Privacy Policy
Communities at Work’s Privacy Policy: How We Collect, Use and Protect Your Personal Information
Communities at Work collects relevant information to enable it to perform its functions. As part of this process, it collects personal and sensitive information.
Communities at Work has legal obligations to ensure the protection, proper use and handling of personal and sensitive information.
Communities at Work places a high value on the rights of individuals to have their personal privacy protected.
Communities at Work has practices and procedures in place to ensure compliance with the Privacy Act 1988 and the Australian Privacy Principles (APPs) which regulate the collection, storage, security, use and disclosure of personal information.
Detailed information on the privacy rights of our clients, stakeholders and employees is available at:
Privacy Act 1988 – https://www.legislation.gov.au/
Australian Privacy Principles – https://www.oaic.gov.au/
At all times, the APPs will constitute Communities at Work’s privacy policy and be strictly adhered to. Some key facets of the APPs are outlined below.
Security
All personal and sensitive information held by Communities at Work is contained in secure physical and electronic environments. Internal procedures ensure the protection of information against unauthorised access, loss, modification, misuse or disclosure. The only people in our organisation who are permitted to have access to personal or sensitive information, regardless of the format, are employees, contractors and volunteers who have a genuine requirement to access the information to do their jobs.
Communities at Work does not use identifiers such as tax file numbers, Medicare numbers or driver’s licence numbers as identifiers of people in our own records and systems.
Collection of Personal and Sensitive Information
When we collect personal and sensitive information we:
- collect it, as far as practicable, only from the individual concerned;
- collect it by fair and lawful means;
- collect only personal information that is necessary for Communities at Work to deliver its services.
Some personal information is collected to enable administration of our billing or payments systems. We do not permanently retain that information; once the need to retain records in accordance with relevant legal obligations has expired the information shall be disposed of securely.
Individuals have no obligation to provide the information requested by Communities at Work. However, withholding information in some circumstances may affect the quality and efficiency of the services delivered by Communities at Work.
Use and Disclosure
Communities at Work representatives will notify individuals of the purpose for collecting personal and sensitive information at the time it is collected. In addition, Communities at Work shall:
- only use personal or sensitive information collected for the reason it was originally collected;
- inform the individual which other organisations or types of organisations Communities at Work usually discloses the information to, if any;
- only disclose information consistent with the requirements of the Australian Privacy Principles;
- not disclose information to overseas parties; and
- provide a simple means by which an individual may opt out of receiving direct marketing communications from the organisation.
Handling of Personal Information
Communities atWork maintains personal information security as per Australian Privacy Principle 11, including complying with the Notifiable Data Breaches (NDB) Scheme. In line with our obligations under this scheme:
- We shall take reasonable steps to ensure an assessment of eligible data breaches is completed within the time frame stipulated by the Scheme;
- We shall provide a statement to each of the individuals whose data was breached or who are at risk;
- We shall send a copy of the statement to the Office of the Australian Information Commissioner;
- We shall undertake a review of how the breach occurred and enhancement to security measures to protect personal information, necessitated by such an event.
Access to Personal Information and Data Quality
Communities at Work shall provide individuals with access to personal and sensitive information it holds about them on request. If an individual requires access to, or wishes to correct, personal or sensitive information about them, they should contact the Communities at Work Central Office at admin@commsatwork.org or write to:
Communities at Work
Tuggeranong Community &Function Centre
245 Cowlishaw Street
GREENWAY ACT 2900
Complaints
If an individual has a concern or complaint about the privacy of their personal or sensitive information held by Communities at Work, they should click here or write to the above-mentioned address.
Communities at Work takes all complaints seriously and shall ensure they are addressed by an authorised Communities at Work employee as soon as reasonably practical.
Privacy Policy Review
To ensure that the contents of this policy remain current and in alignment with relevant legislations, codes, standards and best practice, it shall undergo periodic review. If this policy is modified as a result of a change to our operational environment, revised versions of this policy will be made available on our website and intranet.
Policy reference ORG-QMS-POL-095 Effective Date 22 FEB 2018