Dementia Australia is committed to the protection of an individual’s privacy and will take all reasonable steps to protect your personal information (that is, information which identifies or may reasonably be used to identify you). We abide by the requirements of the Privacy Act 1988 (Cth) (“the Act”) in relation to collection and use of personal information and comply with other applicable laws protecting privacy including State and Territory health information legislation.
The Act provides you with a number of rights, including the right to:
- Know why your personal information is being collected, how it will be used and whether it can be given to anyone else;
- See what information is held about you and have it corrected if it is incorrect, out of date or incomplete (the Freedom of Information Act 1982 (Cth) also covers this);
- Have your personal information stored securely and protected from unauthorised access or misuse; and
- Know the complaints procedure if you believe your privacy has been infringed.
1.1 Anonymity and Pseudonymity
Except for employees as provided under the Fair Work Act 2009 (Cth), an individual wherever it is lawful and practicable can exercise the option not to identify him or herself in dealing with Dementia Australia.
This may entail the use of a fictional name when interacting with Dementia Australia. An individual may remain anonymous regarding certain matters. However, it may be necessary for Dementia Australia to collect personal or sensitive information if Dementia Australia is required or authorised to do so under an Australian law, or by a court or tribunal.
2. Collection of Personal Information
2.1 Collection of Solicited Personal Information
Dementia Australia collects personal and sensitive information only if an individual has consented (either verbally or in writing) to the information being collected, if the information is reasonably necessary for one or more of our functions or activities or if one of the other exceptions applies under the Australian Privacy Principles.
If you choose to provide us with your personal information, it will generally be in relation to:
- Providing services to clients – Dementia Australia collects your, and your family members' information as required in order to provide our services and communicate with you. With consent, this information may involve details about your health. The specific information will depend on the type of service provided and will be collected before and during the provision of services.
- Donors - when you make a donation, including via the website, Dementia Australia collects and stores in our fundraising database your contact information. This information is used to process your donation, complete your tax receipt, send you further information about Dementia Australia and for promotional purposes.
- Supporters and volunteers - Dementia Australia may collect contact details, records of communication between you and Dementia Australia so we can encourage, record and acknowledge your support and communicate with you about our activities.
- Distributing publications - we collect contact details in order to distribute newsletters and other communications in print and electronic form from time to time. You may choose to be removed from our distribution lists by contacting us.
- Conducting events – we collect contact details, donation history and other personal information, including photographs and videos, about those who wish to join or participate in our events and programmes. This information is used to administer these activities and the activities of Dementia Australia. With consent, this information may include health or other sensitive information.
- Conducting our general business activities and operations, including the fulfilment of any legal requirements and applying for a position as a volunteer or employee.
- We may use electronic recordings of some phone calls and online video consultations to help ensure that the service provided is of the highest possible standard. This information is securely stored on our IT network for the period defined by the applicable regulations and standards. It is deleted at the end of this period. Wherever applicable, we will give you the option to choose not to be recorded.
The type of information we collect depends on our interaction with you and may include sensitive health information. This may include:
- Identifying information including name, address and contact information;
- Demographic data including date of birth, gender, country of birth, language spoken at home and whether you are of Aboriginal or Torres Strait Islander origin;
- Referral information;
- Information collected from you or other persons in the course of providing services for you or your employer;
- Dementia and other health related information such as diagnosis and other associated health issues, services and supports in place; and
- Information you give Dementia Australia in the course of your relationship with Dementia Australia as a client, prospective client, prospective employee or supplier.
2.2 How and when we collect your personal information:
It is our usual practice to collect personal information directly from you or your authorised representative such as a carer, guardian or other responsible person. We collect information from an authorised representative if you have consented for us to collect the information in this way, or where it is not reasonable or practical for us to collect this information directly from you (such as in an emergency, because you are not able to provide the information required or where collection in this way is a reasonable and efficient way to collect the information without inconvenience to you).
