a.The Company is committed to protecting user privacy. We understand that visitors and users of the Website are concerned about their privacy, and the confidentiality and security of any information that is provided.
2. Collection of information
Whenever users (including non-member users) visit the Website, our servers automatically record information for statistical purposes about your usage of the Website such as:
- the type of browser used
- the referring URL
- the IP address
- the number and type of pages viewed
- the date and time of visits
- the exit URL
This information we collect about you is not Personal Information and, in any event, remains anonymous. We do not link the anonymous information to any other Personal Information unless you have either registered as a member or logged on as a member at the time of use. Accordingly, if you have not identified yourself on the Website, such as by registering as a member or logging on as a member, we will not link a record of your usage of our Website to you personally.
Upon your registration as a member we collect information about you in order to provide you with the full benefits of membership. We collect non-identifying information as well as Personal Information from you directly when you first register and also from time to time thereafter if you provide us with additional information.
Personal Information which may be collected by the Company includes, without limitation:
- your full name
- your email address
- your residential address
- phone number
We shall only collect Personal Information that is necessary for our Purposes.
We shall only collect Personal Information by lawful and fair means and not in any unreasonable or in an unreasonably intrusive way.
Where it is practical to do so, at or before the time that we collect any Personal Information from you we shall take all reasonable steps to ensure that you are aware of:
- our identity and how to contact us
- the fact that the individual are able to gain access to the Information
- the Purposes for which the Information is collected
- the Recipient's to whom we would usually disclose that Information
- any laws that require particular Information to be collected
- the main consequences for the Individual if all or part of the Information is not provided
f.Collect from you only
Where it is reasonable or practical to do so, we shall endeavour to only collect Information about you from you.
g.Notice to you
Where we collect Information about you from someone else we will take reasonable steps to ensure that you have been made aware of the matters listed in clause 2-e above unless in our opinion making you aware of these matters would pose a serious threat to the life or health of anyone.
We utilize "cookies" which enable us to monitor traffic patterns and to serve you more efficiently if you revisit the Website. A cookie does not identify you personally but it does identify your computer. You can set your browser to disable cookies or to notify you when you receive a cookie and provide you with an opportunity to either accept or reject it in each instance. If you disable cookies, you may not be able to access certain areas or features on our Website.
3. Use and disclosure
We shall only disclose Personal Information in accordance with the terms of this Policy.
We shall not use or disclose any Information about you for a Secondary Purpose unless:
- both of the following apply:
- the Secondary Purpose is related to the Primary Purpose and if the Information is Sensitive Information, the Secondary Purpose is directly related to the Primary Purpose; and
- you would reasonably expect us to use or disclose the Information for the Secondary Purpose, or
- you have consented to the use or disclosure; or
- if the Information is not Sensitive Information and the use of the Information is for the Secondary Purpose of direct marketing:
- it is impractical for us to seek your consent for that particular use; and
- we have chosen not to charge you to give effect to your request not to receive direct marketing communications; and
- you have not made a request to us not to receive direct marketing communications; and
- in each direct marketing communication with you we have drawn your attention or prominently displayed a notice that you may express a wish not to receive any further direct marketing communications; and
- each written direct marketing communication from us to you specifies our business address, telephone number or email address at which we can be contacted directly; or
- we reasonably believe that the use or disclosure is necessary to lessen or prevent:
- serious or imminent threat to an individual's life, health or safety; or
- a serious threat to public health or public safety;
- we have reason to suspect that unlawful activity is being engaged in and we use or disclose the Personal Information as a necessary part of our investigation of the matter or in reporting our concerns to relevant persons or authorities; or
- the use or disclosure of the Information is required or authorised by or under law
- we reasonably believe that the use or disclosure is reasonably necessary for one or more of the following by or on behalf of the police or other enforcement body:
- the prevention, detection, investigation, prosecution or punishment of criminal offences, breaches of a law imposing a penalty or sanction or breaches of a prescribed law
- the enforcement of laws relating to the confiscation of the proceeds of crime
- protection of public revenues
- the prevention, detection, investigation or remedy of seriously improper conduct or prescribed conduct
- the preparation for or conduct of proceedings before and court or tribunal or implementation of the orders of the court tribunal
4. Data quality
a.We will take all reasonable steps to ensure that the Information that we collect, use or disclose is accurate, complete and up to date.
5. Data security
We will take reasonable steps at the time that we collect, use or disclose Information to secure the Information we hold from misuse and loss, unauthorised access, modification or disclosure.
b.Steps we will Take
To protect the Information we shall:
- adopt measures to prevent unauthorised entry to our premises, systems to detect unauthorised access and secure containers for storing paper based Personal Information
- will adopt measures to protect our computer systems and networks for storing, processing and transmitting Personal Information and from unauthorised access, modification and disclosure
- we shall protect communications via data transmission including emails and voice transmission from interception and preventing unauthorised intrusion into our computer networks
- we shall adopt procedural and personnel measures for limiting access to Personal Information except by authorised staff approved for the Purposes and controls to minimise security risks to our information technology systems
and such other Security measures as we consider reasonable.
c.Destruction of Information
We will take reasonable steps to destroy or permanently de-identify Personal Information if it is no longer needed for any Purpose, in a secure manner.
