Privacy

You are here:

Protecting your privacy and your personal information is an important aspect of the way CFA creates, organises and implements our activities online and offline.

Our collection, use and disclosure of personal information follows the requirements of the Privacy & Data Protection Act 2014.

You can access our website home page and browse our site without disclosing personal information. CFA's website does not collect or record personal information, other than information you may choose to provide to us.

We will only use personal information provided by you for the purposes for which it was collected. If you have emailed us, CFA staff will use contact information collected via your email to respond to your request. Any contact information provided in your email will not be added to a mailing list without your consent.

Further, any personal details within the contents of your email will only be used specifically to answer your query or respond to your comments. For example, if you provide us with your residential address so that we can provide local fire safety information, your residential address will only be used to answer your immediate query and will not be stored or used for any other purpose.

If you choose to provide us with your location information, this will only be used to provide website content that is more relevant to you.

We will not disclose your personal information without your consent unless disclosure is required or sanctioned by law.

You are entitled to gain access to and/or correct any information that CFA has collected about you at any time.

Use of Victorian Electoral Commission information for mailouts

To facilitate a mailout to provide information about fire preparedness, the Victorian Electoral Commissioner has permitted the use of the names and addresses of Victorian electors (excluding silent electors and overseas electors) in accordance with section 34 of the Electoral Act 2002. Enrolment information was not provided to CFA, and remained in the control of the Victorian Electoral Commission at all times.

Please call on 1800 068 611 or email communityprograms@cfa.vic.gov.au if you have any queries regarding the usage of enrolment data.

Technical information

Cookies

This site uses 'cookies'. A cookie is a block of data that is shared between a web server and a user's browser. Cookies give the server information about a user's identity, preferences or past behaviour.

For example, if you provide us with your location information to receive tailored content, we may use cookies to remember your location information for subsequent visits to the website so that you do not need to re-input the information each time you visit our website. At any time you can disable cookies through your web browser, or delete existing cookies. You will still be able to use our website, however some features may not work as expected.

The following non-personal information (i.e. clickstream data) is automatically recorded by this site's web server for statistical and system administration purposes only:

Your server address
Your country
Your top level domain name (e.g. .com, .au, .gov)
The date and the time of your visit to the site
The pages you accessed and downloaded
The address of the last site you visited
Your operating system
The type of browser you are using
Your screen resolution
Internal search behaviour.

To the extent that this data could make you identifiable, CFA will not attempt to identify individuals from the records the server automatically generates unless that is necessary to investigate a breach of law or regulation.

We have implemented technology and security policies, rules and measures to protect the personal information that we have under our control from: unauthorised access, improper use, alteration, unlawful or accidental destruction and accidental loss. We will remove personal information from our system where it is no longer required (except where archiving is required).

Microsoft Clarity

CFA is committed to improving our online services. We use Microsoft Clarity to better understand how visitors interact with our website. Microsoft Clarity provides insights into how users navigate the site, allowing us to enhance our websites and online applications to improve your user experience.

By using the CFA website, you consent to the collection and use of your data by CFA and Microsoft. This data may include information about your interactions with the site, such as clicks, scrolls, and navigation paths. All data is anonymised, and no personally identifiable information is collected or stored.

For more information on how Microsoft collects and processes your data, please refer to Microsoft's Privacy Statement.

Collection Statements

MyCFA - Collection Statement

**Sign up to MyCFA to get local information on how to plan and prepare for fires and other emergencies. Please note, we will not send Emergency Warnings from My CFA For emergency warnings always go straight to VicEmergency.**

Why do we collect and use your information?

CFA collects this information to send you information as part of a subscription service called MyCFA. MyCFA sends tailored communications to subscribers about fire preparedness, prevention, and safety. MyCFA is committed to providing you with resources and information on how to keep yourself, your family, home, and belongings safe from fire.

The fire safety information we send may be based on where you live, such as Fire Danger Period and Total Fire Ban notifications, or the categories and/ or areas of interest you choose in the MyCFA Preference Centre. While general in nature, the information provided by MyCFA is most suitable for people living, visiting, or travelling through Victoria, Australia.

MyCFA does not send Emergency Warnings. For emergency warnings visit VicEmergency.

How do we collect and use your information?

CFA collects this information directly from you (subscriber) via a dedicated webform. This is the only way you can subscribe to MyCFA. You choose what information you provide to us. Not all fields in the webform are mandatory and the Preference Center section is optional. Note that if you don’t select any preferences through the Preference Centre you will receive all MyCFA fire safety communications.

CFA may, from time to time, send you information on behalf of other emergency services, government departments or research organisations for your awareness, including opportunities to contribute to, or take part in activities, that we believe may be of interest to you based on your location and/ or nominated areas of interest. This includes education and safety programs, or local events run by CFA.

CFA may also refer to the total number of subscribers on the MyCFA database as part of its external marketing and communications activities as well as for external reporting purposes.

What happens to your personal information?

