Protecting privacy

How we protect privacy

CarbonNet’s Privacy Policy (see DJSIR's Privacy Policy) supports the need to collect, store and use personal and health information.

CarbonNet employees, consultants, and other workplace participants respect individuals’ private data and must ensure information privacy requirements are followed when collecting, using, storing, and disclosing personal information.

As per minimum standards, the Department is subject to the Information and Health Privacy Principles in the Privacy and Data Protection Act 2014 (Vic) and the Health Records Act 2001 (Vic) when dealing with personal information.

CarbonNet must only collect personal information if it is necessary for its functions or activities, and:

  • has gained consent from the individual, or
  • collection is necessary to prevent or lessen a serious or imminent threat to the well-being of an individual.

The project is committed to maintaining the integrity of sensitive information through established processes, recorded in our Privacy Impact Assessment document.


Community and stakeholder feedback and complaints are recorded, considered, and responded to.

The process is:

  1. Feedback is discussed with the individual providing the comments and recorded in CarbonNet’s stakeholder database, Consultation Manager.
  2. CarbonNet reviews the feedback and either accepts the suggestion, proposes an alternative, requests more information, or defers action until relevant information is known or made available.
  3. The stakeholder will be advised of the considerations, the outcome, and reasons, and this will be recorded in the project’s stakeholder relationship management system, the integrity and security of which has been approved by CarbonNet’s security advisors and recorded in the project’s approved Privacy Impact Assessment.

Please contact the project if you have any queries.

Phone: 1800 878 968

Page last updated: 17 July 2023