We will make available to any person who requests it, a copy of this policy.
You may contact us to request the Information we hold in relation to you and to correct that Information (in accordance with clause 7) at our contact details which are specified on the website.
7. Access and correction
a.Access to Information
We shall provide you with access to the Information held by us in relation to you except to the extent that:
- in the case of Personal Information other than Health Information, providing access would pose a serious and imminent threat to the life or health of any individual; or
- in the case of Health Information, providing access would pose a serious threat to the life or health of any individual; or
- providing access would have an unreasonable impact upon the privacy of other individuals; or
- the request for access is frivolous or vexatious; or
- the Information relates to existing or anticipated legal proceedings between us and you and the Information would not be accessible by the process of discovery in those legal proceedings; or
- providing access would reveal our intentions in relation to negotiations with you in such a way as to prejudice those negotiations; or
- providing access would be unlawful; or
- denying access is reasonable or authorised by or under law; or
- providing access would be likely to prejudice an investigation of possible unlawful activity; or
- providing access would be likely to prejudice:
- the prevention, detection, investigation, prosecution or punishment of criminal offences, breaches of a law imposing a penalty or sanction or breaches of prescribed law; or
- the enforcement of laws relating to the confiscation of the proceeds of crime; or
- the protection of the public revenue; or
- the prevention, detection, investigation o remedy of seriously improper conduct or prescribed conduct; or
- the preparation for or conduct of proceedings before any court or tribunal or implementation of its orders; by or on behalf of the police or an enforcement body; or
- an enforcement body performing a lawful security function asks us not to provide access to the Information on the basis that providing access would be likely to cause damage to the security of Australia.
b.Request for Access
To request access to the Information held by us about you, you must contact us using the contact details provided on the website, following which we shall contact you within 14 days from our receipt of your request and either provide you with that Personal Information, or notify you when we shall provide you with the Personal Information. In any event the Personal Information requested will be provided not more than 30 days after our receipt of your request unless we decide not to provide you with access to the Personal Information in which case we will advise you of the reasons for such decision.
c.Commercially Sensitive Information
Where providing access to the Personal Information would reveal evaluative information generated by us in connection with a commercially sensitive decision making process we will give you an explanation for the commercially sensitive decision rather than direct access to the Information.
d.Use of Intermediaries
Where because of any of the reasons described in 7.1 above we are not required to provide you with access to the Information then we will, if it is reasonable to do so, give consideration to whether the use of mutually agreed intermediaries would allow sufficient access to meet our respective needs.
We reserve the right to charge you for providing access to your Personal Information. Those fees and charges will not be excessive, and will be determined by us from time to time and we shall notify you of those costs prior to providing you with access to the Information. We may require those costs to be paid prior to providing you with access.
f.Correction of Information
If you establish that the Information we hold about you is not accurate, complete or up to date we shall take reasonable steps to correct the Information so that it is accurate, complete and up to date. If we are not satisfied that the Information is not accurate, complete or up to date we shall, at your request, keep with your Personal Information a statement noting your claim that the Information is not accurate, complete or up to date.
g.Refusal to Correct
If at any time we refuse or deny access to Information to you or refuse to correct Personal Information we shall provide you with reasons for such denial or refusal.
a.Use of Identifiers
We shall not use or disclose an Identifier assigned to you unless:
- it is necessary for us to fulfil our obligations to the Commonwealth
- any of the reasons described in paragraph 3.2(d) to 3.2(g) above apply to the use or disclosure of the Identifier; or
- it is otherwise lawful for us to do so
We shall not adopt as a means to identify you, your Identifier except to the extent we are authorised to do so by law.
Unless there is a practical or legal reason to require identification, we shall allow you to transact with us anonymously to the extent that it is practical for us to do so.
10. Transborder data flows
a.We shall not transfer Information to someone or to another organisation in a foreign country unless:
- we reasonably believe that the recipient is subject to a law, a binding scheme or a contract which effectively upholds principles for the fair handling of the Information that are substantially similar to the National Privacy Principles
- you consent to the transfer
- the transfer is necessary to perform a contract between you and us or the implementation of pre-contractual measures taken in response to your request
- the transfer is necessary for the conclusion or performance of a contract concluded in the interests between ourselves and a third party
- all of the following apply:
- the transfer is for your benefit
- it is impractical to obtain your consent to that transfer
- if it were practical to obtain your consent, you would be likely to give it
- we have taken reasonable steps to ensure that the Information which we intend to transfer will not be held, used or disclosed by the recipient inconsistently with the National Privacy Principles
11. SENSITIVE INFORMATION
a.Collection of Sensitive Information
We shall not collect Sensitive Information unless:
- you have consented
- the collection is required by law
- the collection is necessary to prevent or lessen serious or imminent threat to the life or health of any individual where you:
- are physically or legally incapable of giving consent to the collection; or
- physically cannot communicate consent to the collection
- the collection is necessary for the establishment, exercise or defence of legal action