Privacy

Data Vic uses CKAN to manage and publish meta data records on the data.vic.gov.au portal.

CKAN is open source software widely used by open data publishers to manage their data assets.

CKAN stores meta data about individual data records and presents them on a web interface so that visitors to data.vic.gov.au can browse and search this metadata in order to meet their information seeking needs.

CKAN also offers an API so that third party applications can be built around it.

CKAN collects site analytics data and statistical data about DataVic users including:

• browser used
• operating system
• country
• referral links
• time on the site
• language

Copyright in your submitted content

When you submit content to data.vic.gov.au, by making comments to the various feedback functions or participation in the applications showcase, you retain copyright in it. By submitting content to this site, you agree to make it available to the rest of the world under a Creative Commons Attribution 3.0 Australia Licence(opens in a new window)

Use of site

You must not use text or information provided via this site, including datasets or data they contain, in any of the following ways:

• use the data in any application that pretends to be an official government service, or in any other way that suggests that the Department endorses you or your use
• present the data in a misleading or incorrect manner, or misrepresent the data through changing it or otherwise
• use this site for party political purposes
• use the data or this site in or to support a criminal or illicit activity
• use the data in any application, or in any other ways to inflame or make comments that are racist, sexist or homophobic, or which promote or incite violence and illegal activity

Moderation policy and process

We welcome user generated content to the data.vic.gov.au site and aim to publish most content quickly. We encourage you to share your opinions on the various blog topics and individual datasets. Also, we want to promote your applications and insights built and developed using Victorian Government data in the showcase section. To help us do this, please make sure:

• your comments are relevant or on-topic
• your comments are not inflammatory, unreasonable or obscene
• you are civil and respectful of others and their opinions (including not impersonating anyone and not posting someone's personal information without their permission)
• your behaviour is in line with relevant laws
• The site uses a pre-moderation process to help ensure that spam or comments that breach this moderation policy are not published. This means that your comment will generally be published after being manually checked by a moderator. If a comment is edited, we will include a reference so you can tell

The first is a human verification step to deter spam bots: when you submit a comment, you are asked to include a user name and a valid email address. You may post under a pseudonym. Your email address will not be posted on the site.

If we make a mistake, please contact us and we will deal with it as quickly as we can.

The Department of Education is committed to protecting your privacy. The policies below describe what personal and health information we collect and why.

• Department of Education privacy policy – This policy sets out how the department collects and manages personal and health information.
• Privacy policy (National Law) – This policy outlines the requirements for personal information handling practices for the areas of the department that are subject to the Commonwealth Privacy Act.
• Schools' privacy policy – This policy explains how Victorian government schools collect and manage personal and health information.
• Schools’ privacy collection notice – This collection notice describes the standard reasons that schools need to collect and use information in order to perform their core functions.
• Schools’ privacy policy: information for parents – This page explains to parents how and why school staff share information about students with other staff when it is necessary for them to be able to perform their role.

• Department of Transport and Planning privacy policy
  Our policy for protecting the personal and health information that the department collects, uses and discloses.
• Department of Transport and planning website privacy statement
  Our policy for the collection, storage, use, access and disposal of data via the department's websites.
• myki privacy policy
  The policy for managing the myki information we collect.
• Our Department of Transport and Planning freedom of inforrmation Part II Statements
  Information published under Part II of the FOI Act about our functions, structure, legislation, documents we hold, and on how to make an FOI request to us.

The Early Learning Victoria privacy policy sets out how Early Learning Victoria collects and manages personal and health information.

Victorian Public Sector Commission (VPSC) collects and stores information regarding the recruitment and selection of people to the Victorian Government graduate program to participating Victorian Government departments and agencies (‘Departments’) across the Victorian public sector.

This collection notice explains VPSC’s policy for handling personal information, sensitive information and certain health information which you may provide to VPSC when interacting with us

VPSC collects this data using Push Apply and third party software products (‘the portal’). Encrypted data is stored and managed on Amazon Web Service (AWS) systems. The portal is administered by approved staff at vendor (‘the recruiter’) who have been appointed by the VPSC to facilitate recruitment to the Victorian Government graduate program.

At time of making an employment offer, the recruiter will share successful applicant data will be shared with Departments.

The recruiter will delete all collected and stored date upon completion of their contract with the VPSC, or when archived data is replaced by new data, or at any other time as directed by the VPSC.

The VPSC is committed to protecting your privacy. Please review the statements below, which detail how the VPSC collects, holds, manages, uses, discloses or otherwise handles personal information (including sensitive information) and health information.

The supply of certain personal information and health information to VPSC is optional, and, where possible, the VPSC will give you the option of not providing such information. However, please note that our ability to process your application may be impacted if requested information is not provided.

Recruitment and selection of candidates

• Victorian graduate recruitment and selection activities are undertaken by the recruiter, the VPSC and various Departments
• this statement covers information collected by the recruiter which is stored on the portal and administered by both the recruiter and VPSC. It also covers information that is collected by the VPSC or Departments in the context of the recruitment and selection process

What will your information be used for?

Your personal and health information will be collected to:

• enable recruitment, selection and appointment processes
• enable the recruiter to contact candidates
• enable the Departments or VPSC to contact candidates
• enable graduate recruitment and workforce planning
• report and provide analysis on various metrics, such as gender and other diversity measures

What information will be collected?

VPSC will collect the following personal and health information from you for the purposes of assessing your application to the Victorian Government graduate program:

• contact details
• demographic and diversity data (including information relating to gender, ethnicity and disability)
• health information¹ in so far as it is relevant to your performance of the role, including any disability for the purposes of making reasonable adjustments
• employment history, including your resume
• education history, including your academic transcript
• images, video or audio recordings associated with the application form and assessment activities

Who will collect your information?

Information will be collected by the VPSC and the recruiter on behalf of Departments. Departments may collect additional information upon appointment of a candidate.

Who will access your information?

Your personal and health information will be used by and disclosed to:

• nominated staff in the VPSC who work on the Victorian Government graduate program
• nominated staff in the Departments undertaking the recruitment and selection process (such as divisional Directors and/or Managers of teams where the graduate may be placed)
• Human resources, account management and IT staff in the recruiter

All persons with access to personal information (including any sensitive information) or any health information collected by and for the VPSC are subject to confidentiality obligations and to additional security protocols as required.

