Privacy policy

Policy Statement

Accessibility

General principles

Why we collect your information

Relevant Legislation
Transport system functions and activities

Planning functions and activities

What we collect

Application, registration, and licensing information
Complaints under the Accident Towing Services Act 2007 (Vic)
Closed Circuit Television
Public transport information
Planning permits and schemes
Building activity, permits and regulation
Property ownership and land titles
Public engagement and consultations
Credit card information
Employment and recruitment information
Correspondence
Health information
Sensitive information
Unique identifiers

How we collect your information

Purposes for which we use or disclose your information

How you can access and correct your information

How we protect your information

Making a privacy complaint

Commonly Used Words

Policy Statement

The Department of Transport and Planning (DTP) values and is committed to protecting your privacy.

This Privacy Policy describes how we handle your personal information (including sensitive information) and health information when you interact with us. Our 'Commonly used words' section explains what some of our commonly used acronyms mean. The other links in this document will take you directly to the material they describe.

We will update this Privacy Policy from time-to-time and we recommend you check the version date each time you visit this page.

Accessibility

If you would like to receive a copy of this Privacy Policy in an accessible format, such as in large print or audio, please contact us.

General principles

We handle your information in accordance with the:

Privacy and Data Protection Act 2014 (Vic) (PDP Act) and the Information Privacy Principles (IPPs)
Health Records Act 2001 (Vic) (HR Act) and the Health Privacy Principles (HPPs), and
Victorian Protective Data Security Standards (VPDSS)

and with other applicable laws.

Why we collect your information

We are responsible for a range of functions and activities which relate to:

transport services, including public transport, road management, and vehicle registration and licensing and custom plates services (R&L Services and CP services); and
planning services, including planning the use, development and protection of land in Victoria, and other related services including the regulation of building works, local infrastructure and the management of land titles.

Relevant Legislation

When we perform our functions and activities we are subject to various Legislation.

We collect your personal and health information to carry out our functions or activities, under various Legislation including:

Transport Integration Act 2010 (Vic) (Transport Integration Act)
Transport (Compliance and Miscellaneous) Act 1983 (Vic) (TCM Act)
Road Safety Act 1986 (Vic) (Road Safety Act)
Planning and Environment Act 1987 (Vic) (Planning Act)
Building Act 1993 (Vic) (Building Act)
Transfer of Land Act 1958 (Vic) (ToL Act)
Local Government Act 1989 (Vic) (Local Government Act)
Subdivision Act 1988 (Vic) (Subdivision Act)
Public Administration Act 2004 (Vic4) (Public Administration Act),

and where otherwise permitted by law.

A full list of the transport legislation and regulations applicable to us can be found on the Transport legislation and regulation webpage. A list of the planning legislation and regulations applicable to us can be found on the Planning legislation webpage.

Transport system functions and activities

We are responsible for overseeing, planning, delivering and operating Victoria's transport system in a way that responds to the needs of the people and freight that travel on it. We carry out a range of activities which relate to:

public transport, road management, including road safety strategies, vehicle registration and driver licensing
procuring, developing, constructing and commissioning transport infrastructure
providing technical, project management, consultancy, data and information services relating to the transport system
carrying out enforcement functions permitted by law
developing regulatory policy, legislation and regulations.

We work closely with the Major Transport Infrastructure Authority (MTIA) and the Suburban Rail Loop Authority (SRLA) in planning, delivery and construction of major transport and rail projects to deliver Victoria's Big Build.

Find out more about MTIA and SRLA privacy practices

Since 29 June 2022, a joint venture partner, R&L Services Victoria Pty Ltd (R&L Services), has performed the R&L Services and CP services on our behalf. We will continue to be responsible for R&L Services functions and any personal information collected and used by it. Any personal information handled by R&L Services and CP Services is subject to the applicable privacy laws and security requirements, and the R&L Services Privacy Policy and the CP Services Privacy Policy.

Find out more information about R&L Services privacy practices.

