VicHealth is committed to protecting the privacy of personal information in accordance with the Information Privacy Principles (IPPs), which are set out in the Privacy and Data Protection Act 2014.
The IPPs govern the collection, use, handling and disclosure of personal and sensitive information.
This Privacy Statement explains how VicHealth will handle your personal information when you access and interact with this Website.
What is personal information?
For the purposes of this Privacy Statement, the term ‘personal information’ has the same meaning as provided in the Privacy and Data Protection Act 2014, that being:
‘information or an opinion (including information or an opinion forming part of a database), that is recorded in any form and whether true or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion’.
Collection of personal information
It is intended that this Website can be used anonymously. However, for some functions, the collection of personal information is necessary or unavoidable.
Examples of where it may be necessary or unavoidable for VicHealth to collect your personal information via this Website may include when you or another person:
- submit electronic forms via this Website
- respond to an online survey which we may conduct on this Website
- provide any message or comment to us on this Website
- participate in any competition or challenge (including but not limited to research projects, funding and sponsorship programs) we may run from time to time on this Website
- click through to the Website from any email from VicHealth or
- subscribe to receive newsletters or other services on this Website.
In most cases, you will know if we are collecting your personal information because you will be requested to provide it.
There are two exceptions to this:
- When another person provides your personal information to us. VicHealth cannot prevent this. However if you become aware of this, you are entitled to contact us and request that we correct any information we hold about you if you believe that the information is not accurate, complete and up to date (see Accessing and correcting personal information.)
- When we collect website visitation statistics using a web analytics service (see Cookies and Measuring the usage of our Website).
Use and disclosure of personal information
We will only use personal information provided for the purposes for which it was collected, or for a secondary purpose where we are permitted to do so under the Privacy and Data Protection Act, 2014.
We may disclose personal information to third parties engaged to carry out services on behalf of VicHealth, to third parties involved in any restructuring of VicHealth as an organisation, and if required by law.
You can configure your browser to notify you when you receive a cookie, providing you with the opportunity to either accept or reject it. You can also refuse all cookies by turning them off in your browser or deleting all cookies from your computer.
Measuring the usage of our websites
VicHealth uses Google Analytics, Monsido and Hotjar to collect data to track how our visitors interact with this Website. This data includes statistical data about the website usage (e.g. number of visits to each page, time spent on page etc.), about the users (e.g. where they came from, what actions they undertook on the site) and heatmap data on how users interact with pages.
This Privacy Statement applies only to the VicHealth website and does not apply to Linked Sites.
When accessing Linked Sites from any hyperlink appearing on this website, we recommend that you read any applicable privacy statement or policy applicable to that Linked Site.
Accessing and correcting personal information
You may request access, at any time, to any personal information we may have collected about you.
We will take reasonable steps to ensure that personal information is accurate, complete and up to date whenever VicHealth collects, discloses or uses it.
You may also request that we correct your personal information if you think it is not accurate, complete or up to date.
You may request that any of your personal information held by VicHealth is removed from our records, except where we need to retain or use your personal in order to continue providing services requested by you or for relevant administrative or procedural matters (such as legal disputes).
Managing privacy and data breaches
VicHealth has procedures in place to detect and manage privacy and data breaches. These follow Victorian Government requirements. If you suspect information supplied to VicHealth has been breached, please contact the Privacy Officer. The Privacy Officer will work with the Office of the Victorian Information Commissioner (OVIC) to manage the breach.
If a possible breach has occurred with data collected by a contracted third party as part of work funded by VicHealth. it is recommended you first consult with the third party directly, however please contact the Privacy Officer using the contact details below if you need further support.
How to make privacy enquiries
Should you wish to gain access to, request the correction of, your personal information held by VicHealth, you wish to report a privacy breach, or if you have any other general enquiries relating to this Privacy Statement, please contact the VicHealth Privacy Officer at:
or write to us at:
PO Box 13137
LAW COURTS VIC 8010