

    If you are unhappy about the way we have handled your personal and/or sensitive information, you may wish to discuss your concerns with the ARBV’s Privacy Officer. You may contact us in person, by telephone, in writing, using the following details:

    You can write to:

    Email: registrar@arbv.vic.gov.au (Attention Privacy Officer)

    Post:

    Attention Privacy Officer
    Architects Registration Board of Victoria
    Level 10, 533 Little Lonsdale Street
    Melbourne VIC 3000

    Phone: 03 9417 4444

    Alternatively, you can make a complaint by completing an online complaint form.

    You may also discuss your concerns directly with the Office of the Victorian Information CommissionerExternal Link .

    Privacy policy

    We are committed to protecting your personal and sensitive information in accordance with the Information Privacy Principles set out in the Victorian Privacy and Data Protection Act 2014 (Vic)External Link .

    Our Privacy Policy provides further detail how and why the ARBV collects your personal and/or sensitive information, how you can access and seek correction of your personal and/or sensitive information held by the ARBV, and how you can make a complaint to the ARBV or Ombudsman about a breach of your privacy. The policy can be accessed on the ARBV’s Privacy page.

  • This collection notice explains how the Public Sector Gender Equality Commissioner (the Commission) handles personal information which you may provide when you subscribe to our e-newsletter.

    The Commission collects this data using:

    The personal information that you submit to us is collected in order to provide information services to you which in turn facilitates:

    • communicating updates about the Commission and/or an event
    • the co-ordination of meetings, and advocacy and educational activities

    Servers for the third party applications are located in Australia and overseas. Mailchimp require their subcontractors to deal with such personal information in a manner that is consistent with the Australian Privacy Principles but they cannot guarantee the security of your personal information.

    Mailchimp comply with the Australian Privacy Act 1998. If you are unsatisfied with a response to a privacy matter then you may consult either an independent advisor or contact the Office of the Australian Information Commissioner for additional help.

    You have the option of not providing certain information requested by the Commission. However, you should note that this may prevent the Commission from providing information services to you and managing its various activities and programs.

    If you need to change or update your details, you can do so by clicking the update subscription preferences link at the bottom of the e-newsletter or by contacting the Commission for Gender Equality in the Public SectorExternal Link .

  • The Department of Health ('the department') is committed to protecting your privacy. The department collects and handles your personal and health information in this COVID-19 Positive Rapid Antigen Self-Reporting FormExternal Link for the purposes of contact tracing and outbreak management.

    Your personal and health information is protected by the legislative safeguards in the Public Health and Wellbeing Act 2008(Vic), which ensure that it may only be used to protect public health.

    In order to contact trace, we may share your personal and health information with our Local Public Health Units (‘LPHUs’), Local Governments, interstate health authorities to keep you safe and your community safe.

    In order to manage the COVID-19 outbreak, we may share your personal and health information with Health Service Providers and our Contracted Service Providers under the COVID Positive PathwaysExternal Link program for your support and care, including medical care, emergency accommodation, food relief, and alcohol, drug, mental health and family violence support services. We may also share your personal and health information with other government entities for occupational health and safety purposes of staff to enable the provision of services to you in a safe and efficient manner.

    Our LPHUs and other researchers are undertaking important analysis of available COVID-19 data to improve our understanding of the virus and assist in our response. Information that we collect may be used for these purposes by the department or disclosed to other researchers where that is authorised by law.

    The department may share your information with Victoria Police to ensure that the Pandemic Orders are being complied with.

    You are required by law to notify the department of a positive rapid antigen test result. Penalties of up to $10,904.40 for an individual or $54,544 for a body corporate apply for failure to notify the department of a positive rapid antigen test result, without a reasonable excuse.

    You can apply for access to information the department holds about you. The department’s Freedom of Information Unit may be contacted by email: foi@health.vic.gov.au

    For information on the department's Privacy policy or on how the department manages privacy, please contact the Privacy unit by email: privacy@health.vic.gov.au

  • Privacy collection notice

    The Department of Health ('the department') is collecting your personal and health information to communicate the request from the health service taking your COVID-19 swab (which may be the department or another health provider) to a pathology service for testing, and to obtain information to assist the department in managing the COVID-19 virus pandemic. After your test, we will use your mobile number to send you an SMS, providing you with links to further information about COVID-19 on our website.

    Some of the questions you will be asked by staff at the testing site are necessary to enable a valid request to be made for COVID-19 pathology testing. Other questions are not mandatory but will assist in our understanding of COVID-19 and who is undergoing testing. We will let you know which questions are optional.

    We will disclose certain information collected about you to a pathology provider for COVID-19 testing. That pathology provider will report test results to the department, and to the health service who took your swab for testing. You will be notified of your result by the pathology provider, the health service or the department using the contact information we collect from you. We may also provide the health service that took your swab with a copy of the information you provided at the time of your test and your COVID-19 test result, so that they have this information in their health care records.

    Our public health unit and other researchers are undertaking important analysis of available COVID-19 data to improve our understanding of the virus and assist in our response. Information that we collect may be used for these purposes by the department or disclosed to other researchers where that is authorised by law.

    If your test is positive for COVID-19, the department may share your information with Health Service Providers and our Contracted Service Providers under the COVID Positive Pathways program for your support and care, including medical care, emergency accommodation, food relief, and alcohol, drug, mental health and family violence support services. We may also share your personal and health information with other government entities for occupational health and safety purposes of staff to enable the provision of services to you in a safe and efficient manner.

    The department may share your information with Victoria Police or interstate health departments to ensure that the Pandemic Orders are being complied with and to minimise the risk of spreading COVID-19 between states and territories.

    Your test result may be loaded to My Health Record unless you tell us that you do not want this to happen.

    You can apply for access to information the department holds about you. The department’s Freedom of Information Unit may be contacted on:

    Email: foi@health.vic.gov.au

    For information on the department's Privacy policy or on how the department manages privacy, please contact the Privacy unit on:

    Email: privacy@health.vic.gov.au

  • Data Vic uses CKAN to manage and publish meta data records on the data.vic.gov.au portal.

    CKAN is open source software widely used by open data publishers to manage their data assets.

    CKAN stores meta data about individual data records and presents them on a web interface so that visitors to data.vic.gov.au can browse and search this metadata in order to meet their information seeking needs.

    CKAN also offers an API so that third party applications can be built around it.

    CKAN collects site analytics data and statistical data about DataVic users including:

    • browser used
    • operating system
    • country
    • referral links
    • time on the site
    • language

    When you submit content to data.vic.gov.au, by making comments to the various feedback functions or participation in the applications showcase, you retain copyright in it. By submitting content to this site, you agree to make it available to the rest of the world under a Creative Commons Attribution 3.0 Australia LicenceExternal Link

    Use of site

    You must not use text or information provided via this site, including datasets or data they contain, in any of the following ways:

    • use the data in any application that pretends to be an official government service, or in any other way that suggests that the Department endorses you or your use
    • present the data in a misleading or incorrect manner, or misrepresent the data through changing it or otherwise
    • use this site for party political purposes
    • use the data or this site in or to support a criminal or illicit activity
    • use the data in any application, or in any other ways to inflame or make comments that are racist, sexist or homophobic, or which promote or incite violence and illegal activity

    Moderation policy and process

    We welcome user generated content to the data.vic.gov.au site and aim to publish most content quickly. We encourage you to share your opinions on the various blog topics and individual datasets. Also, we want to promote your applications and insights built and developed using Victorian Government data in the showcase section. To help us do this, please make sure:

    • your comments are relevant or on-topic
    • your comments are not inflammatory, unreasonable or obscene
    • you are civil and respectful of others and their opinions (including not impersonating anyone and not posting someone's personal information without their permission)
    • your behaviour is in line with relevant laws
    • The site uses a pre-moderation process to help ensure that spam or comments that breach this moderation policy are not published. This means that your comment will generally be published after being manually checked by a moderator. If a comment is edited, we will include a reference so you can tell

    The first is a human verification step to deter spam bots: when you submit a comment, you are asked to include a user name and a valid email address. You may post under a pseudonym. Your email address will not be posted on the site.

    If we make a mistake, please contact us and we will deal with it as quickly as we can.

  • The Department of Education (department) handles your information in accordance with this privacy notice or where otherwise authorised or permitted by law and in accordance with Victorian privacy laws and the department’s policies regarding privacy and records.

    Collection and use of data

    The department collects information about its employees from EduPay.

    The department collects information about early childhood services and providers from NQAITS.

    The department collects information about external stakeholders and other interested parties through opt-in subscription forms.

    Information collected and its intended use:

    • Name and email address: to send you updates about department operations, services and initiatives.
    • For department employees: Role, office/school; for early childhood services and providers:
      Service and provider ID, service and provider name, service status, email; for others:
      organisation, job title: to understand representation of roles and organisations that are receiving information and updates from the department and to ensure relevant stakeholders receive communications.

    Handling and storage of data

    Your personal information is stored on Vision6 (in Australia) and department systems. Access will be limited to:

    • those administering communications and those that need to know in accordance with the department’s Privacy Policy
    • those providing technical assistance from Vision6 or department’s systems.

    Further information

    For further information on this notice, or to request access and correction of personal information, email digital.comms@education.vic.gov.au.

    For more information regarding access to personal information or department’s handling of personal information, visit:

  • ESTA is committed to protecting the privacy of personal information that we handle in the delivery of services to the community, agencies, employees and agents. The way ESTA collects discloses and manages personal and health information contributes to its success.

    Victoria has three key pieces of legislation that apply to ESTA:

    • Emergency Services Telecommunications Act 2004
    • Privacy & Data Protection Act 2014
    • Health Records Act 2001.

    These laws contain information about confidential information, and privacy principles which give people more say in regard to how their personal and health information is collected and used and who can access it.

    In addition, Victoria’s Charter of Human Rights and Responsibilities protects individuals from having their privacy unlawfully or arbitrarily interfered with.

    ESTA collects sensitive, personal and health information in the course of its operations. The organisation is committed to protecting confidential information, and to implementation of Victoria’s Information Privacy Principles and Health Privacy Principles, in the context of delivering emergency and related call-taking and dispatch services, including via triple zero.

    Privacy framework

    ESTA maintains a broad privacy framework, supported by an active strategy to improve privacy compliance and awareness.

    ESTA’s privacy framework is comprised of 4 elements:

    • Compliance with privacy laws and privacy principles, and other relevant legislation
    • Provision of advice and guidance internally and externally regarding privacy rights and responsibilities
    • Training and awareness activities within the organisation
    • Monitoring, reporting and managing privacy practice, including incident management.

    The framework is supported by ESTA's Privacy Policy which sets out in detail how the organisation meets its legislative and other privacy obligations.

    ESTA privacy policy

    ESTA’s policy refers to the use and management of personal and health information collected by the Emergency Services Telecommunication Authority (ESTA).

    Personal and health information held by ESTA is managed in accordance with the privacy principles contained in the Privacy and Data Protection Act 2014 (Vic), the Health Records Act 2001 (Vic) and as required by other laws. ESTA is required by law to have a policy on its information handling practices.

    Privacy and security measures protect against misuse, loss and unauthorised disclosure of personal information.

    The Emergency Services Telecommunications Act 2004 (the ESTA Act) also protects confidential information from unauthorised disclosure.

    Definitions

    Personal information is recorded information about a living identifiable or easily identifiable individual (including work related information or images).

    Sensitive information is information about a living individual’s race or ethnicity, political opinions, religious or philosophical beliefs, sexual preferences or practices, criminal record, or membership details, such as trade union or professional, political or trade associations.

    Health information is information about a living or deceased individual’s physical, mental or psychological health.

    Confidential information is any information relating to calls received or messages communicated by (ESTA) in the course of providing a service to an emergency services and other related services organisation.

    What does ESTA do?

    ESTA was established by the ESTA Act to provide emergency call taking and dispatch and other communications services to emergency services organisations throughout Victoria (the services).

    ESTA currently provides services to the following organisations:

    • Country Fire Authority
    • Ambulance Victoria
    • Fire Rescue Victoria
    • Victoria Police
    • Victoria State Emergency Service (VICSES).