Planning functions and activities

We are responsible for managing Victoria's planning, building and heritage systems. We carry out a broad range of activities such as:

developing long-term, integrated land use strategies and policies
urban development and enabling government's infrastructure strategies, programs, and proposals for the use, development or protection of land and planning policy or requirements
issuing permits for land use or development and related matters, and co-ordinating the issue of permits with related approvals
the safety and health of people who use buildings and places of public entertainment, and to enhance the amenity of buildings
the transfer or dealings in land and maintaining related registers regarding land titles
statutory responsibilities and carrying out enforcement functions permitted by law
stakeholder engagement and community participation
compliance with reporting requirements
investigating incidents and/or defending any legal claims against DTP or its members, officers, or employees
developing regulatory policy, legislation and regulations.

What we collect

We only collect the information necessary for our functions and activities, including:

personal information, such as your name, age, gender, job information, photograph, email address, home address, and other contact details, as well as your property information
health information, such as any medical conditions which may be relevant to assessing your fitness to drive a motor vehicle.

We may also collect other kinds of information relating to your use of our websites. This may include your IP address and the date and time stamp of your visit. You can find more information about our website collection practices in our website privacy statement.

We may collect your sensitive information in circumstances where we are required to do so by law, or when we connect it with your consent.

We may also collect information from you that is not personal information but which is provided to us for research purposes, or for other purposes. We respect your choice to remain anonymous, and you may interact with us anonymously where it is lawful and practicable for you to do so. However, sometimes, it may not be possible for us to provide information, deal with a complaint or perform other activities unless we can identify you. For example, we may not be able to respond to your enquiry or complaint, or fulfil a FOI request unless we are satisfied that the requested information relates to an individual.

Application, registration, and licensing information

We may collect your information in order to process (and to manage) your driver licence, vehicle registration or transfer, or disability parking permit. We collect this information to:

identify and communicate with you, and for road safety, environmental and law enforcement purposes
ensure that people who drive motor vehicles on highways are competent drivers
ensure that people who are, or who become, unfit to drive are not permitted to drive on highways
enable the identification of drivers for the purposes of law enforcement and accident investigation
ensure that drivers are aware of safe driving practices and road law
ensure that the design, construction and equipment of motor vehicles and trailers which are used on a highway meet safety and environmental standards
enable the use of motor vehicles and trailers on highways to be regulated for reasons of safety, protection of the environment and law enforcement
provide a method of establishing the identity of each motor vehicle or trailer which is used on a highway and of the person who is responsible for it
to inform our road safety strategies so that we may reduce road deaths and injuries.

Complaints under the Accident Towing Services Act 2007 (Vic)

We may collect your personal information, including vehicle registration details, for the purpose of investigating complaints under the AccidentTowing Services Act 2007 (Vic).

Closed Circuit Television (CCTV)

Victorian railway stations, train carriages, trams and buses, roads networks and other locations, including our offices, vehicles and service centres are equipped with Closed Circuit Television (CCTV) cameras.

CCTV cameras capture information to support the transport and road network including for:

operational, planning and evaluation purposes
passenger safety and law enforcement
to inform us about road management and service patronage
to monitor and evaluate infrastructure projects and understand whether that infrastructure is performing as intended
to assess road-user behaviour data
to identify incidents on the road network, respond to public concerns, assist the media with traffic reports, and monitor congestion and roadworks.

We also collect and use CCTV information to monitor transactions between staff and the public, for building security and operations, and to protect the safety of staff and the public. CCTV activities may be undertaken at DTP managed office locations, in customer service and contact centres, and in incident response and roadworks surveillance vehicles to assist in managing safety incidents.

Public transport and road operators and entities also operate cameras and collect CCTV information on transport and road networks on our behalf, and they may share this information with us. Live CCTV information captured on vehicle cameras may also be collected by our industry partners who manage tow trucks or roadside assistance vehicles.

