You are here

This privacy policy identifies relevant SRO policies and procedures for the protection of personal information in accordance with the Privacy and Data Protection Act 2014. The Privacy and Data Protection Act 2014 has three purposes:

  • To establish a regime for the responsible handling of personal information in the public sector,
  • To provide individuals with rights to information held about them by organisations, and
  • To provide remedies for interference with the information privacy of an individual

Under that Act, personal information is any information or an opinion (including information or an opinion forming part of a data base) that is recorded in any form and whether true or not about an individual whose identity is apparent, or can be reasonably ascertained, from the information or opinion.

The SRO's functions and responsibilities

The SRO is Victoria’s major revenue collection agency. The SRO is responsible for the administration of state taxes and levies, and for payments made under various assistance schemes, such as the Back to Work program and the First Home Owner Grant.  

Victorian taxation laws

The following taxes are administered under the Taxation Administration Act 1997.

  • Duties (Duties Act 2000) (Stamps Act 1958)
  • Land tax (Land Tax Act 2005) (Land Tax Act 1958)
  • Payroll tax (Payroll Tax Act 2007) (Pay-roll Tax Act 1971)
  • Congestion levy (Congestion Levy Act 2005)
  • Growth Area Infrastructure Contribution (GAIC) (Part 9B, Planning and Environment Act 1987)

Other levies:

  • Metropolitan Planning Levy (Part 4, Planning and Environment Act 1987)
  • Fire Services Property Levy (Part 4, Fire Services Property Levy Act 2012)

Payments, grants, rebates and subsidies:

  • First Home Owner Grant (First Home Owner Grant Act 2000)
  • Back to Work payments (Back to Work Act 2015)

The Register of Unclaimed Money (Unclaimed Money Act 2008) is also administered by the SRO.

The Register of Unclaimed Money

The Registrar is obliged to keep a comprehensive register for the administration of the Unclaimed Money Act 2008 and has the ability to confine published details to the minimum amount needed for the purpose. The published version of the register provides sufficient details for an owner to identify a claim, but also withholds certain details to ensure that there is still undisclosed information against which an applicant’s claim can be assessed.

The SRO’s functions under other laws

In addition, the SRO has functions under other Acts to which this privacy policy will also apply. For example, the SRO is responsible for the administration for the Victorian liquor subsidies under the Liquor Control Reform Act 1998 and the payment of water and sewerage rebates under the Water Act 1989.

Information privacy principles

As an agency responsible for the protection of the public revenue under a law administered by it, the SRO is a “law enforcement agency” for the purposes of section 3 of the Privacy and Data Protection Act 2014. Under section 15 of that Act, a law enforcement agency is not required to comply with certain Information Privacy Principles to the extent that such non-compliance is necessary for the performance of a law enforcement function or activity.


In administering these and other Acts, the SRO may collect and use personal information about individuals for the purposes of assessing a tax liability or conferring a benefit. The SRO collects personal information in accordance with the law for the purposes of assessment, collection, management and protection of revenue under Acts it administers.

In most cases, the SRO collects the information directly from the individual or a legal or financial representative authorised to act on their behalf.

The SRO may also obtain personal information from other sources, such as VicRoads, WorkSafe Victoria, Australian Securities and Investment Commission, the Australian Taxation Office, the Department of Immigration and Border Protection, and other revenue offices.

Enrolment information is also received from the Victorian Electoral Commission pursuant to the Electoral Act 2002. Information obtained by the SRO is used for data verification, revenue management and revenue protection purposes and is handled in accordance with the SRO’s legislative obligations.

The SRO commonly collects personal information through:

  • Returns, applications, notices and statements,
  • Requests for private rulings, objections, submissions and enquiries,
  • Customer feedback, surveys and research data,
  • Solicited or unsolicited correspondence and communications from the public

In addition, the SRO may collect personal information from current or prospective employees, or persons seeking to be engaged by the SRO under contract. The SRO’s Human Resources functions are administered in accordance with the Public Administration Act 2004.

Where the SRO is collecting information that will also be used and disclosed for Commonwealth reporting purposes, the SRO’s Collection Statement identifies the relevant details and the additional purposes for which they may be used and disclosed. 

Data quality

The SRO takes care to ensure that the personal information it collects about an individual is complete, up to date, and accurate. The SRO conducts data matching activities for the purposes of ascertaining compliance with Acts it administers, to verify or supplement information provided by a customer and to verify eligibility for certain concessions and exemptions.

Use and disclosure of information

The SRO does not use personal information other than in accordance with the law and for the purpose for which it was collected, or for a purpose you would reasonably expect associated with its revenue collection or revenue protection functions. The SRO may need to provide access to personal information to its contractors to perform functions involved in the administration of its responsibilities, such as for example, provision of IT or printing services. Contractors engaged by SRO are required to comply with the requirements of the Privacy and Data Protection Act 2014, and secrecy provisions.

The SRO does not disclose any information (including personal information) collected by it unless authorised by law, or with your consent.

The SRO is bound by secrecy provisions in the Acts administered by it. In relation to state taxes, the secrecy provisions in the Taxation Administration Act 1997 enable disclosure of information obtained under the taxation laws in the following circumstances:

  • With the person’s consent, or
  • In connection with the administration or execution of Acts administered by the SRO, the Australian Taxation Office, or another state and territory revenue office, as required by another Victorian Act, or
  • For specific purposes outlined in the legislation, or
  • To the office-holders and agencies listed as authorised to receive disclosures. Authorised recipients (see attached list) include certain Victorian, state, territory and Commonwealth government authorities

Similarly, secrecy provisions in other laws administered by the SRO – the First Home Owner Grant Act 2000, the Back to Work Act 2014, the Fire Services Property Levy Act 2012 and the Unclaimed Money Act 2008 – set out the purposes and agencies for which disclosures can be made under those laws.

The SRO uses information obtained by it for creation of statistics or consideration of economic trends for the purposes of government reporting, but there is no disclosure of personal information associated with such reporting.

Data security and retention

The SRO takes care to ensure that any personal information it holds about an individual is protected from misuse or loss and from unauthorised access, modification or disclosure. The SRO’s Risk Management Framework aligns with the Victorian Government Risk Management Framework and the AS/NZS ISO 31000:2009 standard.

In addition, the SRO has policies in place to ensure that information (including personal information) is securely stored and is destroyed or disposed of when it is no longer relevant, or necessary for the purposes of Acts administered by SRO or other SRO functions. Documents are stored, retained or destroyed in accordance with the Public Records Act 1973

Ensuring your browser is current with the latest patches applied will protect your confidential information. Failing to do so may compromise the security of your information, including credit card details, and result in you being unable to make payments through the SRO online facilities.


This Information Privacy Policy outlines the key elements of the SRO’s policy on the management of personal information. Where information is collected directly from the person or their representative on a form provided by the SRO, the form will include a Collection Statement explaining why the SRO requires the information, and the uses and disclosures permitted by the relevant laws.

The SRO may also collect personal information from other sources in order to verify or supplement information required for the assessment, investigation and enforcement of tax obligations and/or the determination of entitlements to grants and payments.

Access to your personal information and correction

The Privacy and Data Protection Act 2014 and Freedom of Information Act 1982 (FOI Act) provide individuals with a statutory rights of access to their own personal information held by government agencies about them.

Under the FOI Act, formal requests for access to personal information or correction of personal information can be made to the Information Officer. If a customer wishes to correct their records, informal request for correction may be directed to the Privacy Officer.    

Transborder data flows

The SRO may, in some circumstances, disclose personal information or information collected from you, to other agencies in other jurisdictions, or to the federal Commissioner of Taxation.

Transborder Data Flows are governed by secrecy laws which authorise the SRO to provide information obtained under revenue laws including personal information to specified agencies in other jurisdictions. The SRO administers Acts which permit the provision of information to other agencies and jurisdictions.  The agencies permitted to receive information from the SRO under these laws are listed in the attachment below.

