A copy of Guidelines to the APP’s as published by the Office of the Australian Information Commissioner (2001) can be found here :
What is your personal information?
What personal information do we collect and hold?
We may collect the following types of personal information:
- mailing or street address;
- email address;
- telephone number;
- facsimile number;
- age or birth date;
- profession, occupation or job title;
- details of the services that we have provided to you or which you have enquired about, together with any additional information necessary to deliver those services and to respond to your enquiries;
- any additional information relating to you that you provide to us directly through our websites or indirectly through use of our websites or online presence, through our representatives or otherwise;
- information you provide to us through our activities and services, surveys or visits by our representatives from time to time.
We may also collect some information that is not personal information because it does not identify you or anyone else. For example, we may collect anonymous answers to surveys or aggregated information about how users use our website.
We may be authorised to collect your personal information under Part 4 of the Health Records & Privacy Information Act 2002 NSW as part of the provision of health services.
How do we collect your personal information?
We collect your personal information directly from you unless it is unreasonable or impracticable to do so. When collecting personal information from you, we may collect in ways including:
- through your access and use of our website;
- during conversations and via correspondence between you and our representatives;
- when you complete an application or purchase order;
- when you register for our events and when you participate in Exodus activities;
- when you complete our forms for the provision of services or to volunteer your services and assistance to Exodus; or
- when you complete a survey.
The information we collect may include some sensitive information (as defined in the Privacy Act), such as health information or information about your beliefs or information that is relevant to the services or assistance you have requested from the Exodus Foundation.
We may also collect personal information from third parties including from third party companies such as credit reporting agencies, law enforcement agencies and other government entities and specialist agencies that assist us in achieving our objectives.
We will generally provide individuals with the option of not identifying themselves when contacting us or participating in activities or obtaining services or assistance from us unless we are authorised by law not to do so or it is impracticable for us to deal with individuals who have not identified themselves or have used a pseudonym (in such circumstances we will only obtain as much personal information as is necessary to provide you with the service or assistance you require). If we do not have your personal information then we may be limited in our ability to provide you with the services or assistance or advise you of information relating to our operations and the activities we carry out.
We do not use ‘cookies’ (which are small text files, often sent to users’ computers to allow web servers to recognise them each time they return). In some cases we may use Google Analytics to measure traffic patterns, to determine which areas of our website have been visited and to measure transaction patterns in the aggregate. We use this to research our users’ habits so that we can improve our online presence, information and services. Our use of Google Analytics will not involve the collection of personal information.
We may log IP addresses (that is, the electronic addresses of computers connected to the internet) to analyse trends, administer our website, track users movements, and gather broad demographic information and for security reasons.
What happens if we can’t collect your personal information?
If you do not provide us with the personal information described above, some or all of the following may happen:
- we may not be able to provide the requested activities or services to you, either to the same standard or at all;
- we may not be able to provide you with information about activities and services that you may want;
- we may be unable to tailor the content of our websites to your preferences and your experience of our websites may not be as enjoyable or useful; or
- we may not be able to contact you in relation to the various activities we undertake and services we provide.
For what purposes do we collect, hold, use and disclose your personal information?
We collect personal information about you so that we can perform our activities and functions and to provide best possible quality of service.
We collect, hold, use and disclose your personal information for the following purposes:
- to provide services to you and to send communications requested by you;
- to arrange the various activities of the Exodus Foundation;
- to answer enquiries and provide information or advice about existing and new services;
- to provide you with access to protected areas of our website;
- to assess the performance of our website and to improve the operation of our website;
- to conduct service processing functions, which may include providing personal information to our various entities, contractors, service providers or other third parties;
- for the administrative, marketing (including direct marketing), planning, product or service development, quality control and research purposes of Exodus, its various entities, contractors or service providers;
- to update your personal information held by our related bodies, contractors or service providers;
- to update our records and keep your contact details up to date;
- to establish and maintain your involvement with the Exodus Foundation;
- to answer your enquiries; to register you for events, conferences and activities;
- for direct promotion of services and to keep you informed of new developments we believe may be of interest to you. If we contact you in this way without obtaining your prior consent, we will provide you with the opportunity to decline any further promotional communications;
- to third parties where we have retained those third parties to assist us to operate Exodus and provide the services you have requested, such as transport providers, health care providers, website hosts and IT consultants, and our professional advisers such as consultants, lawyers and accountants. In some circumstances we may need to disclose sensitive information about you to third parties as part of the services you have requested;
- to process and respond to any complaint made by you;
- to track clients’ use of any services we offer;
- and to comply with any law, rule, regulation, lawful and binding determination, decision or direction of a regulator, or in co-operation with any governmental authority of any country (or political sub-division of a country).