We may collect CCTV information to assess traffic volume, traffic composition, level of service, travel speed, lane positioning and headway. We also use sensors and other video analytic technologies to count passengers and assess crowding, and for road management purposes. The use of video analytics and other technology is performed in accordance with our security and privacy requirements.

CCTV information is retained in accordance with the Public Records Act and other applicable laws. Retention periods vary between (5-60 days). We will only retain CCTV information for longer periods if the information is saved within that period in response to a specific request for an authorised purpose.

Public transport information and ticketing information

We collect your information from public transport digital channels, websites, CCTV information, surveillance or image capture systems, and from other applications. We also collect your information from complaints and enquiries relating to the public transport system, customer engagement programs, market research projects, and subscriptions to our email or other correspondence.

We may collect your personal (including sensitive) and health information in relation to:

the management and operation of the public transport and ticketing system and services
the purchase, registration, top-up, payment, use and refund of a myki Pass or myki Money
the verification (and analysis) of payments for ticketing services and requests for refunds and entitlements
the application for and management of a concession fares, free travel passes or other discounts
the creation, use and management of a myki user account, including in relation to lost or stolen cards, or personal effects located in relation to lost or stolen cards
the use of public transport travel journey services, infringement processes, and law enforcement processes
complaints and enquiries relating to the public transport system, including by individuals or the relevant agencies.

The personal information we collect may be anonymised to give us statistical data for customer analysis and reporting purposes. We may use this data to improve our services to you, or for other organisational purposes.

The collection of public transport information is governed by the PTV myki privacy policy.

Planning permits and schemes

We may collect your information for the issuing and management of planning permits. For example, you may make a submission to the planning authority about an amendment to a planning scheme, apply for a permit for a use or development of land, object to an application for a permit, or enter into an agreement with a responsible authority.

Building activity, permits and regulation

We may collect your information including to issue and manage building permits, regulate building works and register building practitioners. We may also collect your information in relation to activities under other building-related legislation. For example, you may apply for a building permit, seek to register, certify or amend plans, be the subject of a building notice or emergency order, register as a building practitioner or be involved in enforcement or infringement actions or proceedings.

Property ownership and land titles

We may collect your information to perform the functions of the Registrar of Titles and in the management of the Office of Titles. The Registrar must keep a Register of land with a description of the proprietor and the nature of the interest held by the proprietor. Certificates of title on a folio may also include information, such as your mortgage registration information.

Public engagement and consultations

We engage with the community on a range of topics and issues relevant to our functions. We collect information through a range of engagement channels including surveys, and consultations to help design, assess and support transport and planning programs and projects, and also to educate, seek feedback and address issues raised by stakeholders and members of the community. The information collected from you may be used to communicate with you and for future engagement, promotional, marketing, and research purposes.

Credit card information

We may collect your credit card information to process a payment. The credit card information we collect will be held in accordance with the Payment Card Industry Data Security Standard.

Employment and recruitment information

If you are employed by, or apply to be employed by us, then we will collect and store your personal and health information, and in certain circumstances your sensitive information, throughout the recruitment process. We may also collect further information during your employment with us, for example to support inclusion and diversity initiatives.

The employment and recruitment information we collect is used or disclosed for purpose which include:

recruitment and ongoing people management purposes, including employee relations, human resources, payroll, learning and development
internal business operations, including to support enterprise IT platforms and information management systems and databases and internal communications
workforce and human resource research, diversity and inclusion initiatives, agency and government capability development and workforce planning, career and talent management
emergency management, occupational health and safety and public health, safety and welfare, and disputes or litigation.

We retain this information in accordance with the Public Records Act, the Public Administration Act, and other applicable laws. Certain information may also be shared between government departments and agencies in accordance with the Victorian Public Service Enterprise Agreement 2020 (Vic).

As part of DTP's response to the COVID-19 pandemic, DTP has adopted measures to comply with its occupational health and safety obligations under the Occupational Health and Safety Act 2004 (Vic). This includes collecting vaccination information and other health information.