Your personal information will be stored in an electronic database and will be handled in accordance with the requirements of the Privacy & Data Protection Act 2014 together with CFA’s Privacy Policy. Read our Privacy Statement.

You control what information you provide to CFA. You can update your personal information, change your preferences, and unsubscribe from MyCFA at any time. This can be done using the links provided in each electronic communication we send you from MyCFA. You can also email mycfa@cfa.vic.gov.au or call (03) 9262 8444 to have your details updated or removed.

Unless necessary for the provision of the MyCFA service, your information will not be shared with third parties and will only be accessed by authorised CFA personnel and contracted digital providers, unless otherwise required by law to be disclosed.

CFA will not sell your information to agencies or organisations.

CFA administer and store your information with assistance from third-party provider Salesforce. Salesforce servers that store your information are located in Sydney, Australia and the USA. Salesforce can only use or disclose the information you provide to CFA for the purpose it was collected or when otherwise required by law.

Who to contact in relation to your MyCFA subscription

MyCFA is managed and administered by CFA’s Communications and Stakeholder Relations Unit. You can contact us on mycfa@cfa.vic.gov.au if you would like to find out more about what we do with your information, how we use your information or how we protect your data.

Donations - Collection Statement

This Collection Notice provides information about how Country Fire Authority’s Finance & Procurement directorate (CFA, we or us) collects, holds, uses and discloses personal information regarding donors who make donations via CFA’s donations platform or third party donation platforms (you or your).

We may amend this Collection Notice as our organisation requires or the law changes. Any changes to this Collection Notice will be updated on this page.

What information does CFA collect about donors?

CFA’s donation platform (Salesforce) collects personal information from donors, including title, first and last name, email address, donor type (individual or organisation), location (city/town/suburb, State, post code, country), donation type (nominated local brigade or CFA corporate/public fund), payment method (credit card/EFT) and donation amount.

We may also collect other optional personal information if donors choose to provide it, including suffix, mobile/phone number, street address, confirmation of CFA membership (i.e. whether you are/are not a CFA staff member or volunteer) and any information provided in the comments free text box.

When you donate via CFA’s donation platform, your payment details are securely transmitted via a REST API to merchant facility provided by Westpac Bank. We do not collect complete banking or payment information (as this information is only collected by Westpac Bank). However, in addition to the information listed above, we will also collect masked credit card number, expiration date, and transaction reference. This is to enable the identification of a transaction should it be disputed by a cardholder, and to facilitate a refund, where required. The IP address of a donor is also captured for security purposes.

We may also de-identify and aggregate information regarding donor type, location, and nominated brigade or type of project to meet our data analysis and internal reporting needs or comply with our legislative reporting requirements.

Where do we get your information?

CFA collects this information either:

directly from you via CFA’s donations platform (Salesforce); or
indirectly from third party service providers, such as donation platforms who may provide us with your donation details for fundraising purposes (for example, PayPal Giving Fund, GoFundMe, and Benevity).

Why do we collect and use your information?

We collect and use your personal information to:

generate a receipt and acknowledgment for your received donation;
analyse, manage and improve our fundraising activities;
maintain our taxation record-keeping purposes;
provide supporting documentation for audits associated with donations to CFA (Public Fund) or a local brigade via the CFA & Brigades Donations Fund; and
facilitate contact with you, including to provide you with a copy of our Annual Report regarding financial contributions made to CFA within the respective financial year, or to advise what project or initiative your donation has contributed to.

The information we collect from you is also required for us to meet our specific legislative requirements, or to undertake our prescribed functions, in accordance with:

the Country Fire Authority Act 1958 (Vic) and Country Fire Authority Regulations 2014 (Vic);
Income Tax Assessment Act 1936 (Cth) and Income Tax Assessment Act 1997 (Cth); and
the Fundraising Act 1998 (Vic).

Who might CFA disclose your personal information to?

We may disclose your personal information to our internal stakeholders, including:

CFA’s ICT department, who are responsible for technical support and maintenance of the Salesforce platform;
CFA’s Communications & Stakeholder Relations department, who are responsible for issuing relevant communications; and
CFA’s Accounts Receivable department, who are responsible for receiving and recording donation transactions in CFA’s accounting system.

Where you have provided your consent for us to do so, we may also:

disclose your name, donation amount and email address to your nominated brigade so that they may acknowledge and thank you personally for your donation; and
send communications to you that we consider may be relevant or interesting to you.

We may also disclose your personal information to certain external third parties including:

third party service providers acting on our behalf, such as third-party consultants engaged by CFA for technical support for the Salesforce product responsible for storing your personal information;
trustees of the CFA and Brigades Donations Fund (Trust), as well as the Trust’s auditor; and
CFA’s auditor (Victorian Auditor-General’s Office), government agencies and public sector bodies.

Your personal information is securely stored in a Salesforce electronic database located in Sydney, Australia.

Your personal information will otherwise not be disclosed to any other third party without your consent, unless disclosure is required or authorised by law.

