Privacy statement

Victoria Law Foundation is committed to protecting the privacy of your personal information.

Committed to your privacy

This Privacy Policy explains how the Victoria Law Foundation (VLF) (ABN 64 131 425 884) collects, uses, discloses and otherwise handles personal information in accordance with the Australian Privacy Principles (APPs) which are contained in the Privacy Act 1988 (Cth) (Privacy Act).

For the purposes of this policy ‘personal information’ means information or an opinion about an identified individual, or an individual who is reasonably identifiable.

If you have any questions or feedback about this policy or the way in which the VLF handles personal information or you would like a hard copy, you can contact us on the details below.

Contacting us

Contact person

Business and Finance Manager


Victoria Law Foundation

Level 5 / 43 Hardware Lane




+61 3 9604 8100

Why do we collect personal information?

The Victoria Law Foundation only collects personal information necessary to fulfill its statutory functions and activities under the Victoria Law Foundation Act 2009. The main purposes for which we collect, hold, use and disclose personal information are set out below.

Education and information

  • promoting and marketing our activities
  • running events for the community, the justice sector and schools
  • providing resources to schools

Grant making

  • assessing applications for grant funding
  • supporting grant recipients with grant projects


  • conducting research

General administration

  • recruiting staff, volunteers and interns
  • managing contractors and processing payments
  • answering queries and resolving complaints.

What types of personal information do we collect?

The types of personal information that we collect about you will depend on the type of dealings you have with us. For example, we may hold personal information in the following types of records:

  • newsletter and electronic direct mail (EDM) subscription lists
  • Law Week event registrations
  • professional development or training programs, or other VLF events attendance lists
  • VLF publication orders
  • grant applications
  • research data for projects involving participants
  • Legal Laneways Breakfast raffle ticket sales
  • personnel records
  • contractor information
  • statutory appointment information (eg. Board members)
  • Occupational Health and Safety records
  • general or specific enquiries
  • complaint details
  • Freedom of Information Requests.

The personal information collected may include the following:

  • your name and occupation and employer
  • your address, email address and phone number(s)
  • payment method
  • correspondence between you and us

Sensitive information

Some personal information, such as information relating to racial or ethnic origin, religious beliefs or affiliations, health information (including mental health information and information about a disability), genetic information and whether or not you have a criminal record is sensitive and requires a higher level of protection under the Privacy Act. We may collect your sensitive information when we have your consent and when the collection is reasonably necessary for us to carry out our research function.

Sensitive Information may be collected via questionnaires, qualitative interviews or other research methods, either by us directly or by a contracted third party (such as a market research company carrying out survey fieldwork) for the purposes of research.

Sensitive Information which could allow individuals to be identified is encrypted and securely stored on our on-site server. Sensitive Information which could allow individuals to be identified we receive from and provide to third party contractors is also secured and encrypted during transmission.

Sensitive Information will generally only be disclosed in an aggregated, de-identified format, in the form of published research findings or presentations. For example, we might explore the relationship between a protected characteristic (such as ethnicity) to experience of legal problems or legal capability. The aim of such work could be to explore groups who get worse justice outcomes, with a view to making policy recommendations that might make access to justice more equitable. Sensitive Information may be published in a case study, but never in a form that would allow individuals to be identified.

Wherever we survey or speak to the public we obtain informed content. This informed consent is ongoing and can be withdrawn at any time.

How do we collect personal information?

We collect personal information in a number of ways, including:

  • through our website (for example if you order a publication online)
  • correspondence (for example by letter, email or telephone)
  • in hard copy or online forms or surveys
  • in person in a meeting or interview scenario
  • over the telephone or video conferencing
  • at events and for event registrations
  • from third parties (for example, from a recruitment agency during a recruitment process; from a fieldwork provider during a research project)
  • publicly available information (for example, a court appointment or through publicly available social media profiles).

What if you don’t provide us with your personal information

In some circumstances people might elect not to identify themselves, or to use a pseudonym - for example, when viewing our website or making general phone queries. This will limit our engagement with you.

Direct communications

We will only send you direct communications, such as newsletters or event information, if you would reasonably expect to receive them or you have consented. If it is impractical to gain your consent, we will always provide a simple means for you to request not to receive the material (‘opting out’). We will not use your personal information for the purpose of direct communications unless you have given us prior consent.

Opting out

You can opt out of receiving direct communications from us by:

Who do we disclose your personal information to?

We may share and disclose your Personal Information with our Affiliates and to the following types of third parties for the purposes described in this privacy statement.

Our Affiliates include:

  • Mailchimp
  • Humanitix
  • Microsoft
  • Zoom

Sometimes we share your Personal Information with our third-party service providers working on our behalf for the purposes described in this privacy statement. For example, companies we hire to help us provide and support our service or assist in protecting and securing our systems and services and other business related functions.

