AASA Online Privacy Policyfight-dementia

CRP.020 – Version November 2016

Purpose:

Dementia Australia Incorporated (“AASA”) values your privacy and takes reasonable steps to protect your personal information (that is, information which identifies or may reasonably be used to identify you).  We abide by the requirements of the Privacy Act 1988 (Cth) (“Act”) in relation to the collection and use of your personal information and comply with other applicable laws protecting privacy including State and Territory health information legislation.  By providing personal information to us, you consent to our collection, use and disclosure of that information on the terms of this privacy policy and any other contractual or other arrangements (if any) that may apply between us.

 

The Privacy Act provides you with a number of rights, including the right:

  • To know why your personal information is being collected, how it will be used and whether it can be given to anyone else;
  • To see what information is held about you and have it corrected if it is incorrect, out of date or incomplete (the Freedom of Information Act 1982 also covers this);
  • To have your personal information stored securely and protected from unauthorised access or misuse; and;
  • To know the complaints procedure if you believe your privacy has been infringed.

 

Scope

This Policy describes how your privacy is respected and protected in accordance with the Australian Privacy Principles.  It applies to all information we hold about you through your use of our services including information obtained via electronic devices (e.g. personal computer, mobile telephone, mobile tablet or other consumer electronic device) used to access our services.

 

References

Privacy Act 1988

Australian Privacy Principles (APP)

Freedom of Information Act 1991

Fair Work Act

 

Policy

What personal information we collect

AASA collects personal information about service users, supporters, employees, volunteers and contractors but this is limited to that which is necessary for us to undertake our services and activities. Many of our services and activities allow you to remain anonymous or use a pseudonym if you wish.

 

However, if you choose to provide us with your personal information, it will generally be in relation to:

  • Providing services to clients – AASA collects your, and your family members’ names, addresses and other contact details, dates of birth, other information about your needs and circumstances (such as living arrangements), records of communication and as otherwise required in order to provide our services and communicate with you.  With consent, this information may involve details about your health including dementia related information such diagnosis, other associated health issues, services and supports in place, correspondence with the client’s health and other service providers and other sensitive information.  The specific information will depend on the type of service provided and will be collected before and during the provision of services.
  • Donors – when you make a donation, including via the AASA website (“the Website”), AASA collects and stores in our fundraising database your name, email address, mailing address, payment and billing details (including credit card details if relevant), and other contact information.  Note: all electronic credit card details are encrypted for security purposes.

This information is used to process your donation, complete your tax receipt, send you further information about AASA and for promotional purposes.

  • Supporters and volunteers – AASA may also collect names, addresses and other contact details, records of communication between you and AASA and other personal information about current and potential supporters and volunteers so that we can encourage, record and acknowledge your support and communicate with you about Dementia Australia Incorporated and our activities.
  • Distributing publications – we collect contact details (which may include name, address, email address, and mobile phone number) when you interact with us in order to distribute newsletters and other communications in print and electronic form from time to time.  You may choose to be removed from our distribution lists by contacting us.
  • Conducting events – we collect contact details, donation history and other personal information, including photographs and videos, about those who wish to join or participate in our events and programmes.  This information is used to administer these activities and to promote and seek support for such events and for the activities of AASA.  With consent, this information may include health or other sensitive information.
  • Assisting with your queries – you may choose to provide us with your name or other contact details when you call us by telephone or write to us, contact us via the Website, or email us so that we can respond to your requests for our newsletter or for other information about AASA services or operations.
  • Conducting our general business activities – AASA collects personal information about individuals who are, or are employed by, our suppliers (including service and content providers), contractors and agents for our general business operations.
  • Applying for a position (as a volunteer or employee) with AASA – we may collect your personal information, including name and contact details, information about your working history and relevant records checks (including criminal and working with children checks) when you apply for a position with us, in order for us to assess your suitability for that or other positions.

 

We may ask you for other information to enable us to better understand our clients, donors and others who deal with us, but the provision of that information is purely voluntary.

 

How and when we collect your personal information

It is our usual practice to collect personal information directly from you or your authorised representative (such as a carer, guardian or other responsible person) in person, or via the Website.  We collect information from an authorised representative if you have consented for us to collect the information in this way, or where it is not reasonable or practical for us to collect this information directly from you (such as in an emergency, because you are not able to provide the information required or where collection in this way is a reasonable and efficient way to collect the information without inconvenience to you).  Sometimes we collect personal information from publicly available sources or other third parties to, for example, support our fundraising activities or for a specific activity such as investigating a complaint.  Should you be contacted as a result of this, you will be given the opportunity to opt out of any future similar communication.

