Privacy

The Royal Botanic Gardens Victoria (RBGV) is committed to protecting personal and sensitive information consistent with the principles set out in the Victorian Privacy and Data Protection Act 2014.

This Privacy Statement applies to the whole Royal Botanic Gardens Victoria website. It does not apply to linked websites (you should familiarise yourself with the privacy statement of any site you link to).


Privacy Policy

The RBGV values and protects the personal information it collects in the course of undertaking its responsibilities and continues to demonstrate a strong culture of protecting the confidentiality and privacy of members of the community. All personal and health information RBGV collects is handled in accordance with the Privacy and Data Protection Act 2014 and the Health Records Act 2001. RBGV’s Privacy Policy describes the way personal information will be handled by the organisation.

Definitions

Personal information is information about you, whether fact or opinion, from which your identity could be reasonably ascertained. The amount and type of information RBGV collects about you depends upon the nature of the RBGV’s relationship with you and your requirements from the RBGV.

Sensitive information is information about a person’s race or ethnicity, political opinions, religious or philosophical beliefs, sexual preferences or practices, criminal record, or membership details, such as trade unions or professional, political or trade associations.

Health information is information about a living or deceased person’s physical, mental or psychological health.

Collection of personal information

The information collected by the RBGV covers a wide range of activities relating to the management of the Gardens, scientific research and public programs for the community.

The RBGV collects personal information only when it is necessary for its functions or services, this includes the information needed to manage or administer those functions or services.

Information is collected wherever possible from you directly. Our aim is to collect it lawfully, fairly and without undue intrusion. At the time information is collected, the RBGV will advise you in general terms of any other individuals or organisations that have access to the information and whether there are any consequences of not providing the information.

If the RBGV needs to collect ‘sensitive’ personal information about you, your consent will be sought to do so.

Use and disclosure of personal information

The RBGV uses information only for the purpose for which it was collected or a logically related purpose you would reasonably expect (in the case of sensitive information, a directly related purpose) unless you have consented to another specific use. In some circumstances, RBGV is required or authorised by law to release information to other government agencies, law enforcement bodies or to prevent serious and imminent threat to an individual’s life, health or welfare.

Data quality

The RBGV takes reasonable steps to ensure that personal information held is accurate, complete and up to date. Usually, the RBGV relies upon you to provide accurate and current information and to notify the RBGV should your circumstances and details change.

Data security

The RBGV aims to protect your personal information from misuse, loss, unauthorised access, modification or disclosure. Stored information is also held in accordance with the Public Records Act 1983, which determines when it is appropriate to retain or dispose of it.

Interstate transfer of information

The RBGV only transfers personally identifying information outside the state of Victoria where this is required for the purpose for which it was collected or if required by law. The RBGV seeks to ensure the information is afforded the same level of privacy protection it would receive in Victoria.

Unique identifiers

The RBGV only assigns or adopts a unique identifier for an individual if it is necessary, authorised by law or with consent. The RBGV does not use as its own identifier an identifier assigned by another organisation.

Anonymity

Wherever it is practicable and lawful, the RBGV seeks to allow you to interact anonymously with the RBGV.

Access and correction

It is the RBGV’s policy that where appropriate simple requests that involve information relating only to you, which is easy to retrieve and of a small quantity may be dealt with informally. You can submit the Request for Access to Personal Information Form. In some situations, an individual will have to make a formal Freedom of Information request (for example, if a third party’s privacy is involved).

Complaints

The RBGV undertakes to resolve privacy complaints in a timely, fair and reasoned way.

If you consider your privacy has been breached or interfered with you can make a complaint. If you have been dealing with a specific area of the RBGV, contact that area and ask to speak with the person in charge or the person you have been dealing with.

You can contact the Privacy Officer on 9252 2300 or complete the Privacy Complaint Form (PDF - 155 kB) and address your concerns in writing to:

Privacy Officer
Royal Botanic Gardens Victoria
Private Bag 2000
South Yarra VIC 3141

or

privacy@rbg.vic.gov.au


Information Privacy Principles

The ten Information Privacy Principles (IPPs) are contained in Schedule 1 to the Privacy and Data Protection Act 2014 (PDP Act). With limited exemptions, all Victorian Government organisations, contracted service providers and local councils must comply with these principles. This is a short summary of the IPPs, which is intended to provide a guide only. For any detailed analysis, please refer to the full text of the IPPs in Schedule 1 of the PDP Act.

