1. Introduction 1.1 From time to time Northern Area Community & Youth Services Inc ("the Company") is required to collect, hold, use and/or disclose personal information relating to individuals (including, but not limited to, its customers, contractors, suppliers and employees) in the performance of its business activities. 1.2 This document sets out the Company's policy in relation to the protection of personal information, as under the Privacy Act 1998 (Cth) the ("Act") and the Australian Privacy Principles ("APP"). 1.3 The APPs regulate the handling of personal information. 2. What is personal information? 2.1 Personal information means information or an opinion (including information or an opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion. 3. Employee records 3.1 This policy does not apply to the collection, holding, use or disclosure of personal information that is an employee record. 3.2 An employee record is a record of personal information relating to the employment of an employee. Examples of personal information relating to the employment of the employee include, but are not limited to, health information and information about the engagement, training, disciplining, resignation, termination, terms and conditions of employment of the employee. Please see the Act for further examples of employee records. 4. Kinds of information that the Company collects and holds 4.1 The Company collects personal information that is reasonably necessary for one or more of its functions or activities. 4.2 The type of information that the Company collects and holds may depend on your relationship with the Company. For example:
4.3 Sensitive information: the Company will only collect sensitive information where you consent to the collection of the information and the information is reasonably necessary for one or more of the Company’s functions or activities. Sensitive information includes, but is not limited to, information or an opinion about racial or ethnic origin, political opinions, religious beliefs, philosophical beliefs, membership of a trade union, sexual preferences, criminal record, health information or genetic information. 5. How the Company collects and holds personal information 5.1 The Company must collect personal information only by lawful and fair means. The Company will collect personal information directly from you if it is reasonable or practicable to do so. 5.2 The Company may collect personal information in a number of ways, including without limitation:
5.3 When the Company collects personal information about you through publicly available information sources, it will manage such information in accordance with the APPs. 5.4 At or before the time or, if it is not reasonably practicable, as soon as practicable after, the Company collects personal information, the Company must take such steps as are reasonable in the circumstances to either notify you or otherwise ensure that you are made aware of the following:
5.5 Unsolicited personal information is personal information that the Company receives which it did not solicit. Unless the Company determines that it could have collected the personal information in line with the APPs or the information is contained within a Commonwealth record, it must destroy the information to ensure it is de-identified. 6. Purposes for which the Company collects, holds, uses and/or discloses personal information 6.1 The Company will collect personal information if it is reasonably necessary for one or more of its functions or activities. 6.2 The main purposes for which the Company may collect, hold, use and/or disclose personal information may include but are not limited to:
6.3 The Company may also collect, hold, use and/or disclose personal information if you consent or if required or authorised under law. 6.4 Direct marketing:
7. Disclosure of Personal Information 7.1 The Company may disclose your personal information for any of the purposes for which it is was collected, as indicated under clause 6 of this policy, or where it is under a legal duty to do so. 7.2 Disclosure will usually be internally and to related entities or to third parties such as contracted service suppliers. 7.3 Before the Company discloses personal information about you to a third party, the Company will take steps as are reasonable in the circumstances to ensure that the third party does not breach the APPs in relation to the information. 8. Access to personal information 8.1 If the Company holds personal information about you, you may request access to that information by putting the request in writing and sending it to the Privacy Officer. The Company will respond to any request within a reasonable period, and a charge may apply for giving access to the personal information. 8.2 There are certain circumstances in which the Company may refuse to grant you access to the personal information. In such situations the Company will give you written notice that sets out:
9. Correction of personal information 9.1 If the Company holds personal information that is inaccurate, out-of-date, incomplete, irrelevant or misleading, it must take steps as are reasonable to correct the information. 9.2 If the Company holds personal information and you make a request in writing addressed to the Privacy Officer to correct the information, the Company must take steps as are reasonable to correct the information and the Company will respond to any request within a reasonable period. 9.3 There are certain circumstances in which the Company may refuse to correct the personal information. In such situations the Company will give you written notice that sets out:
9.4 If the Company correct personal information that it has previously supplied to a third party and you request us to notify the third party of the correction, the Company will take such steps as are reasonable to give that notification unless impracticable or unlawful to do so. 10. Integrity and security of personal information 10.1 The Company will take such steps (if any) as are reasonable in the circumstances to ensure that the personal information that it:
10.2 The Company will take steps as are reasonable in the circumstances to protect the personal information from misuse, interference, loss and form unauthorised access, modification or disclosure. 10.3 If the Company holds personal information, it no longer needs the information for any purpose for which the information may be used or disclosed, the information is not contained in any Commonwealth record and the Company is not required by law to retain the information, it will take such steps as are reasonable in the circumstances to destroy the information or to ensure it is de-identified. 11. Anonymity and Pseudonymity 11.1 You have the option of not identifying yourself, or using a pseudonym, when dealing with the Company in relation to a particular matter. This does not apply:
11.2 However, in some cases if you do not provide the Company with your personal information when requested, the Company may not be able to respond to your request or provide you with the goods or services that you are requesting. 12. Complaints 12.1 You have a right to complain about the Company’s handling of your personal information if you believe the Company has breached the APPs. 12.2 If you wish to make such a complaint to the Company, you should first contact the Privacy Officer in writing. Your complaint will be dealt with in accordance with the Company’s complaints procedure and the Company will provide a response within a reasonable period. 12.3 If you are unhappy with the Company’s response to your complaint, you may refer your complaint to the Office of the Australian Information Commissioner. 13. Contact details 13.1 The CEO can be contacted in the following ways:
|
Privacy Policy >