 

If you choose not to provide certain personal information to us, we may not be able to provide you with the services you require or communicate with you.

 

AASA also collects limited information about all visitors to our online resources which is used only to identify generic behavioural patterns.

 

We use Google Analytics to track visits to our websites to monitor their effectiveness, maintain our servers and improve our services. Types of data collected include:

  • server address;
  • top level domain name (for example .com, .gov, .au, etc.);
  • the date and time of your visit to the site;
  • the pages you accessed and documents downloaded during your visit;
  • the previous site you visited;
  • if you’ve visited our site before; and
  • the type of browser used.

 

These statistics will not identify you as an individual.

 

Google Analytics is a web analytics tool that helps website owners understand how visitors engage with their website.  Google Analytics customers can view a variety of reports about how visitors interact with their website so they can improve it. For more information read Google’s Privacy Policy.

 

How we use your personal information

We use and disclose personal information we collect:

  • to provide and improve our services to our clients and their family members, including to:
  • identify and provide services required including those offered by third parties;
  • allow exchange of information between service providers with whom AASA deals on behalf of clients;
  • assess the adequacy of, and our clients’ and their family members’ level of satisfaction with, our services;
  • to communicate with our clients and their family members, donors and supporters, and volunteers (including responding to queries and complaints) and distributing our publications, conducting events and raising awareness about our services;
  • to process donations and communicate with our donors and supporters, including sending them information (which may be by phone, email or other electronic means);
  • to undertake our general business activities, including interacting with contractors and service providers, billing and administration including measuring and assessing the level of support we receive and the effectiveness of our fundraising activities and assessing applicants for positions with us; and
  • where:
  • you consent;
  • we are required or authorised by law to use or disclose the information for another purpose; or
  • the disclosure of the information will prevent or lessen a serious and imminent threat to somebody’s life or health.

 

We will not share any of your personal information with third parties without your consent except:

  • if we are required by law or we believe in good faith that such action is necessary in order to comply with law, cooperate with law enforcement or other government agencies, or comply with a legal process served on the company (including other service providers or insurers) or court order;
  • if the disclosure of the information will prevent or lessen a serious and imminent threat to somebody’s life or health;
  • to our contractors, service providers and volunteers to the extent necessary for them to perform their duties to us; or
  • if you are a client, to your family members or your health or other service providers; for the purpose of providing our services to you and only with your consent (unless one of the other purposes of disclosure listed above applies).

In the event of any disclosure taken under these circumstances, you will be notified of such.

We are obliged to report to government and other bodies on the services they fund us to provide.  Reports cover demographic and service use information only – your personal information will not be passed on so cannot be matched with Medicare, Centrelink or any other records about you.

 

Who will have access to your personal information?

Unless we are required to provide it to others for purposes identified above, your personal information will only be seen or used by people working for us and our contracted service providers, for example, secure mailing houses to enable us to send out appeals and other donation requests.  These contractors are bound by privacy legislation which restricts the use of that information to the purpose for which it is provided; prohibits the copying or use of that information for any other purpose; and requires the destruction or return to us of that information once the purpose for which it has been provided has been served.

 

AASA operates on a federated model with state organisations operating as separate entities. As such your information will only be available to staff within the state where you contact us. Should you wish to receive services in another state, your consent will be sought to share your information.

 

If you do not wish your personal information to be disclosed under any circumstances for the purpose of direct marketing you may refuse consent by notifying the AASA Marketing Team:

 

Email: sa.admin@dementia.org.au

Dementia Australia, 27 Conyngham Street, Glenside, SA, 5065

Phone: (08) 8372 2100

Fax: (08) 8338 3390

 

Security of your personal information

We regard the security of your personal information as a priority and implement a number of physical and electronic measures to protect it.  All staff and volunteers who may have access to your information are required to sign a confidentiality agreement and if contract service providers are used, they will be bound by our Privacy Policy.

 

We remind you, however, that the internet is not a secure environment and although all care is taken, we cannot guarantee the security of information you provide to us via electronic means.