    ESTA is committed to protecting the privacy of personal information that we handle. Personal information is information that directly or indirectly identifies a person.

    What areas of ESTA collect personal and health information?

    All calls to triple zero, VICSES emergency calls and operational radio communications are voice recorded. Under the Telecommunications (Interception and Access) Act 1979 ESTA may listen to or record, by any means, such a communication within a ‘emergency service facility’ without the knowledge of the person making the communication. Administration telephony systems within the State Emergency Communications Centres are not recorded.

    Because individuals, members of the public, and ESTA employees deal with different areas of the Authority, these areas may have additional privacy policies and practices that explain in more detail their particular information management practices. For example, ESTA’s People, Capability and Reputation department has additional policies, which explain in more detail how human resources records are managed in accordance with privacy legislation. ESTA’s Operations Department has policies regarding access to control rooms.

    How does ESTA treat confidential information?

    ESTA collects sensitive and personal information in the course of its operations. This information is protected under the confidentiality sections of the ESTA Act. The Act provides for otherwise confidential information, including personal and health information, to be provided to emergency services organisations to assist callers.

    Section 33 (Secrecy) of the ESTA Act protects the "confidential information" of callers (whether or not such information is considered personal or health information) by limiting the use that ESTA, its employees and any others may make in relation to that information. Confidential information under the ESTA Act means “any information relating to calls received or messages communicated by [ESTA] in the course of providing a service to an emergency services and other related services organisation”.

    The restriction on the use of confidential information is as follows: “A person who has confidential information that he or she has received in the course of carrying out duties under the ESTA Act must not, except to the extent necessary to perform duties under the ESTA Act, record, disclose, communicate or make use of that information”.

    All ESTA employees are required to comply with this restriction and, under the ESTA Act, penalties may apply for breach of this restriction.

    Certain areas of ESTA and some ESTA personnel may not have to comply with some or all of the privacy principles.

    These situations include where:

    • the provisions of another Act are more specific about how information should be managed
    • the area makes use of generally available publications, for example, websites, or publicly accessible directories
    • employees are carrying out law enforcement functions which would be hindered if they were to comply with all of the privacy principles
    • if the use or disclosure it is necessary to lessen or prevent a serious and imminent threat to an individual’s life, health, safety or welfare.

    What sort of information does ESTA collect?

    In broad terms ESTA:

    • collects only information needed for the provision of ESTA’s services
    • takes reasonable steps to ensure personal information is accurate, complete, up-to-date and relevant to the functions performed
    • uses and discloses it only for ESTA’s service provision purposes, for another purpose with the person's consent, or as otherwise authorised by law
    • stores information securely, protecting it from unauthorised access
    • retains it for the period authorised by the Public Records Act 1973
    • provides the person with access to their own information, and the right to seek its correction.

    ESTA also collects personal and health information for statutory and administrative reasons.

    ESTA may collect sensitive information according to privacy and other legislation.

    Why does ESTA collect information?

    ESTA collects personal and health information as necessary for its functions of service delivery, administration and enforcement of the law.

    Below are the most common reasons that ESTA may collect and use your personal information:

    • If you ring ESTA (for example via Triple Zero or VICSES 132 500 to request assistance from an emergency service).
    • When seeking to obtain your direct feedback on services provided by ESTA.
    • If you seek to be or are employed by ESTA (including referee and police checks).
    • You are or would like to be a supplier or contractor to ESTA.
    • If you request information from ESTA.
    • For the purposes of conducting an event (for example, Junior Triple Zero Hero Awards) and for the purposes of contacting you regarding other events that may be of interest.

    ESTA takes reasonable steps to explain why personal or health information is collected, what is done with it, whether any laws require it and the main consequences for an individual if it is not provided to ESTA.

    What does ESTA do with the information?

    ESTA uses and provides to other people or organisations, personal or health information necessary to provide the requested emergency service. ESTA is authorised by law to use or provide personal or health information to others for the purpose of providing its service.

    ESTA only assigns or adopts a unique identifier (e.g. employee number) for an individual if it is necessary, authorised by law or with consent. ESTA ensures any transfer of personal or health information outside Victoria is in accordance with privacy and other legislation.

    Eventbrite

    There may be occasions where ESTA uses Eventbrite to invite you to an ESTA-run event, and to register your attendance. In such instances, ESTA may provide your name and email address to Eventbrite, and any additional information you provide which is relevant to the event – for example, dietary requirements. Such information will be subject to Eventbrite’s privacy policy which can be found at Eventbrite: Privacy Policy.External Link

    SmartSheet

    There may be occasions where ESTA uses Smartsheet to manage your registration for and attendance at an ESTA-run event. In such instances, ESTA may provide your name, email address, dietary requirements and RSVP information to SmartSheet, and any additional information you provide which is relevant to the event. Such information will be subject to SmartSheet’s privacy policy which can be found at SmartSheet: Privacy Notice.External Link

    How does ESTA ensure that information is accurate and up-to-date?

    ESTA takes reasonable steps to ensure that personal and heath information held is accurate, complete and up-to-date. Usually, ESTA relies on individuals to provide accurate and current information in the first instance, and to notify when circumstances or details change.

    How does ESTA store and protect information?

    ESTA has security measures aimed at protecting personal and health information from misuse, loss, unauthorised access or disclosure. Stored information is also archived in accordance with the Public Records Act 1973, which determines when it is appropriate to retain or dispose of it.

    How can individuals access information held by ESTA?

    Information on how you can access information held by ESTA, including under Freedom of Information (FOI), is set out on our webpage about making a Freedom of Infomation application.External Link

    How does ESTA handle complaints about privacy?

    ESTA undertakes to resolve privacy complaints in a timely, fair and reasoned way.

    ESTA employs conduct management policies to address any alleged privacy breaches by employees. It also maintains an Incident Management Framework to help manage any breach caused by a system, process or other failure.

    Contact the Privacy Officer if you would like to report a breach of privacy:

    • Email privacy@esta.vic.gov.au
    • Write to: General Counsel and Board Secretary – Privacy Officer, 33 Lakeside Drive, Burwood East VIC 3151

    You can also request that incorrect information be amended.

  • GWSS collection notice

    The Gig Worker Support Service (GWSS) values your privacy.

    The GWSS is a service administered by Industrial Relations Victoria (IRV) within the Department of Premier and Cabinet (DPC). IRV works towards achieving a positive working environment for all Victorians by engaging with Victorian employers, employees and their representatives and advocating for fair and productive workplaces, secure work and gender pay equity. The GWSS helps IRV to achieve this for gig workers and digital platform businesses engaged in the gig economy.

    The GWSS is committed to improving fairness and support for gig workers. Our functions include providing information and advice or making a referral to other services to resolve disputes and promoting the Voluntary Fair Conduct and Accountability Standards.External Link

    The GWSS will only collect your personal information in order to perform its functions. Using your personal information to manage your enquiry enables the GWSS to analyse the issues your enquiry raises, including how those issues are impacting on you, consider possible options for resolving your enquiry and present those options to you.

    How we collect your personal information

    If you choose to provide personal information, it is treated confidentially. Your information could be collected when you make an enquiry to the GWSS using our online form or if you contact us by phone or email. Your personal information could be collected if you provide us with further information when we are contacting you. Wherever possible, we will collect personal information from you directly.

    In limited circumstances, personal information may be collected from a third party (such as an advocate), but we would always contact you first and only collect the minimum necessary. We collect personal information directly from those using the service. If you provide information about someone else (indirect information about a third party), we will only collect the minimum amount of information about that person in order to assist with your enquiry. An example of where we might collect information from a third party would be if you asked us to contact that third party to clarify something.

    De-identified information (information that is no longer identifiable and made anonymous) is automatically collected when you visit our website. You can access our home page and browse our website without disclosing to us your identity or your personal information.

    Our website collects non-personal information using software techniques. GWSS may operate a Facebook page as an advert for our services which is not interactive so you cannot post personal information on it.

    What information do we collect?

    In most circumstances, you will know if the GWSS is collecting personal information from you because you will be asked to provide it for the GWSS to manage your enquiry. For example, if you submit a form to contact the GWSS through this website, we will ask you to provide personal information such as your name, email address, contact phone number on the enquiry form and we may also collect sensitive information (such as whether you are Aboriginal or Torres Strait Islander) or health information (such as whether you have a disability).

    Personal information is collected and is de-identified so the GWSS can plan services or improvements, for forecasting and mitigating risks, and to evaluate whether the GWSS service is reaching the people who need it and those it is intended for. We de-identify your information so that any personal information we collect and use for identifying user trends for reporting or strategic purposes is anonymised and aggregated when generating reports.

    How we use your information

    We collect your personal information in order to perform our functions of managing your enquiry (including providing information, general advice, making a referral, and for reporting purposes). We will use your personal information to contact you directly either by phone or email in order to respond to your enquiry, seek further information or before making a referral. We will use the information you provide us to manage your enquiry which includes analysing the issues and how they are impacting on you, considering possible options for resolving your enquiry and presenting those options to you. These options could include a recommendation to approach another government agency who may be able to assist you.

    In some circumstances we will support you to resolve your enquiry by directly referring you to one of our partner agencies such as Community Legal Centres. You will be contacted prior to any referral. This will involve using your personal information such as your email or phone number to contact you directly.

    With your consent, the GWSS may make a referral to organisations such as WorkSafe Victoria (for workplace health and safety issues), the Victorian Small Business Commission (for mediation between a platform and a gig worker), Wage Inspectorate Victoria (for enquiries and assistance related to matters such as compliance with wage theft, long service leave or owner drivers laws), Community Legal Centres (for legal information, advice or sometimes assistance) and the Victorian Equal Opportunity and Human Rights Commission (helps with complaints about discrimination, sexual harassment, racial vilification or victimisation).

    We use de-identified information to report on our activities and for strategic purposes. For example, for planning services or improvements, to forecast and mitigate risks or to evaluate whether the GWSS is reaching those it is intended for.

    Using or disclosing your information for referrals

    The GWSS has two types of referrals. We mostly make referrals to another organisation by recommending that organisation to you and providing you with information so you can choose to take the next step and contact them. We may also make a direct referral but we will contact you first if we do. If we are referring you directly from GWSS to another agency or organisation, we will do this by email. We consider what outcomes you are seeking from the GWSS and the kinds of agencies or organisations we may refer your enquiry to.

    Use or disclosure of personal information

    We will not disclose your personal information without your consent, except if required or authorised to do so by law.

    We will not use or disclose any information that we collect through our website or from any enquiry made to us unless the use or disclosure is:

    • for the primary purpose the information was collected;
    • for a related secondary purpose, which an individual ought to reasonably expect in the circumstances, this may include reporting or strategic purposes;
    • required or authorised by law, or
    • for any other purpose permitted under Victorian privacy laws.

    When you make an enquiry

    When you make your enquiry, your enquiry will be assigned a case number (also known as a unique identifier). This number means when you ring or email us again about your enquiry you can refer to the number and it, along with the other personal information you previously provided to us, can confirm you are who you say you are. We can also confirm to you that we are from the GWSS should we need to contact you. We will only share your case number in limited circumstances and only if we make a direct referral to an organisation.

    You may make an enquiry anonymously if you wish. If you do, assistance to you may be limited as the GWSS will not be able to make a direct referral to another organisation or contact you further in relation to your enquiry because we will not be able to validate who you are. We collect, use, store and share your personal information as allowed by the Victorian legislation on public records and privacy, including under the Privacy and Data Protection Act 2014 and for health information, under the Health Records Act 2001.

    Protecting the information GWSS collects

    We take reasonable steps to protect all information provided by you and stored in our case management system. We protect your personal information, which might include not only personal information under the Privacy and Data Protection Act 2014, but also possibly health information under the Health Records Act 2001 (for example, if you told us that a disability was impacting on your ability to resolve your enquiry). We protect this information from misuse and loss from unauthorised access, modification and disclosure.

    We have a number of procedural, software and hardware safeguards in place and information is stored in access-controlled premises or in electronic databases protected by logins and passwords.