To whom may we disclose your information?
We may disclose your personal information to:
- our employees, contractors or service providers for the purposes of operation of our website or our operations, fulfilling requests by you, and to otherwise provide services to you including, without limitation, web hosting providers, IT systems administrators, mailing houses, couriers, payment processors, data entry service providers, electronic network administrators, debt collectors, and professional advisors such as accountants, solicitors, advisors and consultants;
- suppliers and other third parties with whom we have commercial relationships, for operations, marketing, and related purposes;
- any organisation for any authorised purpose with your express consent; and
Direct marketing materials
We may send you direct marketing communications and information about our activities and services that we consider may be of interest to you. These communications may be sent in various forms, including social media, mail, SMS, fax and email, in accordance with applicable marketing laws, such as the Spam Act 2003 (Cth). If you indicate a preference for a method of communication, we will endeavour to use that method whenever practical to do so. In addition, at any time you may opt-out of receiving marketing communications from us by contacting us (see the details below) or by using opt-out facilities provided in the marketing communications and we will then endeavour to ensure that your name is removed from our mailing list.
We do not provide your personal information to other organisations for the purposes of direct marketing.
Use of Commonwealth Government identifiers
We will not use Commonwealth government identifiers, such as Medicare numbers or your drivers licence numbers, as its own identifier of individuals. We will only use or disclose such identifiers in the circumstances permitted by the Privacy Act.
How can you access and correct your personal information?
You may request access to any personal information we hold about you at any time by contacting us (see the details below). Where we hold information that you are entitled to access, we will try to provide you with suitable means of accessing it (for example, by mailing or emailing it to you). We may charge you a fee to cover our administrative and other reasonable costs (eg photocopying, faxing, etc) in providing the information to you and, if so, we may charge a reasonable fee for providing access, which could be as much as $50. We will not charge for simply making the request and will not charge for making any corrections to your personal information.
There may be instances where we cannot grant you access to the personal information we hold. For example, we may need to refuse access if granting access would interfere with the privacy of others or if it would result in a breach of confidentiality. If that happens, we will give you written reasons for any refusal.
If you believe that personal information we hold about you is incorrect, incomplete or inaccurate, then you may request us to amend it by contacting us via the contact details below. We will consider if the information requires amendment. If we do not agree that there are grounds for amendment then we will add a note to the personal information stating that you disagree with it.
We will not charge you for simply making the request and we will not charge for making any corrections to your personal information. Depending on the nature of the request, we may ask you to verify your identity or to put your request in writing.
What is the process for complaining about a breach of privacy?
If you believe that your privacy has been breached or you are not happy with the way your personal information has been handled by us, please contact our Privacy Officer using the contact information below and provide details of the incident (preferably in writing) so that we can investigate it.
We will attempt to confirm as appropriate with you your understanding of the conduct relevant to the complaint and what you expect as an outcome. We will inform you whether we will conduct an investigation, the name, title, and contact details of the investigating officer and the estimated completion date for the investigation process.
After we have completed our enquiries, we will contact you, usually in writing, to advise the outcome and invite a response to our conclusions about the complaint. If we receive a response from you, we will assess it and advise if we have changed our view. If you are unsatisfied with the outcome, we will advise you about further options including, if appropriate, review by the Privacy Commissioner within the Office of the Australian Information Commissioner.
Do we disclose your personal information to anyone outside Australia?
We do not disclose personal information to overseas recipients.
We take reasonable steps to ensure your personal information is protected from misuse and loss and from unauthorised access, modification or disclosure. We may hold your information in either electronic or hard copy form. Personal information is destroyed or de-identified when no longer needed.
As our website is linked to the internet, and the internet is inherently insecure, we cannot provide any assurance regarding the security of transmission of information you communicate to us online. We also cannot guarantee that the information you supply will not be intercepted while being transmitted over the internet. Accordingly, any personal information or other information which you transmit to us online is transmitted at your own risk.
Our website may contain links to other websites operated by third parties. We make no representations or warranties in relation to the privacy practices of any third party website and we are not responsible for the privacy policies or the content of any third party website. Third party websites are responsible for informing you about their own privacy practices.
We will treat your requests or complaints confidentially. Our representative will contact you within a reasonable time after receipt of your complaint to discuss your concerns and outline options regarding how they may be resolved. We will aim to ensure that your complaint is resolved in timely and appropriate manner.
Please contact our Privacy Officer at:
The Exodus Foundation
180 Liverpool Road, Ashfield, NSW 2131
Tel: 02 8752 4674
By mail: PO Box 1595, Ashfield NSW 1800