Correspondence

We receive correspondence that is sent to our internal functional areas, ministers, and other individuals. This correspondence is usually sent directly to DTP or ministers, to our contact centres, or through our social media and other sites and platforms, and may be sent to the relevant DTP team or minister’s office for a response.

Correspondence may include your personal and health information and this may be accessed by our staff or ministers for action and to respond to you.

We may keep copies of correspondence for certain periods of time in accordance with the Public Records Act and other applicable laws.

We also collect permits and events information to allow for:

the application, monitoring, and receipt of applications to carry out traffic management activities, as well as for construction and planning activities.
registrations through the Road Access Permits Portal and the use of the Road Access Permits Portal, to submit and review your application, and when payments in the Road Access Permits Portal are completed through myVicRoads.

We may also collect information to respond to enquiries made to public call centres operated by us or on our behalf by our third party operators and our joint venture partners.

Call enquiries made to contact centres managed by R&L Services, our Traffic Control Centre, Public Transport Contact Centre and to transport safety officers may be recorded. These calls are recorded for quality, training and verification services and to assist us in responding to incidents, managing complaints, enquiries and requests for information. You may request access to written transcripts of your call enquiry. Please refer to our How you can access and correct your information section.

Health information

We may collect your health information which is necessary for our functions and activities. The health information we collect may relate to injuries, medical conditions, complaints, disability information, toxicology information, vaccination information and other health-related information, and it may be collected from the public or third parties.

We may collect information on road crashes to assist with road safety analysis and education, and infrastructure improvement. This information may include details of incidents, drivers, passengers, and injuries. Some road crash information may be shared with other road safety agencies, law enforcement agencies and government research entities.

To respond to the COVID-19 pandemic, we have also adopted measures to comply with our occupational health and safety obligations under the OHS Act, including by collecting vaccination information and other health information about staff and other individuals.

Sensitive information

We may collect sensitive information for the purposes of functions and activities. This information may relate to court proceedings, investigations, and law enforcement processes.

We also may collect sensitive information, such as inclusion and diversity information, and disability information for the purposes of recruitment and employment activities and to support transport and planning strategies and initiatives.

Furthermore, we may collect sensitive information concerning Aboriginal and Torres Strait Islander peoples (indigenous peoples) and other ethnic or cultural groups. We recognise that where information is collected about indigenous peoples, what may be considered to be sensitive information by those peoples may be different to the definitions in the privacy laws. Therefore, this information is collected carefully to protect and maintain the honour and dignity of the relevant group.

Unique identifiers

We will only assign unique identifiers to you if it is necessary for us to do so, including where it enables us carry out our functions efficiently. For example, we assign unique identifiers to driver licences and registrations.

We may also assign individual identifiers to help us communicate with you, such as when we need to respond to a complaint, enquiry, or other general correspondence. Similarly, we may assign identifiers during the course of our research activities. These identifiers are not always assigned to identify you, but rather to keep track of your interactions with us.

How we collect your information

In most cases, we will collect information about you directly from you, including:

when you use our website or online services (including social media platforms)
when you use the public transport system
when you make an application or are required to respond to an enquiry by us in relation to one of ours functions or services
when you correspond with us or provide feedback, or make another kind of approach to us
when you apply for a position at DTP, or during your ongoing employment
when you register, join, or participate on our social media pages and accounts and online forums
when we receive solicited or unsolicited communications from you, including on social media
when we conduct community information sessions, door knock campaigns and other awareness-raising and engagement activities
in any submissions, survey responses and other material we receive through our consultation activities
when we receive and investigate complaints, enquiries, or information requests
when we engage with landowners, residents or businesses about the use, development, acquisition or occupation of land
when we undertake additional services, or new and related services, conducted in connection with our functions and activities.

Our website privacy statement applies when we collect your information directly from our websites.