    Contacting us about your privacy and your personal information

    If you have any concerns about your privacy or you wish to access or correct your personal information, you can contact us by email info.gwss@dpc.vic.gov.au or by phoning 1800 000 478. You may also submit a request under the Freedom of Information Act 1982 (FOI Act) as your request may be handled under the FOI Act. You can also view our Privacy Policy below and DPC’s Privacy Policy.External Link

    GWSS privacy statement

    The GWSS is a service administered by Industrial Relations Victoria (IRV) within the Department of Premier and Cabinet (DPC). IRV works towards achieving a positive working environment for all Victorians by engaging with Victorian employers, employees and their representatives, and advocating for fair and productive workplaces, secure work and gender pay equity. The GWSS helps IRV to achieve this for gig workers and digital platform businesses engaged in the gig economy.

    The GWSS is committed to improving fairness and support for gig workers. Our functions include providing information and advice or making a referral to other services to resolve disputes and promoting the Voluntary Fair Conduct and Accountability Standards.External Link

    The GWSS will only collect your personal information in order to perform its functions. Using your personal information to manage your enquiry enables the GWSS to analyse the issues your enquiry raises, including how those issues are impacting on you, consider possible options for resolving your enquiry and present those options to you.

    The GWSS values your privacy. This privacy statement explains how and why we collect your personal information and how we use it. It should be read in conjunction with our collection notice which appears on our online enquiry form.

    How we collect your personal information

    If you choose to provide personal information, it is treated confidentially. Your information could be collected when you make an enquiry to the GWSS using our online form or if you contact us by phone or email. Your personal information could be collected if you provide us with further information when we are contacting you. Wherever possible, we will collect personal information from you directly.

    In limited circumstances, personal information may be collected from a third party (such as an advocate), but we would always contact you first and only collect the minimum necessary. We collect personal information directly from those using the service. If you provide information about someone else (indirect information about a third party), we will only collect the minimum amount of information about that person in order to assist with your enquiry. An example of where we might collect information from a third party would be if you asked us to contact that third party to clarify something.

    De-identified information (information that is no longer identifiable and made anonymous) is automatically collected when you visit our website. You can access our home page and browse our website without disclosing to us your identity or your personal information.

    Our website collects non-personal information using software techniques. The sections below about cookies and click-stream data provide further information about this.

    GWSS may operate a Facebook page as an advert for our services which is not interactive so you cannot post personal information on it. See below under social media.

    What information do we collect?

    In most circumstances, you will know if the GWSS is collecting personal information from you because you will be asked to provide it for the GWSS to manage your enquiry. For example, if you submit a form to contact the GWSS through this website, we will ask you to provide personal information such as your name, email address, contact phone number on the enquiry form and we may also collect sensitive information (such as whether you are Aboriginal or Torres Strait Islander) or health information (such as whether you have a disability).

    Personal information is collected and is de-identified so the GWSS can plan services or improvements, for forecasting and mitigating risks, and to evaluate whether the GWSS service is reaching the people who need it and those it is intended for. We de-identify your information so that any personal information we collect and use for identifying user trends for reporting or strategic purposes is anonymised and aggregated when generating reports.

    How we use the information

    We collect your personal information in order to perform our functions of managing your enquiry (including providing information, general advice, making a referral, and for reporting purposes). We will use your personal information to contact you directly either by phone or email in order to respond to your enquiry, seek further information or before making a referral. We will use the information you provide us to manage your enquiry which includes analysing the issues and how they are impacting on you, considering possible options for resolving your enquiry and presenting those options to you. These options could include a recommendation to approach another government agency who may be able to assist you.

    In some circumstances we will support you to resolve your enquiry by directly referring you to one of our partner agencies such as Community Legal Centres. You will be contacted prior to any referral. This will involve using your personal information such as your email or phone number to contact you directly.

    With your consent, the GWSS may make a referral to organisations such as WorkSafe Victoria (for workplace health and safety issues), the Victorian Small Business Commission (for mediation between a platform and a gig worker), Wage Inspectorate Victoria (assists workers with wage theft or long service enquiries), Community Legal Centres (for legal information, advice or sometimes assistance) and the Victorian Equal Opportunity and Human Rights Commission (helps with complaints about discrimination, sexual harassment, racial vilification or victimisation).

    We use de-identified information to report on our activities and for strategic purposes. For example, for planning services or improvements, to forecast and mitigate risks or to evaluate whether the GWSS is reaching those it is intended for.

    Using or disclosing your information for referrals

    The GWSS has two types of referrals. We mostly make referrals to another organisation by recommending that organisation to you and providing you with information so you can choose to take the next step and contact them. We may also make a direct referral but we will contact you first if we do. If we are referring you directly from GWSS to another agency or organisation, we will do this by email.

    We consider what outcomes you are seeking from the GWSS. The kinds of agencies or organisations we may refer your enquiry to include, but are not limited to:

    • Community Legal Centres – For legal information, advice or sometimes assistance
    • Fair Work Commission (Australia’s workplace relations tribunal) – For enabling an independent contractor or employee to make an application related to bullying, sexual harassment or general protections (‘adverse action’ complaints)
    • Fair Work Ombudsman – For assistance to resolve a workplace issue or dispute, where a worker is an employee or their work status is in dispute. It may also investigate allegations of ‘sham contracting’ (where a person working as an employee is told they are an independent contractor when they’re not)
    • Safe Transport Victoria – For information on rights and obligations for owner drivers and passenger vehicle owners/drivers
    • Transport Accident Commission – For making a claim for compensation after a worker has been injured in a traffic accident.
    • Victorian Equal Opportunity and Human Rights Commission – For making a complaint about discrimination, sexual harassment, victimisation or racial vilification.
    • Victorian Small Business Commission – For mediation of a dispute, for example, where an independent contractor dispute arises with a business platform about pay or entitlements (including negotiating rates) or a disputed account; or for owner drivers in a dispute with their platform under the Owner Drivers and Forestry Contractors Act 2005 (the ODFC Act), under the Code of Practice or under their contract.
    • Wage Inspectorate Victoria – For enquiries and assistance related to matters such as compliance with wage theft, long service leave or owner drivers laws
    • WorkSafe Victoria – For reporting a health and safety incident/concern about working conditions or information about worker OHS obligations.

    Other legal requirements for use or disclosure of personal information

    We will not disclose your personal information without your consent, except if required or authorised to do so by law.

    We will not use or disclose any information that we collect through our website or from any enquiry made to us unless the use or disclosure is:

    • for the primary purpose the information was collected;
    • for a related secondary purpose, which an individual ought to reasonably expect in the circumstances, this may include reporting or strategic purposes;
    • required or authorised by law, or
    • for any other purpose permitted under Victorian privacy laws.

    When you make an enquiry

    When you make your enquiry, your enquiry will be assigned a case number (also known as a unique identifier). This number means when you ring or email us again about your enquiry you can refer to the number and it, along with the other personal information you previously provided to us, can confirm you are who you say you are. We can also confirm to you that we are from the GWSS should we need to contact you. We will only share your case number in limited circumstances and only if we make a direct referral to an organisation.

    You may make an enquiry anonymously if you wish. If you do, assistance to you may be limited as the GWSS will not be able to make a direct referral to another organisation or contact you further in relation to your enquiry because we will not be able to validate who you are. We collect, use, store and share your personal information as allowed by the Victorian legislation on public records and privacy, including under the Privacy and Data Protection Act 2014 and for health information, under the Health Records Act 2001

    Any personal information that we collect and use for identifying user trends is anonymised and aggregated when generating reports.

    Protecting the information GWSS collects

    We take reasonable steps to protect all information provided by you and stored in our case management system. We protect your personal information, which might include not only personal information under the Privacy and Data Protection Act 2014, but also possibly health information under the Health Records Act 2001 (for example, if you told us that a disability was impacting on your ability to resolve your enquiry). We protect this information from misuse and loss from unauthorised access, modification and disclosure.

    We have a number of procedural, software and hardware safeguards in place and information is stored in access-controlled premises or in electronic databases protected by logins and passwords.

    The GWSS is committed to ensuring compliance with the Privacy and Data Protection Act 2014. Risks associated with a single person entity domain accessed by both the Wage Inspectorate Victoria (WIV) and GWSS are managed through compliance with privacy laws and protocols between WIV and the GWSS as set out in an MoU. The MoU exists to ensure there are appropriate controls in place to manage the risks of misuse or loss of personal information created, generated or stored by the GWSS.

    Cookies

    We use first-party cookies and JavaScript code to collect information about visitors to this website. We use these to track how our visitors interact with this website, including where they came from and what they did on the site. If you don't want to have cookies placed on your computer, you can disable them using your web browser. You will need to customise each web browser you use to turn off cookie tracking. If you opt out of using cookies, you will still have access to all the information and resources provided by this website, though some features may not work as expected.

    Automatic collection of information

    Some information is generated through the automatic collection of data when you visit our website. This is known as Click-stream data and is non-personal information automatically generated by the web server and includes details such as your server address, domain name, operating system, the date, time and pages visited. This data is collected at an aggregate ‘user trend’ level to assist in maintaining and improving the service level experienced by users of our website. The website collection tool is known as Google Analytics.

    This tool helps us to analyse how the site is used and improve governance. The information analysed by Google Analytics does not enable us to identify who you are but will also help us to understand the information needs of the public and users of the GWSS. Google Analytics is a third-party software vendor. From time to time, it may alter how it collects and handles personal information.

    When accessing or using our website, be aware that there are risks associated with transmitting information across the Internet. We take reasonable steps to protect all information collected through the website from misuse and loss from unauthorised access, modification and disclosure.

    Security

    We have a number of procedural, software and hardware safeguards in place and information is stored in access-controlled premises or in electronic databases protected by login and password. If you are concerned about security of your data, you should contact us via telephone 1800 000 478 or email info.gwss@dpc.vic.gov.au.

    Social media

    For a limited period, in conjunction with an advertising campaign to raise awareness of the service, the GWSS will have a social media account on Facebook but unlike many Facebook accounts you will not be able to upload or post any personal information on the GWSS Facebook page. This is because it is not interactive but is, in essence, an advertisement only. However, as with all Facebook pages, and other social media channels, the GWSS Facebook page operates outside the control of the Department of Premier and Cabinet. When using Facebook, you agree to its Terms and Conditions and Privacy Policy which allows the transfer of your information outside Victoria.

    In some instances, your request for access or correction will be handled in accordance with the Freedom of Information Act 1982 (Vic).

    This privacy statement

    This privacy statement only applies to the GWSS and the GWSS website ( www.vic.gov.au/gig-worker-support-serviceExternal Link ) and does not apply to linked websites.

    For further information about how DPC manages privacy, please refer to DPC’s Privacy Policy.External Link

    Please contact GWSS at info.gwss@dpc.vic.gov.au should you have any queries.

  • Victorian Public Sector Commission (VPSC) collects and stores information regarding the recruitment and selection of people to the Victorian Government graduate program to participating Victorian Government Departments and agencies (‘Departments’) across the Victorian public sector.

    This Collection Notice explains VPSC’s policy for handling personal information, sensitive information and certain health information which you may provide to VPSC when interacting with us

    VPSC collects this data using Push Apply and third party software products (‘the portal’). Encrypted data is stored and managed on Amazon Web Service (AWS) systems. The portal is administered by approved staff at vendor (‘the recruiter’) who have been appointed by the VPSC to facilitate recruitment to the Victorian Government graduate program.

    At time of making an employment offer, the recruiter will share successful applicant data will be shared with Departments.

    The recruiter will delete all collected and stored date upon completion of their contract with the VPSC, or when archived data is replaced by new data, or at any other time as directed by the VPSC.

    The VPSC is committed to protecting your privacy. Please review the statements below, which detail how the VPSC collects, holds, manages, uses, discloses or otherwise handles personal information (including sensitive information) and health information.

    The supply of certain personal information and health information to VPSC is optional, and, where possible, the VPSC will give you the option of not providing such information. However, please note that our ability to process your application may be impacted if requested information is not provided.

    Recruitment and selection of candidates

    • Victorian graduate recruitment and selection activities are undertaken by the recruiter, the VPSC and various Departments
    • this statement covers information collected by the recruiter which is stored on the portal and administered by both the recruiter and VPSC. It also covers information that is collected by the VPSC or Departments in the context of the recruitment and selection process

    What will your information be used for?

