– PRIVACY POLICY –
Christian Community Aid, ABN 27 755 348 253 

This Privacy Policy sets out our commitment to protecting the privacy of your personal information that we collect through this website www.ccas.org.au (Site) or directly from you.

Please read this Privacy Policy carefully. Please contact us if you have any questions.

You providing us with personal information indicates that you have had sufficient opportunity to access this Privacy Policy and that you have read and accepted it.

If you do not wish to provide personal information to us, then you do not have to do so, however it may affect your use of this Site or any products and services offered on it.

1. Type of personal information collected

Personal Information: The type of personal information we collect may include is set out on our website.

If we receive your personal information from third parties, we will protect it as set out in this Privacy Policy.

2. Collection and use of personal information

We collect and use the personal information for purposes including to contact and communicate with you, for internal record keeping and for marketing.

3. Disclosure of personal information

We may disclose personal information for purposes including to provide our products and services to you, and as required by law.

Where we disclose your personal information to third parties for these purposes, we will request that the third party follow this Privacy Policy regarding handling of your personal information.

4. Access to and correction of personal information

Access: You may request details of personal information that we hold about you, in certain circumstances set out in the Privacy Act 1988 (Cth). An administrative fee may be payable for the provision of information. We may refuse to provide you with information that we hold about you, in certain circumstances set out in the Privacy Act.

Correction: If you believe that any information we hold on you is inaccurate, out of date, incomplete, irrelevant or misleading, please contact us by email. We rely in part upon clients advising us when their personal information changes. We will respond to any request within a reasonable time. We will endeavour to promptly correct any information found to be inaccurate, incomplete or out of date.

5. Complaints about breach

If you believe that we have breached the Australian Privacy Principles and wish to make a complaint about that breach, please contact us on the email address below.

6. Unsubscribe

To unsubscribe from our e-mail database, or opt-out of communications, please contact us at the details below.

7. Storage and Security

We are committed to ensuring that the information you provide is secure.

8. Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year. If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser. When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

9. Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

For any questions or notice, please contact us at:

Christian Community Aid

Phone: 02 9858 3222

Email: administration@ccas.org.au

Your privacy is important 

This statement outlines Christian Community Aid’s policy on how CCA uses and manages personal information provided to or collected by them. CCA is bound by the Australian Privacy Principles contained in the Commonwealth Privacy Act and is compliant with the Privacy Amendment (Enhancing Privacy Protection) Act 2012.

CCA may, from time to time, review and update this Privacy Policy to take account of new laws and technology, changes to CCA’s operations and practices and to make sure it remains appropriate to the changing legal environment.

The Board of Christian Community Aid is committed to protecting the privacy of personal information which the organisation collects, holds and administers.

Personal information is information which directly or indirectly identifies a person. CCA collects and administers a range of personal information for the purposes of Program Requirements and relevant assistance provided to the community.

The organization is committed to protecting the privacy of personal information it collects, holds and administers and recognizes the essential right of individuals to have their information administered in ways which they would reasonably expect.

Responsibilities

CCA’s Board is responsible for developing, adopting and reviewing this policy. CCA’s General Manager is responsible for the implementation of this policy, for monitoring changes in Privacy legislation, and for advising on the need to review or revise this policy as and when the need arises. Ensure privacy obligations and information is freely available in relevant publications and on CCA’s website.

Stakeholders (Staff Board Members volunteers and contractors) are responsible for complying with CCA’s Privacy Policy.

What kind of personal information does CCA collect and how does CCA collect it?

The type of information CCA collects and holds includes (but is not limited to) personal information, including sensitive information, about:

Personal Address Details.
Bank Account Details
Private access to site Details.
Various other private details.

CCA will:

Collect only information which the organisation requires for its primary function;
Notify stakeholders about why we collect the information and how it is administered
Notify stakeholders that this information is accessible to them
Collect personal information from the person themselves wherever possible.
If collecting personal information from a third party, be able to advise the person whom the information concerns, from whom their personal information has been collected.
Collect Sensitive information only with the person’s consent. (Sensitive information includes health information and information about religious beliefs, race, gender and others).
Determine, where unsolicited information is received, whether the personal information could have collected it in the usual way, and then if it could have, it will be treated normally. (If it could not have been, it must be destroyed, and the person whose personal information has been destroyed will be notified about the receipt and destruction of their personal information).

