Loading...

National Privacy Principles

There are 10 national privacy principles as follows-

 

1 - Collection

Collection of personal information must be fair, lawful and not intrusive. A person must be told the organisation's name, the purpose of collection, any laws requiring the collection, the main consequences if all or part of the information is not provided, and that the person can get access to their personal information.

2 - Use & Disclosure 

An organisation should only use or disclose information for the purpose for which it was collected unless the person has consented, or the secondary purpose is related to the primary purpose and a person would reasonably expect such use or disclosure. 

3 - Information Quality

An organisation must take reasonable steps to make sure that the personal information it collects, uses or discloses is accurate, complete and up-to date. 

4 - Data Security

An organisation must take reasonable steps to protect the personal information it holds from misuse and loss and from unauthorised access, modification or disclosure.

5 - Openness

An organisation must have a policy document outlining its information handling practices and make this available to anyone who requests it. 

6 - Access and Correction

Generally speaking, an organisation must give an individual access to personal information it holds about that individual on request. 

7 - Identifiers

Generally speaking an organisation must not adopt, use or disclose an identifier that has been assigned by a Commonwealth government 'agency'. For example, a tax file number or Medicare number. 

8 - Anonymity

Organisations must give people the option to interact anonymously whenever it is lawful and practicable to do.

9 - Trans-border Data Flows

An organisation can only transfer personal information to a recipient in a foreign country in circumstances where it is necessary to do so to complete an agreement with a person, or where the information will have appropriate protection or the person has consented to the transfer. 

10 - Sensitive Information

An organisation must not collect sensitive information (for example, details of a person’s race, religion, sexual preferences or health) unless the individual has consented. 

What information we collect-

The personal information we collect about you includes (but is not limited to) your name, contact details (including phone numbers and addresses), gender, date of birth and other information which may assist us in conducting our business.

We collect this information from you only if you consent to our collection of such information and the information is reasonably necessary for one or more of our functions or activities (or we are otherwise permitted or required by law to do so), including:

  1. where such information is relevant to any assessment conducted by us, in which you participate or wish to participate.
  2. where such information is required in order for us to be able to provide our goods or services to you.

We also collect information about you that is not personal information. For example, we may collect data relating to your activity on our websites (including the type of internet browser you use, your operating system, address of referring site, your IP address and other clickstream information) via tracking technologies such as cookies, or we may collect information from you in response to a survey, promotion or competition.

 

How we collect it

 

We may collect your personal information from a variety of sources, including from you, advertisers, mailing lists, recruitment agencies, contractors and business partners.

We will generally collect personal information by way of forms filled out by people, face-to-face meetings, interviews, business cards, electronic communications, telephone conversations and from third parties (including representatives, agents). In addition, we collect personal information from our websites through receiving subscription applications, job applications, applications to participate in our research projects, competition applications and other electronic documents.

We may collect your personal information when you request, acquire or use a product or service from us, register with us as a subscriber, member or user, provide a product or service to us, complete a survey, consent form or questionnaire, complete assessment materials as part of our research projects in which you participate, enter a competition or event, participate in our services (including blogs and forums) or when you communicate with us electronically (including email and facsimile), by telephone or in writing (for example if you make a complaint or provide feedback) or where you provide personal information via social media (such as via Facebook, Twitter, Instagram etc).

If, at any time, you provide personal or other information about someone other than yourself, you must have that person's consent to provide such information for the purpose for which you provide it to us.

 

Why we collect it

 

The primary purpose for which we collect information about you is to conduct our business, provide and market our products and services to you, meet our legal or regulatory obligations, and also for the management of business transactions entered into with us and the administration of any accounts you have with us. We may state a more specific purpose at the point we collect your information (including but not limited to any law that requires or authorises the particular information to be collected).

If you do not provide us with all or some of the information that we request, we may not be able to provide you with our products or services or include you as a participant in our research projects. For example, if you do not register as a member of a website, you will not be able to access features or services that are reserved for members or subscribers only.

 

How we use it

In addition to the primary purpose outlined above, we may use the personal information we collect, and you consent to us using your personal information:

  • for purposes necessary or incidental to the provision of products or services to you;
  • to personalise and customise your experience purchasing or using our products or services;
  • to manage and enhance our products and services;
  • to communicate with you, including by email, mail, telephone or via social media;
  • to conduct competitions or hackathons;
  • to verify your identity;
  • to investigate any complaints about or made by you, or if we have reason to suspect that you are in breach of any of our terms and conditions or that you are or have been otherwise engaged in any unlawful activity;
  • as part of any investigation in relation to you or your activity which we suspect to be a breach of any of our terms and conditions, serious misconduct or unlawful;
  • as part of a sale (or proposed sale) of all or part of our business; and/or
  • as required or permitted by any law or regulation (including without limitation the Privacy Act).

 

How we hold it - management and security

We have appointed a Privacy Officer to oversee the management of personal information in accordance with this Privacy Policy, the Privacy Act and other applicable privacy laws.

Other than in relation to Non-Confidential Information, we will take all reasonable steps to protect the personal information that we hold from misuse, interference and loss, and from unauthorised access, modification or disclosure including by means of secure premises, firewalls, password access, secure servers and encryption PIIs.

However, you acknowledge that the security of online transactions and the security of communications sent by electronic means or by post cannot be guaranteed. You provide information to us via the internet or by post at your own risk. We cannot accept responsibility for misuse, interference or loss, or unauthorised access, modification or disclosure in respect of your personal information where the security of the information is not within our control.

If you suspect any misuse, interference or loss, or unauthorised access, modification or disclosure in respect of your personal information, or any other privacy breach please let us know immediately.