1. Collection

The RBGV can only collect your personal information if it is necessary to fulfil its functions. It must collect information only by lawful and fair means and not in an unreasonably intrusive way. It must provide you with notice of the collection, including such things as the purpose of collection and how you can access the information. This is usually done through provision of a Collection Notice that is consistent with the Royal Botanic Gardens Victoria’s (RBGV’s) Privacy Policy.

2. Use and Disclosure

Your personal information can only be used and disclosed for the primary purpose for which it was collected, and for a secondary purpose that you would reasonably expect in other limited circumstances. It is best that the RBGV gets your consent, but the law allows some uses without consent, such as for law enforcement purposes and to protect public safety.

3. Data Quality

The RBGV must keep your personal information accurate, complete and up to date.

4. Data Security

Your personal information must be protected from misuse, loss, unauthorised access, modification or disclosure. The RBGV must take reasonable steps to destroy or permanently de-identify your personal information when it is no longer needed.

5. Openness

The RBGV must have clearly expressed policies on the way in which it manages personal information. You can ask to view the RBGV’s Privacy Policy.

6. Access and Correction

You have a right to seek access to your own personal information and to make corrections if necessary. The RBGV may only refuse access in limited circumstances that are detailed in the PDP Act, for example where disclosure might threaten someone’s safety.

7. Unique Identifiers

Unique identifiers, usually a number, can facilitate data matching. Use of unique identifiers is only allowed where the RBGV can demonstrate that the assignment is necessary to carry out its functions efficiently. There are also restrictions, which are detailed in the PDP Act, on how organisations use unique identifiers assigned by other organisations.

8. Anonymity

Where lawful and feasible, you should have the option of transacting with the RBGV without identifying yourself.

9. Transborder Data Flows

If your personal information travels outside Victoria, your privacy protection should travel with it.

10. Sensitive Information

This information includes your racial or ethnic origin, political opinions and membership of political associations, religious or philosophical beliefs, membership of professional or trade associations or trade unions, sexual preferences or practices, and criminal record. The law puts special restrictions on its collection.

 


Access to personal information

Informal access to personal information may be given to an individual requesting information about themselves when:

1. It is easy to find and retrieve

This means the information:

  • Is held locally in the office where the request has been made
  • Is held on an open file (relating to a current service/product)
  • Is held in a currently used database
  • Is clearly identified or associated with the name of the applicant
  • Can be retrieved easily by an officer with authority to release information to you.

2. It is a small volume of information

3. It is easy to separate from other information

A person’s information will often be mixed with information relating to other people. Some information is prohibited or ‘exempt’ from release under the Freedom of Information Act 1982 (FOI Act), because the public interest in withholding it outweighs the interest in providing access to it.

4. It does not identify another person

Other individuals’ privacy must be protected when a request for access is made by someone about information relating to themselves. For the information to be released there should be no information incorporated in it that identifies someone else (including family members).

5. It does not relate to a current court case or other sensitive issue

This includes information relating to law enforcement activities, protecting the capacity of enforcement bodies to enforce the law or to protect national security, or relating to an investigation of possible unlawful activity. It also means information relating to legal proceedings, protecting documents which would be privileged in a court or tribunal.

6. It does not relate to a commercial negotiation

The information is not about a negotiation, where providing access would expose the Royal Botanic Gardens Victoria (RBGV) to unreasonable disadvantage.

7. It is not a repeated or obviously vexatious request

The information has not been previously requested by the applicant and released or refused.

8. It is not a document prohibited from access under other laws

The information is not contained in a document prohibited from access under other laws, such as the FOI Act.

9. It is not a document that would result in harm if released

The information is clearly marked as provided in confidence or is information that would be potentially harmful if released. If released, the information could cause serious threat to an individual’s life, health or welfare, or public health, safety or welfare.

To apply for informal access, complete the Informal Access Form (PDF - 67 kB) and send it to:

Privacy Officer
Royal Botanic Gardens Victoria
Private Bag 2000
South Yarra VIC 3141

or

privacy@rbg.vic.gov.au

Last updated 25 May 2016