Privacy

Topics on this page include:

• Application of this Privacy Statement
• Information Privacy Act (Vic.) 2000: Personal information
  • Collection of personal information
  • Use and disclosure of personal information
  • Access to and correction of personal information
• Use and disclosure of personal information in relation to specific actions on this website 
  • Feedback
  • 'Ask A Question’
  • Newsletter subscriptions
  • Registering for a Business Victoria Account
  • Business Profiles
  • Online Forms and Payments
    • Submitting a form
    • Online Payments
  • Events Management System
  • Business Consultation Database
• Internet User Risks
• Internet statistical collection methods
  • Clickstream data and visitor logs
  • Web beacons
  • Cookies (General) 
• Web measurement service providers used by the Department
  • Nielsen//NetRatings
    • Use of Cookies
    • Use of Web Beacons
    • Use of Clickstream data
  • Google Analytics
    • Use of Cookies

Application of this Privacy Statement 

This privacy statement applies only to the Department and this particular website. It is consistent with the Department’s privacy policy.

This website contains links to other websites. This privacy statement does not apply to those websites.

The Department’s privacy policy is available from the Privacy Officer. You can contact the Privacy Officer at the contact details below.

Privacy Officer

DIIRD Privacy Officer

Level 31, 121 Exhibition Street
Melbourne, Vic, 3000, AUS
Tel: (+ 61 3) 9651 9749
Fax: (+ 61 3) 9651 9129
Email: privacy@diird.vic.gov.au

Information Privacy Act (Vic.) 2000: Personal information

In this privacy statement the term 'personal information' has the meaning provided in section 3 of the Information Privacy Act 2000 (Vic.) (the Privacy Act).

Personal information is information or an opinion that is recorded in any form, whether true or not, about an individual whose identity is apparent, or can reasonably be ascertained.

This Act is the legislation that regulates our collection and handling of personal information.

Detailed information about the Act is available at the Office of the Victorian Privacy Commissioner (www.privacy.vic.gov.au).

Collection of personal information

This website collects personal information when you

• provide feedback using the feedback forms
• submit an enquiry
• subscribe to a newsletter
• register for a Business Victoria Account on this website
• use the features for registered users
• make a booking for an event
• submit some types of forms

Use and disclosure of personal information

If you provide personal information, the Department’s privacy policy will regulate its use and disclosure. However, should the Department’s intended use and disclosure of personal information deviate from the Department’s general policy, a privacy statement particular to the circumstances will be made available at the time of collection.

Personal information that is collected by the Department will be used by, and disclosed to, Departmental employees or contractors whose duties require them to use it. Such employees and contractors are required to protect and handle your personal information in accordance with the Information Privacy Act 2000 (Vic.) and any other applicable legislation regulating the collection, use, disclosure, storage and destruction of personal information.

There are two exceptions when the collection of personal information is necessary or unavoidable:

1. When someone else provides the Department with your personal information. The Department cannot prevent this. However, you are entitled to access and correct any personal information about you collected by the Department. See individual types of functionality below
2. When the Department collects statistics using software techniques such as clickstream data, cookies and web beacons. For an explanation of these techniques, and how they are used, see Internet statistical collection methods and User Risks below
   

The statistics in No. 2 may qualify as personal information under the Information Privacy Act 2000 (Vic.). However, these statistics are not used to identify individual web users.

Access to and correction of personal information

You may request access to any personal information that the Department may have collected about you. Also, you may request correction of your personal information if you can establish that it is not accurate, complete or up-to-date.

The Victorian Privacy Commissioner has recommended that the appropriate means to access and correct information held by government departments is pursuant to the Freedom of Information Act 1982 (Vic.).

The Freedom of Information Officer may be contacted on the details below about access to, and correction of, personal information collected by the department or for any questions or concerns you may have arising from this privacy statement:

Freedom of Information Officer 

Level 31, 121 Exhibition Street
Melbourne, VIC, 3000, AUS
Tel: (+61 3) 9651 9749
Email: foi@diird.vic.gov.au

Use and disclosure of personal information in relation to specific actions on this website

Feedback

Feedback submitted using the online form provided will only be used by the most appropriate officer to review your comments and answer any questions. Any personal details will not be disclosed to any other person. Your email address will only be used to respond to specific queries and will not be added to any mailing list.

'Ask A Question’

Enquiries submitted through the ‘Ask A Question’ function will only be accessed by appropriate officers to answer the enquiry and ensure the quality of the response process. The enquiry may be passed on to an appropriate officer at another Local, State, or Commonwealth Government Agency.

Any personal details will not be disclosed except to those officers involved in answering your enquiry. Your email address and other contact information will only be used to respond to specific queries and will not be added to any mailing list. Your details may be used by Business Victoria to contact you for feedback on the quality of service provided.