Your personal information (including sensitive information) and any health information will be used and disclosed strictly for the purposes identified in this Collection Notice and will be de-identified where possible.

Information will only be made available to individuals on a need to know basis in order to perform a function or activity necessary to achieve a purpose outlined in this Collection Notice.

Your personal information (including any sensitive information) or any health information may only be used or disclosed in a manner other than as described in this Privacy Statement if you subsequently consent to the further specific use or disclosure or where disclosure is required or permitted by law.

Informed consent

By creating an account and submitting a completed application to the Victorian Government Graduate Program, you are consenting to your personal (including sensitive) and health information being collected, managed, used, disclosed and processed as described in this Collection Notice.

Information security

VPSC will ensure that the collection, management, use and disclosure of your personal (including sensitive) and health information complies with Victorian privacy law, the Information Privacy Principles, the Health Privacy Principles and the VPSC’s Privacy Policy.

Information will be stored securely with access restricted to those set out in the "Who will access the data?" section of this Statement above. VPSC will take reasonable steps to protect the personal information (including any sensitive information) and any health information it holds from misuse, loss, unauthorised access, modification and disclosure. VPSC will also take reasonable steps to destroy or permanently de-identify personal information when it is no longer needed.

VPSC may also use third party service providers to provide services to it, such as data hosting providers. Some of those providers may be located outside Victoria. Accordingly, some of the data collected for the VPSC may be stored on secure servers located outside Victoria, which are subject to stringent privacy laws and regulations comparable to those in Victoria.

Disability pathway

The Disability pathway provides support for graduates with a disability. The pathway can include support with the application process and placements. It can also include support during the graduate year.

The VPSC will collect, manage and use information provided on the Disability pathway program for the purpose of administering the program and otherwise in accordance with the Privacy and Data Protection Act 2014 and the Health Records Act 2001. We will not share information provided on the Disability pathway program with hiring Departments or line managers without your consent. You can share information as part of the application process but then choose not to share it with employers or peers.

Who to contact for access to or correction of your personal and health information

You have a right to access personal, sensitive and health information the VPSC holds about you. You may also apply to the VPSC to correct information held about you which you believe is inaccurate.

Please direct queries or requests to access and/or update your personal and health information to vpsgrads@vpsc.vic.gov.au or on 03 9651 1321

If you have any complaints about VPSC’s handling of your personal information or health information, please provide your complaint in writing to the VPSC using the email address above. Any complaint will be handled in accordance with the VPSC’s Privacy Policy.

Effective date of Privacy Statement

22 February 2019

1. The term ‘health information’ is a legally defined term in the Health Records Act 2001 (Vic) and in the context of the VPSC refers to the collection of information that relates to disability. The VPSC gives participants the option of not providing such information. All health information provided to the VPSC will be handled in accordance with this Collection Notice and the Health Records Act 2001 (Vic).

The Victorian Public Sector Commission (VPSC or ‘us’), on behalf of the Victorian Government manages the Join a Public Board website.

This website has an online recruitment (eRecruitment) service for Victorian public sector boards. It streamlines the recruitment process, making it easier for you to apply for a board position with the Victorian Government.

How your information is collected and handled

This statement explains how we collect and handle the personal information you give us and how we and a Department use it. This includes any personal information you provide to us or to a Department when you:

• create an account
• apply for a board vacancy
• register to receive board vacancy alerts by email
• submit a query via the Contact Us page.

This statement also applies to any personal information you provide directly to a Department as part of your application, where that information is subsequently recorded on the Government Appointment and Public Entities Database (GAPED).

Who's involved

• The Victorian Public Sector Commission (‘we’ or ‘us’) is responsible for this website.
• The Department is responsible for managing the board appointment process. The department will be listed in the advertisement you are responding to.
• PeopleScout is the eRecruitment specialist engaged by us to provide this website's eRecruitment system, known as Springboard, and GAPED.
• Recruiters, accredited probity check providers and PeopleScout, are all contractually required to comply with privacy laws, as discussed in more detailed below.

Creating an account

• You need an account to apply for board roles on Join a Public Board.
• To create an account, you will be asked to provide your name and an email address.
• We do not disclose this information to anyone other than PeopleScout.

Applying for a board vacancy

When you apply for a vacancy on a public sector board, you will typically be asked to provide the following information to us or to the Department as part of your initial application:

• your name, address phone number, and email address
• your date of birth
• your Diversity information (discussed in more detail below)
• if you are a Victorian public sector employee
• if you recently received a voluntary departure package from the Victorian government
• your answers to an online questionnaire expressing your interest in being appointed to a board
• your resume or curriculum vitae.

If you provide this information to us, we will disclose it to the Department.

The Department uses your information, as well as any other information you provide directly to the Department, including declarations of private interests and probity checks, to enable them to:

• consider your application, in shortlisting and to brief the relevant minister recommending a candidate for appointment to a board
• seek any approvals including Cabinet approval, where relevant and
• provide you with information about prospective board roles.

Where necessary, the Department may also disclose your information to an authorised third-party recruitment provider to assist with recruitment and shortlisting. See below for further details about the privacy obligations applicable to third party service providers.

The Victorian Government’s Appointment and Remuneration Guidelines may require the Department to obtain additional approvals. For example, if your appointment requires Cabinet approval, your personal information will be provided to the Ministers that form part of cabinet and the staff that support them. All such information will be Cabinet in Confidence. This information includes your name, diversity information, that you have completed satisfactory probity checks and a brief description of any material conflicts of interest that you have identified.

Probity checks

You may also need to complete a probity check and provide a declaration of private interests as part of your application for a board vacancy.

Where a probity check is required, the Department will give your relevant personal information to an accredited probity check provider.

When you register to receive board vacancy alerts

If you register to receive board vacancy alerts by email, we may use your information to provide you with information about prospective board roles.

Collection of diversity information

The Victorian Government collects Diversity information, including sensitive and health information, about applicants and appointees to Victorian Government boards via this website to:

• monitor the diversity of appointments
• inform strategies to support diversity on Victorian Government boards
• help assess how the Victorian public sector, or the public entity, are tracking in achieving its objective of Victorian Government boards reflecting the diversity of the Victorian community
• inform decisions about the recruitment and selection of board appointments, including any reasonable adjustments that may be required, consistent with the Victorian Government’s commitment to increase the diversity of membership of Victorian Government.