    Your personal and health information will be collected to:

    • enable recruitment, selection and appointment processes
    • enable the recruiter to contact candidates
    • enable the Departments or VPSC to contact candidates
    • enable graduate recruitment and workforce planning
    • report and provide analysis on various metrics, such as gender and other diversity measures

    What information will be collected?

    VPSC will collect the following personal and health information from you for the purposes of assessing your application to the Victorian Government graduate program:

    • contact details
    • demographic and diversity data (including information relating to gender, ethnicity and disability)
    • health information1 in so far as it is relevant to your performance of the role, including any disability for the purposes of making reasonable adjustments
    • employment history, including your resume
    • education history, including your academic transcript
    • images, video or audio recordings associated with the application form and assessment activities

    Who will collect your information?

    Information will be collected by the VPSC and the recruiter on behalf of Departments. Departments may collect additional information upon appointment of a candidate.

    Who will access your information?

    Your personal and health information will be used by and disclosed to:

    • nominated staff in the VPSC who work on the Victorian Government graduate program
    • nominated staff in the Departments undertaking the recruitment and selection process (such as divisional Directors and/or Managers of teams where the graduate may be placed)
    • Human resources, account management and IT staff in the recruiter

    All persons with access to personal information (including any sensitive information) or any health information collected by and for the VPSC are subject to confidentiality obligations and to additional security protocols as required.

    Your personal information (including sensitive information) and any health information will be used and disclosed strictly for the purposes identified in this Collection Notice and will be de-identified where possible.

    Information will only be made available to individuals on a need to know basis in order to perform a function or activity necessary to achieve a purpose outlined in this Collection Notice.

    Your personal information (including any sensitive information) or any health information may only be used or disclosed in a manner other than as described in this Privacy Statement if you subsequently consent to the further specific use or disclosure or where disclosure is required or permitted by law.

    By creating an account and submitting a completed application to the Victorian Government Graduate Program, you are consenting to your personal (including sensitive) and health information being collected, managed, used, disclosed and processed as described in this Collection Notice.

    Information security

    VPSC will ensure that the collection, management, use and disclosure of your personal (including sensitive) and health information complies with Victorian privacy law, the Information Privacy Principles, the Health Privacy Principles and the VPSC’s Privacy PolicyExternal Link .

    Information will be stored securely with access restricted to those set out in the "Who will access the data?" section of this Statement above. VPSC will take reasonable steps to protect the personal information (including any sensitive information) and any health information it holds from misuse, loss, unauthorised access, modification and disclosure. VPSC will also take reasonable steps to destroy or permanently de-identify personal information when it is no longer needed.

    VPSC may also use third party service providers to provide services to it, such as data hosting providers. Some of those providers may be located outside Victoria. Accordingly, some of the data collected for the VPSC may be stored on secure servers located outside Victoria, which are subject to stringent privacy laws and regulations comparable to those in Victoria.

    Disability pathway

    The Disability pathway provides support for graduates with a disability. The pathway can include support with the application process and placements. It can also include support during the graduate year.

    The VPSC will collect, manage and use information provided on the Disability pathway program for the purpose of administering the program and otherwise in accordance with the Privacy and Data Protection Act 2014 and the Health Records Act 2001. We will not share information provided on the Disability pathway program with hiring Departments or line managers without your consent. You can share information as part of the application process but then choose not to share it with employers or peers.

    Who to contact for access to or correction of your personal and health information

    You have a right to access personal, sensitive and health information the VPSC holds about you. You may also apply to the VPSC to correct information held about you which you believe is inaccurate.

    Please direct queries or requests to access and/or update your personal and health information to vpsgrads@vpsc.vic.gov.au or on 03 9651 1321

    If you have any complaints about VPSC’s handling of your personal information or health information, please provide your complaint in writing to the VPSC using the email address above. Any complaint will be handled in accordance with the VPSC’s Privacy Policy.

    Effective date of Privacy Statement

    22 February 2019

    1. The term ‘health information’ is a legally defined term in the Health Records Act 2001 (Vic) and in the context of the VPSC refers to the collection of information that relates to disability. The VPSC gives participants the option of not providing such information. All health information provided to the VPSC will be handled in accordance with this Collection Notice and the Health Records Act 2001 (Vic).
  • 1. About this statement

    In this statement, “we”, "our" or “us” means the State of Victoria through the Department of Treasury and Finance as the HomesVic Program Provider and includes the Homes Vic program administrative entity.

    This statement describes our policy for how we will handle your personal information and health information in connection with the HomesVic shared equity pilot program (“HomesVic Program”). During the HomesVic Program, we may update this statement to reflect any changes to the program or to our information handling practices. The most up-to-date version of this statement is available here or you can ask us to send you a copy.

    We are committed to respecting the rights of individuals to the privacy of their personal information. We have policies and procedures in place for the appropriate management and protection of personal information, including any health information collect about them, in accordance with the Victorian Privacy and Data Protection Act 2014 and the Health Records Act 2001.

    2. What information do we collect?

    During your participation in the HomesVic Program, we may collect your personal information, including your sensitive information and health information. This includes the details of:

    • your income
    • your identity (such as your name, address, date of birth, gender and relationship status)
    • evidence of your identity (such as your driver’s licence, passport and proof of age card)
    • your tax file number
    • your residency status
    • your employment
    • your home loan and other loans you may have (including any refinancing and/or increases to your Finance debt)
    • your principal repayments of your home loan
    • our interest in the property you have acquired through the HomesVic program
    • action you take in connection with your property, including its maintenance, insurance and occupation
    • your dealings with us
    • any adults you live with
    • credit reports
    • whether you have elected to receive direct marketing from us

    Finance debt means any indebtedness, present or future, actual or contingent, in respect of money borrowed or raised or any financial accommodation whatsoever other than HELP or under, or in connection with, the Loan Agreement for your home loan with a panel financier.

    What is personal information?

    Personal information is any information or an opinion that is recorded in any form and whether true or not, about you, where your identity is apparent to, or can reasonably be ascertained by us, from the information or opinion.

    What is sensitive information?

    Sensitive information is a special category of your personal information. It means information or an opinion about your racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices or criminal record.

    What is health information?

    Health information is personal information or an opinion about:

    • your physical, mental or psychological health
    • a disability you have (at any time)
    • your expressed wishes about the future provision of health services to you
    • a health service provided, or to be provided, to you

    3. How do we collect your information?

    We collect personal information about you when you deal with us in some way. This includes when you:

    • submit an application to participate in the HomesVic program
    • send us your annual certificate of compliance
    • visit this website (see part 6 below for more information regarding this website)
    • contact us (for example, to get our approval to do something or to make a complaint)

    We may collect personal information about you from other entities or people that are involved in the HomesVic Program.

    This includes:

    • your co-participants in the HomesVic Program (for example, if you applied jointly with your partner, we may collect information about you from your partner); the Department of Treasury and Finance (as the Program Provider)
    • the Program Administrative Entity; the financial institutions on the HomesVic panel (currently, Bank Australia Limited (ACN 087 651 607) and Bendigo Bank Limited (ACN 068 049 178))
    • your insurance provider
    • your conveyancer or solicitor
    • Valuer-General Victoria
    • Land Use Victoria (Land Titles Office)
    • Residential Tenancies Bonds Authority
    • other government agencies, law enforcement agencies or regulators

    If the Participant's household includes an Included Adult, the Participant must (prior to disclosing information and documents containing the income of that Included Adult to any Program Party):

    (i) provide to that Included Adult a copy of:

    (A) each Program Party’s privacy policies and privacy notices; and

    (B) the terms of this Agreement insofar as they relate to privacy and the collection, use and disclosure of Personal Information; and

    (ii) obtain written authorisation from that Included Adult to disclose the information or documents to each Program Party and provide a copy of that written authorisation to the Program Administrative Entity.

    A Program Party may take further steps to provide information to, and obtain consent from, any Included Adult who is not a Participant, and the Participant must cooperate with (and provide assistance to) that Program Party in relation to any such further steps.

    We will only collect your sensitive information or health information with your consent or where required or authorised by law.

    An Included Adult means any person aged 18 years or older who is ordinarily residing in the same household as the Participant at the relevant time or during any part of the relevant period including any adult aged 18 years or older who moves into the Property or joins the Participant's household after the date of this Agreement but excluding any person aged 18 years or older who is:

    (a) a lessee of the Property; or

    (b) a licensee of any part of the Property unless that licensee is a Related Person.

    Consequences of not providing your personal information

    If you do not provide your personal information when requested for the purposes described in Part 4 below, we will not be able to assess whether you are eligible to participate in the HomesVic Program or, if you are already participating in the HomesVic Program, whether you may be in breach of your obligations under our agreements with you. The latter may require you to exit the Program early and repay the Victorian Government’s proportional beneficial interest

    4. How do we use your information?

    We use your personal information only for the purpose for which it was collected, as explained below, or for a related purpose that you would reasonably expect that information to be used for.

    We collect, use and share your personal information to administer the HomesVic Program, which includes to:

    • confirm your identity
    • assess your eligibility to participate in the HomesVic Program;assign you a program identifier
    • manage our relationship with you, and your chosen panel financier
    • check whether you are complying with your obligations under your agreements with us and enforce them
    • allow us to perform our obligations and exercise our rights under your agreements with us
    • assist us to make decisions under your agreements with us (such as whether to approve your requests or take certain steps)
    • investigate fraud or other illegal activities
    • comply with laws and assist government or law enforcement agencies
    • evaluate the HomesVic Program
    • contact you
    • respond to any complaints you make or questions you have

    Occasionally, we may be required or authorised by law (including privacy legislation and/or other laws) to use your personal information for another purpose.

    5. Who do we share your information with?

    We may share your personal information with other entities or people that are involved in the HomesVic Program for the purposes described in Part 4 above. These people include:

    • your co-participants in the HomesVic Program
    • Department of Treasury and Finance (as the Program Provider) the Program Administrative Entity
    • the financial institutions on the HomesVic panel (currently, Bendigo Bank Limited (ACN 068 049 178) and Bank Australia Limited (ACN 087 651 607))
    • your conveyancer or solicitor
    • your insurance provider
    • Valuer-General Victoria
    • Land Use Victoria (Land Titles Office)
    • Residential Tenancies Bonds Authority
    • other government agencies, law enforcement agencies or regulators
    • our professional advisers
    • a potential assignee, novatee or transferee of our or the financial institution’s obligations under your agreements with us and their advisers and contractors

    Occasionally, we may be authorised or required by law (including privacy legislation and/or other laws) to share your personal information with other entities or people.

    We ensure that any transfer of personal information outside Victoria is in accordance with applicable privacy and health records legislation.

  • Privacy statement and collection notice

    The Victorian Public Sector Commission (VPSC or ‘us’), on behalf of the Victorian Government manages the Join a Public Board website.

    This website has an online recruitment (eRecruitment) service for Victorian public sector boards. It streamlines the recruitment process, making it easier for you to apply for a board position with the Victorian Government.

    How your information is collected and handled

    This statement explains how we collect and handle the personal information you give us and how we and a Department use it. This includes any personal information you provide to us or to a Department when you:

    • create an account
    • apply for a board vacancy
    • register to receive board vacancy alerts by email
    • submit a query via the Contact Us page.

    This statement also applies to any personal information you provide directly to a Department as part of your application, where that information is subsequently recorded on the Government Appointment and Public Entities Database (GAPED).

    Who's involved

    • The Victorian Public Sector Commission (‘we’ or ‘us’) is responsible for this website.
    • The Department is responsible for managing the board appointment process. The department will be listed in the advertisement you are responding to.
    • PeopleScout is the eRecruitment specialist engaged by us to provide this website's eRecruitment system, known as Springboard, and GAPED.
    • Recruiters, accredited probity check providers and PeopleScout, are all contractually required to comply with privacy laws, as discussed in more detailed below.

    Creating an account

    • You need an account to apply for board roles on Join a Public Board.
    • To create an account, you will be asked to provide your name and an email address.
    • We do not disclose this information to anyone other than PeopleScout.

