Our obligation to you
We are committed to ensuring that the personal information you provide to us remains secure, is only used for the purposes for which it is collected and that you are aware of the information held and your rights. This policy outlines how we meet the obligations that are set in the Australian Privacy Principles in the Privacy Act 1988. These Principles set out how we handle personal information you provide as a user, parent or guardian of one of our services. CRCS employees, prospective employees and volunteers should also refer to the CRCS Privacy and Confidentiality policy. Collection of your personal information We may collect, hold, use and disclose information which can identify you where it is necessary to enable you access to our services. This personal information will generally include your name, address, telephone number and email address. We may also collect, use, hold and disclose some additional specific information, including health information, your race or ethnic origin, religious beliefs or affiliation or criminal record, known as sensitive information. We will not collect sensitive information about you without your express consent unless is required for you to access our service or is required by law.
We may collect your personal information:
- directly from you
- from some other person, organisation or agency on your behalf either with your consent
- when there is circumstances that make it unreasonable or impractical to collect the information from yourself such as from an organisation or agency who refers you to us or to whom we refer you from time to time.
Personal information collected by us may be used or disclosed. This information will be used to:
- assess what services you require and whether we can provide them.
- advocate on your behalf with government agencies and organisations to obtain other support services and benefits for you.
- evaluate ongoing services provided to you.
- make funding applications and provide statistical reports to comply with service agreements.
- keep you informed. With your consent, we will promote CRCS activities that you may be eligible to access.
If you do not provide the personal information requested, we may not be able to provide you with the support and services needed to assist you, or be able to refer you to other agencies and organisations for services to which you may otherwise be entitled. We do not disclose personal information about you for direct marketing purposes, however we will use your information, with your consent, to provide you with information about additional CRCS activities you may be eligible to access. We do not disclose personal information about you for direct marketing purposes.
Where possible, we will enable you to interact with us anonymously or by using a pseudonym. In these circumstances you will be given an identifier for our record keeping purposes, ie Mary Smith c/- CRCS. This identifier will not be disclosed unless required to fulfil CRCS obligations, to prevent a serious threat to a person’s health or safety, to report suspected unlawful activity or is required by law.
Accessing and correcting personal information we hold about you
We will, on request, provide you with access to the personal information we hold about you. If you ask, we will take reasonable steps to correct your personal information if we consider it is incorrect, unless there is a law that allows or requires us not to. You can ask for access or correction by contacting us and we will respond within 14 days. If we refuse to give you access to, or correct your personal information, we will provide you with the reasons for the refusal in writing. You can also ask us to attach a statement to your records indicating that you believe the information is incorrect and why.
Keeping your personal information up to date
We take reasonable steps to ensure your personal information is accurate, complete and up to date whenever we collect or use it. As a minimum, records will be updated every 6 months.
Storage and security of your personal information
Your personal information may be stored either in hard copy or electronic form in our files and/or IT systems. We take reasonable steps to protect your personal information from misuse, interference, loss, unauthorised access, modification or disclosure.
We do this by ensuring that:
- Information that is stored electronically can only be accessed by relevant CRCS employees.
- CRCS computers are password protected Our internal network and databases are protected using firewalls and other technologies.
- Our paper files are secured in locked cabinets.
- All CRCS employees and volunteers are made aware of their obligations under the Privacy Act during the induction stage of their employment.
- Ongoing training is provided to ensure that we adhere to our established security practices.
We destroy personal information in a secure manner when we no longer need it. Records that we no longer access but are required to be held by law are archived and held in a secure off-site location.
Internet site privacy
We may collect contact information (such as e-mail addresses) from you via our internet site. Unless you object, by using our internet site you consent to us using the personal information collected to monitor who is accessing the internet site or using services offered on the internet site. We utilise “cookies” which enable us to monitor traffic. A cookie does not identify you personally but it does identify your computer. You can set your browser to notify you when you receive a cookie and this will provide you with an opportunity to either accept or reject it in each instance. We may preserve the content of any e-mail you send us if we believe we have a legal requirement to do so or are otherwise permitted to do so under the Privacy Act.
How to provide feedback
If you wish to provide us with feedback about how we have handled, gaining access to or correcting your personal information that is held by us, or wish to find out more about how we deal with personal information, please contact: