The Australian Privacy Principles are part of the Privacy Act 1988 and came into effect on 12 March 2014 to protect the privacy of individuals. You can find out more about these principles by calling the Office of the Privacy Commissioner on 1300 36 39 92 or through their website at www.oaic.gov.au.
CatholicCare respects and upholds your right to privacy protection under the Australian Privacy Principles in regulating how we collect, use, disclose and hold your personal information. We will only collect personal information by lawful and fair means. Only authorised staff have access to your personal information and your information remains confidential and is only used for appropriate purposes in accordance with this policy.
Why we collect your personal information
Your personal information, including any health information, is only collected as is reasonably necessary for a CatholicCare service, function or activity and to enable CatholicCare to deliver services to the community and carry out its work through fundraising.
CatholicCare is very grateful to the people who provide financial support to allow us to continue our important work. When you give us personal information such as your name and address, we record it on our database and may use it to contact you in the future.
We may use your personal information to send you information about our programs, special events and fundraising programs. Each time we send you this type of communication we will provide you with a simple way to 'opt out' of receiving communications in the future.
You can also let us know if you do not wish to receive any further communications, by contacting CatholicCare.
CatholicCare will not collect sensitive information about your health, racial or ethnic origin, political opinions or membership, religious or philosophical beliefs, trade association or union membership, sexual preferences or criminal record unless you have expressly consented to give us this information and it is reasonably necessary for the work of CatholicCare. We will always collect such information in a non-intrusive, lawful and fair manner.
Permitted Health Situation Exemption
The information handling requirements imposed by the Australian Privacy Principles Part 3 and 6 do not apply when a 'permitted health situation' exists. CatholicCare applies this exemption under the permitted Health Situation of:
- the collection of health information to provide a health service.
- the collection of health information for certain research and compiling or analysing statistics.
- the disclosure of health information for a secondary purpose to a responsible person for the individual.
How we collect your personal information
Generally, personal information held by CatholicCare is collected directly from individuals, or through their appointed representatives or agents, either:
- in person
- by telephone, mail or e-mail
- when you use our website (including by using cookies – please see the "Visiting Our Website" section below);
- by participating in one of CatholicCare's many community fundraising and information events;
- when you contact us to provide a donation;
- when you respond to our fundraising campaigns;
- when you provide your information to us online; and
- when you visit our service sites.
We may also collect your personal information in other ways, for example through the purchase of commercial lists and from publicly available sources such as the telephone directory. When we use this information for direct marketing, we will advise you of the source of the information if you ask us for it.
You may be photographed when you attend CatholicCare events. We will seek to obtain your consent prior to using an image of you on our website or for other CatholicCare functions wherever practical. Where we are unable to contact you to obtain your consent, we will not include your name or any other personal information with the photograph.
Anonymity and Pseudonymity
Wherever legal and practical, you have the opportunity to deal with CatholicCare anonymously or through use of a pseudonym.
Examples where it may be possible to do so include when:
- talking with an online Counsellor
- submitting online feedback
- joining our blogs or forums.
However, in many instances, dealing with us anonymously or via a pseudonym may prevent or limit us in providing / delivering the particular program or service or completing transactions (e.g. providing you with a receipt for your donation) or providing you with any material regarding our work, upcoming events and opportunities.
The kinds of personal information we collect and hold
CatholicCare only collects personal information necessary for providing individuals access to our programs, services and products and for our related internal functions.
The kinds of information we collect and hold about you include:
- name, address, and contact details
- applicable health and service related information, case notes, and clinical assessments
- information regarding participation in a program or service
- feedback provided about the quality and suitability of a program or service, and other personal information that assists the provision of services
- financial information required to complete and reconcile financial transactions (e.g. credit card numbers, cheque numbers, BSB numbers, etc.)
- information regarding skills, qualifications, and employment history
- information that relates to current, pending, or anticipated legal proceedings
- other personal information that will assist in the provision of services.
Where required or permitted by legislation or contract, CatholicCare may also collect information for:
- statistical reporting purposes
- incident and Duty of Care reporting purposes
- tailoring and improving our services
- securing professional advice (e.g. from our auditors, lawyers, etc.)
- assisting contractors, service providers, and other organisations working with or for us to manage and/or deliver services (e.g. mailing houses, credit card payment providers, etc).
We may collect other personal information, as applicable to a program, service, or function.
The collection, use, and handling of all personal information will always comply with applicable privacy legislation and will take into account pertinent ethical considerations to the extent possible under the circumstances.
Modifying your information
How to access, correct or update your personal information
You are entitled to access the personal information about you held by us. If you would like to access the information that we hold about you, you can contact CatholicCare and we will endeavour to give you access to that information within a reasonable time. All requests to access personal information must be provided in writing. CatholicCare requires proof of identity before granting access to any personal information. Individuals who have engaged with us via the use of a pseudonym are also required to establish to our satisfaction that they are the ‘owner’ of the pseudonym to whom the personal information relates.
If it is not practical for you to visit our office, we will arrange to check your identification before we provide the information out to you.
If you believe that the information that we hold about you is incorrect or not up-to-date, and you want to correct information we hold about you, you can write to CatholicCare. We will:
- amend or remove personal information if it is possible and reasonable for us to do so or
- provide a written reason, if the record cannot be altered or removed and
- at you request, place a note on file of your objection and of the basis of that objection
If we do not provide you with access to your personal information, we will provide you with reasons for denying access.
