News & Updates
Table of Contents
1.2 Our Community is committed to protecting your privacy. Establishing a trusting relationship with our users is central to our work practices.
1.3 Privacy Legislation means, as applicable, the Privacy Act 1988 (Cth), Australian state or territory privacy laws, the Privacy Act 1993 (NZ), or any legislation that replaces those laws. We take our obligations under the Privacy Legislation very seriously.
1.4 In this Policy, Personal Information has the same meaning as in the Privacy Legislation. (That is, it means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not, and whether the information or opinion is recorded in a material form or not.)
1.6 We apply this Policy to all individuals and entities who interact with ACAA. This includes (but is not limited to) agents, contractors, subcontractors, employees, representatives, users of ACAA’s services, and volunteers.
1.7 We may update this Policy from time to time in accordance with legislative or operational changes. If you would like us to send you a free copy or you have comments or questions regarding this Policy, please contact us using the details provided in clause 14.
2. Types of information we collect
2.1 The type of information that we collect and hold depends on the nature of a person’s involvement with us.
2.2 We only collect your Personal Information where it is reasonably necessary for us to pursue one or more of our functions or activities, or where the law requires us to collect it.
2.3 Depending on the reason for collecting it, the Personal Information we collect may include (but is not limited to):
(a) your name and contact details;
(b) copies of identification documentation;
(c) payment information and banking details if you are purchasing a product through us;
(d) Personal Information contained in forms or applications;
Page | 3
(e) Personal Information contained in queries, or feedback about our services;
(f) usage data (which may include your IP address, the pages you have clicked through on our websites, websites that referred you to our sites, information about the device you are using, and your wider geographic location).
2.4 In some circumstances, we collect Sensitive Information which requires a higher level of protection under the Privacy Legislation. We consciously limit how much Sensitive Information we collect, and we only collect it when we have your consent and the collection is reasonably necessary for us to pursue one or more of our functions or activities. For these purposes, ‘Sensitive Information’ means:
(a) information or an opinion about an individual’s (i) racial or ethnic origin, (ii) political opinions, (iii) membership of a political association, (iv) religious beliefs or affiliations, (v) philosophical beliefs, (vi) membership of a professional or trade association, (vii) membership of a trade union, (viii) sexual orientation or practices, (ix) criminal record,
(b) health information about an individual,
(c) genetic information about an individual that is not otherwise health information;
(d) biometric information that is to be used for the purpose of automated biometric verification or biometric identification, or biometric templates.
3. How we collect information
3.1 We ask you for Personal Information when it is reasonably necessary for the activities in which you are seeking to be involved.
3.2 We will only collect your Personal Information by lawful and fair means, including by telephone, by letter, by email, or through forms on our websites.
3.3 Normally, we collect your Personal Information directly from you (or the relevant individual), unless it is unreasonable or impracticable to do so.
3.4 Subject to clause 3.2:
(a) We may collect Personal Information from agents, contractors, subcontractors, employees, representatives, users of Our Community’s services, and volunteers.
(b) On occasion, we may collect Personal Information from a third party. For example, Personal Information may be provided by third party websites (refer to clause 9).
(c) We collect user data through log files and cookies. You can block or delete cookies and still use our services, although if you do, you will be asked for your email address and password every time you log into an account you hold with us.
3.5 We generally obtain consent from the owner of Personal Information to collect their Personal Information. Consent may be provided in writing, or may be provided orally, or may be implied through a person’s conduct.
3.6 You are not required to provide the Personal Information and/or Sensitive Information we request. However, if you choose not to provide it, we may not be able to service your needs (see also clause 6).
3.7 You are free to browse our websites anonymously. However, when you are registering for one of our services, we require you to register an account using your name or a pseudonym and provide a valid email address. It is impractical for us to manage and provide support if we cannot match you to your account. Receipts (especially tax-deductible receipts) may be invalid unless accurate information, including your real name, is provided.
4. How we deal with unsolicited Personal Information
4.1 This clause sets out what happens if we receive your Personal Information from you or a third party without having asked for it.
4.2 First, within a reasonable time, we determine whether the Personal Information is reasonably necessary for, or directly related to, our functions or activities.
4.3 Then, if we determine the information is not reasonably necessary for these purposes, as soon as practicable we either destroy the information or ensure that it is de-identified, so long as it is lawful and reasonable to do so.
5. How we use your Personal Information
5.1 We use your Personal Information for a range of purposes, including:
(a) providing you with our services;
(b) improving our services through quality-improvement activities;
(c) providing information, news, offers and conducting surveys;
(d) conducting Data Science activities (explained in clause 10);
(e) helping you to access the most appropriate information and tools associated with our websites;
(f) providing you with support if you need technical assistance;
(g) processing payments, including donations;
(h) communicating important service-related announcements, changes to our services or policies, or password reminders;
(i) providing you with information about your account and newsletters you have signed up to receive;
(j) answering queries and resolving complaints;
(k) complying with directions from authorities or legislative requirements;
(l) screening for or preventing potentially illegal or abusive activity.