    Applying for a board vacancy

    When you apply for a vacancy on a public sector board, you will typically be asked to provide the following information to us or to the Department as part of your initial application:

    • your name, address phone number, and email address
    • your date of birth
    • your Diversity information (discussed in more detail below)
    • if you are a Victorian public sector employee
    • if you recently received a voluntary departure package from the Victorian government
    • your answers to an online questionnaire expressing your interest in being appointed to a board
    • your resume or curriculum vitae.

    If you provide this information to us, we will disclose it to the Department.

    The Department uses your information, as well as any other information you provide directly to the Department, including declarations of private interests and probity checks, to enable them to:

    • consider your application, in shortlisting and to brief the relevant minister recommending a candidate for appointment to a board
    • seek any approvals including Cabinet approval, where relevant; and
    • provide you with information about prospective board roles.

    Where necessary, the Department may also disclose your information to an authorised third-party recruitment provider to assist with recruitment and shortlisting. See below for further details about the privacy obligations applicable to third party service providers.

    The Victorian Government’s Appointment and Remuneration Guidelines may require the Department to obtain additional approvals. For example, if your appointment requires Cabinet approval, your personal information will be provided to the Ministers that form part of cabinet and the staff that support them. All such information will be Cabinet in Confidence. This information includes your name, diversity information, that you have completed satisfactory probity checks and a brief description of any material conflicts of interest that you have identified.

    Probity checks

    You may also need to complete a probity check and provide a declaration of private interests as part of your application for a board vacancy.

    Where a probity check is required, the Department will give your relevant personal information to an accredited probity check provider.

    When you register to receive board vacancy alerts

    If you register to receive board vacancy alerts by email, we may use your information to provide you with information about prospective board roles.

    Collection of diversity information

    The Victorian Government collects Diversity information, including sensitive and health information, about applicants and appointees to Victorian Government boards via this website to:

    • monitor the diversity of appointments
    • inform strategies to support diversity on Victorian Government boards
    • help assess how the Victorian public sector, or the public entity, are tracking in achieving its objective of Victorian Government boards reflecting the diversity of the Victorian community
    • inform decisions about the recruitment and selection of board appointments, including any reasonable adjustments that may be required, consistent with the Victorian Government’s commitment to increase the diversity of membership of Victorian Government.

    We encourage you to respond to the questions regarding your Diversity information as fully as you feel comfortable, noting that you may select ‘prefer not to say’ where this response is available.

    The collection of this information is permitted under the Equal Opportunities Act 2010 (Vic)External Link .

    On appointment

    If appointed, your information will be stored in a secure database (the Government Appointment and Public Entities Database (GAPED) and will only be accessed by authorised officers and the Department’s authorised officers. Information about GAPED can be obtained on vpsc.vic.gov.au.

    The information on GAPED is used by us to:

    • monitor the diversity and profile of appointments to and composition of public sector entity boards to which the government may make appointments; and
    • for research purposes and to plan improvements to governance processes for Victorian public sector boards.

    Department's use

    Online list of appointees to public sector boards

    Your name, term of appointment and the name of the public entity on whose board you are appointed is made available to the public on a Victorian Government website managed by the Victorian Public Sector Commission at publicboards.vic.gov.auExternal Link .

    For reasons of personal safety, some appointees and the composition of some public sector entity boards will not appear on any publicly accessible Victorian Government website. If this is the case you will advised at the time of your appointment, by the recruiting Department.

    If for some reason you do not wish for your personal information to be made available to the public, please discuss this with the Department.

    Reporting (de-identified)

    Recruitment information may also be used for reporting purposes. This may involve:

    • us, PeopleScout and the Departments generating activity analysis reports and performance analytics. These reports do not contain any identifying personal or health information
    • us publicly reporting on the diversity of appointments to public sector boards. Such reporting is at an aggregated level and does not contain any identifying personal or health information.

    Privacy Framework

    All Victorian Government departments and public sector entities participating in this website’s eRecruitment system, including us, are bound by the Privacy and Data Protection Act 2014 (Vic)External Link and the Health Records Act 2001 (Vic)External Link . This means that we must collect and handle personal information responsibly and in accordance with the Privacy and Data Protection Act’s Information Privacy Principles.

    Further, any personal information that we collect and use for identifying user trends (for example, IP address) is aggregated and anonymised when generating reports.

    Health information

    Health information may be collected from a candidate as part of an application for a board vacancy and is limited to:

    • a candidate’s response to the question “Do you have a disability?” (Yes/No/Prefer not to respond)
    • accessibility requirements that you notify the Department of.

    Privacy policies

    Each Department is required to have an online privacy policy which provide a general account of the way they protect and handle your personal information and provide the contact details to the Department’s privacy officer.

    If you provide the Department directly with additional personal information about you as part of your application for a board vacancy, the Department will explain how it handles that information and keeps it secure. Any questions should be referred to the Department’s contact person at first instance.

    Third-party service providers

    PeopleScout and any third-party service provider engaged by the Department (such as a recruiter or police check and/or probity check service provider) are contractually required to comply with the Victorian Privacy and Data Protection Act 2014 (Vic)External Link and the Health Records Act 2001 (Vic)External Link when handling your personal information.

    Is online recruitment secure?

    The eRecruitment for the Victorian public sector boards process is designed to protect the privacy of your personal information.

    From the moment your information is submitted to this website it is subject to a range of rigorous security protections including encryption, firewalls and auditing and monitoring of access to the eRecruitment system. All internet traffic is subject to encryption.

    Access to your own information

    You can access your own information and update your details via your Join a Public Board eRecruitment account at any time.

    Once you have submitted a board application via this website it is not possible to amend the application. If you would like to edit an application, please contact the relevant Departmental contact person indicated in the advertisement.

    If you are appointed to a role and would like to update or access your personal information, please contact the relevant Department.

    In some instances, a request for information may be handled in accordance with the Freedom of Information Act 1982 (Vic)External Link .

    If you want to make a complaint about the handling of Your Information your complaint will be handled in accordance with the relevant Privacy Laws.

    Definitions

    Cabinet in Confidence means information prepared for consideration by or that discloses a deliberation or decision by Cabinet or a Cabinet Committee.

    De-identified (in relation to data) means that the data no longer relates to an identifiable individual or an individual who can be reasonably identified and does not contain any other Identifiable data.

    Department means the Victorian government department or Public Entity that is identified in the advertisement as being responsible for the recruitment process.

    Departmental contact person means the contact person identified in the advertisement for a board appointment..

    Disability means, any physical, intellectual, psychiatric, sensory, neurological and learning disabilities. Disability can be permanent or temporary, visible or invisible.

    Diversity information means:

    • your age
    • your postcode
    • your gender
    • if you identify as Aboriginal and/or Torres Strait Islander
    • if you identify as belonging to the LGBTIQ+ community
    • your country of birth
    • country or countries your parents were born
    • if you use a language other than English at home; and
    • if you identify as having a culturally or linguistically diverse background
    • if you are a person with a disability (which is health information subject to the Health Records Act 2001External Link ).

    Handling means all the activities relating to the collection, holding, management, use, disclosure, or transfer of your Information.

    Health information means personal information or an opinion about a living or deceased individual’s:

    • physical, mental or psychological health
    • disability
    • expressed wishes about the future provision of health services to them
    • access of a provided health service, or service to be provided to an individual.

    HR Act means the Health Records Act 2001 (Vic)External Link .

    Information Privacy Principles means the information privacy principles set out in the PDP Act.

    PAA means the Public Administration Act 2004 (Vic)External Link .

    PDP Act means the Privacy and Data Protection Act 2014 (Vic)External Link .

    Personal information means information or an opinion (including information or an opinion forming part of a database), that is recorded in any form and whether true or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion. Examples of personal information include a person’s name, date of birth, address, email address and contact telephone number. Personal information does not include information of a kind to which the HR Act applies.

    Public entity has the meaning given in Section 5 of the PAA.

    Sensitive information is information about an individual’s racial or ethnic origin, political opinions and membership of political associations, religious or philosophical beliefs, sexual preferences or practices, criminal record, or membership of a professional or trade association. The law places restrictions on its collection.

    Your information means Personal Information and includes Sensitive Information.

    Contact us

    You may contact us via the Victorian Government contact centre on 1300 366 356 available Monday to Friday, 9.00am to 5.00pm which will address your concerns or may refer you to the relevant Department.

    Department contacts

    Department of Education: cabinet@education.vic.gov.au

    Department of Energy, Environment and Climate Action: governance@delwp.vic.gov.au

    Department of Fairness, Family and Housing: appointments@dffh.vic.gov.au

    Department of Government Services: budgetandreporting@dpc.vic.gov.au

    Department of Health: appointments@health.vic.gov.au

    Department of Justice and community safety: statutoryappointments@justice.vic.gov.au

    Department of Jobs, Skills, Industry and Regions: cabinetteam@ecodev.vic.gov.au

    Department of Transport and Precincts: apptsandexco@transport.vic.gov.au

    Department of Premier and Cabinet: budgetandreporting@dpc.vic.gov.au

    Department of Treasury & Finance: CabinetAnd.ParliamentaryServices@dtf.vic.gov.au

  • Collection notice for e-newsletter

    This collection notice explains how the Portable Long Service Authority (PLSA) handles personal information which you may provide when subscribing to the PLSA e-newsletter.

    PLSA collects this data using Vision 6, a third party software product. View Vision 6's privacy policy

    Your name and email address will be collected for the purpose of communicating updates about portable long service.

    This data is stored in the PIPE Networks Data Centre in Fortitude Valley, Brisbane and maintained on AWS CloudFront within their Australian operations in the Sydney region.

    Vision 6:

    • complies with the Information Privacy Act and SPAM Act and are compliant with the GDPR
    • conducts regular penetration testing and monitoring tools to determine network, server and service vulnerabilities
    • have documented security policies and processes in place which are regularly reviewed by senior management.

    If you need to change or update your details, you can do so by emailing enquiries@plsa.vic.gov.au

    Collection notice for business and worker registration

    The Authority uses this form to collect information that it requires to register workers and employers and determine eligibility for entitlements under the Act, including personal information such as name, address, date of birth, payroll data and history, and leave history.

    The Authority needs this information to register you and to determine and manage your long service leave entitlements under the Act. If you do not provide the information, the Authority may not be able to make decisions about your long service leave entitlements under the Act.

    The Authority will only use and disclose your personal information to register you and manage your long service leave entitlements under the Act and where it is otherwise required or permitted by law to do so.

    In some circumstances, the Authority is required or authorised by law to release information to other government agencies, law enforcement bodies or to prevent serious and imminent threat to an individual's life, health, safety or welfare.

    In this context, such agencies could include the Australian Taxation Office, the Labour Hire and Licensing Authority, the Fair Work Ombudsman, the Victorian Work Cover Authority, Victoria Police, or your nominated banking institution.

    The Authority will seek wherever possible to ensure that the personal information it collects, uses or discloses is accurate, complete and up to date. In many instances the Authority relies upon you to provide accurate and complete information and to advise the Authority should your circumstances change over time.

    The Authority seeks to protect your personal information from misuse, loss, unauthorised access, modification or disclosure and securely destroys or de-identifies personal information when it is no longer needed for any purpose. In circumstances where personal information is collected and stored by external organisations the Authority uses to deliver aspects of its functions, the Authority’s contractual obligations require compliance with the same privacy and security standards.

    You may obtain access to your personal information held by the Authority by contacting enquiries@plsa.vic.gov.au

    For further information about how the Authority handles your personal information, please visit the Authority’s privacy policyExternal Link

    Note, the following terms will need to be expanded if not described elsewhere in the application form:

    • Act means the Long Service Benefits Portability Act 2018.
    • Authority means the Portable Long Service Benefits Authority.

    Privacy policy

    The Portable Long Service Benefits Authority (Authority) is a statutory authority established by the Long Service Benefits Portability Act 2018 (Act). The Authority’s role is to administer a scheme for the provision of portable long service benefits to workers in covered industries. The Authority is overseen by a Governing Board which is responsible for the governance, strategic planning and risk management of the Authority. The administration of the day-to-day management of the affairs of the Authority is the responsibility of the registrar appointed under the Act.