We encourage you to respond to the questions regarding your Diversity information as fully as you feel comfortable, noting that you may select ‘prefer not to say’ where this response is available.

The collection of this information is permitted under the Equal Opportunities Act 2010 (Vic).

On appointment

If appointed, your information will be stored in a secure database (the Government Appointment and Public Entities Database (GAPED) and will only be accessed by authorised officers and the Department’s authorised officers. Information about GAPED can be obtained on vpsc.vic.gov.au.

The information on GAPED is used by us to:

• monitor the diversity and profile of appointments to and composition of public sector entity boards to which the government may make appointments and
• for research purposes and to plan improvements to governance processes for Victorian public sector boards.

Department's use

Online list of appointees to public sector boards

Your name, term of appointment and the name of the public entity on whose board you are appointed is made available to the public on a Victorian Government website managed by the Victorian Public Sector Commission at publicboards.vic.gov.au.

For reasons of personal safety, some appointees and the composition of some public sector entity boards will not appear on any publicly accessible Victorian Government website. If this is the case you will advised at the time of your appointment, by the recruiting Department.

If for some reason you do not wish for your personal information to be made available to the public, please discuss this with the Department.

Reporting (de-identified)

Recruitment information may also be used for reporting purposes. This may involve:

• us, PeopleScout and the Departments generating activity analysis reports and performance analytics. These reports do not contain any identifying personal or health information
• us publicly reporting on the diversity of appointments to public sector boards. Such reporting is at an aggregated level and does not contain any identifying personal or health information.

Privacy framework

All Victorian Government departments and public sector entities participating in this website’s eRecruitment system, including us, are bound by the Privacy and Data Protection Act 2014 (Vic) and the Health Records Act 2001 (Vic). This means that we must collect and handle personal information responsibly and in accordance with the Privacy and Data Protection Act’s Information Privacy Principles.

Further, any personal information that we collect and use for identifying user trends (for example, IP address) is aggregated and anonymised when generating reports.

Health information

Health information may be collected from a candidate as part of an application for a board vacancy and is limited to:

• a candidate’s response to the question “Do you have a disability?” (Yes/No/Prefer not to respond)
• accessibility requirements that you notify the Department of.

Privacy policies

Each Department is required to have an online privacy policy which provide a general account of the way they protect and handle your personal information and provide the contact details to the Department’s privacy officer.

If you provide the Department directly with additional personal information about you as part of your application for a board vacancy, the Department will explain how it handles that information and keeps it secure. Any questions should be referred to the Department’s contact person at first instance.

Third-party service providers

PeopleScout and any third-party service provider engaged by the Department (such as a recruiter or police check and/or probity check service provider) are contractually required to comply with the Victorian Privacy and Data Protection Act 2014 (Vic) and the Health Records Act 2001 (Vic) when handling your personal information.

Is online recruitment secure?

The eRecruitment for the Victorian public sector boards process is designed to protect the privacy of your personal information.

From the moment your information is submitted to this website it is subject to a range of rigorous security protections including encryption, firewalls and auditing and monitoring of access to the eRecruitment system. All internet traffic is subject to encryption.

Access to your own information

You can access your own information and update your details via your Join a Public Board eRecruitment account at any time.

Once you have submitted a board application via this website it is not possible to amend the application. If you would like to edit an application, please contact the relevant Departmental contact person indicated in the advertisement.

If you are appointed to a role and would like to update or access your personal information, please contact the relevant Department.

In some instances, a request for information may be handled in accordance with the Freedom of Information Act 1982 (Vic).

If you want to make a complaint about the handling of Your Information your complaint will be handled in accordance with the relevant Privacy Laws.

Definitions

Cabinet in Confidence means information prepared for consideration by or that discloses a deliberation or decision by Cabinet or a Cabinet Committee.

De-identified (in relation to data) means that the data no longer relates to an identifiable individual or an individual who can be reasonably identified and does not contain any other Identifiable data.

Department means the Victorian government department or Public Entity that is identified in the advertisement as being responsible for the recruitment process.

Departmental contact person means the contact person identified in the advertisement for a board appointment..

Disability means, any physical, intellectual, psychiatric, sensory, neurological and learning disabilities. Disability can be permanent or temporary, visible or invisible.

Diversity information means:

• your age
• your postcode
• your gender
• if you identify as Aboriginal and/or Torres Strait Islander
• if you identify as belonging to the LGBTIQ+ community
• your country of birth
• country or countries your parents were born
• if you use a language other than English at home
• if you identify as having a culturally or linguistically diverse background
• if you are a person with a disability (which is health information subject to the Health Records Act 2001).

Handling means all the activities relating to the collection, holding, management, use, disclosure, or transfer of your Information.

Health information means personal information or an opinion about a living or deceased individual’s:

• physical, mental or psychological health
• disability
• expressed wishes about the future provision of health services to them
• access of a provided health service, or service to be provided to an individual.

HR Act means the Health Records Act 2001 (Vic).

Information Privacy Principles means the information privacy principles set out in the PDP Act.

PAA means the Public Administration Act 2004 (Vic).

PDP Act means the Privacy and Data Protection Act 2014 (Vic).

Personal information means information or an opinion (including information or an opinion forming part of a database), that is recorded in any form and whether true or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion. Examples of personal information include a person’s name, date of birth, address, email address and contact telephone number. Personal information does not include information of a kind to which the HR Act applies.

Public entity has the meaning given in Section 5 of the PAA.

Sensitive information is information about an individual’s racial or ethnic origin, political opinions and membership of political associations, religious or philosophical beliefs, sexual preferences or practices, criminal record, or membership of a professional or trade association. The law places restrictions on its collection.

Your information means Personal Information and includes Sensitive Information.

Contact us

You may contact us via the Victorian Government contact centre on 1300 366 356 available Monday to Friday, 9.00am to 5.00pm which will address your concerns or may refer you to the relevant Department.