Personal Information you provide:   

CCA will generally collect personal information held about an individual by way of phone calls, forms, meetings etc. You do have the right to seek to deal with us anonymously or using a pseudonym, but in almost every circumstance it will not be practicable for us to deal with you or provide any services to you except for the most general responses to general enquiries unless you identify yourself.

Personal Information provided by other people:

In some circumstances, CCA may be provided with personal information about an individual from a third party, for example, a carer or family member.

How will CCA use the personal information you provide? 

CCA will use personal information it collects from you for the primary purpose of collection, and for such other secondary purposes that are related to the primary purpose of collection and reasonably expected, or to which you have consented.

In relation to direct marketing, CCA will use your personal information for direct marketing where you have provided that information, and you are likely to expect direct marketing: only then you will be sent direct marketing containing an opt-out. If we use your personal information obtained from elsewhere we will still send you direct marketing information where you have consented, and which will also contain an opt out. We will always obtain your consent to use sensitive information as the basis for any of our direct marketing.

Use and Disclosure CCA will:

Only use or disclose information for the primary purpose for which it was collected or a directly related secondary purpose.
For other uses, CCA will obtain consent from the affected person.
In relation to a secondary purpose, use or disclose the personal information only where:
a secondary purpose is related to the primary purpose and the individual would reasonably have expected us to use it for purposes; or
the person has consented; or
certain other legal reasons exist, or disclosure is required to prevent serious and imminent threat to life, health or safety.
In relation to personal information which has been collected from a person, use the personal information for direct marketing, where that person would reasonably expect it to be used for this purpose, and CCA has provided an opt out and the opt out has not been taken up.
In relation to personal information which has been collected other than from the person themselves, only use the personal information for direct marketing if the person whose personal information has been collected has consented (and they have not taken up the opt-out).
Provide all individuals access to personal information except where it is a threat to life or health or it is authorized by law to refuse and, if a person is able to establish that the personal information is not accurate, then CCA must take steps to correct it. CCA may allow a person to attach a statement to their information if CCA disagrees it is inaccurate.
Where for a legal or other reason we are not required to provide a person with access to the information, consider whether a mutually agreed intermediary would allow sufficient access to meet the needs of both parties.
Make no charge for making a request for personal information, correcting the information or associating a statement regarding accuracy with the personal information.

Overseas

Before CCA discloses any personal information to an overseas recipient including a provider of IT services such as servers or cloud services, establish that they are privacy compliant. CCA will have systems which provide sufficient security

Data Quality CCA will:

Take reasonable steps to ensure the information CCA collects is accurate, complete, up to date, and relevant to the functions we perform.

Data Security and Retention CCA will:

Implement and maintain steps to ensure that personal information is protected from misuse and loss, unauthorized access, interference, unauthorized modification or disclosure.
Ensure that CCA’s data is up to date, accurate and complete.
Under our destruction and de-identification processes, your personal information that is no longer required will be de-identified or destroyed as soon as practical. In many circumstances, however it will be kept for marketing purposes, as long as you have consented to that in writing with us.

Destruction and de-identification CCA will:

Destroy personal information once it’s not required to be kept for the purpose for which it was collected, including from decommissioned laptops and mobile phones.
Change information to a pseudonym or treat it anonymously if required by the person whose information CCA holds and will not use any government related identifiers unless they are reasonably necessary for our functions.

Access and Correction CCA will:

Ensure individuals have a right to seek access to information held about them and to correct it if it is inaccurate, incomplete, misleading or not up to date.

Anonymity

Allow people from whom the personal information is being collected to not identify themselves or use a pseudonym unless it is impracticable to deal with them on this basis.

Making information available to other organisations CCA can:

Release information to third parties where it is requested by the person concerned.