    This policy tells you how the Authority handles personal information in the course of performing its functions in compliance with the Information Privacy Principles (IPPs) set out in the Victorian Privacy and Data Protection Act 2014 (PDP Act) and other applicable laws and contractual obligations. This policy also tells you how you can access and correct the personal information that the Authority holds about you and how to make a complaint about a privacy matter.

    Scope

    This policy applies to the personal information (including sensitive information) of both external parties and the staff of the Authority. Any personal information collected by the Authority, or that it obtains about individuals from other sources, will be handled in accordance with this policy.

    In order to perform its functions, the Authority has also entered into certain agreements with Australian government agencies, which may mean that is has also agreed to be bound by relevant Australian Privacy Principles contained in the Commonwealth Privacy Act 1988.

    Definitions

    Personal information is recorded information about an individual whose identity is apparent or can reasonably be ascertained from that information, but does not include health information.

    Health information is personal information which concerns that individual’s physical, mental or psychological health, disability or genetic makeup which is subject to the Health Records Act 2001. The Authority does not generally collect health information in performing its functions.

    Sensitive information is information about an individual’s race or ethnicity, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices, or criminal record.

    Collection of personal information

    The Authority collects personal information that the Act, privacy and other laws authorise it to collect and that it needs to perform its functions in administering the portable long service benefits scheme. This includes registration of workers and employers and determining entitlements under the Act.

    During the registration process, the Authority collects personal information both directly from individuals as well as from third-parties such as employers. The personal information collected may include:

    • name, address and other contact details
    • date of birth
    • employment information including total ordinary pay

    If the personal information that the Authority requests is not provided, the Authority may not be able to perform its functions as required under the Act.

    How does the Authority collect personal information?

    The Authority will only collect personal information by lawful and fair means and not in an unnecessarily intrusive way.

    The Authority will endeavour to collect your personal information from you where it is reasonable and practicable to do so. Where this is not possible or practicable, the Authority may collect your personal information from third parties. For example, you may be requested to provide consent for the Authority to collect personal information from third parties such as CoINVEST, as required for the Authority to determine your entitlement to benefits under the Act. If you do not provide this consent, the Authority may not be able to make decisions about your entitlements under the Act.

    The Authority may also collect your personal information in other situations such as:

    • receiving and handling reports and requests for information from Government departments and the Minister responsible for the Authority
    • receiving and processing freedom of information requests
    • employment applications
    • when you visit the Authority’s website
    • providing e-newsletters, SMS-blasts, lodgement reminders and other stakeholder updates with your consent

    Authorised officers of the Authority may collect documents which may contain personal information as part of the exercise of their powers under Part 6 of the Act in relation to monitoring compliance and investigating potential breaches. Authorised officers have express powers to inspect, make copies of or require provision of documents and information in specified situations.

    Some personal information is collected about visitors to the Authority’s website. For details, please see the collection notices above.

    The Authority will only collect sensitive information with your consent or as required or authorised by law.

    In most cases, the Authority will tell you when it collects your personal information and will provide you with a collection statement identifying the Authority and advising you about:

    • the purposes for which the personal information is being collected
    • who the personal information may be disclosed to
    • any law that requires the personal information to be collected
    • the main consequences for you if all or part of the personal information is not provided
    • how to contact the Authority and gain access to your personal information.
    • use and disclosure of personal information
    • the Authority will only use and disclose your personal information when it is lawful and reasonable to do so.

    Personal information that is collected by the Authority will be used and disclosed to the Authority’s employees or contractors whose duties required them to use it. These employees and contractors must handle personal information in accordance with the requirements of the PDP Act. This means they will only use or disclose collected personal information for the primary purpose for which it was collected, or for a permitted secondary purpose in specified situations, such as where you have consented to the use or disclosure, or where the use or disclosure is required or authorised by or under law (for example, in response to a valid request under the Victorian Data Sharing Act 2017).

    For example, if you are a worker the Authority may use your personal information to:

    • process an application for registration as a worker under the Act
    • determine your entitlement to long service leave benefits under the Act

    The Authority may also use your personal information to:

    • obtain advice from professionals such as legal advisors and accountants
    • manage the long service leave benefits scheme
    • conduct surveys
    • provide advice to the responsible Minister

    The Authority may disclose your personal information to:

    • verify information to assess your entitlements under the Act
    • defend a legal or equitable claim
    • prescribed Victorian or Commonwealth Government entities for the purpose of the performance of a function of that entity under a law. This includes disclosure to the Fair Work Ombudsman, Victoria Police, Victorian WorkCover Authority, Victorian Labour Hire Licensing Authority and the Australian Taxation Office.
    • reciprocal long service authorities for the performance of a function under the Act or a corresponding law

    Authorised officers are expressly prohibited from disclosing information, directly or indirectly, obtained in performing a function under the Act, except to the extent necessary to monitor compliance with the Act and regulations. This may include disclosure to a court or tribunal in the course of a legal proceeding, in the course of the investigation or enforcement of a law of Victoria or any other State or Territory or of the Commonwealth, with your consent, or with the written authority of the registrar.

    In addition, members of the Governing Board, the registrar, an authorised officers and members of staff are prohibited by the Act from improperly using any information acquired in the course of their duties, for pecuniary or other advantage for themselves or any other person.

    The Authority is required to maintain a public register of registered employers under the Act. The information about identifiable employers that the Authority publishes is publicly-available information and therefore is not personal information. The PDP Act requires that public sector agencies administer public registers, so far as reasonably practicable, in a way that would not contravene handling requirements for personal information, if that information were personal information. In a number of circumstances, for example where a person conducts business from their residential address, it may be necessary for the Authority to publish personal information on the public register.

    De-identified personal information derived from personal information collected may also be used in support of the Authority’s broader functions, such as for research and reporting purposes.

    The Authority is an agency responsible for the performance of functions or activities directed to the prevention, detection, investigation, prosecution or punishment of criminal offences or breaches of law imposing a penalty or sanction for a breach. For this reason, the Authority has a partial exemption under section 15 of the PDP Act from complying with specified IPPs if it believes on reasonable grounds that non-compliance is necessary for the purposes of its law enforcement functions.

    Data quality

    The Authority takes reasonable steps to ensure that the information it holds is accurate, complete and up to date. Accurate information should be provided to the Authority at all times. For example, employers are required to make a declaration that the information they have provided is true and correct. Employers must notify the Authority within 14 days if there is a change to their personal information. Generally, the Authority relies on individuals to provide up to date information and advise the Authority if the information collected has recently changed.

    How long does the Authority retain personal information?

    The Authority generally destroys or permanently de-identifies information when it is no longer needed for any purpose. However, information held by the Authority is subject to the provisions of the Public Records Act 1973 and must be retained and disposed of in accordance with the relevant Retention and Disposal Authorities.

    Data security

    The Authority is committed to protecting your personal information from misuse or loss or unauthorised access, unauthorised modification or disclosure.

    The Authority has secure office premises and a security pass entry system for Authority employees and contractors to enter the premises. The Authority takes reasonable steps to protect files from outside or unauthorised access. The Authority’s information technology arrangements incorporate a range of data security measures. For example, the Authority requires staff to use passwords to enter the computer system and its databases can only be accessed using an additional password, with different levels of access granted depending on the role of the staff member concerned. Only staff who need to use your personal information to perform their functions have access to it.

    To protect your privacy, you should keep your Authority password confidential: it should not be displayed, shared or written down.

    Transmission security risks

    You should be aware that there are risks in transmitting information across the Internet. While the Authority takes reasonable steps to protect the personal information it receives from you or from third parties, the Authority cannot guarantee the security of any information transmitted to it online. If you are concerned about conveying confidential or delicate material to the Authority over the internet you might prefer to contact the Authority on 1800 517 158 to make other arrangements.

    Online services and online payments

    The Authority’s online services are managed by a third-party IT service provider. Our service provider may access the personal information entered into our forms in order to process electronic transactions or to resolve a technical problem.

    If you make a payment using the Authority’s website, the Authority will process your payment with the assistance of a reputable third party electronic payments service provider and present you with an online receipt for your records.

    If you make an online application or another payment transaction on the Authority’s website, the Authority takes additional steps to protect the security of your personal information, such as strong SSL encryption. Before using these facilities, you should ensure that you are using a web browser that supports SSL encryption. In many web browsers, you can confirm that your session is encrypted by the appearance of a locked padlock symbol at the foot of the browser.

    Access and correction

    You are able to update your personal contact information directly through the employers or workers portal. You can view the information that the registrar holds about you on the employers or workers registrar by accessing the portal. A request to correct your own personal information held by the Authority on the employers or workers register can also be handled by contacting the Authority on 1800 517 158.

    Any requests for access to and/or correction of other documents containing personal information held by the Authority must be handled according to the provisions of the Freedom of Information Act 1982. Requests should be accompanied by any applicable fee and should be addressed to:

    FOI Officer
    Portable Long Service Authority
    Level 1, 56-60 King Street, Bendigo VIC 3550
    Bendigo VIC 3550

    When you make a request to correct information that the registrar or Authority holds about you, the Authority may contact you in order to verify your identity. The Authority may ask you to provide evidence of the information you wish to correct, before accepting the changes.

    Unique Identifiers

    The Authority does not assign unique identifiers to individuals unless necessary to enable it to carry out its functions efficiently.

    The Authority does assign employers and workers a unique membership number upon registration to facilitate interactions with the Authority. The Authority may also request that you provide a unique identifier assigned by another organisation in order to complete its functions. For example, you may be requested to provide your Tax File Number (TFN). You do not have to provide your TFN however there may be financial implications of not doing so.

    Anonymity

    Individuals seeking general advice from the Authority or accessing the public register do not have to identify themselves. However, if you are applying for entitlements under the Act, seeking answers to a specific enquiry or making a complaint, the Authority will need to collect personal information such as your personal contact information and your Portable Long Service Authority Member Number. This is so that the Authority can verify the identity of who it is dealing with when discussing personal records about long service leave.

    Transfer of personal information outside Victoria

    The Authority contracts the use of cloud computing to store and manage data including personal information. Computer servers may be based interstate or overseas. The Authority takes reasonable steps to ensure the security of your information managed this way. Where the information is transferred outside Victoria we take steps consistent with the principles in Victoria’s privacy laws to ensure its protection from unauthorised use and disclosure.

    How to make a privacy complaint

    If you have any questions about this Privacy Policy or you wish to make a complaint about a breach of the PDP Act by the Authority, you can contact the Authority’s Privacy Officer at:

    Privacy Officer
    Portable Long Service Authority
    Level 1, 56-60 King Street
    Bendigo VIC 3550

    Phone: 1800 517 158

    Email: enquiries@plsa.vic.gov.au

    You may also make a complaint about a breach of the PDP Act by writing to the Office of the Victorian Information Commissioner. You can find out more information about how to make a complaint here.

    Changes to this policy

    The Authority may amend this policy from time to time. The current version will be posted on the Authority’s website and a copy may be obtained at any time by contacting the Authority.

    © Portable Long Service Benefits Authority, State Government of Victoria, 2019

    Last updated 9 May 2019

  • Important updates

    • under 'What is the Business Registration Portal?', 'businesses' is defined to include 'government organisations'.
    • under 'Collection of information', the following statement has been inserted:
      • For businesses with a large number of locations, the above information may be separately collected by the Department of Health for the purpose of inputting it into the Portal and creating a bulk registration for the business.
    • under 'Storage of information', the following statement has been inserted:
      • Where information has been provided directly to the Department for the purpose of creating a bulk registration, this information is stored in a secure and restricted SharePoint folder in the relevant SharePoint site.

    What is the Business Registration Portal?

    The Business Registration Portal (Portal) is operated by the State of Victoria acting through the Department of Health. It forms part of the Victorian Government’s Digital Visitor Registration System, which is designed to support contact tracing in the event of a COVID-19 outbreak.

    Victorian businesses and government organisations (businesses) may register on the Portal to obtain a unique QR code (generated by Service Victoria) that may be displayed at their premises and scanned by visitors. This will ensure visitors’ attendance is recorded and that visitors can be contacted for tracing purposes if required in accordance with the Workplace Directions of the Chief Health Officer under the Public Health and Wellbeing Act 2008.