Questions asked, and answers provided, via the 'Ask a Question' facility are stored for a period of up to 24 months. These are only used to better focus services and to provide a better user experience.

Questions and answers with personal details removed may be retained beyond 24 months to satisfy Victorian Government record-keeping responsibilities.

Newsletter subscriptions

Subscription to newsletters can be successfully carried out by either becoming a registered user (see the following) or by submitting a separate form.

In using the separate form you are only required to provide an email address. 

You can unsubscribe at anytime and your email will be deleted from our records subject to periodic reviews of the email database.

Registering for a Business Victoria Account

When registering for a Business Victoria Account on this website, the information you provide will be used for the purposes of creating an account and giving you access to a range of services including the options of subscribing to newsletters, using the booking service for business events, submitting an enquiry, saving step-by-step guides, saving search results and links, managing a business profile, and managing Government transactions (licenses, permits, and registrations).

Your details may be used by Business Victoria to contact you for feedback on the quality of service provided. The information you provide will not be used for any other purpose. You will have the option of terminating your registration. In this event your information will be deleted from the database, according to the rules outlined under ‘Data Quality & Security’ below.

There are periodic reviews of registered users. If, at some future date, you are requested to update or confirm your registered information and you do not respond, your registration will lapse and your information removed from the database. This information will be handled in accordance with the principles set out in this privacy statement. This facility is protected by Secure Socket Layer (SSL). For more information on SSL, please refer to Internet User Risks below.

Business Profiles

User and business profile details, and associated information, will be stored in this system until whichever one of the following things occurs first:

• information is deleted by the user. When information is deleted by the user it is ‘soft-deleted’ and stored for audit purposes in a secured environment for a period of up to 24 months
• records are deleted by the Department, which will only occur a minimum of 24 months after the last date of logon by the user

Voluntary site feedback will be retained in archival storage for up to 24 months

Your Business Victoria Account consists of a user registration and (optionally) one or more business profiles. You have the option of inviting another user to have access to a business profile. If you do this the user will have access to the information associated with the profile as well as access to functions associated with the business. You can cancel this access at any time.

Online Forms and Payments

The Transaction Manager allows a number of online transaction including submitting relevant forms and applying, and paying for, a licence or permit from a range of local, state and federal government agencies.

To streamline the conduct of these transactions, some of the details held in the user and business profiles (some of which may be considered personal information under the Privacy Act) may be passed to other local, sate, and federal government websites so that to pre-fill forms can be pre-filled.
In this circumstance, the initial collector and record-keeper of personal information gathered is the Department, which passes information to the receiving agency upon user consent.

All users of this facility are advised to examine the Privacy and Security policies of contributing Agencies and Departments online, or to contact the Agency or Department directly.

Business Victoria does not store the contents of any transaction but only the logs detailing that a transaction has occurred or is in progress. These are retained for audit purposes for a period of 24 months.

Submitting a form

When an application is submitted electronically the information stored within the form and attachments is:

• sent to the responsible agency (as specified on the submitting form)
• saved for recovery, re-transmission, and system maintenance purposes only

Recovery, re-transmission, and system maintenance

Recovery

Retransmission

System Maintenance
The collection of System Maintenance information is performed on anonymous aggregates and can include:

• statistics such as, volume of permits submitted
• number and types of geographical regions (council, state government seat or post code) for form submissions and online payments
• user types (numbers of registered users versus number of anonymous use)

This anonymous aggregate data may be shared with other government agencies in order to:

• contact users to collect their feedback on their use of the system
• maintain technical structures

Information may be provided to service providers contracted by DIIRD (and governed by these privacy constraints) to assist in these activities.

The information will not be sent to, examined, or used by any other third parties.

Once this information has been received by the responsible government agency, the handling of this information will be governed by that agency's terms of use and privacy policy. For information on the agency's specific policies, please contact the relevant agency as specified on the form.

No other information other than that entered on the form or the attachments is recorded or transmitted to the responsible government agency.

Online Payments

Any associated online payment is processed entirely by SecurePay. Neither DIIRD nor the Licensing Agency can access the full credit card number used to make the payment. SecurePay's privacy policy is available at www.securepay.com.au.

Events Management System

We will only ask for personal information we reasonably require to do business with you. We may also collect personal information via phone or through printed forms.
The personal information we collect depends on how you use our system. The following are some examples of the types of personal information that we may collect from you:

1. When you sign up for our events subscription service we need only your name and an email address, which we use to send the event subscription you have requested.
2. When you book an event and there is a cost to attend the event, you will need to enter in your credit card details only on the card authoriser’s secure server. See Online Payments above for full details
3. We may also use the information we collect to notify you about important changes to the website, new Business Victoria services, etc

Business Consultation Database

Government regulatory agencies and local authorities who may receive your submissions are subject to the Freedom of Information Act 1982. However, Business Victoria also complies with the Privacy Act which prohibits the dissemination of information or reuse of information, except where necessary for technical reasons.