5.2 We may also collect, hold, use and disclose Personal Information for purposes:
(a) which we explained at the time of collection; or
(b) which are permitted by law; or
(c) for which you have provided your consent; or
(d) which are necessary for maintaining the reliability and security of infrastructure and services.
5.3 We only use or disclose your Personal Information for the above purposes, or for purposes that you consent to, or for other related purposes that you would reasonably anticipate.
5.4 To the extent you submit content to public areas of our websites (for example, on an online forum), it will be available to the public and we may reuse or republish it.
5.5 If you have any concerns about us using your Personal Information in any of these ways, please notify us immediately.
6. How we store and handle your data
6.1 We hold Personal Information in a number of ways, including in electronic databases, email contact lists, and in paper files held in secure drawers and cabinets.
6.2 We take reasonable steps to:
(a) make sure that the Personal Information is accurate, up to date and complete, and (in the case of use and disclosure) relevant;
(b) protect the Personal Information from misuse, interference and loss, and from unauthorised access, destruction, use, modification or disclosure;
(c) destroy or permanently de-identify Personal Information that is no longer needed for any purpose for which it may be used or disclosed under this Policy. (However, we may keep information for a longer period where
necessary to comply with contractual, regulatory or legal requirements.)
6.3 Any Personal Information we provide to you through your online account(s) with Our
Community is password-protected.
(a) You must not reveal or share your password with anyone.
(b) We will never ask for your password, either verbally or through phone or email
contact (whether initiated by you or us).
7 Accessing and correcting your Personal Information
7.1 If you would like to access your Personal Information, you can request to do so using the contact details below. We will allow you to access your Personal Information unless there is a sound reason not to, including where:
(a) giving access would have an unreasonable impact on the privacy of others; or
(b) we consider that your request for access is frivolous or vexatious.
7.2 If we refuse to give you access to your information, we will give you a notice setting out our reasons.
7.3 If you believe that information we hold about you is incorrect or out of date, please contact us via email and we will take all reasonable steps to amend the information in line with your request.
8. Third party service providers
8.1 Our Community uses some third party service providers in order to support our websites and operations. These third party service providers may store information inside or outside Australia.
8.2 We select reputable third party service providers on the basis of their published privacy policies. We do our best to ensure that third party service providers do not breach thePrivacy Legislation.
8.3 A list of third party service providers can be requested using the contact details below.
9 Direct marketing
9.1 We only use your Personal Information to let you know about our products or services where we have your consent, or where we are otherwise permitted by law to do so. We may contact you for these purposes in a variety of ways, including by mail, email, SMS or telephone.
9.2 We do not sell your Personal Information to any third party for the purposes of direct marketing.
9.3 Where you have consented to receiving marketing communications from us, your consent remains current until you advise us otherwise. You can opt out at any time, by:
(a) contacting us as set out in clause 13;
(b) advising us if you receive a marketing call that you no longer wish to receive; or
(c) using the unsubscribe facility that we include in our commercial electronic
messages (such as emails and SMS) to opt out of receiving messages.
9.4 We do not use your Sensitive Information (refer to clause 2.4) for the purposes of direct marketing.
10. Data Science
10.1 Our Community’s overriding objective is to build stronger communities through stronger community organisations. We manage a comprehensive set of data collected through the websites listed in clause 1.5 and we use scientific methods, processes and systems to derive meaning from this data (Data Science). Our ground-breaking data initiatives are underpinned by our mission to create social value and drive a shift toward evidence based practices and decision-making.
10.2 By using our online services, you agree that Our Community can access, aggregate and use data collected from you as input into our Data Science activities.
10.3 We may use our Data Science activities to:
(a) conduct research;
(b) create new products and services;
(c) identify improvements to our existing products and services.
10.4 We may share the outputs of our Data Science activities with the public (for example, on our public websites or through social or mainstream media) or through channels where we charge a fee (e.g. our conferences or subscription-based websites and newsletters).
We do not disclose information that identifies any individuals or organisations unless we have their express consent.
10.5 Where we engage third parties to conduct Data Science activities, we either aggregate or de-identify the data first, or the third party is subject to our information-handling procedures described in clause 6.2
11 Notification of a data breach
11.1 If we become aware of unauthorised access to or loss of your Personal Information, we will promptly:
(a) notify you;
(b) investigate the cause;
(c) do our best to remedy any consequences; and
(d) tell you what steps we have taken to prevent a reoccurrence.
12.1 If you have a complaint about how we collect or handle your Personal Information, please contact us using the contact details below. We treat any claims of privacy breaches seriously and will do our best to respond to your complaint within seven days of receiving it.
12.2 If you are unhappy with our response, you can refer your complaint to the Office of the Australian Information Commissioner in Australia or the Office of the Privacy Commissioner in New Zealand.
13. How you can contact us
Please contact us if you have any queries about the Personal Information that we hold about you or the way we handle it. Our contact details are set out below:
(a) Call us on +61 (0) 419 280 460
(b) Email us on email@example.com