Last Uploaded: 06/09/2022
The objective of this policy is to ensure employees, volunteers, contractors and external interested parties are aware of and understand how Deaf Children Australia and its subsidiaries protect the privacy of any personal information it collects, holds and administers.
At all times Deaf Children Australia recognises and respects the confidentiality of any personal information relating to our stakeholders (clients, activity participants, donors, employees and volunteers). We aim to ensure that our stakeholders enjoy:
· Freedom from intrusion and public attention
· Being treated with respect
· Assurance that their personal information is protected from unauthorised access
Deaf Children Australia is bound by laws which impose specific obligations when it comes to handling information.
Deaf Children Australia will:
a) Collect only information which the organisation requires for its primary function of providing services and improving service delivery
b) Ensure that stakeholders are informed as to why we collect the information and how we administer the information gathered
c) Use and disclose personal information only for our primary functions or a directly related purpose, or for another purpose with the person’s consent
d) Take reasonable steps to ensure the information it collects is accurate, complete, up to date and relevant to the functions we perform
e) Store personal information securely, protecting it from unauthorised access
f) Only destroy records in accordance with the organisation’s Records Management Policy
h) Give stakeholders the option of not identifying themselves when completing evaluations forms or surveys
i) Provide stakeholders with access to their own information, and the right to seek its correction
j) Only release personal information about a person with that person’s express permission (signed release form) or as required to do so by law
The CEO will appoint a Privacy Officer to continually monitor, ensure staff awareness of and compliance and address requests for access and/or complaints relating to this Policy.
Personal Information is any information that can be used to personally identify you, whether the information or opinion is:
a) true or not; and
b) recorded in a material form or not.
The types of personal information we collect will depend on how you interact with us. Typically we collect the following personal information:
· Name (yours and that of other family members)
· Date of birth
· Street /Postal address
· Contact telephone numbers
· Email address
· Service / program feedback
· Online survey responses
· Hearing status
· Preferred communication mode
· Transactional information such as credit card details or bank details in the event of a purchase from or donation to Deaf Children Australia
· Staff / Volunteer information for human resources, finance and general administration purposes
· Contractors / Partnership information to conduct administrative and business functions
How Deaf Children Australia collects personal information from its stakeholders may include (but is not limited to) the following:
· Directly from the person we are working with to provide service support
· When you purchase a resource / service or make a financial donation
· Through referral forms completed and submitted to us from third parties
· During conversations and email exchanges between you and our representatives
· When we obtain feedback from you about our services
· When you register for our events, workshops or activities
· When you subscribe to our newsletters
· Through your access / use of our website
· Through expressions of interest in employment or volunteering opportunities with our organisation
· From publicly available sources
We collect, hold, use and disclose personal information for the following purposes:
· To send you communications and information about our organisation that we consider may be of interest to you
· To manage and maintain our service delivery
· To respond to enquiries
· To improve our services
· To inform you about our services
· To deliver a tailored service solution
· To obtain feedback from you about our services
· To update our records and keep contact details up to date
· To enable you to subscribe to our website, newsletters, fundraising materials, register for events and workshops
· With your express consent and for an authorised purpose to a third party
· To process and respond to complaints
· To comply with reporting requirements associated with government funding
· To comply with any law, rule, regulation, lawful and binding determination, decision or direction of a regulator, or in co-operation with any governmental authority
Your personal information will not be used for any purpose other than the purpose for which it was collected unless:
a) such use is authorised or required by law; or
b) you have consented to the use.
If your information is no longer needed, we will take reasonable steps to either delete it from our systems or de-identify it, except with Deaf Children Australia is required by law or a court/ tribunal order to retain the information.
Deaf Children Australia makes every effort to protect your personal information from unauthorised access, improper use, alteration and destruction.
We store personal information in order to ensure that we can manage and maintain communication with individuals and organisations we work with. Deaf Children Australia holds personal information in either:
a) Hard copy (paper based) format in secure access controlled offices; or
b) Electronic format (databases and email files) which requires login and passwords and are stored on our secure servers.
10. Unauthorised access, use or disclosure of personal information
We will take seriously and deal promptly with any unauthorised access, use or disclosure of personal information.
The Notifiable Data Breaches (NDB) scheme which commenced on 22 February 2018, generally requires organisations to notify individuals whose personal information is involved in a data breach which is likely to result in serious harm to those individuals. These entities are also required to notify the Office of the Australian Information
Commissioner. We comply with the NDB scheme when dealing with these types of data breaches.
DCA also has regard to relevant guidance material issued by the Office of the Australian Information Commissioner, including the ‘Data breach preparation and response — A guide to managing data breaches in accordance with the Privacy Act 1988 (Cth)’, when responding to any incidents involving the unauthorised access of, use or disclosure of personal information.
When visiting the Deaf Children Australia website, a record of your visit is logged and information is automatically recorded for statistical purposes to enable us to analyse trends, administer the website, and improve this site and our services. This information does not identify you personally and Deaf Children Australia does not track information about individuals and their visits.
Your web browser supplies information including:
· Your internet domain and the IP address from which you access our website
· The type of web browser used
· Your computer’s operating system
· The date and time you access the site
· The pages you visit and any documents downloaded
· If you followed a link to the Deaf Children Australia website from another website – the address of that website.
No attempt will be made to identify users or their browsing activities except where otherwise required or authorised by law eg. In the event of an investigation, a law enforcement agency may exercise its legal authority to inspect the service provider’s log.
Our website may contain links to other websites operated by third parties. We make no representations or warranties on relation to the privacy practices of any third-party website and we are not responsible for the privacy policies or the content of any third-party website.
The Deaf Children Australia website may at times offer interactive services such as forums, chat rooms or message boards to its users. Please exercise caution when deciding to disclose any personal information about yourself or others when using these services, as any information that is disclosed in these services becomes public information.
When Deaf Children Australia receives information from you, either via email or any other means, the information is stored in a secure environment. Please be aware that there are inherent risks associated with the transmission of information via the internet. Although Deaf Children Australia has implemented security measures, it is not possible to provide absolute guarantees as to the security of data provided via online transmission. If you have concerns in this regard, Deaf Children Australia has alternative methods of obtaining and providing information e.g., mail telephone and facsimile.
Deaf Children Australia is transparent about the personal information it collects and aims to ensure that the personal information is holds is accurate. You are entitled to access your personal information held by Deaf Children Australia.
Should you wish to access or correct your personal information that we hold, please make your request in writing to:
The Privacy Officer
We will provide you with access in the manner that you request where it is reasonable and practical to do so, except where we are entitled to deny access as permitted by the Privacy Act. The privacy Officer will respond to your request within 30 days of receiving your request.
If we deny your request for access or to correct your personal information, we will provide you with written reasons for this and mechanisms available to your to complain about our refusal.
You may also use the above contact details to notify us of a privacy complaint that you may have against us if you think we have failed to comply with our obligations under the Australian Privacy Principles.
· Commonwealth Privacy Act (1988)
· Australian Privacy Principles (APPs)