Our privacy and security policy

This Privacy Policy describes how we collect and use information when you interact with Service Victoria, a portfolio entity of the Department of Government Services.

Our collection, use and disclosure of your personal information is bound by the Privacy and Data Protection Act 2014 (Vic) (the Act). We will only collect and use personal information in accordance with this Act and the Information Privacy Principles. Under this Privacy Policy, ‘Personal Information’ is understood to have the same meaning as Section 3 of the Act.

By providing personal information and/or continuing to use Service Victoria you consent to your personal information being collected, used and disclosed in accordance with this Privacy and Security Policy and you also agree to Service Victoria's Terms of Use.

This privacy statement includes:

  • How we use your information
  • What information we might collect
  • Rules around access to information
  • When and why we may disclose information
  • How we protect your information
  • References and other information relating to this policy

How we will use your personal information 

Guiding principle

We will only use and disclose your information for the purpose it was collected.

We use the personal information about you to:

  • Administer the site.
  • Send you information with your consent, or as required by law.
  • Respond to queries that you have made.
  • Analyse use of the site to inform ongoing improvements and enhancements.

For example, let’s say you wanted to renew your car registration. 

The primary reason we’d collect information from you is to pass it on to VicRoads, so that they may assess your eligibility and update their records

We will retain any communications that you send to us in accordance with the Public Records Act 1973. We will store this information in a secure area within our customer management system and we will only use it in accordance with the Act or as required or authorised by law.

What information we collect

Guiding principle

We only collect the minimum amount of information required to serve you or improve your experience dealing with the government.

Information we may collect for transactions

We only store information with your permission or as required by law including:

  • Personal information, such as your name, address, contact details and date of birth.
  • Communication preferences, such as email or SMS reminders or consent to contact you.
  • A record that your identity has been verified including some information on the documents verified.
  • Payment information, such as the amount you paid, when and how you paid or credit card information.
  • Transaction information, such as your Service Victoria reference number.

Information we collect from all visitors to our website

IP address and cookies

Your IP address is a unique number assigned to the device you use to connect to the internet. It’s like your residential address in real life, but online.

A cookie is a file left on your computer when you access a website. The cookie remembers sign-in information or other preferences and helps us customise your visit to our website.

Your IP address and cookies help us collect the following information:

  • Your device information, such as if you accessed our website with your phone or laptop.
  • Your location, such as if you accessed our website from Melbourne or Ballarat.
  • Your behaviour, such as links clicked and how long you stayed on each page.

Alternatively, you can block cookies being collected by your web browser, but this will mean some parts of our website won’t work properly.

Other types of information we may collect

We may need to collect more information if we suspect:

  • Tampering or interference with our website.
  • Attempts to intercept information sent to and from our website.
  • Attempts to compromise the security of our website.
  • Behaviour breaking Australian or international laws.

When another agency receives this information that agency is also bound by Victorian privacy laws and information security standards. Your information will only be used for the purpose it was collected or where we are authorised to do so by law, such as in an emergency.

How you can access your information

Guiding principle

You have the right to access to your personal information upon your request.

Access

We will give you access to your personal information and make corrections to any personal information we hold about you, in accordance with the Privacy and Data Protection Act 2014.

Who we share your information with

Guiding principle

We will not share your details without your consent, unless required by law.

Your consent

We may also disclose personal information, if you consent to us disclosing your personal information, to third parties, in accordance with the Privacy and Data Protection Act 2014.

If we need to share your information outside Service Victoria, then we’ll explain to you what information we’re sharing and why we’re sharing it.

De-identified information

We may share de-identified information we hold with third parties or other government agencies for the purposes of improving government services, auditing, reporting, research or other legal obligations.

How we protect your information

We use security measures to reduce the likelihood of a security incident and provide protection to your personal information against loss, unauthorised access, use, modification, disclosure or other misuse. We make sure your personal information is stored, used and disposed of in a responsible manner consistent with Victorian information security standards.

How we secure your information is described in the Information Security Standards defined in the Victorian Protective Data Security Standard (VPDSS) published by the Victorian Information Commissioner.

We are a Payment Card Industry Data Security Standard (PCI-DSS) compliant service provider. We use security best practices to protect your cardholder data including processing your credit card transactions with a similarly compliant payment gateway.

Maintaining the quality of our data

Guiding principle

We will strive to keep your information accurate, complete and up to date.

How we do it

You can help us by making sure the information you provide is correct and by updating your details if they change.

Protect your access credentials

To protect your account:

  • Do not send your password to anyone by email or text message
  • Do not share one-time passwords we send to you with anybody else
  • Check for the Extended Validation Certificate indicator in your browser's address bar when accessing Service Victoria. Each browser shows the Extended Validation Certificate in a different way. Usually this is a green box or bar with a padlock icon.
  • Keep your computer up to date with vendor recommended security patches and security configuration.
  • Avoid accessing Service Victoria using untrusted networks and computers, such as at internet cafes.
  • Run anti-malware software, which is built into all modern operating systems and keep your internet browser up to date.

Don’t fall for scams and hoaxes

Scams and hoaxes attempt to maliciously gather your personal information. There are many types of scams including email, phone, advance payment, investment and ones where scammers pretend to be government departments.

Don’t click on links in emails or text messages claiming to be from Service Victoria. We’ll only send you emails you’ve consented to receive. We’ll never send you an email or SMS asking for your username, your password or your personal details.

If you do receive suspicious messages, you can report it to us and Scamwatch.

Read more about how to protect yourself online

Reporting a security issue

If you notice any issue or security concern about our website which you feel places information at risk, we need to hear from you.

Contact us about our privacy policy

Get in touch at our contact us page.

Making a complaint about our privacy policy

Message us if you wish to make a complaint about a breach of this privacy policy.

We will investigate and determine steps we will take to resolve your complaint.

Updates to this information

You should regularly review this privacy and security policy for any modifications or amendments, as your continued use of the service constitutes your deemed acceptance of the revised privacy and security policy.