    Businesses must accept the terms of useExternal Link in order to use the Portal.

    The department endorses fair information handling practices and use of information in compliance with our obligations under the Privacy and Data Protection Act 2014 (Vic) (PDPA). Further information about how the Portal will handle personal information (as defined by the PDPA) is set out below.

    If you have any queries about the Portal, please contact Business Victoria by phone 13 22 15.

    Collection of information

    The Portal collects information from businesses that wish to obtain a QR code for contact tracing purposes, some of which will be personal information.

    This information includes:

    • business details (name, ABN)
    • business location (address) and areas (upstairs, downstairs)
    • business contact person at each business location (including the individual’s first and last name, phone number and email address).

    For businesses with a large number of locations, the above information may be separately collected by the Department of Health for the purpose of inputting it into the Portal and creating a bulk registration for the business.

    Use and disclosure of information

    This information is collected in order to issue you with a QR code for your premises. The business contact person may be contacted by the Department of Health in the event that a visitor tests positive to COVID-19.

    If the information is not provided, you will not be issued with a QR code to use for contact tracing purposes.

    We will also use the information to enable us to improve the Portal, including:

    • for purposes related to research, planning, product and service development, privacy, security and testing for the Portal
    • for purposes connected with the operation, administration and development of the Portal
    • where we suspect that fraud or unlawful activity has been, is being or may be engaged in through use of the Portal
    • for communications to businesses about the Portal
    • for any other purposes required or authorised by law.

    We will share the information within the Department of Health, with other Victorian Government departments and agencies, and with third parties, including our contracted service providers, who assist us in providing the Portal, and organisations who provide archival, auditing, professional advisory, delivery, information technology, research, privacy and security services only for those purposes.

    Our contracted service providers include:

    • Salesforce (SFDC Australia Pty Ltd)
    • DXC Technology Australia Pty Ltd
    • Amazon Web Services
    • KPMG
    • short.io.

    We take reasonable steps to ensure that each department, agency and third-party provider protect and handle your personal information in accordance with applicable privacy laws.

    Some of these service providers may be located outside of Victoria, or may store or transfer your personal information outside of Victoria. We take steps to ensure that when your personal information travels, privacy protections travel with it.

    Storage of information

    The information collected by the Portal is stored on Salesforce servers located in Australia and the QR code poster is stored by Service Victoria on Amazon Web Services servers located in Australia.

    Information on the Portal is stored in accordance with the Department of Health's record keeping obligations.

    Where information has been provided directly to the Department of Health for the purpose of creating a bulk registration, this information is stored in a secure and restricted SharePoint folder in the relevant SharePoint site.

    The Department takes reasonable steps to protect any personal information from unauthorised access once that personal information comes into its possession. We store your personal information in line with the information protection requirements described in the Victorian Protective Data Security Framework (PDF)External Link . Access to systems, applications, and the information that we collect is limited to authorised staff members and third-party vendors only.

    However, in emailing information or using the Portal you should be aware that there are inherent risks in transmitting information across the Internet.

    Access to and correction of information

    You may request access to any personal information that we have collected about you. Also, you may request correction of your personal information if you can establish that it is not accurate, complete or up-to-date.

    To contact us about access to, and correction of, personal information collected by us or for any questions or concerns you may have arising out of this privacy statement, please contact the Department using the contact details in the ‘What is the Business Registration Portal?’ section above.

    In some cases, requests for access to personal information will be handled in accordance with the Freedom of Information Act 1982 (Vic).

    Further information

    For further information on how personal information is collected via the vic.gov.au website, please refer to the Department’s privacy statement.

    For further information on how visitors’ personal information is handled, please refer to Service Victoria’s privacy policyExternal Link .

    You may also contact the Department’s Privacy Officer using the contact details in the ‘What is the Business Registration Portal?’ section above.

  • About SafeScript

    The Victorian Government is taking action to reduce the growing harms, including deaths, from high-risk prescription medicines by implementing SafeScript, Victoria’s real-time prescription monitoring system.

    SafeScript is computer software that allows prescription records for certain medicines to be transmitted in real-time to a centralised database which can then be accessed by doctors, nurse practitioners and pharmacists during a consultation.

    Amendments to the Drugs, Poisons and Controlled Substances Act 1981 (Vic) have been introduced to enable SafeScript in Victoria.

    What information is being collected about a health professional and how will it be used?

    When a prescription is issued or dispensed, there are existing regulatory requirements on what information must be included on the prescription or the dispensing record. This includes the details of the patient, the medicines that are being prescribed, as well as details of the prescriber and pharmacist. This information is collected by SafeScript for certain high-risk prescription medicines.

    SafeScript provides you access to view records of all high-risk medicines that have been supplied to your patient from you and other clinicians. This enables you to make safer and more informed clinical decisions, and facilitates the co-ordination of treatment and communication between clinicians by giving you visibility of all clinicians involved in the patient's care.

    Authorised Victoria’s Department of Health (the department) staff will also access SafeScript as part of their existing regulatory role in ensuring the safe supply of medicines in the community. SafeScript will provide the same information that the department currently obtains from medical clinic and pharmacy records to undertake existing health practitioner compliance activities.

    Registering to use SafeScript

    Information about you and your practice, including your publicly available registration details with AHPRA and prescriber number, is required as part of the on-boarding process for SafeScript.

    You are asked to provide your date of birth when you register to use SafeScript which assists in verifying your identity and confirming your AHPRA registration details. Once this verification step is completed, your date of birth will not be stored in SafeScript.

    You are also asked to provide your email address (required) and phone number (optional). These details will not be made publicly available and will only be used to communicate necessary correspondence to you, such as when you request a password reset or when there are important updates about SafeScript which you need to know.

    Failure to provide this information will mean that you are unable to use SafeScript. This may be in breach of your obligations under legislation when the system becomes mandatory in April 2020.

    How is my privacy protected?

    There are specific legislative requirements to ensure people who are authorised to access information in SafeScript are doing so in an appropriate manner.

    There are offences and strict penalties under the Drugs, Poisons and Controlled Substances Act 1981 (Vic) as well as the Health Records Act 2001 (Vic) and the Privacy and Data Protection Act 2014 (Vic) for improper use or disclosure of information contained in SafeScript.

    How can I correct a record in SafeScript if I believe it is incorrect?

    Prescribers: Records about what you have prescribed are sourced from records created from your practice software and from the pharmacies where your prescriptions were dispensed, including handwritten prescriptions.

    Pharmacists: Records about what your pharmacy has dispensed are sourced from records created from your pharmacy’s dispensing software.

    SafeScript does not alter records sourced from practice or dispensing software. If you believe there is an error in a particular record in SafeScript, the record may be corrected by amending the record created in the practice or dispensing software. The corrected information will be automatically updated in SafeScript.

    Further information about SafeScript

    Email safescript@health.vic.gov.au.

  • 1.1 About this statement

    1. In this statement, “we”, "our" or “us” means the State of Victoria through the Department of Treasury and Finance as the Scheme Provider and includes the Scheme Administrative Agent appointed by the Scheme Provider to administer the Victorian Homebuyer Fund (“Homebuyer Scheme”).
    2. This statement describes our policy for how we will handle your personal information and health information in connection with the Homebuyer Scheme. During the Homebuyer Scheme, we may update this statement to reflect any changes to the scheme or to our information handling practices. The most up-to-date version of this statement is available here or you can ask us to send you a copy.
    3. We are committed to respecting the rights of individuals to the privacy of their personal information. We have policies and procedures in place for the appropriate management and protection of personal information, including any health information collected about them, in accordance with all applicable laws, including the Victorian First Home Owner Grant and Home Buyer Schemes Act 2000, Privacy and Data Protection Act 2014 and the Health Records Act 2001.

    1.2 What information do we collect?

    1. During the application process for and your participation in the Homebuyer Scheme, we may collect your personal information, including your sensitive information and health information (these terms are defined below). This includes the details of:
      1. your income
      2. your identity (such as your name, address, date of birth, gender and relationship status)
      3. evidence of your identity (such as your driver’s licence, passport and proof of age card)
      4. your tax records
      5. your residency status
      6. your employment
      7. your home loan (including any refinancing)
      8. your principal repayments of your home loan
      9. our interest in the property you have acquired through the Homebuyer Scheme
      10. action you take in connection with your property, including its maintenance, insurance and occupation
      11. your dealings with us
      12. credit reports
    2. What is personal information?
      Personal information is any information or an opinion that is recorded in any form and whether true or not, about you, where your identity is apparent to, or can reasonably be ascertained, from the information or opinion.
    3. What is sensitive information?
      Sensitive information is a special category of your personal information. It means information or an opinion about your racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices or criminal record that is also your personal information.
    4. What is health information?
      Health information includes the following information or an opinion about you that is also personal information:
      1. your physical, mental or psychological health (at any time)
      2. a disability you have (at any time)
      3. your expressed wishes about the future provision of health services to you
      4. a health service provided, or to be provided, to you

    1.3 How do we collect your information?

    1. We collect personal information about you when you deal with us in some way. This includes when you:
      1. submit an application to participate in the Homebuyer Scheme
      2. send us your annual review information
      3. visit this website (see part 6 below for more information regarding this website)
      4. contact us (for example, to get our approval to do something or to make a complaint)
    2. We may collect personal information about you from other entities or people that are involved in the Homebuyer Scheme.
    3. This includes:
      1. your co-participant(s) in the Homebuyer Scheme, if any (for example, if you applied jointly with your partner, we may collect information about you from your partner)
      2. the Department of Treasury and Finance (as the Scheme Provider)
      3. the Scheme Administrative Agent (currently the Commissioner of State Revenue supported by the State Revue Office)
      4. the financial institutions on the Homebuyer panel (currently, Bendigo Bank Adelaide and Bank Australia)
      5. your insurance provider
      6. your conveyancer or solicitor
      7. Valuer-General Victoria
      8. Land Use Victoria (Land Titles Office)
      9. Residential Tenancies Bonds Authority
      10. Community Group Provider if you identify as Aboriginal or Torres Strait Islander
      11. other government agencies, law enforcement agencies or regulators
    4. If you do not provide your personal information when requested for the purposes described in Part 1.4 below, we will not be able to assess whether you are eligible to participate in the Homebuyer Scheme or, if you are already participating in the Homebuyer Scheme, whether you are meeting the continuing eligibility criteria or may be in breach of your obligations under our agreements with you. The latter may require you to exit the Scheme early and repay the Victorian Government’s proportional interest amount.

    1.4 How do we use your information?

    1. We use or share your personal information only for the purpose for which it was collected, as explained below, or for a related purpose that you would reasonably expect us to use or share that information.
    2. We collect, use and share your personal information to administer the Homebuyer Scheme, which includes to:
      1. confirm your identity
      2. assess your initial eligibility, and continuing eligibility, to participate in the Homebuyer Scheme
      3. assign you a scheme identifier
      4. manage our relationship with you, and your chosen panel financier
      5. check whether you are complying with your obligations under your agreements with us and enforce them
      6. allow us to perform our obligations and exercise our rights under your agreements with us
      7. assist us to make decisions under your agreements with us (such as whether to approve your requests or take certain steps)
      8. investigate fraud or other illegal activities
      9. comply with laws and assist government or law enforcement agencies
      10. evaluate the Homebuyer Scheme
      11. contact you
      12. respond to any complaints you make or questions you have
    3. Occasionally, we may be required or authorised by law (including privacy legislation and/or other laws) to use your personal information for another purpose.

