Dairy Food Safety Victoria (DFSV) is strongly committed to protecting the personal information of an individual consistent with the principles contained in the Information Privacy Act 2000 (Vic) (the Act).
The Ten Information Privacy Principles contained in the Act are.
- Principle 1 – Collection
- Principle 2 – Use and Disclosure
- Principle 3 – Data Quality
- Principle 4 – Data Security
- Principle 5 – Openness
- Principle 6 – Access and Correction
- Principle 7 – Unique Identifiers
- Principle 8 – Anonymity
- Principle 9 – Trans-border Data Flows
- Principle 10 – Sensitive Information
1. Information Collection: DFSV will only collect information for the primary purpose of administering the Dairy Act 2000. Any collection will be by lawful and fair means. (Note: Fair is defined by the Privacy Commissioner as; 'without intimidation or deception'.) There are times when we may collect information from you via our website, such as information that is collected using forms on our site or where you make contact with DFSV via email. We may use your information, at an aggregate level, to help us understand the users of our web site in order to improve our services. At, or before, personal information is collected (or if that is not practicable, as soon as practicable after) about an individual, DFSV will take all reasonable steps to ensure that the individual is aware that their information has been collected, how it will be used, that the individual may access information held about them and the likely consequences of failing to provide the information.
2. Use and Disclosure: DFSV will not use or disclose personal information for reasons that are not consistent with the primary purpose of its collection, unless:
i. the individual has consented to its use or disclosure for a secondary purpose
ii. the reason for collection (the secondary purpose) is related to the primary purpose of collection and the individual would reasonably expect DFSV to use or disclose the information for the secondary purpose
iii. it is necessary for research, or the compilation or analysis of statistics, in the public interest, other than for publication in a form that identifies any particular individual and –
(a) it is impractical for DFSV to seek the individual's consent before the use or disclosure; and
(b) in the case of disclosure – DFSV reasonably believes that the recipient of the information will not disclose the information
iv. DFSV reasonably believes that the use or disclosure is necessary to lessen or prevent –
(a) a serious imminent threat to an individual's life, health, safety or welfare; or
(b) a serious threat to public health, public safety or public welfare
v. DFSV has reason to suspect that unlawful activity has been, is being or may be engaged in, and uses or discloses the personal information as a necessary part of its investigation of the matter or in reporting its concerns to relevant persons or authorities
vi. the use or disclosure is required or authorised by or under law
vii. DFSV complies with any other relevant requirement under the Use and Disclosure Principle.
At or before the time of collection of personal information, DFSV will take reasonable steps to inform an individual of the organisations or types of organisations that personal information is usually disclosed to.
3. Data Quality: DFSV will take all reasonable steps to ensure that personal information collected is accurate, complete and up-to-date.
4. Data Security: DFSV will take all reasonable steps to protect the information it holds from misuse, loss or from unauthorised access, modification or disclosure. DFSV will take reasonable steps to ensure that personal information (of individual clients and DFSV personnel) is kept physically secure and only able to be accessed by authorised employees. This includes information kept on computer databases or that, which is transmitted electronically. Information that is no longer needed will be destroyed, archived or de-identified, as applicable.
5. Openness: DFSV will make this policy, about its management of personal information, available to any interested persons upon request. DFSV will, on request, provide details, generally, about the type of personal information it holds, for what purpose it is held, and how it collects, holds, uses and discloses information.
6. Access and Correction: An individual may request in writing access to his or her personal information held by DFSV by contacting DFSV’s Privacy Officer (Manager, Governance) at:
Dairy Food Safety Victoria
Level 2, 969 Burke Road
Camberwell VIC 3124
Access will be provided except in the circumstances outlined in the Act, for example where information relates to existing or anticipated legal proceedings or where the Freedom of Information Act 1982 applies. If an individual is able to establish that personal information held by DFSV is inaccurate, incomplete or out-of-date, DFSV will take all reasonable steps to correct the information. All requests will be dealt with in accordance with the Act.
7. Identifiers: DFSV must not assign, adopt, use, disclose or require unique identifiers from individuals except for in the course of conducting normal DFSV business or if required by law. DFSV will only use or disclose unique identifiers assigned to individuals by other organisations if the individual consents to the use and disclosure or the conditions for use and disclosure set out in the Act are satisfied. DFSV will not use identifiers issued by Commonwealth agencies (e.g. Medicare numbers, tax file numbers, Social Security numbers) for identification of any individual. Note: for legal purposes, an individual’s name or ABN (Australian Business Name) is not an identifier.
8. Anonymity: Individuals may remain anonymous during interactions with DFSV (e.g. enquiries regarding DFSV's services) provided that this is lawful and practicable.
9. Transborder Data Flows: DFSV will not transfer personal information about an individual outside of Victoria unless such data transfer conforms to the reasons and conditions outlined in the Act.
10. Sensitive Information: DFSV will not collect sensitive information about an individual unless the individual has consented or such collection is required by law, or in the case of health information, specific requirements of the privacy principles have been complied with.