Sensitive information

The SRO does not collect sensitive information from individuals, unless necessary for the purposes of Acts it administers or in managing its employees or contractors.

Unique identifiers

A unique identifier is a series of alphabetical or numeric characters, which may be applied to an individual and distinguishes them from other individuals. The SRO may assign, use or disclose unique identifiers to individuals where this necessary to do so to carry out its functions. For example, assessment and customer numbers are needed for the administration of taxes and grants administered by the SRO.


It may not be possible for the SRO to properly administer its Acts or carry out its functions unless an individual provides personal information to the SRO (as required by law). However, in some very limited circumstances – for example if a person is  making a general inquiry, or providing a tip-off information to the SRO – the SRO may permit personal information identifying the source of details supplied to the SRO to be removed or withheld.


If you have a complaint about how the SRO has handled your personal information, consider your privacy has been breached or have an enquiry about how the SRO handles personal information, please contact the Privacy Officer, (Paula Thorne) in the first instance on 9628 6105 or in writing:

Privacy Officer
State Revenue Office
GPO Box 1641

If you are not satisfied with the way in which the SRO has handled your complaint through its internal complaints procedure, you may contact the Privacy and Data Protection Commissioner (Privacy and Data Protection Deputy Commissioner from 1 September 2017):

Commissioner for Privacy and Data Protection
PO Box 24014

Phone: 1300 666 444
Fax: +61 3 8684 1667

Agencies permitted to receive information

The following are agencies permitted to receive information under legislation administered by the Commissioner of State Revenue / Registrar of Unclaimed Money.

  Taxation Administration Act 1997 First Home Owner Grant Act 2000 Unclaimed Money Act 2008 Fire Services Property Levy Act 2012 Back to Work Act 2015
Victorian agencies
Auditor-General Yes   Yes    
Business Licensing Authority for the purposes of administering the Motor Car Traders Act 1986 and regulations Yes        
Country Fire Authority Yes     Yes  
Director of Consumer Affairs Victoria Yes Yes Yes    
Essential Services Commission       Yes  
Fire Services Levy Monitor       Yes  
Independent Broad-based Anti-corruption Commission (IBAC) Commissioner Yes Yes      
Legal Services Board and Legal Services Commissioner Yes Yes Yes    
Member of the police force of or above the rank of inspector Yes Yes Yes   Yes
Metropolitan Fire and Emergency Services Board Yes     Yes  
Ombudsman Yes Yes Yes    
Public Record Office Victoria Yes        
Commissioner for Privacy and Data Protection     Yes    
Registrar of Titles Yes        
Secretary of the Department of Planning and Community Development for the purposes of administering the GAIC Yes        
Secretary to the Department of Primary Industries for the purpose of administering livestock duty Yes        
Valuer-General       Yes  
Roads Corporation for the purpose of administering the Road Safety Act 1986 and regulations Yes        
Treasurer and Secretary, Department of Treasury and Finance Yes Yes   Yes Yes
Victorian WorkCover Authority Yes   Yes   Yes
Victorian Planning Authority Yes        
Local government

Municipal councils appointed by the Treasurer under the Fire Services Property Levy Act 2012 to collect the fire services property levy on land outside their municipalities
State and territory revenue offices Yes Yes Yes    
Commonwealth agencies
Australian Statistician Yes        
Australian Taxation Office Yes   Yes    
Australian Securities and Investments Commission Yes   Yes    
Australian Crime Commission/Australian Criminal Intelligence Commission Yes        
Member of the Australian Federal Police Yes Yes Yes    
Chief Executive Centrelink for the purpose of administering Commonwealth social security laws, Yes Yes      
Child Support Registrar for the purposes of administering child support Yes Yes      
Foreign Investment Review Board (FIRB), Commonwealth Treasurer & Secretary, Treasury in relation to decisions under the Foreign Acquisitions and Takeovers Act 1975 (Cth) and regulations, or Australia’s foreign investment policy Yes Yes