Privacy policy

Collection notice for e-newsletter

This collection notice explains how the Portable Long Service Authority (PLSA) handles personal information which you may provide when subscribing to the PLSA e-newsletter.

PLSA collects this data using Vision 6, a third party software product. View Vision 6's privacy policy(opens in a new window).

Your name and email address will be collected for the purpose of communicating updates about portable long service.

This data is stored in the PIPE Networks Data Centre in Fortitude Valley, Brisbane and maintained on AWS cloudfront within their Australian operations in the Sydney region.

Vision 6 complies with the Information Privacy Act and SPAM Act and are compliant with the GDPR.

Vision 6 conducts regular penetration testing and monitoring tools to determine network, server and service vulnerabilities.

Vision 6 have documented security policies and processes in place which are regularly reviewed by senior management.

If you need to change or update your details, you can do so by emailing enquiries@plsa.vic.gov.au.

Collection notice for business and worker registration

The Authority uses this form to collect information that it requires to register workers and employers and determine eligibility for entitlements under the Act, including personal information such as name, address, date of birth, payroll data and history, and leave history.

The Authority needs this information to register you and to determine and manage your long service leave entitlements under the Act. If you do not provide the information, the Authority may not be able to make decisions about your long service leave entitlements under the Act.

The Authority will only use and disclose your personal information to register you and manage your long service leave entitlements under the Act and where it is otherwise required or permitted by law to do so.

In some circumstances, the Authority is required or authorised by law to release information to other government agencies, law enforcement bodies or to prevent serious and imminent threat to an individual's life, health, safety or welfare.

In this context, such agencies could include the Australian Taxation Office, the Labour Hire and Licensing Authority, the Fair Work Ombudsman, the Victorian Work Cover Authority, Victoria Police, or your nominated banking institution.

The Authority will seek wherever possible to ensure that the personal information it collects, uses or discloses is accurate, complete and up to date. In many instances the Authority relies upon you to provide accurate and complete information and to advise the Authority should your circumstances change over time.

The Authority seeks to protect your personal information from misuse, loss, unauthorised access, modification or disclosure and securely destroys or de-identifies personal information when it is no longer needed for any purpose. In circumstances where personal information is collected and stored by external organisations the Authority uses to deliver aspects of its functions, the Authority’s contractual obligations require compliance with the same privacy and security standards.

You may obtain access to your personal information held by the Authority by contacting enquiries@plsa.vic.gov.au.

For further information about how the Authority handles your personal information, please see the Authority’s privacy policy below.

Note, the following terms will need to be expanded if not described elsewhere in the application form:

Act means the Long Service Benefits Portability Act 2018.

Authority means the Portable Long Service Benefits Authority.

Collection notice for claims

The Portable Long Service Authority (the Authority) uses this form to collect personal information required to assess and determine your eligibility to claim long service leave entitlements under the Long Service Benefits Portability Act 2018 (the Act). We may collect the following information:

• your personal details including name, date of birth, address and contact details;
• your tax file number;
• your bank details, including account holder’s name, BSB and account number;
• details of your employment;
• any additional information as required to assess your application.

The Authority needs this information to assess your claim and where appropriate, process your long service leave entitlements under the Act. If you do not provide the information, the Authority may not be able to process your claim.

The Authority will only use and disclose your personal information for the purpose of assessing and processing your claim, and where it is otherwise required or permitted by law to do so. This may include disclosure to your current or former employer(s), legal representatives, third-party providers engaged to administer claims, or relevant government agencies.

In some circumstances, the Authority may be required or authorised by law to release information to other government agencies, law enforcement bodies, or to prevent a serious and imminent threat to an individual’s life, health, safety, or welfare. These agencies may include the Australian Taxation Office, the Fair Work Ombudsman, Victoria Police, a reciprocal Portable Long Service Scheme administrator or your nominated banking institution.

The Authority will seek wherever possible to ensure that personal information it collects, uses or discloses is accurate, complete, and up to date. In many instances the Authority relies upon you to provide accurate and complete information and to advise the Authority should your circumstances change over time.

The Authority seeks to protect your personal information from misuse, loss, unauthorised access, modification or disclosure and securely destroys or de-identifies personal information when it is no longer needed for any purpose. In circumstances where personal information is collected and stored by external organisations the Authority uses to deliver aspects of its functions, the Authority’s contractual obligations require compliance with the same privacy and security standards.

You may obtain access to your personal information held by the Authority by contacting enquiries@plsa.vic.gov.au.

The Authority is committed to handle your personal information in accordance with the Privacy and Data Collection Act 2014 (Vic). For further information about how the Authority handles your personal information, please see the Authority’s privacy policy below.