Volunteers: 

CCA also obtains personal information about volunteers who assist CCA in its functions or conduct associated activities, such as to enable CCA and the volunteers to work together.

Marketing and fundraising: 

CCA treats marketing and seeking donations for the future growth and development of CCA as important. Personal information held by CCA will not be disclosed to an organisation that assists in CCA’s fundraising, for example, Rotary Groups & Financial Institutions.

Who might CCA disclose personal information to? 

CCA may disclose personal information, including sensitive information, held about an individual to:

Government Departments;
Family Members where care is provided.
Medical personnel.
Anyone you authorise CCA to disclose information to.

How does CCA treat sensitive information? 

In referring to ‘sensitive information’, CCA means:

“information relating to a person’s racial ethnic origin, political opinions, religion, trade union or other professional or trade association membership, sexual preferences or criminal record, that is also personal information; and health information about an individual”.

Sensitive information will be used and disclosed only for the purpose for which it was provided or a directly related secondary purpose unless you agree otherwise, or the use or disclosure of the sensitive information is allowed by law.

Management and security of personal information 

CCA’s staff are required to respect the confidentiality of personal information and the privacy of individuals. CCA has in place steps to protect the personal information CCA holds from misuse, loss, unauthorised access, modification, interference or disclosure by use of various methods including locked storage of paper records and passworded access rights to computerised records.

When you use our website, having your cookies enabled will allow us to maintain the continuity of your browsing session and remember your details when you return. We may also use web beacons, Flash local stored objects and JavaScript. If you adjust your browser settings to block, reject or delete these functions, the webpage may not function in an optimal manner. We may also collect information about your IP address, although this may not identify you.

In the event of a Breach of Privacy

All staff, volunteers and students must respect the right of the client to privacy and confidentiality. CCA undertakes to stress the importance of confidentiality at the time of interviewing, orientation, training and ongoing support of all staff, volunteers and students. Volunteers and students will sign a confidentiality agreement.

In the event of any breach of Privacy, the following procedure will apply.

Staff members: Will be counselled by their manager and the matter noted on the staff file.
Volunteers: Will be counselled by the relevant program coordinator. A repeat of a breach of confidentiality will mean the dismissal of the volunteer.
Students: Will be counselled by the student’s supervisor and the matter noted on the student report.
Carers: Will be counselled by the relevant program coordinator. A repeat of a breach of confidentiality will mean the dismissal of the carer
Board members: Any breaches of confidentiality or privacy by a Board member will be addressed by the CCA Board.

Updating personal information 

CCA endeavours to ensure that the personal information it holds is accurate, complete and up-to-date. A person may seek to update their personal information held by CCA by contacting the Privacy Officer of CCA at any time.

The Australian Privacy Principles and the Health Privacy Principles require CCA not to store personal information longer than necessary. In particular, the Health Privacy Principles impose certain obligations about the length of time health records must be stored.

You have the right to check what personal information CCA holds about you. Under the Commonwealth Privacy Act and the Health Records Act, an individual has the right to obtain access to any personal information which CCA holds about them and to advise CCA of any perceived inaccuracy. There are some exceptions to this right set out in the applicable legislation. To make a request to access any information CCA holds about you, please contact the Privacy Officer in writing.

CCA may require you to verify your identity and specify what information you require. Although no fee will be charged for accessing your personal information or making a correction, CCA may charge a fee to retrieve and copy any material. If the information sought is extensive, CCA will advise the likely cost in advance.

How long will CCA keep my information?

Under our destruction and de-identification policies, your personal information that is no longer required will be de-identified or destroyed. In many circumstances, however, it will be kept for marketing purposes, as you will have consented to that in writing with us.

Enquiries and privacy complaints

Any concerns complaints about the handling of information or any potential breach of privacy should be directed to the “ Privacy Officer” who will first deal with you by telephone. If you are considering your concerns have not been met a formal meeting will be arranged.

If you are not satisfied with the outcome of this meeting you can refer your complaint to the Office of the Australian Information Commission via:

Email: enquiries@oaic.gov.au
Phone: 1300 363 992
Fax: +61 2 9284 9666