Sometimes we collect personal information from publicly available sources or other third parties to, for example, support our fundraising activities or for a specific activity such as investigating a complaint. Should you be contacted as a result of this, you will be given the opportunity to opt out of any future similar communication.
If you choose not to provide certain personal information to us, we may not be able to provide you with the services you require or communicate with you.
Dementia Australia also collects limited information about all visitors to our online resources which cannot identify you as an individual and is used only to identify generic behavioural patterns.
2.3 Sensitive Information
In addition, and in accordance with APP Principle 3(e), Dementia Australia’s policy sets out the following additional requirements for the collection of sensitive information for a non-profit organisation:
- The information relates to the activities of the organisation;
- The information relates solely to the employees or members of the organisation, or to individuals who have regular contact with the organisation in connection with its activities (e.g. national consumer groups).
2.4 Dealing with Unsolicited Personal Information
If Dementia Australia receives personal information about an individual that was not requested and the information was not by the means set out above, Dementia Australia will destroy or de-identify the information (i.e. any information that could reasonably identify an individual is removed) as soon as practicable. This will apply except where the information is required by law or a court/tribunal order to retain the information.
Cookies are also used to display remarketing advertisements, based upon the user’s previous visits to website(s) owned and operated by Dementia Australia, particularly www.dementia.org.au and www.dementialearning.org.au.
Remarketing advertisements are displayed through Google’s display-advertisement network. Users may opt out of Google’s use of personalised advertising at any time by visiting the Google Ads Preferences Manager.
3. Dealing with Personal Information
3.1 How we use your personal information:
Dementia Australia will only use personal and sensitive information for purposes which are directly related to the reason/s provided to an individual and where an individual would reasonably expect Dementia Australia to use the information.
We use and disclose personal information we collect:
- To provide and improve our services to our clients and their family members, including to:
- (a) identify and provide services required including those offered by third parties;
- (b) allow exchange of information between service providers with whom Dementia Australia deals with on behalf of clients;
- (c) assess the adequacy of, and our clients' and their family members' level of satisfaction with, our services; and
- (d) train staff.
- To communicate with our clients and their family members, donors, supporters and volunteers (including responding to queries and complaints) and distributing our publications, conducting events and raising awareness about our services;
- To process donations and communicate with our donors and supporters, including sending them information (which may be by phone, email or other electronic means);
- To undertake our general business activities, including interacting with contractors and service providers; billing and administration including measuring and assessing the level of support we receive; measuring the effectiveness of our fundraising activities and; assessing applicants for positions with us; and
- To retain accurate and historical records of organisational activities.
3.2 Disclosure of Personal Information
We will not share any of your personal information with third parties without your consent which may be obtained verbally or in writing except:
- If we are required by law or we believe in good faith that such action is necessary in order to comply with law, cooperate with law enforcement or other government agencies, or comply with a legal process served on the company (including other service providers or insurers) or court order;
- To our contractors, service providers and volunteers to the extent necessary for them to perform their duties to us;
- If you are a client, to your family members or your health or other service providers; for the purpose of providing our services to you and only with your consent (unless one of the other purposes of disclosure listed above applies);
- If the disclosure of the information will prevent or lessen a serious and imminent threat to somebody's life or health; or
- Where we are required or authorised to do so by law.
3.3 Cross border data transfer
Dementia Australia operates only within Australia and will not directly provide your information to parties in any other country. We do from time to time, however, use web-based programs for particular activities such as email broadcast which may be hosted offshore. As such, you acknowledge that your information may be disclosed to parties located internationally.
3.4 Adoption, use or Disclosure of Government related identifiers
This principle is not applicable to Dementia Australia.
4. Integrity of Personal Information
4.1 Data Quality of Personal Information
Dementia Australia will take reasonable steps to ensure all personal information collected, used or disclosed is accurate, up-to-date, complete, relevant and not misleading.
Dementia Australia will correct any personal information that it believes to be incorrect, out-of-date, incomplete, irrelevant or misleading. This includes taking reasonable steps to notify any organisation or government agency to which information was disclosed about the correction. An individual may request access or correct personal information at any time by contacting Dementia Australia. Dementia Australia will provide access to the information unless one of the exceptions under the Act applies. For example, if providing access would be unlawful or denying access is authorised by law.
