This Policy applies to St Alfred’s Anglican Church, Blackburn North (referred to as “the Church”, “we”, “our”, “us”). The word “individual” refers to a parishioner, or any other person with whom we come into contact. This Policy outlines the Church’s obligation to manage and protect the personal information we hold about individuals.
The Church is bound by the Australian Privacy Principles (‘APPs’) contained in the Privacy Act 1988 (C’th) (‘Privacy Act’). ‘Personal information’ is information or an opinion relating to an individual, which can be used to identify that individual. Some personal information, which we collect, is ‘sensitive information’. Sensitive information may include information relating to a person’s racial or ethnic origin, criminal record and may also include health information about an individual.
We generally collect personal information directly from the individual. For example, an individual may deal with us on the phone, send us correspondence (by letter, fax or email) or contact us in person. Also, the Church will collect personal information from forms filled out by individuals, interviews, and from other people. Typically, the type of personal information we collect about the individual includes name, age, date of birth, occupation, mailing address, phone numbers, email address and other information that is relevant to the services we provide.
We may require that an individual give us their name as part of collecting their personal information. We will only do this where the purpose for the collection of the information requires the name of the person providing the information. If we do not specifically require an individual’s name as part of a collection then that individual has the right to give us their name, to remain anonymous, or to provide the information under a pseudonym.
In some circumstances the Church may be provided with personal information about an individual from somebody else, for example a referral from another person. Where this happens, the Church will take reasonable steps to ensure that the individual is or has been made aware of the matters set out in this Privacy Policy.
If the personal information we request is not provided, we may not be able to process an individual’s application to join the Church, or provide individuals with the benefit of our services, or meet an individual’s needs appropriately.
The type of information we may collect and hold includes (but is not limited to) personal information about:
The Church collects personal information for the following purposes:
When we refer to “use” of personal information, we mean use within the Church, for the purposes outlined above. When we use the word “disclose”, we mean providing the information to persons outside the Church.
The Church may use and disclose personal information for the primary purposes for which it is collected, for reasonably expected secondary purposes, which are related to the primary purpose and in other circumstances authorised by the Privacy Act. Sensitive information will be used and disclosed only for the purpose for which it was provided or a directly related secondary purpose, unless the individual agrees otherwise, or where certain other limited circumstances apply (e.g. where required by law).
We use and disclose personal information for the following purposes:
We do not disclose personal information we collect to others for the purpose of allowing them to direct market their products and services. We do not use or disclose sensitive information for direct marketing purposes.
We engage other people to perform services for us, which may involve that person handling personal information we hold. In these situations, we prohibit that person from using personal information about you except for the specific purpose for which we supply it.
In relation to sensitive information held by us, wherever possible, the Church will attempt to de-identify the information. We also undertake to delete all personal information about an individual when it is no longer needed or relevant.
We may disclose personal information to:
We also collect personal information from these organisations and individuals, and deal with that information in accordance with this Policy.
We will not send personal information to recipients outside of Australia without:
St Alfred’s maintains a presence on some social media websites. Users of those websites are able to upload content, including personal information, to the portions of those websites associated with St Alfred’s. St Alfred’s will not request or require any person to upload personal information to social media websites. St Alfred’s will not record or collect any personal information uploaded to social media websites. Users of social media websites are strongly advised to familiarise themselves with the privacy policies of those websites before uploading any personal information to those websites.
The APPs require us to take all reasonable steps to protect the security of personal information. The Church’s personnel are bound by a confidentiality agreement to respect the confidentiality of personal information and the privacy of individuals.
The Church takes reasonable steps to protect personal information held from misuse and loss and from unauthorised access, modification or disclosure, for example by use of physical security and restricted access to electronic records. All personal information contained in hard copy documents held by the Church are stored in locked cabinets. All personal information stored on the Church’s computer system is backed up weekly, and back-up copies are held in a secure location.
Where we no longer require the personal information for a permitted purpose under the APPs, we will take reasonable steps to destroy it.
We will not use identifiers assigned by the Government, such as a tax file number, Medicare number or provider number, for our own file recording purposes.
The Church takes reasonable steps to ensure that the personal information it holds is accurate, complete and up-to-date. It is the Church’s policy and practice to update the information it holds about individuals every 12 months, to ensure that the information is accurate. We encourage individuals to contact us in order to update any personal information we hold about them. Our contact details are set out below.
You have the ability to gain access to your personal information. Subject to the exceptions set out in the Privacy Act, individuals may gain access to the personal information which the Church holds about them by contacting the Church Privacy Officer. If we refuse to provide the information, we will provide reasons for the refusal and inform the individual of any exceptions relied upon under the Privacy Act. (See the notes at the end of this document.)
An individual’s request for access to his/her personal information will be dealt with by allowing the individual to look at his/her personal information at the offices of the Church. We will require identity verification and specification of what information is required. An administrative fee for search and photocopying costs may be charged for providing access. We will advise the likely cost in advance whenever practicable.
This Policy will be reviewed from time to time to take account of new laws and technology, changes to our operations and practices and the changing business environment.
If you have any questions about privacy-related issues please contact the St. Alfred’s Privacy Officer.