The Portable Long Service Benefits Authority (Authority) is a statutory authority established by the Long Service Benefits Portability Act 2018 (Act). The Authority’s role is to administer a scheme for the provision of portable long service benefits to workers in covered industries. The Authority is overseen by a Governing Board which is responsible for the governance, strategic planning and risk management of the Authority. The administration of the day-to-day management of the affairs of the Authority is the responsibility of the registrar appointed under the Act.

This policy tells you how the Authority handles personal information in the course of performing its functions in compliance with the Information Privacy Principles (IPPs) set out in the Victorian Privacy and Data Protection Act 2014 (PDP Act) and other applicable laws and contractual obligations. This policy also tells you how you can access and correct personal information that the Authority holds about you and how to make a complaint about a privacy matter.

Scope

This policy applies to personal information (including health and sensitive information) of both external parties and the staff of the Authority. Any personal information collected by the Authority, or that it obtains about individuals from other sources, will be handled in accordance with this policy.

In order to perform its functions, the Authority has also entered into certain agreements with Australian government agencies, which may mean that it has also agreed to be bound by relevant Australian Privacy Principles contained in the Commonwealth Privacy Act 1988.

Definitions

Personal information is recorded information about an individual whose identity is apparent or can reasonably be ascertained from that information but does not include health information.

Health information is personal information which concerns that individual’s physical, mental or psychological health, disability or genetic makeup which is subject to the Health Records Act 2001. The Authority does not generally collect health information in performing its functions but it may in some circumstances.

Sensitive information is information about an individual’s race or ethnicity, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices, or criminal record.

Collection of personal information

The Authority collects personal information that the Act, privacy and other laws authorise it to collect and that it needs to perform its functions in administering the Portable Long Service Benefits Scheme. This includes registration of workers and employers and determining entitlements under the Act.

While administering the Scheme, the Authority collects personal information both directly from individuals as well as from third parties such as employers. The personal information collected may include (but is not limited to):

• name, address and other contact details
• date of birth
• employment information including periods of employment and days worked
• payslips to determine total ordinary pay.
• medical certificates to support a claim for payment in lieu of long service leave due to incapacity
• any additional information provided by workers and employers through communications with the Authority (e.g by phone, email or letter), and records of such communications
• any information shared between the Authority and another government agency, body, organisation or authority where necessary for the Authority to perform its functions.

In some cases, the Authority may also collect personal information of other persons such as personal representative applying for long service leave entitlement on behalf of a deceased worker.

Where a worker makes a claim for long service leave benefit, the Authority may also collect:

• bank account details
• tax file number (TFN)
• a Power of Attorney or proof of identity and authorisation for a person applying for a deceased worker’s benefit.

The Authority collects only limited health information where required under the Act. This includes medical certificate necessary to process payment claims in lieu of long service leave due to incapacity, or where relevant, information relating to worker’s compensation payments to assess entitlements.

The Authority may also collect sensitive information in limited circumstances. This includes criminal record information from individuals being investigated or prosecuted under the Act or from individuals during recruitment or ongoing employment checks. Sensitive information is collected only where authorised by law or with consent, and is managed in accordance with the PDP Act.

If the personal information that the Authority requests is not provided, the Authority may not be able to perform its functions as required under the Act.

How does the Authority collect personal information?

The Authority will only collect personal information by lawful and fair means and not in an unnecessarily intrusive way.

The Authority will endeavour to collect your personal information from you where it is reasonable and practicable to do so. Where this is not possible or practicable, the Authority may collect your personal information from third parties. For example, you may be requested to provide consent for the Authority to collect personal information from third parties such as LeavePlus, as required for the Authority to determine your entitlement to benefits under the Act. If you do not provide this consent, the Authority may not be able to make decisions about your entitlements under the Act.

The Authority may also collect your personal information in other situations such as:

• receiving and handling reports and requests for information from Government departments and the Minister responsible for the Authority
• receiving and processing freedom of information requests
• employment applications
• when you visit the Authority’s website
• providing e-newsletters, SMS-blasts, lodgement reminders and other stakeholder updates with your consent.

Authorised officers of the Authority may collect documents which may contain personal information as part of the exercise of their powers under Part 6 of the Act in relation to monitoring compliance and investigating potential breaches. Authorised officers have express powers to inspect, make copies of or require provision of documents and information in specified situations.

Some personal information is collected about visitors to the Authority’s website. For details, please see the Privacy Statement for the Authority’s website.

The Authority will only collect sensitive information with your consent or as required or authorised by law.

In most cases, the Authority will tell you when it collects your personal information and will provide you with a collection statement identifying the Authority and advising you about:

• the purposes for which the personal information is being collected
• who the personal information may be disclosed to
• any law that requires the personal information to be collected
• the main consequences for you if all or part of the personal information is not provided
• how to contact the Authority and gain access to your personal information.

Use and disclosure of personal information

The Authority will only use and disclose your personal information when it is lawful and reasonable to do so.