Department contacts

Department of Education: cabinet@education.vic.gov.au

Department of Energy, Environment and Climate Action: governance@delwp.vic.gov.au

Department of Fairness, Family and Housing: appointments@dffh.vic.gov.au

Department of Government Services: budgetandreporting@dpc.vic.gov.au

Department of Health: appointments@health.vic.gov.au

Department of Justice and community safety: statutoryappointments@justice.vic.gov.au

Department of Jobs, Skills, Industry and Regions: cabinetteam@ecodev.vic.gov.au

Department of Transport and Precincts: apptsandexco@transport.vic.gov.au

Department of Premier and Cabinet: budgetandreporting@dpc.vic.gov.au

Department of Treasury & Finance: CabinetAnd.ParliamentaryServices@dtf.vic.gov.au

Refer to the PLSA privacy policy for collection notices and PLSA-specific privacy information.

About SafeScript

The Victorian Government is taking action to reduce the growing harms, including deaths, from high-risk prescription medicines by implementing SafeScript, Victoria’s real-time prescription monitoring system.

SafeScript is computer software that allows prescription records for certain medicines to be transmitted in real-time to a centralised database which can then be accessed by doctors, nurse practitioners and pharmacists during a consultation.

Amendments to the Drugs, Poisons and Controlled Substances Act 1981 (Vic) have been introduced to enable SafeScript in Victoria.

What information is being collected about a health professional and how will it be used?

When a prescription is issued or dispensed, there are existing regulatory requirements on what information must be included on the prescription or the dispensing record. This includes the details of the patient, the medicines that are being prescribed, as well as details of the prescriber and pharmacist. This information is collected by SafeScript for certain high-risk prescription medicines.

SafeScript provides you access to view records of all high-risk medicines that have been supplied to your patient from you and other clinicians. This enables you to make safer and more informed clinical decisions, and facilitates the co-ordination of treatment and communication between clinicians by giving you visibility of all clinicians involved in the patient's care.

Authorised Victoria’s Department of Health (the department) staff will also access SafeScript as part of their existing regulatory role in ensuring the safe supply of medicines in the community. SafeScript will provide the same information that the department currently obtains from medical clinic and pharmacy records to undertake existing health practitioner compliance activities.

Registering to use SafeScript

Information about you and your practice, including your publicly available registration details with AHPRA and prescriber number, is required as part of the on-boarding process for SafeScript.

You are asked to provide your date of birth when you register to use SafeScript which assists in verifying your identity and confirming your AHPRA registration details. Once this verification step is completed, your date of birth will not be stored in SafeScript.

You are also asked to provide your email address (required) and phone number (optional). These details will not be made publicly available and will only be used to communicate necessary correspondence to you, such as when you request a password reset or when there are important updates about SafeScript which you need to know.

Failure to provide this information will mean that you are unable to use SafeScript. This may be in breach of your obligations under legislation when the system becomes mandatory in April 2020.

How is my privacy protected?

There are specific legislative requirements to ensure people who are authorised to access information in SafeScript are doing so in an appropriate manner.

There are offences and strict penalties under the Drugs, Poisons and Controlled Substances Act 1981 (Vic) as well as the Health Records Act 2001 (Vic) and the Privacy and Data Protection Act 2014 (Vic) for improper use or disclosure of information contained in SafeScript.

How can I correct a record in SafeScript if I believe it is incorrect?

Prescribers: Records about what you have prescribed are sourced from records created from your practice software and from the pharmacies where your prescriptions were dispensed, including handwritten prescriptions.

Pharmacists: Records about what your pharmacy has dispensed are sourced from records created from your pharmacy’s dispensing software.

SafeScript does not alter records sourced from practice or dispensing software. If you believe there is an error in a particular record in SafeScript, the record may be corrected by amending the record created in the practice or dispensing software. The corrected information will be automatically updated in SafeScript.

Further information about SafeScript

Email safescript@health.vic.gov.au.

We collect users’ emails, names and postcodes for the purposes of sending email updates on the topic of Victoria’s Treaty negotiations process.

Subscriber information is stored and managed in Campaign Monitor. Users can unsubscribe or update their preferences at any time by clicking on relevant links in the email they receive.

Campaign Monitor stores data in servers located in a US-based data center. In addition, they use multiple data processing locations including USA, Australia and Germany. For more information visit Campaign Monitor's Trust Center.

Triple Zero Victoria is committed to protecting the privacy of personal information that we handle in the delivery of services to the community, agencies, employees and agents. The way Triple Zero Victoria collects discloses and manages personal and health information contributes to its success.

Victoria has three key pieces of legislation that apply to Triple Zero Victoria:

• Triple Zero Victoria Act 2023
• Privacy & Data Protection Act 2014
• Health Records Act 2001.

These laws contain information about confidential information, and privacy principles which give people more say in regard to how their personal and health information is collected and used and who can access it.

In addition, Victoria’s Charter of Human Rights and Responsibilities protects individuals from having their privacy unlawfully or arbitrarily interfered with.

Triple Zero Victoria collects sensitive, personal and health information in the course of its operations. The organisation is committed to protecting confidential information, and to implementation of Victoria’s Information Privacy Principles and Health Privacy Principles, in the context of delivering emergency and related call-taking and dispatch services, including via triple zero.

Privacy framework

Triple Zero Victoria maintains a broad privacy framework, supported by an active strategy to improve privacy compliance and awareness.

Triple Zero Victoria’s privacy framework is comprised of 4 elements:

• Compliance with privacy laws and privacy principles, and other relevant legislation
• Provision of advice and guidance internally and externally regarding privacy rights and responsibilities
• Training and awareness activities within the organisation
• Monitoring, reporting and managing privacy practice, including incident management.

The framework is supported by Triple Zero Victoria's Privacy Policy which sets out in detail how the organisation meets its legislative and other privacy obligations.

Triple Zero Victoria privacy policy

Triple Zero Victoria’s policy refers to the use and management of personal and health information collected by Triple Zero Victoria.

Personal and health information held by Triple Zero Victoria is managed in accordance with the privacy principles contained in the Privacy and Data Protection Act 2014 (Vic), the Health Records Act 2001 (Vic) and as required by other laws. Triple Zero Victoria is required by law to have a policy on its information handling practices.

Privacy and security measures protect against misuse, loss and unauthorised disclosure of personal information.

The Triple Zero Victoria Act 2023 also protects confidential information from unauthorised disclosure.

Definitions

Personal information is recorded information about a living identifiable or easily identifiable individual (including work related information or images).

Sensitive information is information about a living individual’s race or ethnicity, political opinions, religious or philosophical beliefs, sexual preferences or practices, criminal record, or membership details, such as trade union or professional, political or trade associations.