If a request to access or correct personal information is made, Dementia Australia will respond within a reasonable time (usually within 30 days).
4.2 Security of Personal Information
Dementia Australia will take appropriate steps to protect personal and sensitive information from misuse, interference, unauthorised access, modification, loss or disclosure. This includes during storage, collection, processing, transfer and destruction of the information.
If a breach of security occurs resulting in the loss, unauthorised access or disclosure of your personal information and which could cause serious harm to you, we will advise you of the nature of the breach and provide recommendations on appropriate action to take. As required under the Privacy Amendment (Notifiable Breaches) Act 2017 (Cth), we will also advise the Office of the Australian Information Commissioner if this occurs.
Dementia Australia will take all reasonable steps to ensure the security of the organisation’s website. Although all reasonable action is taken, as the internet is not a secure environment we cannot guarantee the security of information you provide to us via electronic means.
When Dementia Australia no longer requires personal and/or sensitive information for any purpose we will take reasonable steps to destroy the information. This will apply except where the information is part of a Commonwealth record, or we are required by law or a court/tribunal order to retain the information.
5. Access to Personal Information
5.1 Accessing and correcting personal information
You are entitled to view the information we hold about you and reasonable requests for access will be responded to as quickly as possible. Access to a large amount of information or information from various sources within the organisation may take time before we can respond. If we refuse to give you access to information we will give a reason for this decision.
Dementia Australia will seek to correct any personal information if it is inaccurate, out of date, incomplete, irrelevant, or misleading or if requested Dementia Australia will amend any information that is incorrect. Dementia Australia will advise the individual as soon as practicable of the corrections. If we disagree with a correction you are seeking to make to personal information we will keep a note on the file setting out your view of the information held. If you wish to access or view the information we hold about you, please contact the Privacy Officer on:
Privacy Officer, Dementia Australia, PO Box 3021, Manuka ACT 2603
6. Transactions and Donations
The national Dementia Australia website is enabled for online transactions using a secure payment gateway. However, despite the security on the site, you should be aware that there are inherent risks in transferring information across the Internet and we cannot accept liability for any breaches.
When a donation is made, your credit card number is used only to make a debit and is not retained by us. We record in our fundraising database the donor's name, address, email, telephone, amount donated, and if the funds are for a specified purpose. Our fundraising database is protected by secure user IDs and passwords, to help protect it from misuse, unauthorised access, modification or disclosure.
When making a donation, you are given the option to opt out of receiving future mailing. You may remove your name from this database at any time through the ‘Unsubscribe’ link on the email, or by phone on 1300 636 679, by email at email@example.com or in person..
7. Security measures for online donations
Donations made online on the website are processed in real time using a secure payment gateway. Donations are processed in Australia (and for all other countries) in Australian Dollars. If you have any questions about making an online donation to Dementia Australia please contact us.
This website has security measures (minimum 128-bit secure sockets layer encryption) designed to protect against the loss, misuse and/or alteration to your personal information under our control. Secure pages on our website are protected by a 128-bit SSL certificate. A security icon visible on your screen, for example a padlock, confirms that your browser supports SSL security. Click on the security icon to verify the security certificate on this website.
8.1 Links to other websites
9. Other Relevant Policies and Procedures:
9.1 Additional Information
Additional information on the Australian Privacy Principles can be found at www.privacy.gov.au.
9.2 Agreeing to these terms (use constitutes acceptance)
9.3 Effective date and updates
10. Contact Us
Our Privacy Officer will assess complaints and liaise with the individual to resolve any issues within a reasonable time (usually within 30 days). If any individual is unhappy with the outcome, a complaint may be lodged with the Australian Information Commissioner who can order the payment of compensation by Dementia Australia in certain circumstances.
Privacy Officer, Dementia Australia, PO Box 3021, Manuka ACT 2603