What happens if you do not provide your information?

Should you choose not to provide your personal information, we may not be able to account for your donation, provide you with a tax-deductible receipt, or comply with our legal obligations.

If you do not wish to provide your full name, you may provide us with a pseudo-name and email address. Although, we require some level of detail for the purpose of managing your payment and our received funds.

Contact us

You can access and correct your personal information or contact us generally for any inquiries or concerns regarding your privacy or CFA’s data protection practices, by emailing us at donation.support@cfa.vic.gov.au.

CFA Members Collection Notice

This Collection Notice provides comprehensive information about how Country Fire Authority (CFA, we or us) collects, holds, uses and discloses personal information regarding CFA Members (you or your) in accordance with Victorian privacy legislation.

We may amend this Privacy Notice as our organisation requires or the law changes.

‘CFA Members’ includes CFA volunteers, volunteer auxiliary workers, officers, employees and secondees. For the purposes of this document this also includes Labour Hire Contractors.

Who collects your personal information?

This Collection Notice concerns the collection and handling of CFA members’ personal information by CFA.

What information does CFA collect about CFA members?

CFA collects personal information from CFA members, including (but not limited to) your name, home/postal address, gender, date of birth, email address, driver’s licence number, next of kin /emergency contact information, student identifier, training course results, IP address, bank account and superannuation information, other financial information (e.g. salary sacrifice), tax file number, employment history, police and working with children check and in some circumstances, health information, survey information.

The information that we collect may vary for each member depending on their interaction with CFA.

Where do we get your information?

Where possible, CFA will collect information directly from you. This collection would likely be through CFA’s recruitment systems and processes. There may be instances where we collect information about you from other sources, such as reference checks. CFA will endeavour to ensure that where possible you are informed of this collection beforehand.

Why do we collect and use your information?

Examples of why we collect and use your information include, but are not limited to: facilitate contact with you;

determine your appropriate membership category (volunteers only);
determine and facilitate your capacity to perform operational duties (relevant roles only);
determine whether you have the required skills, licences and/or availability;
assist with future CFA recruitment activities; and
facilitate your employment or volunteering with us (for example, determining how much tax to withhold from payments made to you during the course of your employment with us).

The information we collect from you is also required for us to meet our specific legislative requirements or to undertake our prescribed functions in accordance with:

the Country Fire Authority Act 1958 (Vic) and Country Fire Authority Regulations 2014 (Vic);
Fair Work Act 2009;
Occupational Health and Safety/ Workcover legislation;
Victorian Firefighters’ Presumptive Rights legislation;
Australian Taxation Office (ATO) legislation;
Privacy (Tax File Number) Rule 2015;
Superannuation legislation
Occupational Health and Safety/ Workcover legislation;
Gender Equality Act 2020
Victorian registered training organisation (RTO) requirements; and
Heavy Vehicle National Law and Regulations.

Who might CFA disclose your personal information to?

We may disclose your personal information to certain third parties, including:

government departments such as the ATO, if required by law;
emergency services agencies for the purposes of undertaking a response to an emergency in accordance with the Emergency Management Act 1986 or Country Fire Authority Act 1958; international emergency services agencies (where an individual is undertaking an international deployment);
regulators/law enforcement where required by a legal instrument or order;
organisations or agencies involved in quality assurance of RTO requirements;
contracted service providers which CFA uses to perform services on its behalf (such as recruitment and training organisations, complaint management providers, banks, mailing houses, super clearing houses; logistics, IT service providers, security providers, medical providers, Fire Equipment Maintenance contractors and insurers);
government departments or emergency services for volunteers who hold elected positions to enable contact information to be shared; in the event of an emergency - police, medical or hospital personnel, civil emergency services, your legal representative or nominated emergency contact person, or other persons or emergency services agencies assessed as necessary to respond to the emergency; and
if you are under 18 years old, your parent(s) or guardian(s) where deemed appropriate and in accordance with applicable laws.

Your personal information will otherwise not be disclosed to any other third party without your consent, unless disclosure is required or authorised by law.

What happens if you do not provide your information?

You have the choice, and it is not an offence if you choose not to provide us with your personal information. However, if you choose not to provide your personal information, you may not be able to be a CFA member or comply with our legal obligations. For example, if we are not provided with your training course results and qualifications, we may not be able to ascertain if you are suitable for a particular role with us.

How can you access or correct your information?

You can access and correct your personal information by updating them directly:

Employees in the HR system - for updates to your name, home/postal address, gender, date of birth, email address, next of kin /emergency contact information, bank account and superannuation information, other financial information (salary sacrifice), tax file number, and health information;
Volunteers - to update your name, home address, gender, date of birth, email address, and next of kin /emergency contact information.
in the learning management system (LMS) – for updates to your unique student identifier; and
via CFA Members Online – for updates to your driver’s licence information.

Alternatively, you can seek access or correction to your information by contacting [your relevant District Officer (volunteers) or your Line Manager or the appropriate area (employees or officers)].