Health information is information about a living or deceased individual’s physical, mental or psychological health.

Confidential information is any information relating to calls received or messages communicated by Triple Zero Victoria in the course of providing a service to an emergency services and other related services organisation.

What does Triple Zero Victoria do?

Triple Zero Victoria was established by the Triple Zero Victoria Act 2023 to provide emergency call taking and dispatch and other communications services to emergency services organisations throughout Victoria (the services).

Triple Zero Victoria currently provides services to the following organisations:

• Country Fire Authority
• Ambulance Victoria
• Fire Rescue Victoria
• Victoria Police
• Victoria State Emergency Service (VICSES).

Triple Zero Victoria is committed to protecting the privacy of personal information that we handle. Personal information is information that directly or indirectly identifies a person.

What areas of Triple Zero Victoria collect personal and health information?

All calls to triple zero, VICSES emergency calls and operational radio communications are voice recorded. Under the Telecommunications (Interception and Access) Act 1979 Triple Zero Victoria may listen to or record, by any means, such a communication within a ‘emergency service facility’ without the knowledge of the person making the communication. Administration telephony systems within the State Emergency Communications Centres are not recorded.

Because individuals, members of the public, and Triple Zero Victoria employees deal with different areas of the Authority, these areas may have additional privacy policies and practices that explain in more detail their particular information management practices. For example, Triple Zero Victoria’s People, Capability and Reputation department has additional policies, which explain in more detail how human resources records are managed in accordance with privacy legislation. Triple Zero Victoria’s Operations Department has policies regarding access to control rooms.

How does Triple Zero Victoria treat confidential information?

Triple Zero Victoria collects sensitive and personal information in the course of its operations. This information is protected under the confidentiality sections of the Triple Zero Victoria Act. The Act provides for otherwise confidential information, including personal and health information, to be provided to emergency services organisations to assist callers.

Section 63 of the Triple Zero Victoria Act protects the "confidential information" of callers (whether or not such information is considered personal or health information) by limiting the use that Triple Zero Victoria, its employees and any others may make in relation to that information. Confidential information under the Triple Zero Victoria Act means any information relating to calls received or messages communicated by Triple Zero Victoria in the course of providing a service to an emergency services and other related services organisation.

The restriction on the use of confidential information is as follows: A person who has confidential information that he or she has received in the course of carrying out duties under the Triple Zero Victoria Act must not, except to the extent necessary to perform duties under the Triple Zero Victoria Act, record, disclose, communicate or make use of that information.

All Triple Zero Victoria employees are required to comply with this restriction and, under the Triple Zero Victoria Act, penalties may apply for breach of this restriction.

Certain areas of Triple Zero Victoria and some Triple Zero Victoria personnel may not have to comply with some or all of the privacy principles.

These situations include where:

• the provisions of another Act are more specific about how information should be managed
• the area makes use of generally available publications, for example, websites, or publicly accessible directories
• employees are carrying out law enforcement functions which would be hindered if they were to comply with all of the privacy principles
• if the use or disclosure it is necessary to lessen or prevent a serious and imminent threat to an individual’s life, health, safety or welfare.

What sort of information does Triple Zero Victoria collect?

In broad terms Triple Zero Victoria:

• collects only information needed for the provision of Triple Zero Victoria’s services
• takes reasonable steps to ensure personal information is accurate, complete, up-to-date and relevant to the functions performed
• uses and discloses it only for Triple Zero Victoria’s service provision purposes, for another purpose with the person's consent, or as otherwise authorised by law
• stores information securely, protecting it from unauthorised access
• retains it for the period authorised by the Public Records Act 1973
• provides the person with access to their own information, and the right to seek its correction.

Triple Zero Victoria also collects personal and health information for statutory and administrative reasons.

Triple Zero Victoria may collect sensitive information according to privacy and other legislation.

Why does Triple Zero Victoria collect information?

Triple Zero Victoria collects personal and health information as necessary for its functions of service delivery, administration and enforcement of the law.

Below are the most common reasons that Triple Zero Victoria may collect and use your personal information:

• If you ring Triple Zero Victoria (for example via Triple Zero or VICSES 132 500 to request assistance from an emergency service).
• When seeking to obtain your direct feedback on services provided by Triple Zero Victoria.
• If you seek to be or are employed by Triple Zero Victoria (including referee and police checks).
• You are or would like to be a supplier or contractor to Triple Zero Victoria.
• If you request information from Triple Zero Victoria.
• For the purposes of conducting an event (for example, Junior Triple Zero Hero Awards) and for the purposes of contacting you regarding other events that may be of interest.

Triple Zero Victoria takes reasonable steps to explain why personal or health information is collected, what is done with it, whether any laws require it and the main consequences for an individual if it is not provided to Triple Zero Victoria.

What does Triple Zero Victoria do with the information?

Triple Zero Victoria uses and provides to other people or organisations, personal or health information necessary to provide the requested emergency service. Triple Zero Victoria is authorised by law to use or provide personal or health information to others for the purpose of providing its service.

Triple Zero Victoria only assigns or adopts a unique identifier (e.g. employee number) for an individual if it is necessary, authorised by law or with consent. Triple Zero Victoria ensures any transfer of personal or health information outside Victoria is in accordance with privacy and other legislation.

Eventbrite

There may be occasions where Triple Zero Victoria uses Eventbrite to invite you to an Triple Zero Victoria-run event, and to register your attendance. In such instances, Triple Zero Victoria may provide your name and email address to Eventbrite, and any additional information you provide which is relevant to the event – for example, dietary requirements. Such information will be subject to Eventbrite’s privacy policy which can be found at Eventbrite: Privacy Policy.

SmartSheet

There may be occasions where Triple Zero Victoria uses Smartsheet to manage your registration for and attendance at an Triple Zero Victoria-run event. In such instances, Triple Zero Victoria may provide your name, email address, dietary requirements and RSVP information to SmartSheet, and any additional information you provide which is relevant to the event. Such information will be subject to SmartSheet’s privacy policy which can be found at SmartSheet: Privacy Notice.

How does Triple Zero Victoria ensure that information is accurate and up-to-date?

Triple Zero Victoria takes reasonable steps to ensure that personal and heath information held is accurate, complete and up-to-date. Usually, Triple Zero Victoria relies on individuals to provide accurate and current information in the first instance, and to notify when circumstances or details change.