 

Data quality

We take all reasonable steps to ensure that the personal information we collect is accurate, up to date and complete.  This includes maintaining and updating personal information when we are advised it has changed and at other times as necessary.

 

Cross border data transfer

AASA operates only within Australia and will not provide your information to parties in any other country.  We do from time to time, however, use web-based programs for particular activities such as email broadcast which may be hosted offshore but only when the supplier is bound by privacy laws and has compliant practices in place.

 

Accessing and correcting your information

You are entitled to view the information we hold about you and reasonable requests for access will be responded to as quickly as possible.  Access to a large amount of information or information from various sources within the organisation may take time before we can respond.

 

If you wish to view the information we hold about you, please contact the AASA System Coordinator:

 

Email: sa.admin@dementia.org.au

Mail: System Coordinator,

Dementia Australia, 27 Conyngham Street, Glenside, SA, 5065

Phone: (08) 8372 2100

Fax: (08) 8338 3390

 

If we refuse to give you access to information we will give a reason for this decision.  Generally, if requested, we will amend any personal information which you demonstrate is inaccurate, incomplete or not current, and will remove any information that is not relevant.  If we disagree with your view on these matters we will keep a note on the file setting out your view of the information held.

 

On-line transactions

AASA websites enabled for online transactions use a certified secure payment gateway.  However, despite the security on this site, you should be aware that there are inherent risks in transferring information across the Internet and we cannot accept liability for any breaches.

 

Email communication

We strive to be efficient with the funds that have been entrusted to us.  As email can be sent at a lower cost compared to surface mail we offer our donors/supporters the opportunity to supply their email address for mailing purposes.  We will only send you an email when there is an important message we would like you to know about.

When making a donation on the Internet, you are given the option to opt out of receiving future mailing. You may remove your name from this database at any time through the ‘Unsubscribe’ link on the email.

 

Security measures for online donations

Donations made online to AASA are processed in real time, using a secure payment gateway.  Donations are processed in Australia (and for all other countries) in Australian Dollars.  If you have any questions about making an online donation to AASA please contact us.

AASA websites enabled for online transactions have security measures (minimum 128-bit secure sockets layer encryption) designed to protect against the loss, misuse and/or alteration to your personal information under our control. Secure pages on our websites are protected by a 128-bit SSL certificate. A security icon visible on your screen, for example a padlock, confirms that your browser supports SSL security. Click on the security icon to verify the security certificate on this website.

 

Links to other websites

The Website and AASA’s mobile applications (“the Mobile Application”) may contain links to third party websites and/or third party mobile applications, and third party websites and/or third party mobile applications may also have links to the Website or the Mobile Application. This Privacy Policy does not apply to external links or other websites or other mobile applications who may also collect your personal information. We encourage you to read the privacy policies of any website or mobile application you link to from the Website or the Mobile Application.

 

Agreeing to these terms (use constitutes acceptance)

Your continued use of the Website or the Mobile Application indicates that you accept the conditions of this Privacy Policy and consent to the collection and use by us of any personal information you provide while using the Website or the Mobile Application.  If you do not agree to the privacy and security terms as set out here, please do not use the Website or the Mobile Application.

 

Effective date and updates

This is the current Privacy Policy of Dementia Australia Incorporated.  This policy was last updated in [October 2016]and replaces any other Privacy Policy for the organisation published on the Website or the Mobile Application to date.  Unless stated otherwise, this Policy applies to all information that we have about you.  AASA may at any time vary this policy by publishing an updated version on the Website or the Mobile Application.  You accept that by using the Website or the Mobile Application that we have provided you with sufficient notice of the variation.

 

Changes to this Privacy Policy

We reserve the right, as it may be necessary, to review, revise or make changes to our Privacy Policy and will notify you of those changes by posting those changes on the Website or the Mobile Application.

 

Additional Information

Additional information on the Australian Privacy Principles can be obtained from www.privacy.gov.au.

 

More Information or Complaints

If you would like more information about our Privacy Policy, the way we manage your personal information or are concerned that we may have breached your privacy and wish to make a complaint, contact the AASA System Coordinator:

 

Email: sa.admin@dementia.org.au

Mail: System Coordinator,

Dementia Australia, 27 Conyngham Street, Glenside, SA, 5065

Phone: (08) 8372 2100

Fax: (08) 8338 3390