THE GOOD SAMARITAN AID SOCIETY PRIVACY POLICY
GOOD SAMARITAN AID SOCIETY PRIVACY POLICY:
Good Samaritan Aid Society (“GSAS”) is committed to ensuring the privacy of all information it collects. We are committed to using your personal information (information or an opinion which can reasonably identify you), responsibly.
GSAS is bound by the Commonwealth Privacy Act, 1988 and the 13 “Australian Privacy Principles” contained in Schedule 1 of the Commonwealth Privacy Amendment (Enhancing Privacy Protection) Act 2012, which amends the Privacy Act, 1988. The Payment Card Industry Data Security Standard (PCI DSS) also applies to us and guides us when we manage your personal information. In keeping with these legislations, this Privacy Policy sets out GSAS’s practice in the collection, use and disclosure of personal information.
This Privacy Policy explains why and how we collect, use, disclose and store your personal information and what to do if you have questions, concerns, or complaints. We will occasionally make updates to this policy, so will note the date of the last change at the top of the page.
Remember, you are in control of the personal information you provide to us. Most personal information we collect comes from you and you can request to change or access your details at any time.
In keeping with this legislation, this Privacy Policy sets out GSAS’s practice in the collection, use and disclosure of personal information.
INFORMATION COLLECTED:
GSAS is required to gather and record certain personal and private information in the course of regular GSAS activities. The information collected includes (but is not limited to);
- Personal and contact details, such as name, age, gender, address in Australia and overseas (as applicable), email address and telephone numbers;
- Employment history (as appropriate);
- Medical history;
- Police Check;
- Educational background;
- Information necessary for working with children and child protection requirements;
- Records of financial giving/donations; and/or
- Credit card and bank details.
GSAS will treat this information with the strictest of confidence and only relevant information is collected where necessary.
HOW INFORMATION IS COLLECTED:
Where reasonably possible, GSAS will only collect information from the individual to whom it relates. This will be collected in the following ways;
- From official GSAS forms;
- Direct personal contact, telephone, email, letters, social media messages or other
forms of communication;
- Website enquiries;
- Conference or events enquiries and registration forms;
- Online donations and giving;
- Voice or image recordings, including the recording of GSAS activities or events;
- Voluntary submissions to receive electronic newsletters or advertising relating to
events; and/or
- Statistical information gathered through aggregated tracking to the GSAS website (without identifying specific individuals).
If GSAS receives any unsolicited personal information, that could have been solicited in the normal course of its activities, it may use this information in compliance with this Policy and applicable law. However, any unsolicited personal information that is received by GSAS and would not otherwise have been collected in the course of normal GSAS activities will be destroyed or de-identified as soon as practicable, provided it is lawful and reasonable to do so.
SENSITIVE INFORMATION:
Some of the information collected by GSAS is classified as sensitive information. This would include any information contained in confidential communications (such as emails) and any information on a person’s health; disabilities; financial background; racial or ethnic origin; religious beliefs; sexual preferences; professional and practice information; or criminal background. Sensitive information is only collected to satisfy legislative requirements or to meet special needs.
If GSAS is required to collect health information in the course of GSAS activities, it may be collected from the individual directly, or from a third party such as a medical provider (doctor, psychologist, counsellor, etc.). In this event, GSAS will ensure that the specific purposes of the use and disclosure of health-related information are explained in advance and will obtain the individual’s consent before collecting any information of this kind.
USE OF INFORMATION COLLECTED:
Personal information that is collected for a particular purpose will not be used for any other purpose. The only exceptions to this are if the individual consents to the use or disclosure of the information for another purpose, the individual would reasonably expect GSAS to use or disclose the information for another purpose, or it is necessary for legal or compliance reasons.
GSAS will not sell or disclose personal information to third parties except as provided in this Policy and where the disclosure is necessary and could be reasonably expected. GSAS never shares newsletter mailing lists with any third parties, including advertisers, sponsors or partners.
Personal information will not be used for direct marketing unless GSAS collected the information from the individual and they would reasonably expect GSAS to use or disclose the information for that purpose. In this case, an individual may request not to receive any direct marketing communications by contacting the relevant department of GSAS or Reception (contact details below).
Some examples of the need to use personal information during general GSAS activities would be;
- For the specific reason the information has been provided – such as for GSAS events, registrations, donations, email subscription lists and website enquiries;
- New Sponsorship Member registrations or GSAS Member updates;
- New Donation registrations; and
Some examples of the need to disclose personal information during GSAS activities would be;
- If GSAS reasonably believes that such disclosure is necessary to lessen or prevent a serious and imminent threat to the life or health of the individual or any other person; or
- If GSAS is authorised to disclose personal information to appropriate law enforcement agencies to assist in the prevention, detection, investigation, prosecution or punishment of criminal activities.