Other examples of where we may share your Personal Information include:

  • analysing data
  • contracting with conference, function and training providers
  • hosting events
  • contracting with marketing and communications agencies
  • contracting with recruitment agencies
  • hosting data
  • engaging technical support for our Service
  • processing payments
  • delivering content

Cross border disclosures

We may disclose personal information to our contracted information technology service providers which may be  hosted off-shore.

Storage and security of the information we hold

We hold personal information in both hard copy and electronic formats. Paper files are stored onsite, and they may also be archived in boxes and stored offsite in secure facilities. Personal information may be collected in paper-based documents and converted to electronic form for use or storage (with the original paper-based documents either archived or securely destroyed). We take reasonable steps to protect your personal information from misuse, interference and loss and from unauthorised access, modification or disclosure.

The security of your personal information is important to us and we use the recommended industry standards when storing and dealing with your personal information. The steps we take to secure personal information include:

  • physical security over paper and electronic data stores, such as through locks and security systems at our premises
  • website protection measures (such as encryption, firewalls and anti-virus software)
  • access restrictions to our computer systems (such as login and password protection)
  • restricted access to our office premises
  • workplace policies and procedures that cover access, storage and security of information.

Website security

While the VLF strives to protect the personal information and privacy of users on our website, you disclose information at your own risk and we cannot guarantee its security.

If you are concerned about sending your information over the internet, you can contact the Victoria Law Foundation by phone or post (details under ‘Contacting Us’).

Website tools

Third-party services

We may share and disclose your Personal Information with third-party web services to manage and maintain our online profiles and websites.

We use the following third-party web service providers:

  • Microsoft
  • Google Analytics
  • Airtable
  • Whale Sync
  • Webflow
  • Zoho Social

Log files

Website visits generate certain information that is automatically stored in log files, including Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, operating system, date/time stamp and clickstream data.

We use this information, which in itself does not identify individual users, to analyse trends, administer the site, track users’ movements around the site, and to gather demographic information about our user base as a whole.


We may use both session ID cookies and/or persistent cookies. Both kinds are stored on the site visitor’s hard drive.

If you reject cookies, you may still use our site, but your ability to use some areas of our site may be limited.

Transparent images and Web Beacons/Web Bugs

We may use transparent images on our HTML-based e-mails and newsletters to help gauge the effectiveness of our electronic communications. This includes identifying who has opened or clicked on a link in an HTML-based email.

Third party websites

Links to third party websites that are not operated or controlled by the Victoria Law Foundation are provided for your convenience. The VLF is not responsible for the privacy or security practices of those websites. Third party websites should have their own privacy and security policies, which we encourage you to read them before supplying any personal information.

Your rights

Under the Privacy Act 1988 (Cth), including Australian Privacy Principles and the Freedom of Information Act 1982, you have a number of rights you can exercise over your data. Your rights include the following:

  • the right to receive a copy of your data
  • the right to have data corrected if it is inaccurate
  • the right to ask us to erase data in certain circumstances
  • the right to withdraw consent at any time when that is the legal basis for our processing
  • the right to lodge a complaint with the Office of the Australian Information Commissioner

Access and correction to personal information

We will take reasonable steps to provide you with access to your personal information. We may however if necessary charge a fee to cover our reasonable costs of locating the information and providing it to you.

We will take reasonable steps to correct your personal information if we are satisfied that it is inaccurate, out of date, incomplete, irrelevant or misleading. If we have provided your personal information to third parties we will also notify them of the correction if you ask us to do so, unless it is impracticable or unlawful.

Requests to access and correct your information should be made by email, post or phone using the details provided under ‘Contacting Us’. Note that we will need to verify your identity before processing your request. We will endeavour to respond to your request within 30 days.

If we do not agree with your request to access or correct your information, we will provide you with written reasons for our decision and available complaint mechanisms.


If you have a complaint about how the Victoria Law Foundation has collected or handled your personal information, please contact our Business and Finance Manager using the details provided under ‘Contacting Us.’

We will ask you to detail your complaint in writing so we can assess it thoroughly. We can assist you with this process if required.

We will endeavour to respond to your complaint within 30 days of receipt of the full information. While complex cases may take longer to resolve, we will keep you updated on the progress of your complaint.

If you are unhappy with our response, you can refer your complaint to the Office of the Australian Information Commissioner.

Changes in this Privacy Policy

We reserve the right to modify this privacy policy at any time. If we make material changes to this policy, we will notify you here, by e-mail, or by means of a notice on our home page.

This Privacy Statement was last updated on 10/12/2020 11:17:00 AM. Please check back regularly to keep informed of changes to this notice.

Keep in touch

Email or send an online message to our teams.