Personal information that is collected by the Authority will be used and disclosed to the Authority’s employees or contractors whose duties required them to use it. These employees and contractors must handle personal information in accordance with the requirements of the PDP Act. This means they will only use or disclose collected personal information for the primary purpose for which it was collected, or for a permitted secondary purpose in specified situations, such as where you have consented to the use or disclosure, or where the use or disclosure is required or authorised by or under law (for example, in response to a valid request under the Victorian Data Sharing Act 2017.

For example, if you are a worker the Authority may use your personal information to:

• process an application for registration as a worker under the Act
• determine your entitlement to long service leave benefits under the Act.

When a worker submits a claim for long service leave, the Authority may collect and use additional information to process your claim. The Authority will take reasonable steps to inform the persons whose information was collected and used for this purpose. This may include, but is not limited to the following types of information:

• The Authority uses your TFN to remit tax to the Australian Taxation Office on leave payments. If you do not provide your TFN, you may pay more tax than you would otherwise have to.
• If you are a nominated Power of Attorney, the Authority may collect and use your personal information to confirm your authority to act for the worker.
• If a person makes a claim for payment in lieu of long service leave due to a worker’s death, a death certificate may be required to verify the claim details and make payments
• If a person makes a claim for payment in lieu of long service leave due to incapacity, a medical certificate may be required to verify and assess the worker’s entitlement for such claims.

The Authority may also use your personal information to:

• obtain advice from professionals such as legal advisors and accountants
• manage the Portable Long Service Benefits Scheme
• conduct surveys
• provide advice to the responsible Minister.

The Authority may disclose your personal information to:

• verify information to assess your entitlements under the Act
• defend a legal or equitable claim
• prescribed Victorian or Commonwealth Government entities for the purpose of the performance of a function of that entity under a law. This includes disclosure to the Fair Work Ombudsman, Victoria Police, Victorian WorkCover Authority, Workforce Inspectorate Victoria, Victorian Labour Hire Licensing Authority and the Australian Taxation Office.
• reciprocal long service authorities for the performance of a function under the Act or a corresponding law.
• third parties engaged by the Authority to provide products or services, or to perform functions on our behalf. This may include, but is not limited to, providers involved in processing payment information, storing data and document, delivering marketing services, providing ICT support or acting as auditors and legal advisors.

Authorised officers are expressly prohibited from disclosing information, directly or indirectly, obtained in performing a function under the Act, except to the extent necessary to monitor compliance with the Act and regulations. This may include disclosure to a court or tribunal in the course of a legal proceeding, in the course of the investigation or enforcement of a law of Victoria or any other State or Territory or of the Commonwealth, with your consent, or with the written authority of the registrar.

In addition, members of the Governing Board, the registrar, an authorised officers and members of staff are prohibited by the Act from improperly using any information acquired in the course of their duties, for pecuniary or other advantage for themselves or any other person.

The Authority is required to maintain a public register of registered employers under the Act. The information about identifiable employers that the Authority publishes is publicly available information and therefore is not personal information. The PDP Act requires that public sector agencies administer public registers, so far as reasonably practicable, in a way that would not contravene handling requirements for personal information, if that information were personal information. In a number of circumstances, for example where a person conducts business from their residential address, it may be necessary for the Authority to publish personal information on the public register.

De-identified personal information derived from personal information collected may also be used in support of the Authority’s broader functions, such as for research and reporting purposes.

The Authority is an agency responsible for the performance of functions or activities directed to the prevention, detection, investigation, prosecution or punishment of criminal offences or breaches of law imposing a penalty or sanction for a breach. For this reason, the Authority has a partial exemption under section 15 of the PDP Act from complying with specified IPPs if it believes on reasonable grounds that non-compliance is necessary for the purposes of its law enforcement functions.

Data quality

The Authority takes reasonable steps to ensure that the information it holds is accurate, complete and up to date. Accurate information should be provided to the Authority at all times. For example, employers are required to make a declaration that the information they have provided is true and correct. Employers must notify the Authority within 14 days if there is a change to their personal information. Generally, the Authority relies on individuals to provide up to date information and advise the Authority if the information collected has recently changed.

How long does the Authority retain personal information?

Information held by the Authority is managed in accordance with the Public Records Act 1973 (Vic) and relevant Retention and Disposal Authorities (RDAs), including the Retention and Disposal Authority for Records of Long Service Benefits Portability Functions - PROS 25/01.

The Authority retains information as necessary to satisfy operational requirements or where required by law. The Authority destroys or permanently de identifies information in accordance with PROS 25/01 and any other applicable RDAs.

Please contact the Authority directly for more information regarding the retention and disposal of personal information.

Data security

The Authority is committed to protecting your personal information from misuse or loss or unauthorised access, unauthorised modification or disclosure.

