This document sets out the principles that the Australasian Centre for Corporate Responsibility (ABN 95 102 677 417) (the Organisation or we, us, our) adopts in relation to the protection and handling of personal information.
The Organisation is committed to protecting your personal information, and does so in accordance with the Australian Privacy Principles (APP), which are set out in Schedule 1 of the Privacy Act 1988 (Cth), and any other applicable state or territory legislation.
What is personal information?
Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not, and whether the information or opinion is recorded in a material form or not.
Sensitive information is a type of personal information and includes health information, genetics, race, political opinion or membership, religion, philosophical beliefs, union membership, sexual preference and criminal record.
Health information includes information about physical or mental health or a disability an individual has had at any time, an individual’s express wishes about future provision of health services to him or her, any health service that has been or is to be provided to an individual, any personal information collected to provide or in providing a health service, information collected in connection with a donation or intended donation of body parts, organs or body substances, genetic information that is or could be predictive of health at any time of the individual or a relative of the individual and healthcare identifiers.
What kinds of personal information do we collect?
In certain circumstances, we may collect personal information about you, for example when you contact us, become a member, apply for a job or volunteer position, make a donation, participate in our research or advocacy efforts or otherwise interact with us, use our services or join our mailing list. The type of information we collect may include (but is not limited to):
- your name and date of birth;
- your contact details, such as home and email addresses, and telephone number;
- information about your personal circumstances (eg: marital status, gender, job title and relevant information about your partner and children);
- information about your background (eg: ethnicity, languages spoken, medical history, health and disability information);
- information about your shareholdings;
- financial information (e.g. bank or credit card details); and
We may also monitor and record details of our interactions with you (including any contact we have with you in person, by email, online or on the telephone), for dispute resolution and training purposes.
Where we collect sensitive information from you, including health information, we will do so only with your consent, where you provide such information voluntarily or where otherwise authorised by law. You may withdraw your consent for the Organisation to retain this information at any time.
From time to time, we may also receive unsolicited information, being information that we have not taken active steps to collect. Examples include misdirected mail, unsolicited employment applications and promotional flyers containing personal information.
When we receive such information, we will decide within a reasonable period whether we could have collected it pursuant to the requirements in the APP. If we determine that we could not have collected the information, we will destroy or de-identify it as soon as practicable. Alternatively, if we determine that we could not have collected the information and wish to retain it, we will deal with this information in accordance with our obligations under the APP.
How do we use or disclose your personal information?
The primary purposes for which we collect, hold, use and disclose personal information are to:
- provide, administer, improve and personalise our interactions with our members and supporters;
- Process membership payments, grants, donations and payments;
- identify individuals;
- assess employee or volunteer applications;
- conduct surveys and research;
- protect our lawful interests; and
- respond to your queries or concerns.
We may also collect, use and disclose personal information in connection with lawful information requests from courts, government agencies and lawyers and in connection with suspected fraud, misconduct or unlawful activity.
We may exchange your personal information with service providers, including government agencies, who may provide you with assistance or assist us with archival, auditing, accounting, legal, business, banking, payment, delivery, data processing, storage and analysis, research, investigation, website or technology services.
If you are a donor, mailing list registrant or volunteer, we may use your personal information to provide you with ongoing promotional materials and marketing communications about our events, products, services and fundraising initiatives by telephone, email, online or by other means (unless you opt out or we are subject to legal restrictions).
If you are contemplating making a grant or donation and seek a greater level of anonymity, please contact email@example.com.
If you own shares in companies or represent an organisation which itself owns shares, you may choose to register those shareholdings with us. You can do this through our Shareholder Hub by providing the relevant information, including some of the personal information above. We use this information for the purposes of lodging resolutions. If you register in this program the information we collect may be provided:
- as the Corporations Act requires, to the company secretary of a target company. It is impossible for us to control what the company secretary does with this information; and,
- to save overload, other organisations we know are lodging resolutions similar to those lodged by ACCR with similar target companies.
You can learn more about the information we collect and submit to companies when we lodge shareholder resolutions on our Shareholders' Frequently Asked Questions page.If you become a member, we hold a register which will contain your membership information as required by the Associations Incorporation Act 1991 (ACT). Other members may seek to inspect this register. You may seek to restrict access to this register in accordance with that Act by contacting us at firstname.lastname@example.org.
The Organisation will not disclose your personal information to overseas recipients unless that country has similar privacy laws to those in Australia or you have expressly consented to the Australian requirements not applying to that disclosure.
To facilitate donations and marketing activities, the Organisation uses donorbox.org and Mailchimp respectively. These companies are located in California, USA, and are subject to the California Consumer Privacy Act.
How do we hold and secure your personal information?
The Organisation handles personal information electronically with the assistance of our service providers. A range of measures are implemented to protect the security of that personal information. We also take reasonable steps to destroy or permanently de-identify personal information where it is no longer needed for a permitted purpose.
How do we treat information disclosed through our websites?
Using our websites
Third party websites
Our website may contain links to other websites that are not owned or controlled by us. We are not responsible for the privacy practices or policies of those websites.
How can you request access or amendments to your personal information or make a complaint?
Please contact us using the details set out below if you have any queries or concerns about privacy or wish to access or correct any personal information we may hold about you. We may need to verify your identity.
If you are making an access or correction request, please provide details of the particular information you seek, to help us to locate it. If we deny any request for access or correction, we will provide our reasons. Where we decide not to make a requested correction to your personal information and you disagree, you may ask us to make a note of your requested correction with the information.
The Organisation takes your privacy concerns very seriously. Where you express any concerns that we have interfered with your privacy, we will respond to let you know who will be handling your matter and when you can expect a further response.
Contact: Elisabeth Baraka, Chief Operations Officer
For information about privacy generally, or if your concerns are not resolved to your satisfaction, you may contact the Office of the Australian Information Commissioner at www.oaic.gov.au and on 1300 363 992.