How does Triple Zero Victoria store and protect information?

Triple Zero Victoria has security measures aimed at protecting personal and health information from misuse, loss, unauthorised access or disclosure. Stored information is also archived in accordance with the Public Records Act 1973, which determines when it is appropriate to retain or dispose of it.

How can individuals access information held by Triple Zero Victoria?

Information on how you can access information held by Triple Zero Victoria, including under Freedom of Information (FOI), is set out on our webpage about making a Freedom of Infomation application.

How does Triple Zero Victoria handle complaints about privacy?

Triple Zero Victoria undertakes to resolve privacy complaints in a timely, fair and reasoned way.

Triple Zero Victoria employs conduct management policies to address any alleged privacy breaches by employees. It also maintains an Incident Management Framework to help manage any breach caused by a system, process or other failure.

Contact the Privacy Officer if you would like to report a breach of privacy:

• Email privacy@triplezero.vic.gov.au
• Write to: General Counsel and Board Secretary – Privacy Officer, 33 Lakeside Drive, Burwood East VIC 3151

You can also request that incorrect information be amended.

The following information is specifically about privacy for the Victorian Homebuyer Fund.

1.1 About this statement

1. In this statement, “we”, "our" or “us” means the State of Victoria through the Department of Treasury and Finance as the Scheme Provider and includes the Scheme Administrative Agent appointed by the Scheme Provider to administer the Victorian Homebuyer Fund (“Homebuyer Scheme”).
2. This statement describes our policy for how we will handle your personal information and health information in connection with the Homebuyer Scheme. During the Homebuyer Scheme, we may update this statement to reflect any changes to the scheme or to our information handling practices. The most up-to-date version of this statement is available here or you can ask us to send you a copy.
3. We are committed to respecting the rights of individuals to the privacy of their personal information. We have policies and procedures in place for the appropriate management and protection of personal information, including any health information collected about them, in accordance with all applicable laws, including the Victorian First Home Owner Grant and Home Buyer Schemes Act 2000, Privacy and Data Protection Act 2014 and the Health Records Act 2001.

1.2 What information do we collect?

1. During the application process for and your participation in the Homebuyer Scheme, we may collect your personal information, including your sensitive information and health information (these terms are defined below). This includes the details of:
   1. your income
   2. your identity (such as your name, address, date of birth, gender and relationship status)
   3. evidence of your identity (such as your driver’s licence, passport and proof of age card)
   4. your tax records
   5. your residency status
   6. your employment
   7. your home loan (including any refinancing)
   8. your principal repayments of your home loan
   9. our interest in the property you have acquired through the Homebuyer Scheme
   10. action you take in connection with your property, including its maintenance, insurance and occupation
   11. your dealings with us
   12. credit reports
2. What is personal information?
   Personal information is any information or an opinion that is recorded in any form and whether true or not, about you, where your identity is apparent to, or can reasonably be ascertained, from the information or opinion.
3. What is sensitive information?
   Sensitive information is a special category of your personal information. It means information or an opinion about your racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices or criminal record that is also your personal information.
4. What is health information?
   Health information includes the following information or an opinion about you that is also personal information:
   1. your physical, mental or psychological health (at any time)
   2. a disability you have (at any time)
   3. your expressed wishes about the future provision of health services to you
   4. a health service provided, or to be provided, to you

1.3 How do we collect your information?

1. We collect personal information about you when you deal with us in some way. This includes when you:
   1. submit an application to participate in the Homebuyer Scheme
   2. send us your annual review information
   3. visit this website (see part 6 below for more information regarding this website)
   4. contact us (for example, to get our approval to do something or to make a complaint)
2. We may collect personal information about you from other entities or people that are involved in the Homebuyer Scheme.
3. This includes:
   1. your co-participant(s) in the Homebuyer Scheme, if any (for example, if you applied jointly with your partner, we may collect information about you from your partner)
   2. the Department of Treasury and Finance (as the Scheme Provider)
   3. the Scheme Administrative Agent (currently the Commissioner of State Revenue supported by the State Revue Office)
   4. the financial institutions on the Homebuyer panel (currently, Bendigo Bank Adelaide and Bank Australia)
   5. your insurance provider
   6. your conveyancer or solicitor
   7. Valuer-General Victoria
   8. Land Use Victoria (Land Titles Office)
   9. Residential Tenancies Bonds Authority
   10. Community Group Provider if you identify as Aboriginal or Torres Strait Islander
   11. other government agencies, law enforcement agencies or regulators
4. If you do not provide your personal information when requested for the purposes described in Part 1.4 below, we will not be able to assess whether you are eligible to participate in the Homebuyer Scheme or, if you are already participating in the Homebuyer Scheme, whether you are meeting the continuing eligibility criteria or may be in breach of your obligations under our agreements with you. The latter may require you to exit the Scheme early and repay the Victorian Government’s proportional interest amount.

1.4 How do we use your information?

1. We use or share your personal information only for the purpose for which it was collected, as explained below, or for a related purpose that you would reasonably expect us to use or share that information.
2. We collect, use and share your personal information to administer the Homebuyer Scheme, which includes to:
   1. confirm your identity
   2. assess your initial eligibility, and continuing eligibility, to participate in the Homebuyer Scheme
   3. assign you a scheme identifier
   4. manage our relationship with you, and your chosen panel financier
   5. check whether you are complying with your obligations under your agreements with us and enforce them
   6. allow us to perform our obligations and exercise our rights under your agreements with us
   7. assist us to make decisions under your agreements with us (such as whether to approve your requests or take certain steps)
   8. investigate fraud or other illegal activities
   9. comply with laws and assist government or law enforcement agencies
   10. evaluate the Homebuyer Scheme
   11. contact you
   12. respond to any complaints you make or questions you have
3. Occasionally, we may be required or authorised by law (including privacy legislation and/or other laws) to use your personal information for another purpose.