SECURITY OF INFORMATION COLLECTED:
GSAS is committed to maintaining a secure environment for all personal information collected, used or disclosed. GSAS will take all reasonable precautions to protect data from loss, misuse, interference, unauthorised access or disclosure, alteration or destruction.
Personal information is not retained any longer than is necessary and will only be retained for the minimum period specified by legislation. Once GSAS no longer needs the information for any purpose for which the information may be used or disclosed, it will take such steps as are reasonable in the circumstances to destroy or de-classify the information lawfully and securely. GSAS will also take all reasonable steps to correct any outdated personal information once it is made aware that the information is incorrect.
Access to either paper-based or computerized records will only be granted to GSAS staff where there is a demonstrated need for this access per that staff member’s duties or responsibilities. No other staff or external organisations will be entitled to access this information. All IT systems are password-protected and comply with standard security protocols.
Paper-based records containing personal information are filed in secure environments. Cabinets that hold personal information can be locked to prevent unauthorized access to the records. Furthermore, GSAS stores personal information in secure containers such as filing cabinets or safes as an added safeguard against unauthorised access. Personal information collected via GSAS’s website will be done by sufficiently secure means.
As noted above, GSAS will provide access to information to a law enforcement agency or other government agency if required.
ANONYMITY:
GSAS respects the right of individuals to remain anonymous in their dealings with the GSAS or staff members. GSAS will accommodate a request for anonymity as long as it is practicable and legal to do so.
SPECIFIC WEBSITE USE AND INFORMATION:
“Cookies”
GSAS may place a text file called a “cookie” in the browser files of a user’s computer. The cookie itself does not contain personal information, although it will enable GSAS to relate the use of the GSAS website to information that an individual has specifically and knowingly provided. The only personal information a cookie can contain is information that the individual has given. GSAS uses cookies to track user traffic patterns to better track site usage and page click rates.
Links to other websites
The GSAS website may contain links to other (third-party) websites. This Policy does not apply to any third-party websites that are linked to that of GSAS.
ACCESS TO INFORMATION COLLECTED:
GSAS will only provide individuals with access to personal information held about them upon written request submitted to the Business Manager (contact details below). If the Business Manager denies an access request, a reason will be provided, and written notice of the decision will be given to the applicant within 28 days of the request. The notice will also contain information on how to lodge a complaint or seek further assistance from the Office of the Australian Information Commissioner (OAIC). This is an independent body that will investigate complaints against possible privacy breaches (contact details below).
Access may be denied if such access would be unlawful, frivolous or vexatious; infringe on the privacy of other individuals; pose a serious and imminent threat to the life or health of any individual; interfere with existing or anticipated legal proceedings; or other valid reasons for exclusion in line with relevant legislation.
Should an individual wish to change or delete any personal information that is held by GSAS that is incorrect or outdated, they should contact the relevant Department of GSAS or the Business Manager.
COMPLAINTS AND ENQUIRIES:
Any questions or complaints about this Policy, or GSAS’s collection, use, disclosure or management of private information generally, should be directed to the Business Manager. All queries or complaints will be dealt with in the strictest of confidence and with the utmost urgency.
Any person requesting a copy of this Policy should forward their initial enquiry to the Business Manager, stating the form in which they require a copy of the Policy. GSAS will take all reasonable steps to provide a copy of the Policy in the form requested.
Complaints should be made in writing to the Business Manager, who will then investigate the issue. The Business Manager will respond to the complaint or query within 28 days of the written request being received. The response will also contain information on how to lodge a complaint or seek further assistance from the Office of the Australian Information Commissioner (OAIC).
CONTACT DETAILS:
Good Samaritan Aid Society
Telephone – 1800 12 HELP (1800 12 4357)
Email – info@gsas.org.au
Post – 32 Box Road, Wakeley, NSW 2176
Business Manager:
Telephone – 1800 12 HELP (1800 12 4357)
Email – info@gsas.org.au
Post – 32 Box Road, Wakeley, NSW 2176
The Office of the Australian Information Commissioner (OAIC):
Telephone: 1300 363 992 (General Enquiries)
Email – enquiries@oaic.gov.au
Post – GPO Box 5218 Sydney NSW 2001
Website – www.oaic.gov.au
This Policy has been approved by the Board of Directors of The Good Samaritan Aid Society Incorporated.