The Authority has secure office premises and a security pass entry system for Authority employees and contractors to enter the premises. The Authority takes reasonable steps to protect files from outside or unauthorised access. The Authority’s information technology arrangements incorporate a range of data security measures. For example, the Authority requires staff to use passwords to enter the computer system including the use of single sign on to access applications. Where single sign on is unavailable, multi-factor authentication is used to access applications. Within these applications different levels of access are granted depending on the role of the staff member concerned. Only staff who need to use your personal information to perform their functions have access to it.

To protect your privacy, you should keep your Authority password confidential: it should not be displayed, shared or written down.

Transmission security risks

You should be aware that there are risks in transmitting information across the Internet. While the Authority takes reasonable steps to protect the personal information it receives from you or from third parties, the Authority cannot guarantee the security of any information transmitted to it online. If you are concerned about conveying confidential or delicate material to the Authority over the internet you might prefer to contact the Authority on 1800 517 158(opens in a new window) to make other arrangements.

Online services and online payments

The Authority’s online services are managed by a third-party IT service provider. Our service provider may access the personal information entered into our forms in order to process electronic transactions or to resolve a technical problem.

If you make a payment using the Authority’s website, the Authority will process your payment with the assistance of a reputable third party electronic payments service provider and present you with an online receipt for your records.

If you make an online application or another payment transaction on the Authority’s website, the Authority takes additional steps to protect the security of your personal information, such as strong SSL encryption. Before using these facilities, you should ensure that you are using a web browser that supports SSL encryption. In many web browsers, you can confirm that your session is encrypted by the appearance of a locked padlock symbol at the foot of the browser.

Access and correction

You are able to update your personal contact information directly through the employers or workers portal. You can view the information that the registrar holds about you on the employers or workers registrar by accessing the portal. A request to correct your own personal information held by the Authority on the employers or workers register can also be handled by contacting the Authority on 1800 517 158(opens in a new window).

Any requests for access to and/or correction of other documents containing personal information held by the Authority must be handled according to the provisions of the Freedom of Information Act 1982 (Vic). For further information see the Freedom of Information Arrangements on the Authority’s website.

Requests for an amendment to a document in our possession containing your own personal information where you believe the information is incorrect or misleading must:

• be in writing;
• provide an address;
• specify how the information is inaccurate, incomplete, out of date or would give a misleading impression; and
• specify the amendment sought.

The Authority has 30 days to process your request once it has been received.

Use the request for amendment form when making a request and the Freedom of Information request form to request documents (fees apply).

Forms can be submitted to the FOI Officer online by email to foi@plsa.vic.gov.au(opens in a new window) or by mail to:

FOI Officer
Portable Long Service Authority
PO Box 443
Bendigo VIC 3552

When you make a request to correct information that the registrar or Authority holds about you, the Authority may contact you in order to verify your identity. The Authority may ask you to provide evidence of the information you wish to correct, before accepting the changes.

Unique identifiers

The Authority does not assign unique identifiers to individuals unless necessary to enable it to carry out its functions efficiently.

The Authority does assign employers and workers a unique membership number upon registration to facilitate interactions with the Authority. The Authority may also request that you provide a unique identifier assigned by another organisation in order to complete its functions.

Anonymity

Individuals seeking general advice from the Authority or accessing the public register do not have to identify themselves. However, if you are applying for entitlements under the Act, seeking answers to a specific enquiry or making a complaint, the Authority will need to collect personal information such as your personal contact information and your Portable Long Service Authority Member Number. This is so that the Authority can verify the identity of who it is dealing with when discussing personal records about long service leave.

Transfer of personal information outside Victoria

The Authority contracts the use of cloud computing to store and manage data including personal information. Computer servers may be based interstate or overseas. The Authority takes reasonable steps to ensure the security of your information is managed this way. Where the information is transferred outside Victoria we take steps consistent with the principles in Victoria’s privacy laws to ensure its protection from unauthorised use and disclosure.

Reporting

No additional reporting is required.

Records management

Staff must maintain all records relevant to administering these policies in accordance with the PLSA Document and Records Management Policy.

Contacts for further information

If you have any questions about this Privacy Policy or you wish to make a complaint about a breach of the PDP Act to the Authority, you can contact the Authority’s Privacy Officer at:

Privacy Officer
Portable Long Service Authority
PO Box 443
Bendigo VIC 3552
Phone 1800 517 158(opens in a new window)
Email privacy@plsa.vic.gov.au(opens in a new window)

You may also make a complaint about a breach of the PDP Act by writing to the Office of the Victorian Information Commissioner. You can find out more information about how to make a complaint here(opens in a new window).

Changes to this policy

The Authority may amend this policy from time to time. The current version will be posted on the Authority’s website and a copy may be obtained at any time by contacting the Authority.

© Portable Long Service Benefits Authority, State Government of Victoria, 2026

Last updated 1 June 2026