    1.5 Who do we share your information with?

    1. We may share your personal information with other entities or people that are involved in the Homebuyer Scheme for the purposes described in Part 4 above. These people include:
      1. your co-participants in the Homebuyer Scheme
      2. Department of Treasury and Finance (as the Scheme Provider)
      3. the Scheme Administrative Agent (currently the Commissioner of State Revenue supported by the State Revue Office)
      4. the financial institutions on the Homebuyer panel (currently, Bendigo Bank Adelaide and Bank Australia)
      5. your conveyancer or solicitor
      6. your insurance provider
      7. Valuer-General Victoria
      8. Land Use Victoria (Land Titles Office)
      9. Residential Tenancies Bonds Authority
      10. Community Group Provider if you identify as Aboriginal or Torres Strait Islander
      11. other government agencies, law enforcement agencies or regulators
      12. our professional advisers
      13. (xiii) a potential assignee, novatee or transferee of our or the financial institution’s obligations under your agreements with us and their advisers and contractors
    2. Occasionally, we may be authorised or required by law (including privacy legislation and/or other laws) to share your personal information with other entities or people.
    3. We ensure that any transfer of personal information outside Victoria is in accordance with applicable privacy and health records legislation.
  • Collection notices - Eventbrite and MailChimp

    The personal information provided by you in subscribing to an electronic newsletter or registering to attend an Enablers event will be handled in accordance with the provisions of the Victorian Privacy and Data Protection Act 2014.

    As required by the Act the following information is provided to you pursuant to Information Privacy Principle 1.3:

    • the Victorian Public Sector Enablers Network is the responsible entity; you are able to gain access to, and, if necessary, request correction of, the information you have provided by contacting Enablers at vps.enablersnetwork@dpc.vic.gov.au
    • the personal information is being collected on behalf of the Enablers Network to assist it with managing newsletter subscriptions and the registry function associated with attendance at Enablers Network events
    • you will see when you are directed to the respective websites it will be mandatory to provide some personal information (i.e. it is not possible to subscribe to a newsletter or register interest in attending an event anonymously)
    • the information you provide will only be used by Enablers Network office bearers and employees to facilitate newsletter subscriptions and event attendances
    • the main consequences if all, or part, of the requested information is not provided is that the Enablers Network would not be in a position to consider the subscription or event attendance request
  • This collection notice explains how the VPS Pride Network (the Network) handles personal information which you may provide when you subscribe to our e-newsletter, sign up for an event or submit a nomination to the VPS Pride Awards (the Awards).

    The Network collects this data using:

    The personal information that you submit to us is collected in order to provide information services to you which in turn facilitates:

    • communicating updates about the Network and/or an event
    • judging the VPS Pride Awards
    • the co-ordination of meetings, and advocacy and fundraising activities.

    Servers for the third party applications are located in Australia and overseas. Mailchimp, Humanitix and Google require their subcontractors to deal with such personal information in a manner that is consistent with the Australian Privacy Principles but they cannot guarantee the security of your personal information.

    Mailchimp, Humanitix and Google comply with the Australian Privacy Act. If you are unsatisfied with a response to a privacy matter then you may consult either an independent advisor or contact the Office of the Australian Information Commissioner for additional help.

    Engage Victoria will handle your information in accordance with the Information Privacy Principles contained in the Privacy Data and Protection Act 2014 (Vic). If you are unsatisfied with a response to a privacy matter then you may consult either an independent advisor or contact the Office of the Victorian Information Commissioner for additional help.

    You have the option of not providing certain information requested by the Network. However, you should note that this may prevent the Network from providing membership information services to you and managing its various activities and Programs.

    If you need to change or update your details, you can do so by clicking the update subscription preferences link at the bottom of the e-newsletter or by contacting the VPS Pride NetworkExternal Link .

  • Collection notice for WoCN e-newsletter

    This collection notice explains how the VPS Women of Colour Network (WoCN) handles personal information which you may provide when subscribing to the WoCN e-newsletter.

    WoCN collects this data using Mailchimp, a third party Marketing platform. View Mailchimp's privacy policyExternal Link .

    Your name and email address will be collected for the purpose of communicating updates about the WoCN.

    There serves are located in the United States. All of their subcontractors, however, are required to comply with the Australian Privacy Act in relation to the transfer or storage of Personal Information overseas.

    Mailchimp complies with the Australian Privacy Act. If you are unsatisfied with our response to a privacy matter then you may consult either an independent advisor or contact the Office of the Australian Information Commissioner for additional help.

    If you need to change or update your details, you can do so by emailing vpswoc@gmail.com

  • The Wage Inspectorate Victoria is an independent statutory body established by the Wage Theft Act 2020External Link .

    In addition to the Wage Theft Act, we also have responsibility for administrating the following Acts:

    We are a ‘law enforcement agency’ for the purposes of the Privacy and Data Protection Act.

    What does this privacy notice do?

    When you access the Wage Inspectorate’s website, we may collect a range of personal and/or sensitive information. Personal information is recorded information about an individual whose identity is apparent and can be reasonably be ascertained from that information. Sensitive information is information about an individual’s race or ethnicity, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices, or criminal record.

    This privacy notice tells you what information we collect and why, how we use and disclose the personal information we hold and how we protect and maintain the quality and security of that information. This notice also explains how you can correct and access the personal and/or sensitive information we hold about you and how to make a complaint about a privacy matter.

    What information do we collect and why?

    We collect information to enable us to perform our functions and to fulfil our responsibilities under the Wage Theft Act 2020, Child Employment Act 2003, Long Service Leave Act 2018 and Owner Driver and Forestry Contractors Act 2005, as well as any other applicable laws.

    You can also read the following pages which provide further information about our functions:

    Personal information may be provided to us by complainants, government agencies, members of the public, employees and other third parties.

    The types of personal information we may collect include a person’s name, address, contact details, details of a person’s employment and information about a person’s personal circumstances. Providing sensitive information to us is always optional.

    Sometimes, we will receive information inadvertently, for example if it is included in a complaint from a member of the public, or in employment documents that have been provided as information relating to an alleged offence. We will not use or disclose sensitive or health information, except as permitted or required by law.

    Personal information is collected by us in a variety of ways, including but not limited to:

    • from a member of the public via our website or an email or phone call to us
    • in documents or written or oral statements obtained by us for the purposes of investigating or prosecuting possible offences under the laws that it is responsible for, where oral statements may be recorded
    • managing the employment of staff or recruitment purposes
    • information shared between law enforcement agencies as authorised by law.

    Where possible, we will collect personal information directly from the individual that it relates to. However, we are likely to collect information about an individual from other individuals and may collect information about an individual from other agencies, publicly available sources or third parties (including through its social media platforms) where it is necessary to perform our functions.

    Individuals have the option of remaining anonymous when interacting with us where their identity is not necessary for us to perform the relevant functions or activities.

    When collecting personal information from an individual, we will take reasonable steps to advise that individual of:

    • what information is being sought and why
    • whether and to whom we usually disclose that kind of information
    • whether any law requires the collection of the information
    • how the individual can contact us or the Office of the Victorian Information Commissioner (OVIC) (the regulator with oversight of information access, privacy and data protection) with any questions or concerns about how the information is being handled
    • the main consequences, if any, of not providing the information.

    Use and disclosures of personal information

    We will only use or disclose personal information where it is necessary to carry out our functions.

    We will only use or disclose personal information about an individual for the purpose that it was collected, except in the circumstances permitted in by the Privacy Legislation. The main situations in which this may occur are where:

    • the purpose is related to the initial purpose of collection and the individual would reasonably expect us to use or disclose the information for that purpose
    • the individual has consented to the use or disclosure for that purpose
    • we have reason to suspect that unlawful activity has been or is being engaged in and the use or disclosure is necessary for its investigation of the matter or to report the matter to the relevant authority
    • the use or disclosure is required or authorised by or under law.

    When we disclose information that contains personal information to another individual or body (third party), we will take reasonable steps to preserve the privacy of the relevant individuals, for example by redacting personal information that is not relevant or required for the purposes of providing the information or by ensuring that the other individual or body is required to protect the privacy of that information.

    The main third parties that we may disclose information that is likely to contain personal information are:

    • the Victorian Inspectorate, where we are required to provide written reports following the exercise of certain powers under the Wage Theft Act
    • Victoria Police, or other law enforcement agencies to assist in its investigations or for other law enforcement purposes
    • the Office of Public Prosecutions, to assist with advice sought or the conduct of a criminal prosecution
    • the Magistrates’ Court of Victoria, for the purposes of applying for a search warrant or in relation to prosecutions under the Wage Theft Act.

    Where necessary and appropriate, we will take steps to ensure that any recipient of personal information provided by us is aware of and complies with the Privacy Legislation and any other applicable privacy and confidentiality obligations.

    Social media

    The Wage Inspectorate uses third party social media platforms to promote content and engage with the public. Our social media channels include:

    • Facebook
    • LinkedIn
    • Twitter

    We use Sprout Social to manage our social media accounts. Information collected by our social media accounts is also shared with Sprout Social.

    We have social media sharing links on our website. These are located on the right-hand side of our webpages under the heading 'Share this page'. By clicking these links, you are given the option to share the webpage as a post on your social media account (Twitter, Facebook or LinkedIn). These social media networks may collect your personal information for their own purposes.

    If you choose to engage with the Wage Inspectorate via social media, you should be aware of the following:

    • If you engage with the Wage Inspectorate on a social media channel, we may contact you via a direct message to ask for contact information so that an officer can contact you to provide assistance. If you provide contact details, this information will be collected in the Wage Inspectorate’s customer management system to enable an officer to contact you.
    • We use a social media archiving tool called Brolly to capture the Wage Inspectorate’s interactions on social media and archive them in accordance with the Government’s record keeping obligations under the Public Records Act 1973. Brolly captures and stores social media records for us, including each status update, tweet, post, private message, and comment on the Wage Inspectorate’s social media pages. This information is stored on Australian servers in compliance with Australian privacy laws. You can access Brolly’s Privacy PolicyExternal Link .
    • We may delete a public comment or post on a Wage Inspectorate platform in accordance with our Social Media Moderation Guidelines. The Wage Inspectorate will take a screenshot of the interaction to keep a record of the decision to delete it. Any personal information contained in the screenshot will not be used or disclosed by the Wage Inspectorate, except to the extent that it is necessary to review the decision or for the purposes of an investigation conducted by the Wage Inspectorate.
    • Any information you post on social media is potentially accessible to anyone else engaging on that platform – we strongly recommend you regularly check and configure your privacy settings to make sure you know what information you are making available.

    Information security

    Under the Privacy Legislation, we have a responsibility to protect the personal and health information we have retained, as well as general obligations to protect the data we hold. We take reasonable steps to protect any personal information that we hold from misuse and loss, and from unauthorised access, modification or disclosure.

    We have secure office premises and a security pass entry system for employees and contractors to enter the premises. We take reasonable steps to protect our files from outside or unauthorised access.

    Access to systems, applications, and the information that we collect is limited to authorised staff members only. Our information technology arrangements incorporate a range of data security measures.

    Our staff receive training on their responsibilities and obligations under Privacy Legislation and the Privacy Statement. If we become aware that an individual’s personal information has not been handled in accordance with the Privacy Legislation, we will take reasonable steps to inform the relevant individual(s) and take appropriate action to ensure that it does not happen again.

    Information quality

    We rely on people providing accurate information and notifying us when they become aware that information is incorrect or out of date. However, we will take reasonable steps to ensure that the information that we collect, use or disclose is accurate, complete and up to date.

    If an individual is aware that we hold personal information about them that is not accurate, complete and up to date, they can notify us to correct that information. If an individual can provide proof of the correct information, we will take steps to correct the personal information.

    We will archive or destroy all personal information retained by it in accordance with the Public Records Act 1973 and the applicable Retention and Disposal Authority, or any other applicable law.

    Access to information

    If you want to access information that we hold about you, you can contact us and submit a written request. We may contact you to establish your identity before releasing the information.

    You may also make a request under the Freedom of Information Act 1982. Depending on the nature of the request, fees may apply.

    Visit our website for more information on how to Make a Freedom of Information Request.External Link

    How to make a privacy complaint

    If you are not happy with how we have handled your personal information, please let us know. We aim to resolve all complaints quickly and fairly.

    You can make a privacy complaint about how we have handled your personal information by contacting our Privacy Officer.

Contact us

For further information about this privacy statement or how we handle personal information, please contact us by email at contact@dpc.vic.gov.au

For other information requests, see the Victorian Government's Office of the Victorian Information Commissioner websiteExternal Link .

Reviewed 04 May 2023

Was this page helpful?