1.5 Who do we share your information with?

1. We may share your personal information with other entities or people that are involved in the Homebuyer Scheme for the purposes described in Part 4 above. These people include:
   1. your co-participants in the Homebuyer Scheme
   2. Department of Treasury and Finance (as the Scheme Provider)
   3. the Scheme Administrative Agent (currently the Commissioner of State Revenue supported by the State Revue Office)
   4. the financial institutions on the Homebuyer panel (currently, Bendigo Bank Adelaide and Bank Australia)
   5. your conveyancer or solicitor
   6. your insurance provider
   7. Valuer-General Victoria
   8. Land Use Victoria (Land Titles Office)
   9. Residential Tenancies Bonds Authority
   10. Community Group Provider if you identify as Aboriginal or Torres Strait Islander
   11. other government agencies, law enforcement agencies or regulators
   12. our professional advisers
   13. (xiii) a potential assignee, novatee or transferee of our or the financial institution’s obligations under your agreements with us and their advisers and contractors
2. Occasionally, we may be authorised or required by law (including privacy legislation and/or other laws) to share your personal information with other entities or people.
3. We ensure that any transfer of personal information outside Victoria is in accordance with applicable privacy and health records legislation.

Collection notices - Eventbrite and MailChimp

The personal information provided by you in subscribing to an electronic newsletter or registering to attend an Enablers event will be handled in accordance with the provisions of the Victorian Privacy and Data Protection Act 2014.

As required by the Act the following information is provided to you pursuant to Information Privacy Principle 1.3:

• the Victorian Public Sector Enablers Network is the responsible entity; you are able to gain access to, and, if necessary, request correction of, the information you have provided by contacting Enablers at vps.enablersnetwork@dpc.vic.gov.au
• the personal information is being collected on behalf of the Enablers Network to assist it with managing newsletter subscriptions and the registry function associated with attendance at Enablers Network events
• you will see when you are directed to the respective websites it will be mandatory to provide some personal information (i.e. it is not possible to subscribe to a newsletter or register interest in attending an event anonymously)
• the information you provide will only be used by Enablers Network office bearers and employees to facilitate newsletter subscriptions and event attendances
• the main consequences if all, or part, of the requested information is not provided is that the Enablers Network would not be in a position to consider the subscription or event attendance request

This collection notice explains how the VPS Pride Network (the Network) handles personal information which you may provide when you subscribe to our e-newsletter, sign up for an event or submit a nomination to the VPS Pride Awards (the Awards).

The Network collects this data using:

• Mailchimp, a third party Marketing platform. View Mailchimp's privacy policy.
• Google Forms, a third party online form platform. View Google’s privacy policy.
• Humanitix, a third party event registration platform. View Humanitix’s privacy policy.
• Engage Victoria, the Victorian Government's Online Consultation platform provided by the State of Victoria through the Department of Government Services and supported by Harvest Digital Planning. View Engage Victoria’s Privacy Policy.

The personal information that you submit to us is collected in order to provide information services to you which in turn facilitates:

• communicating updates about the Network and/or an event
• judging the VPS Pride Awards
• the co-ordination of meetings, and advocacy and fundraising activities.

Servers for the third party applications are located in Australia and overseas. Mailchimp, Humanitix and Google require their subcontractors to deal with such personal information in a manner that is consistent with the Australian Privacy Principles but they cannot guarantee the security of your personal information.

Mailchimp, Humanitix and Google comply with the Australian Privacy Act. If you are unsatisfied with a response to a privacy matter then you may consult either an independent advisor or contact the Office of the Australian Information Commissioner for additional help.

Engage Victoria will handle your information in accordance with the Information Privacy Principles contained in the Privacy Data and Protection Act 2014 (Vic). If you are unsatisfied with a response to a privacy matter then you may consult either an independent advisor or contact the Office of the Victorian Information Commissioner for additional help.

You have the option of not providing certain information requested by the Network. However, you should note that this may prevent the Network from providing membership information services to you and managing its various activities and Programs.

If you need to change or update your details, you can do so by clicking the update subscription preferences link at the bottom of the e-newsletter or by contacting the VPS Pride Network.

Collection notice for WoCN e-newsletter

This collection notice explains how the VPS Women of Colour Network (WoCN) handles personal information which you may provide when subscribing to the WoCN e-newsletter.

WoCN collects this data using Mailchimp, a third party Marketing platform. View Mailchimp's privacy policy.

Your name and email address will be collected for the purpose of communicating updates about the WoCN.

There serves are located in the United States. All of their subcontractors, however, are required to comply with the Australian Privacy Act in relation to the transfer or storage of Personal Information overseas.

Mailchimp complies with the Australian Privacy Act. If you are unsatisfied with our response to a privacy matter then you may consult either an independent advisor or contact the Office of the Australian Information Commissioner for additional help.

If you need to change or update your details, you can do so by emailing vpswoc@gmail.com

Wage Inspectorate Victoria is an independent statutory body established by the Wage Theft Act 2020.

In addition to the Wage Theft Act, we also have responsibility for administrating the following Acts:

• Child Employment Act 2003
• Long Service Leave Act 2018
• Owner Driver and Forestry Contractors Act 2005.

We are a ‘law enforcement agency’ for the purposes of the Privacy and Data Protection Act.

What does this privacy notice do?

When you access the Wage Inspectorate’s website, we may collect a range of personal and/or sensitive information. Personal information is recorded information about an individual whose identity is apparent and can be reasonably be ascertained from that information. Sensitive information is information about an individual’s race or ethnicity, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices, or criminal record.

This privacy notice tells you what information we collect and why, how we use and disclose the personal information we hold and how we protect and maintain the quality and security of that information. This notice also explains how you can correct and access the personal and/or sensitive information we hold about you and how to make a complaint about a privacy matter.

What information do we collect and why?

We collect information to enable us to perform our functions and to fulfil our responsibilities under the Wage Theft Act 2020, Child Employment Act 2003, Long Service Leave Act 2018 and Owner Driver and Forestry Contractors Act 2005, as well as any other applicable laws.

You can also read the following pages which provide further information about our functions:

• Child Employment Act
• Long Service Leave Act
• Owner Driver and Forestry Contractors Act
• Wage Theft Act

Personal information may be provided to us by complainants, government agencies, members of the public, employees and other third parties.

The types of personal information we may collect include a person’s name, address, contact details, details of a person’s employment and information about a person’s personal circumstances. Providing sensitive information to us is always optional.

Sometimes, we will receive information inadvertently, for example if it is included in a complaint from a member of the public, or in employment documents that have been provided as information relating to an alleged offence. We will not use or disclose sensitive or health information, except as permitted or required by law.

