POL-CP-04 PRIVACY, DIGNITY AND CONFIDENTIALITY - June 2019
At all times Deaf Children Australia recognises and respects the confidentiality of any personal information relating
to our stakeholders (clients, activity participants, donors, employees and volunteers). We aim to ensure that our
• Freedom from intrusion and public attention
• Being treated with respect
• Assurance that their personal information is protected from unauthorised access
2. Deaf Children Australia’s Privacy Officer
The CEO will appoint a Privacy Officer to continually monitor, ensure staff awareness of and compliance and address
requests for access and/or complaints relating to this Policy.
3.Privacy at Deaf Children Australia
Deaf Children Australia (ABN 108 025 207) is committed to protecting the privacy of any personal information it
collects, holds and administers. All people working with and for Deaf Children Australia are required to be familiar
Deaf Children Australia deals with personal information in accordance with the Commonwealth Privacy Act (1988)
and it’s Australian Privacy Principles (APPs).
Deaf Children Australia is bound by laws which impose specific obligations when it comes to handling information.
Deaf Children Australia will:
a) Collect only information which the organisation requires for its primary function of providing services and improv
ing service delivery
b) Ensure that stakeholders are informed as to why we collect the information and how we administer the
c) Use and disclose personal information only for our primary functions or a directly related purpose, or for another
purpose with the person’s consent
d) Take reasonable steps to ensure the information it collects is accurate, complete, up to date and relevant to the
functions we perform
e) Store personal information securely, protecting it from unauthorised access
f ) Only destroy records in accordance with the organisation’s Records Management Policy
h) Give stakeholders the option of not identifying themselves when completing evaluations forms or surveys
i) Provide stakeholders with access to their own information, and the right to seek its correction
j) Only release personal information about a person with that person’s express permission (signed release form) or as
required to do so by law•
4. What is personal information?
Personal Information is any information that can be used to personally identify you, whether the information or
a) true or not; and
b) recorded in a material form or not
5. What personal information do we collect?
The types of personal information we collect will depend on how you interact with us. Typically we collect the
following personal information:
• Name (yours and that of other family members)
• Date of birth
• Street /Postal address
• Contact telephone numbers
• Email address
• Service / program feedback
• Online survey responses
• Hearing status
• Preferred communication mode
• Transactional information such as credit card details or bank details in the event of a purchase from or donation to
Deaf Children Australia
• Staff / Volunteer information for human resources, finance and general administration purposes
• Contractors / Partnership information to conduct administrative and business functions
6. How do we collect personal information?
How Deaf Children Australia collects personal information from its stakeholders may include (but is not limited to)
• Directly from the person we are working with to provide service support
• When you purchase a resource / service or make a financial donation
• Through referral forms completed and submitted to us from third parties
• During conversations and email exchanges between you and our representatives
• When we obtain feedback from you about our services
• When you register for our events, workshops or activities
• When you subscribe to our newsletters
• Through your access / use of our website
• Through expressions of interest in employment or volunteering opportunities with our organisation
• From publically available sources
7. For what purposes do we use and disclose personal information?
We collect, hold, use and disclose personal information for the following purposes:
• to send you communications and information about our organisation that we consider may be of interest to you
• to manage and maintain our service delivery
• to respond to enquiries
• to improve our services
• to inform you about our services
• to deliver a tailored service solution
• to obtain feedback from you about our services
• to update our records and keep contact details up to date
• to enable you to subscribe to our website, newsletters, fundraising materials, register for events and workshops
• with your express consent and for an authorized purpose to a third party
• to process and respond to complaints
• to comply with reporting requirements associated with government funding
• to comply with any law, rule, regulation, lawful and binding determination, decision or direction of a regulator, or in
co-operation with any governmental authority
Deaf Children Australia will not share, sell, rent or disclose your personal information other than as described in this
Your personal information will not be used for any purpose other than the purpose for which it was collected unless
a) such use is authorized or required by law
b) you have consented to the use
If your information is no longer needed, we will take reasonable steps to either delete it from our systems or
de-identify it, except with Deaf Children Australia is required by law or a court/ tribunal order to retain the
8. How do we store and secure personal information?
Deaf Children Australia makes every effort to protect your personal information from unauthorized access, improper
use, alteration and destruction.
We store personal information in order to ensure that we can manage and maintain communication with individuals
and organisations we work with. Deaf Children Australia holds personal information in either:
• Hard copy (paper based) format in secure access controlled offices; or
• Electronic format (databases and email files) which requires login and passwords and are stored on our secure
9. Unauthorised access, use or disclosure of personal information
We will take seriously and deal promptly with any unauthorised access, use or disclosure of personal information.
The Notifiable Data Breaches (NDB) scheme which commenced on 22 February 2018, generally requires
organisations to notify individuals whose personal information is involved in a data breach which is likely to result in
serious harm to those individuals. These entities are also required to notify the Office of the Australian Information
Commissioner. We comply with the NDB scheme when dealing with these types of data breaches.
DCA also has regard to relevant guidance material issued by the Office of the Australian Information Commissioner,
including the ‘Data breach preparation and response — A guide to managing data breaches in accordance with the
Privacy Act 1988 (Cth)’, when responding to any incidents involving the unauthorised access of, use or disclosure of
10. Using the internet
When visiting the Deaf Children Australia website, a record of your visit is logged and information is automatically
recorded for statistical purposes to enable us to analyse trends, administer the website, and improve this site and our
services. This information does not identify you personally and Deaf Children Australia does not track information
about individuals and their visits.
Your web browser supplies information including:
• your internet domain and the IP address from which you access our website
• the type of web browser used
• your computer’s operating system
• the date and time you access the site
• the pages you visit and any documents downloaded
• If you followed a link to the Deaf Children Australia website from another website – the address of that website.
No attempt will be made to identify users or their browsing activities except where otherwise required or authorised
by law eg. In the event of an investigation, a law enforcement agency may exercise its legal authority to inspect the
service provider’s log.
Our website may contain links to other websites operated by third parties. We make no representations or warranties
on relation to the privacy practices of any third party website and we are not responsible for the privacy policies or
the content of any third party website.
The Deaf Children Australia website may at times offer interactive services such as forums, chat rooms or message
boards to its users. Please exercise caution when deciding to disclose any personal information about yourself or
others when using these services, as any information that is disclosed in these services becomes public information.
you. Should you wish to do so, you can block or reject the cookies set by Deaf Children Australia by changing your
When Deaf Children Australia receives information from you, either via email or any other means, the information
is stored in a secure environment. Please be aware that there are inherent risks associated with the transmission of
information via the internet. Although Deaf Children Australia has implemented security measures, it is not possible
to provide absolute guarantees as to the security of data provided via online transmission. If you have concerns
in this regard, Deaf Children Australia has alternative methods of obtaining and providing information e.g. mail,
telephone and facsimile.
11. How to access or correct your personal information or make a privacy related complaint.
Deaf Children Australia is transparent about the personal information it collects and aims to ensure that the personal
information is holds is accurate. You are entitled to access your personal information held by Deaf Children Australia.
Should you wish to access or correct your personal information that we hold, please make your request in writing to
the Privacy Officer by email . We will provide you with access in the manner that you
request where it is reasonable and practical to do so, except where we are entitled to deny access as permitted by
the Privacy Act. The privacy Officer will respond to your request within 30 days of receiving your request.
If we deny your request for access or to correct your personal information, we will provide you with written reasons
for this and mechanisms available to your to complain about our refusal.
You may also use the above contact details to notify us of a privacy complaint that you may have against us if you
think we have failed to comply with our obligations under the Australian Privacy Principles.