We respect your rights to privacy under the Privacy Act 1988 (Cth) (Act) and we comply with all of the Act’s requirements in respect of the collection, management and disclosure of your personal information.
What is your personal information?
What personal information do we collect and hold?
We may collect the following types of personal information:
- Marital status;
- Religion and/or church affiliation
- Mailing or street address;
- Email address;
- Telephone number;
- Facsimile number;
- Age or birth date;
- Medical information required for camps, community outreach programs, other programs and events;
- Dietary requirements for camps, community outreach programs and other events;
- Enrolment information required to meet Registered Training Organisation responsibilities;
- Profession, occupation or job title;
- Details of the services you have received from us or which you have enquired about, or which you have observed us providing to someone else, together with any additional information necessary to deliver those services and to respond to your enquiries;
- Any additional information relating to you that you provide to us directly through our websites or indirectly through use of our websites or online presence, through our representatives or otherwise; and
- Information you provide to us through our service centre, customer surveys or visits by our representatives from time to time.
We may also collect some information that is not personal information because it does not identify you or anyone else. For example, we may collect anonymous answers to surveys or aggregated information about how users use our website, social networks, services and email campaigns. It will include IP addresses, browser user-agent, commenter name and email address.
How do we collect your personal information?
We collect your personal information directly from you unless it is unreasonable or impracticable to do so. When collecting personal information from you, we may collect in ways including:
- through your access and use of our website;
- during conversations between you and our representatives;
- when you complete an application to attend a camp, community outreach program, or other program or event;
- when you make a donation;
- when you complete an application to study through SU QLD Training; or
- when you complete an application to become an employee or volunteer.
- We may also collect personal information from third parties such as credit reporting agencies, law enforcement agencies, governments, (Federal, State, and Local) and other government entities.
We may log IP addresses (that is, the electronic addresses of computers connected to the internet) to analyse trends, administer the website, track users movements, and gather broad demographic information.
What happens if we can’t collect your personal information?
If you do not provide us with the personal information described above, some or all of the following may happen:
- we may not be able to provide the requested services to you, either to the same standard or at all;
- we may be unable to tailor the content of our websites to your preferences and your experience of our websites may not be as enjoyable or useful;
- we may not be able to provide you with appropriate documentation for donations or fees received by us; or
- we may not be able to accept your attendance on camps, community outreach programs or other programs and events.
For what purposes do we collect, hold, use and disclose your personal information?
We collect personal information about you so that we can perform our activities and functions and to provide best possible quality of service.
We collect, hold, use and disclose your personal information for the following purposes:
- to provide services to you and to send communications requested by you;
- to answer enquiries and provide information or advice about existing and new services;
- to provide you with access to protected areas of our website;
- to assess the performance of the website and to improve the operation of the website;
- to meet our legal obligations in terms of child safety and other requirements;
- to meet our legal requirements in terms of Registered Training Organisation requirements;
- to conduct business processing functions including providing personal information to our related bodies corporate, service providers or other third parties;
- for the administrative, marketing (including direct marketing), planning, program or service development, quality control and research purposes of SU QLD, its related bodies corporate, or its service providers;
- to provide your updated personal information to our related bodies corporate, contractors or service providers;
- to update our records and keep your contact details up to date;
- to process and respond to any complaint made by you; and
- to comply with any law, rule, regulation, lawful and binding determination, decision or direction of a regulator, or in co-operation with any governmental authority of any country (or political sub-division of a country).
To whom may we disclose your information?
We may disclose your personal information to:
- our employees, related bodies corporate, contractors, volunteers or service providers for the purposes of operation of our website or our business, fulfilling requests by you, and to otherwise provide services to you including, without limitation, web hosting providers, IT systems administrators, mailing houses, couriers, payment processors, data entry service providers, electronic network administrators, debt collectors, and professional advisors such as accountants, solicitors, business advisors and consultants;
- suppliers and other third parties with whom we have commercial relationships, for business, marketing, and related purposes; and
- any organisation for any authorised purpose with your express consent.