Internet user risks

The Department does not warrant that the functions contained in the site will be uninterrupted or without error. In addition, the Department shall not be responsible for the propagation of computer worms, viruses or other harmful components transmitted from this site and other third-party sites.

The Department recommends that you ensure that your browser is equipped with updated virus protection software.

The SSL (Secure Socket Layer) protects the Business Victoria Logon facility by encryption while the user remains on the facility. Users should be aware that links from this facility may not use encryption technology and that information transferred from the facility to an unsecured site will be passed on an unsecured link. Your browser settings should be set to alert you if you are leaving a secure site. Users seeking more information about SSL in general are referred to W3C The World Wide Web Consortium where a search on the word 'SSL', or browsing the Security FAQs will provide current information.

Internet statistical collection methods

Clickstream data and visitor logs

Clickstream data refers to visitor logs and statistics that provide useful information about users’ online experience without identifying individuals. Typical clickstream data collected includes: 

• visitor's computer address (ie Internet Protocol, or IP, address) and relevant domains
• times and dates of site visits
• pages accessed (including most visited and least visited) and files downloaded
• browsers and operating systems used by visitors

Visitor logs are used on this site for statistical purposes only, and no attempt will be made to identify you or your browsing activity. When you visit the site, the Department’s Internet Service Provider (ISP) makes a record of your visits and logs the following information for statistical purposes: 

• your server address
• your top-level domain name
• the date and time of your visit to the site
• the pages accessed and documents downloaded the previous site visited
• the type of browser used

This information will only be used to update and improve the site.

Web beacons

A web beacon is a small graphic image that is placed on a page or in an email which is used to the behaviour of the user. They are related to both clickstream data and cookies. When the HTML code for the Web beacon points to a site to retrieve the image, at the same time it can pass along information such as the IP address of the computer that retrieved the image, the time the Web beacon was viewed and for how long, the type of browser that retrieved the image and previously set cookie values.

Web beacons are typically used by a third-party to monitor the activity of a site. A Web beacon can be detected by viewing the source code of a web page and looking for any IMG tags that load from a different server than the rest of the site. Turning off the browser’s cookies will prevent Web beacons from tracking the user's activity. The Web beacon will still account for an anonymous visit, but the user's unique information will not be recorded.

Web beacons are used on this site for statistical purposes only, and no attempt will be made to identify you or your browsing activity.

Cookies (General)

This site uses 'cookies' to make your experience of the site easier and more efficient. A cookie is a small data file placed on your hard drive by the web page server. A cookie cannot retrieve any other data from your hard drive, pass on a computer virus, or capture your email address. Note that the cookie will remain on your computer as a record for future visits to this website.

In using cookies the Department does not record any personal information or collect names or details of commercial transactions. In addition, the Department does not use cookies as the basis for direct marketing.

You can configure your browser to notify you when you receive a cookie, providing you with the opportunity to either accept or reject it. You can also refuse all cookies by turning them off in your browser or deleting all cookies from your computer if required.

Web measurement service providers used by the Department

The Department currently uses two web monitoring service providers. They are: 

• Nielsen//NetRatings
• Google Analytics 

Nielsen//NetRatings

Use of Cookies

 As part of the service provided by our web monitoring service provider, the Department website uses third party cookies to assist us to make your experience of our web site easier and more efficient. Third-party cookies are created by a website other than the one you are currently visiting.

The third party cookies used by the Department website are provided by Nielsen//NetRatings. These cookies collect information such as the number of visits, unique visits, documents viewed, browser type, how the site is navigated, the type of search engine used, the sections of the website visited and other website usage information.

Use of Web Beacons

The Nielsen//NetRatings service also uses web beacons. These web beacons capture every visit, and measure interactivity at the browser-level. This technology helps measure what is actually viewed on the site.

While the anonymous statistical data we collect may be aggregated and used in broader statistical analysis by either the Department or our web monitoring service provider to improve our services, at no time can we personally identify you as the source of that data.

Use of Clickstream data

Clickstream data is gathered by the Nielsen//NetRatings service and by the Department website when monitoring computer browsers in relation to the path website visitors take while moving within the Department website. In this instance, individuals are not identified only unique browsers.

Further information about how our web monitoring service provider, collects and uses information gathered over the web is available from the Nielsen//NetRatings website.

The Department uses the clickstream data provided by Nielsen//NetRatings for statistical purposes (such as the most popular searches and the times of the day that the Department is used most/least) without identifying individual users.

Google Analytics

Use of Cookies

Google Analytics uses a first-party cookie and JavaScript code to collect information about visitors to the Department. Google Analytics anonymously tracks how our visitors interact with this website, including where they came from, what they did on the site, and whether they completed any transactions on the site such as newsletter registration.