CatholicCare reserves the right to charge a fee to access personal information to cover the costs incurred in collating and/or copying information and records.
Disclosing your personal information
CatholicCare will not provide your personal information to any other individuals or organisations without your prior consent, except where required by law to do so or for purposes for which you would reasonably expect us to disclose your information e.g. where information is provided on a confidential basis to our sub-contractors who provide services related to a CatholicCare function or activity. These may include consultants involved in the marketing and administration of the function or activity; payment processing companies; IT providers; database management; printing and mailing for CatholicCare.
CatholicCare is very thankful to people who are willing to share their personal stories of their experience with CatholicCare with others through media stories and in our newsletters. We will only use your personal information for publicity purposes or as stories in newsletters with your express written permission.
Where you provide your email address to us we will only use it for the purpose provided, unless you have consented to us using it for additional purposes. We will not pass it on to any other person or organisation unless we have disclosed this to you.
CatholicCare will not use personal information for Direct Marketing purposes unless:
- the individual has consented or would reasonably expect us to do so after providing their personal information
- we are acting as a contracted service provider under a government contract and the Direct Marketing fulfils an obligation under the contract.
At any time, an individual may ‘opt-out’ of receiving Direct Marketing communications by:
- using the Unsubscribe link / facility provided, or by
- contacting CatholicCare on 13 18 19 or via firstname.lastname@example.org
Transfer of information overseas would normally only occur for data processing purposes, for example third party payment facilitators may process their data off-shore. CatholicCare will not transfer your personal information overseas unless we reasonably believe the recipient is subject to a law that has the effect of protecting the information in a way that is substantially similar to the Australian Privacy Principles and there are mechanisms in place for you to take enforcement action under the law, or if we have taken reasonable steps in our arrangements with the recipient to ensure compliance with the Australian Privacy Principles.
CatholicCare will sometimes use third party service providers to conduct surveys and facilitate information collection and event registration. Some of these service providers conduct all or part of their business outside of Australia and so your personal information may be transferred overseas as a result.
How we keep your personal information secure
If you provide us with information via a form on our website, it is stored securely in our databases and only accessed by staff authorised by CatholicCare. CatholicCare uses a range of hardware and software security measures to protect your information and ensure that only authorised staff are granted access.
Visiting our website
CatholicCare also uses social media buttons and/or plugins on its websites that allow you to connect with your social network in various ways. For these to work, social media websites including Facebook and Twitter, will set cookies through our website which may be used to enhance your profile on their website or contribute to the data they hold for various purposes outlined in their respective privacy policies. CatholicCare encourages you to read the privacy policies of these companies.
CatholicCare websites may contain links to other sites of interest. CatholicCare does not control, and is not responsible for, the content or privacy practices of those websites. Please check the privacy policies of third party website operators before you provide your personal information to them. CatholicCare will not be liable for any actions of third parties, including third party website operators.
Our website security
Forwarding credit card numbers or other sensitive information via email or facsimile is not safe. We recommend that you do not send information to us in either format.
CatholicCare websites are secured using SSL technology to encrypt data between your browser and the website. If you are entering any payment or credit card information on the internet, you should confirm that the page is secured (padlock symbol in your browser) before entering any information. We make every effort possible to make your donations and transactions within our website as secure and safe as possible for you.
You should be aware that there are inherent risks associated with the transmission of information via the Internet. If you are submitting personal details, credit card numbers or other information over the Internet, please be aware that, while all reasonable efforts are made to secure information transmitted to this website, there is a possibility that information you submit could be observed by a third party while in transit. By using this website you acknowledge that you do not hold CatholicCare liable for any security breaches, viruses, or other malicious software that may infect your computer or any loss of data, revenue or otherwise that may occur.
From time to time CatholicCare may need to contact clients and donors directly to update or confirm their personal or credit card details.
If we contact you to update your personal details, or to rectify a problem with a credit card donation or payment, we will provide you with sufficient information from our existing data base (including where appropriate the last four digits of your credit card) for you to be comfortable that the caller is our representative.
Any contact you receive requesting a full credit card number and CVV number, should be considered a hoax and you should disregard it and report the contact to www.scamwatch.gov.au or contact the CatholicCare Fundraising Team for further information.
The Spam Act 2003
The Spam Act prohibits the sending of unsolicited emails, SMS and MMS messages for commercial purposes from or within Australia or to people in Australia and bans the supply and use of software designed to harvest email addresses. While charities do have some exemptions from this Act, CatholicCare will be guided by the Australian eMarketing Code of Practice. We will always provide you with an opt-out mechanism as part of all electronic communications.
Complaints about our privacy practices
CatholicCare responds to complaints by investigating the issue, deciding on any action that are required and responding to the individual within twenty (20) business days of lodgement (or sooner if practicable). Further information is contained within the CatholicCare Feedback and Complaints Procedure.
For further information:
CatholicCare Privacy Officer
Mary Potter Wing
2c West Street, Lewisham NSW 2049
Call: 13 18 19
Office of the Australian Information Commissioner
Address: GPO Box 5218, Sydney NSW 2001
Call: 1300 363 992
Last Updated: October 2018