Direct marketing materials
We may send you direct marketing communications and information about our programs and services that we consider may be of interest to you. These communications may be sent in various forms, including mail, SMS, fax and email, in accordance with applicable marketing laws, such as the Spam Act 2003 (Cth). If you indicate a preference for a method of communication, we will endeavour to use that method whenever practical to do so. In addition, at any time you may opt-out of receiving marketing communications from us by contacting us (see the details below) or by using opt-out facilities provided in the marketing communications and we will then ensure that your name is removed from our mailing list.
We do not provide your personal information to other organisations (other than suppliers of services to us) for the purposes of direct marketing.
How can you access and correct your personal information?
You may request access to any personal information we hold about you at any time by contacting us (see the details below). Where we hold information that you are entitled to access, we will try to provide you with suitable means of accessing it (for example, by mailing or emailing it to you). There may be instances where we cannot grant you access to the personal information we hold. For example, we may need to refuse access if granting access would interfere with the privacy of others or if it would result in a breach of confidentiality. If that happens, we will give you written reasons for any refusal.
If you believe that personal information we hold about you is incorrect, incomplete or inaccurate, then you may request us to amend it. We will consider if the information requires amendment. If we do not agree that there are grounds for amendment then we will add a note to the personal information stating that you disagree with it.
What is the process for complaining about a breach of privacy?
If you believe that your privacy has been breached, please contact us using the contact information below and provide details of the incident so that we can investigate it.
Our procedure for investigating and dealing with privacy breaches is:
- Upon receipt of a written notification, the designated Privacy Officer will investigate the alleged breach.
- Once the investigation has been completed, we will advise you of the result.
- Should a breach of privacy have occurred, we will advise you of your rights.
Notifiable Data Breaches
The passage of the Privacy Amendment (Notifiable Data Breaches) Act 2017 established the Notifiable Data Breaches (NDB) scheme in Australia. The NDB scheme applies to all agencies and organisations with existing personal information security obligations under the Australian Privacy Act 1988 (Privacy Act) from 22 February 2018.
The NDB scheme introduced an obligation to notify individuals whose personal information is involved in a data breach that is likely to result in serious harm. This notification must include recommendations about the steps individuals should take in response to the breach. The Australian Information Commissioner (OAIC) must also be notified of eligible data breaches.
We have in place procedures to respond to eligible data breaches and notify all parties identified in and according to the legislation, including the OAIC.
Do we disclose your personal information to anyone outside Australia?
We may disclose personal information to our related bodies corporate and third party suppliers and service providers located overseas for some of the purposes listed above.
We take reasonable steps to ensure that the overseas recipients of your personal information do not breach the privacy obligations relating to your personal information.
We may disclose personal information on both Australia-Only cloud-based and International cloud-based servers which are in many countries around the world.
We take reasonable steps to ensure your personal information is protected from misuse and loss and from unauthorised access, modification or disclosure. We may hold your information in either electronic or hard copy form. Personal information is destroyed or de-identified when no longer needed.
As our website is linked to the internet, and the internet is inherently insecure, we cannot provide any assurance regarding the security of transmission of information you communicate to us online. We also cannot guarantee that the information you supply will not be intercepted while being transmitted over the internet. Accordingly, any personal information or other information which you transmit to us online is transmitted at your own risk.
Our website may contain links to other websites operated by third parties. We make no representations or warranties in relation to the privacy practices of any third party website and we are not responsible for the privacy policies or the content of any third party website. Third party websites are responsible for informing you about their own privacy practices.
We will treat your requests or complaints confidentially. Our representative will contact you within a reasonable time after receipt of your complaint to discuss your concerns and outline options regarding how they may be resolved. We will aim to ensure that your complaint is resolved in a timely and appropriate manner.
Please contact our Privacy Officer at:
Scripture Union Queensland
Post: P O Box 1167, Eagle Farm Qld 4009
Tel: 1300 478 753