Personal information is collected by us in a variety of ways, including but not limited to:

• from a member of the public via our website or an email or phone call to us
• in documents or written or oral statements obtained by us for the purposes of investigating or prosecuting possible offences under the laws that it is responsible for, where oral statements may be recorded
• managing the employment of staff or recruitment purposes
• information shared between law enforcement agencies as authorised by law.

Where possible, we will collect personal information directly from the individual that it relates to. However, we are likely to collect information about an individual from other individuals and may collect information about an individual from other agencies, publicly available sources or third parties (including through its social media platforms) where it is necessary to perform our functions.

Individuals have the option of remaining anonymous when interacting with us where their identity is not necessary for us to perform the relevant functions or activities.

When collecting personal information from an individual, we will take reasonable steps to advise that individual of:

• what information is being sought and why
• whether and to whom we usually disclose that kind of information
• whether any law requires the collection of the information
• how the individual can contact us or the Office of the Victorian Information Commissioner (OVIC) (the regulator with oversight of information access, privacy and data protection) with any questions or concerns about how the information is being handled
• the main consequences, if any, of not providing the information.

Use and disclosures of personal information

We will only use or disclose personal information where it is necessary to carry out our functions.

We will only use or disclose personal information about an individual for the purpose that it was collected, except in the circumstances permitted in by the Privacy Legislation. The main situations in which this may occur are where:

• the purpose is related to the initial purpose of collection and the individual would reasonably expect us to use or disclose the information for that purpose
• the individual has consented to the use or disclosure for that purpose
• we have reason to suspect that unlawful activity has been or is being engaged in and the use or disclosure is necessary for its investigation of the matter or to report the matter to the relevant authority
• the use or disclosure is required or authorised by or under law.

When we disclose information that contains personal information to another individual or body (third party), we will take reasonable steps to preserve the privacy of the relevant individuals, for example by redacting personal information that is not relevant or required for the purposes of providing the information or by ensuring that the other individual or body is required to protect the privacy of that information.

The main third parties that we may disclose information that is likely to contain personal information are:

• the Victorian Inspectorate, where we are required to provide written reports following the exercise of certain powers under the Wage Theft Act
• Victoria Police, or other law enforcement agencies to assist in its investigations or for other law enforcement purposes
• the Office of Public Prosecutions, to assist with advice sought or the conduct of a criminal prosecution
• the Magistrates’ Court of Victoria, for the purposes of applying for a search warrant or in relation to prosecutions under the Wage Theft Act.

Where necessary and appropriate, we will take steps to ensure that any recipient of personal information provided by us is aware of and complies with the Privacy Legislation and any other applicable privacy and confidentiality obligations.

Social media

The Wage Inspectorate uses third party social media platforms to promote content and engage with the public. Our social media channels include:

• Facebook
• LinkedIn
• Twitter

We use Sprout Social to manage our social media accounts. Information collected by our social media accounts is also shared with Sprout Social.

We have social media sharing links on our website. These are located on the right-hand side of our webpages under the heading 'Share this page'. By clicking these links, you are given the option to share the webpage as a post on your social media account (Twitter, Facebook or LinkedIn). These social media networks may collect your personal information for their own purposes.

If you choose to engage with the Wage Inspectorate via social media, you should be aware of the following:

• If you engage with the Wage Inspectorate on a social media channel, we may contact you via a direct message to ask for contact information so that an officer can contact you to provide assistance. If you provide contact details, this information will be collected in the Wage Inspectorate’s customer management system to enable an officer to contact you.
• We use a social media archiving tool called Brolly to capture the Wage Inspectorate’s interactions on social media and archive them in accordance with the Government’s record keeping obligations under the Public Records Act 1973. Brolly captures and stores social media records for us, including each status update, tweet, post, private message, and comment on the Wage Inspectorate’s social media pages. This information is stored on Australian servers in compliance with Australian privacy laws. You can access Brolly’s Privacy Policy.
• We may delete a public comment or post on a Wage Inspectorate platform in accordance with our Social Media Moderation Guidelines. The Wage Inspectorate will take a screenshot of the interaction to keep a record of the decision to delete it. Any personal information contained in the screenshot will not be used or disclosed by the Wage Inspectorate, except to the extent that it is necessary to review the decision or for the purposes of an investigation conducted by the Wage Inspectorate.
• Any information you post on social media is potentially accessible to anyone else engaging on that platform – we strongly recommend you regularly check and configure your privacy settings to make sure you know what information you are making available.

Information security

Under the Privacy Legislation, we have a responsibility to protect the personal and health information we have retained, as well as general obligations to protect the data we hold. We take reasonable steps to protect any personal information that we hold from misuse and loss, and from unauthorised access, modification or disclosure.

We have secure office premises and a security pass entry system for employees and contractors to enter the premises. We take reasonable steps to protect our files from outside or unauthorised access.

Access to systems, applications, and the information that we collect is limited to authorised staff members only. Our information technology arrangements incorporate a range of data security measures.

Our staff receive training on their responsibilities and obligations under Privacy Legislation and the Privacy Statement. If we become aware that an individual’s personal information has not been handled in accordance with the Privacy Legislation, we will take reasonable steps to inform the relevant individual(s) and take appropriate action to ensure that it does not happen again.

Information quality

We rely on people providing accurate information and notifying us when they become aware that information is incorrect or out of date. However, we will take reasonable steps to ensure that the information that we collect, use or disclose is accurate, complete and up to date.

If an individual is aware that we hold personal information about them that is not accurate, complete and up to date, they can notify us to correct that information. If an individual can provide proof of the correct information, we will take steps to correct the personal information.

We will archive or destroy all personal information retained by it in accordance with the Public Records Act 1973 and the applicable Retention and Disposal Authority, or any other applicable law.

Access to information

If you want to access information that we hold about you, you can contact us and submit a written request. We may contact you to establish your identity before releasing the information.

You may also make a request under the Freedom of Information Act 1982. Depending on the nature of the request, fees may apply.

Visit our website for more information on how to Make a Freedom of Information Request.

How to make a privacy complaint

If you are not happy with how we have handled your personal information, please let us know. We aim to resolve all complaints quickly and fairly.

You can make a privacy complaint about how we have handled your personal information by contacting our Privacy Officer.

• Post: Wage Inspectorate Victoria, GPO Box 4912, Melbourne, VIC, 3001
• Email: privacy@wageinspectorate.vic.gov.au