This site is owned and operated by Bass Coast Shire Council using software licensed from Harvest Digital Planning (Harvest). For details on how Bass Coast Shire Council collects and protects your personal information, refer to their Privacy Policy below. For details of how Harvest may access personal information, please refer to Harvest’s Privacy Policy.

Privacy and Data Protection Policy

Preamble

The Privacy and Data Protection Act 2014 (Vic) (Act) governs the way in which Council needs to responsibly collect, handle and protect personal information and ensure data security. This policy outlines the requirements for the capture and ongoing management of personal and health information and will set clear expectations for its appropriate use.

Scope

This policy applies to all Council Employees, Councillors, Contractors and Volunteers. This policy applies to personal information and health information held by Council. The data protection sections of the Act only applies to services contracted by Federal and State Government bodies and does not apply to Council information at this stage.

Policy objectives

To responsibly manage any personal or health information Council handles; • Provides a framework for the collection, use and disclosure of personal and health information of all individuals; • Comply with the Act and the Health Records Act 2001; • To ensure Council adheres to the Information Privacy Principles contained within the Act.

Policy statement

Council is committed to protecting individual’s right to privacy with the responsible and fair handling of personal and health information, consistent with the Act and the Health Records Act 2001.

Information Privacy Principles

Council’s Information Privacy Principles (Appendices 2); outline the way in which Council captures, manages, uses and discloses personal and health information in accordance with the Act.

External Contractors

Council may outsource some of its functions to third parties (contractors). This may require the contractor to collect, use or disclose certain personal information. Council will take reasonable steps to ensure that contractors comply with the Act and this Policy in all respects.

Complaints

If an individual feels aggrieved by Council's handling of his or her personal information, the individual may make a complaint to Council’s Privacy Officer. The complaint will be investigated as soon as possible from date of receipt (but no later than 5 business days) and the person will be provided with a written response. Alternatively, the person may make a complaint to the Commissioner for Privacy and Data Protection

Reference to other documents

  • • Privacy and Data Protection Act 2014 (Vic)
  • • Freedom of Information Act 1982 • Health Records Act 2001
  • • Electronic Transactions Act 2000 (Vic)
  • • Public Records Act 1973

Review process

This Policy is to be reviewed by Council every three years of it coming into operation or within 6 months of any changes to the Act. Council may amend this Policy at any time

Accountability process

Responsibilities:

All Council Employees, Councillors, Contractors and Volunteers are responsible for adhering to and implementing this policy. Adherence to the Act will be overseen by the Chief Executive Officer. The Information Privacy Officer is responsible for the review of this policy and development of any associated procedures

For more information see Privacy and Data Protection Policy on our website.