We will also take reasonable steps to notify you if we collect your information indirectly. Third parties often collect information on our behalf, including other government departments and agencies, our joint venture partners, law enforcement agencies, public transport and road operators, road toll operators, and contractors and consultants who perform work on our behalf.

We may also collect your information indirectly by collecting information from your representatives and agents (such as from your conveyancers or lawyers), local councils, and from information that is already in the public domain.

Purposes for which we use or disclose your information

Generally, we will only use or disclose your information for the purposes for which we collected it, where necessary for our functions and activities, or where we are required or authorised to do so by law.

We use or disclose your information in accordance with privacy and other relevant laws.

We use and disclose your information for:

the primary purpose for which it was collected; or
a secondary purpose related (or directly related) to the primary purpose where the relevant privacy law permits it.

We may also use and disclose your information:

where you have consented to that use or disclosure
to conduct research (including market research) or statistics
to verify, analyse and quality assure information provided to us in relation to our functions and activities
to investigate suspected unlawful activity or where reasonably necessary to assist law enforcement and protection of public revenue, and
where it is necessary to lessen or prevent serious threats to health or safety (including pandemics), and
where required or authorised by law.

Your information may be disclosed to third parties such as:

transport entities, transport authorities, and public transport operators and service providers
our joint venture partners (including R&L Services and CP Services)
State and Federal government agencies, regulatory bodies, law enforcement agencies and councils
road and tolling authorities, vehicle manufacturers and suppliers, and road safety authorities
research institutions, universities and third-party contractors and consultants,
third parties authorised by you to receive information held by us
contracted service providers and professional advisers.

We may use and disclose information to government entities and agencies, for the purpose of:

data sharing activities, for example sharing under the Victorian Data Sharing Act 2017 and other information sharing frameworks
managing employment activities including, when required, to validate payroll and salary information, checks for references, proof of identity, National Police Records checks, misconduct screening, academic qualifications, legal right to work, and Working with Children checks, and
as part of the Commonwealth’s initiative on Identity Matching Services, which permits us to share driver licence and permit information with other States and Territories third parties authorised to receive information held by us.

For example, vehicle registration or driver licence information may be used and disclosed to:

identify vehicles and drivers captured on road safety enforcement cameras or number plate scans
apply sanctions to vehicles and drivers for infringements or the non-payment of fines
support tolling and parking enforcement
support biometric matching through the National Driver Licence Facial Recognition Solution for law enforcement, national security and other purposes, and
validate your application for government credentials, such as a digital driver licence.

We may also disclose information with other parties or entities if authorised or required to do so by Part 7B of the Road Safety Act, the PDP Act and other relevant laws.

Our staff and the third-party individuals we share your information with will access your information where it is relevant to their role or function, organisation structure, delegation, or proxy authority.

We will take reasonable steps to protect your privacy when disclosing your information, including by anonymising your information before we disclose it.

How you can access and correct your information

We will take reasonable steps to ensure that the information we collect about you is accurate, complete, and up-to-date.

If you wish to gain access to or correct the information we collect about you, please:

contact the Privacy and Information Access Branch, at [email protected], or
submit a freedom of information request at online.foi.vic.gov.au.

We will take reasonable steps to correct and update any information that is established to be inaccurate, incomplete, or not up-to-date. If we refuse your request, we will explain our reasons in writing.

How we protect your information

We have security policies, standards and guidelines which establish and promote our security governance arrangements, and which help to manage and protect your personal information. We also take reasonable steps to destroy or permanently de-identify information that is no longer needed for any purpose, or as otherwise required by the Public Records Act, or other relevant law.

In the case of any proposed new use of information, we may prepare a Privacy Impact Assessment (PIA) and an assessment under the Charter of Human Rights and Responsibilities Act 2006 (Vic), to ensure that the new collection or use is consistent with the privacy rights of affected individuals.

We may transfer your information outside Victoria, including to technology service providers located overseas, but we will only do so if we can ensure that the protections of the applicable privacy laws travel with that information, or we obtain your consent to the transfer.

We will take reasonable steps to ensure that third parties and contractors do not handle any information transferred outside Victoria inconsistently with the privacy laws.

Making a privacy complaint

If you have a concern or a complaint about how we have handled your information, please contact our Privacy Branch at [email protected]. We try to resolve privacy complaints in a timely and fair manner. If we are not able to resolve your complaint, you may also make a privacy complaint to:

the Office of the Victorian Information Commissioner by filling out the privacy complaint form available on the Commissioner's website, or by calling 1300 006 842.
the Office of the Health Complaints Commissioner by filling out the online form available on the Commissioner's website, or by calling 1300 582 113.

Contact us

If you have a privacy concern or enquiry, you may contact us at [email protected]

Commonly Used Words

Term		Definition
applicable laws		include the: Public Records Act 1973 (Vic) (Public Records Act) Freedom of Information Act 1982 (Vic) (FOI Act) Transport Integration Act 2010 (Vic) (Transport Integration Act) Transport (Compliance and Miscellaneous) Act 1983 (Vic) (TCM Act) Road Safety Act 1986 (Vic) (Road Safety Act), Planning and Environment Act 1987 (Vic) (Planning Act) Transfer of Land Act 1958 (Vic) (ToL Act) Building Act 1993 (Vic) (Building Act) Local Government Act 1989 (Vic) (Local Government Act) Subdivision Act 1988 (Vic) (Subdivision Act), and the Public Administration Act 2004 (Vic) (Public Administration Act).
contractors		third party individuals or companies who provide goods or services to DTP.
handle		to collect, hold, manage, use, disclose or transfer information.
health information		identifying personal information about an individual that is defined in s 3 of the HR Act as 'health information'. It includes information or an opinion about: the physical or mental health, or disability, of an individual an individual's expressed wishes about the future provision of health services to him or her, or the nature of health services that have been, or are to be, provided to an individual. It also includes: other personal information originally collected in the course of providing a health service to an individual personal information collected in connection with the donation of human tissue by an individual, and genetic information that is or could be predictive of the health of an individual or their descendants.
information	means both personal information (including sensitive information) and health information, unless we say otherwise.
Legislation	includes the: Accident Towing Services Act 2007 (Vic) Building Act 1993 (Vic) Charter of Human Rights and Responsibilities Act 2006 (Vic) Environment Effects Act 1978 (Vic) Fair Work Act 2009 (Cth) Freedom of Information Act 1982 (Cth) Health Records Act 2001 (Vic) Heritage Act 2017 (Vic) Local Government Act 1989 (Vic) Planning and Environment Act 1987 (Vic) Privacy Act 1988 (Cth) Privacy and Data Protection Act 2014 (Vic) the Public Administration Act 2004 (Vic) Public Interest Disclosures Act 2012 (Vic) Public Records Act 1973 (Vic) Road Management Act 2004 (Vic) Road Safety Act 1986 (Vic) Road Safety Road Rules 2017 (Vic) Transfer of Land Act 1958 (Vic) Transport (Compliance and Miscellaneous) Act 1983 (Vic) Transport Integration Act 2010 (Vic), and Victorian Data Sharing Act 2017 (Vic).
personal information	defined in s 3 of the PDP Act as 'information or an opinion (including information or an opinion forming part of a database), that is recorded in any form and whether true or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion'. It includes a broad range of information, or an opinion, that could identify an individual, such as the individual's photograph, name, address, phone number or date of birth.
privacy laws	the PDP Act and the HR Act.
security requirements	the Victorian Protective Data Security Framework, Victorian Protective Data Security Standards, and any applicable DTP policies.
sensitive information	is defined in Schedule 1 of the IPPs and means personal information about an individual’s racial or ethnic origin, political opinions or membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional trade union or trade association, sexual preferences or practices, or criminal record.
us, our, or we	Department of Transport and Planning
website	the Department of Transport and Planning website.