1. Policy Statement
Forsight aims to protect the privacy of the personal information that we collect and hold whilst carrying out our activities. Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable.
This statement applies to personal information collected from and about staff, clients, suppliers and any other person whose personal information Forsight may collect from time to time.
Forsight is bound by the Privacy Act 1988 (Cth). This statement has been developed as part of Forsight ‘s efforts to comply with its obligations under that legislation, including compliance with the Australian Privacy Principles (APPs) contained in the Act.
This statement explains:
- what types of personal information we might collect;
- how we aim to use personal information;
- when we will disclose personal information to others;
- how we manage and secure personal information;
- how you can access and seek to correct personal information that we hold about you; and
- how you may make a complaint if you think that we have breached the APPs.
Exception in relation to employee records The APPs do not apply to employee records, as that term is defined by the Act. As a result, this statement does not apply to Forsight ‘s treatment of employee records, where the treatment is directly related to a current or former employment relationship between Forsight and an employee.
All Staff, Management and Board of Directors
What types of personal information do we collect?
Forsight aims only to collect ‘personal information’ (as defined under the Act) that is reasonably necessary for our activities. The types of personal information that we collect will depend on the nature of the interaction between you and Forsight and where and how we collect the information.
Personal information collected by Forsight includes:
- information about clients’ including names, addresses, email addresses, telephone and fax numbers and other contact details and information about their use of Forsight ‘s services;
- Information in relation to an individual client’s family members, carers, trusts and guardians, financial manager, Coordinator of Supports or allied health professionals;
- information about job applicants, staff members, financial supporters, volunteers and contractors; and • information in relation to an individual clients medical, dental and allied health;
- details of other people who encounter Forsight such as suppliers.
You have the option of not identifying yourself, or of using a pseudonym, when dealing with Forsight in relation to certain matters. We will let you know when we require you to identify yourself. If some information that Forsight requests is not provided, Forsight may not be able to provide you with our services or engage you to work at Forsight.
Some of the information Forsight collect is ‘sensitive information’ (as defined under the Act), including information about your racial or ethnic origin, religious beliefs or affiliation, or health.
The Act requires us only to collect sensitive information from you where this is consented to by you and reasonably necessary for our activities, or if the collection is required by law or a court or tribunal order, and only to share personal information including sensitive information if Forsight has a belief that its use and/or disclosure is necessary:
- to lessen or prevent threats to health, life or safety of any individual;
- to investigate unlawful activity or serious misconduct within our organisation;
- to assist enforcement bodies, such as the police, with their activities;
- to assist in locating a missing person;
- to establish, exercise or defend a legal or equitable claim; and/or
- for the purpose of confidential alternative dispute resolution
- to provide you with health services; and/or
- for health-related research.
How do we collect your personal information?
We usually collect personal information directly from you, for example when you send us correspondence by e-mail or in writing, deal with us over the telephone or in person, or make a donation. We do not collect personal information from visitors on our website other than what is supplied to us on a voluntary basis.
How do we use your personal information?
Information of clients and suppliers
Personal information is collected from clients and suppliers to enable Forsight to conduct its business. The purposes for which Forsight uses personal information of clients and suppliers include:
- to provide you with our services;
- to provide ongoing support, for example if you have a query;
- to communicate with you;
- to provide information about other services that Forsight considers would interest them (which they can tell Forsight not to do at any time);
- to help Forsight run the organisation, for example to improve our services, security, train staff or undertake marketing activities; and
- to comply with its legal obligations
If we collect your personal information for any other purpose, we will generally let you know that purpose at the time we collect the information.
Information of job applicants, staff members and contractors
Forsight collects personal information of job applicants, staff members and contractors for the primary purpose of assessing and (if successful) engaging the applicant, staff member or contractor, as the case may be.
The purposes for which Forsight uses personal information of job applicants, staff members and contractors include:
- managing the individual’s employment or engagement;
- insurance purposes;
- ensuring that it holds relevant contact information; and
- satisfying its legal obligations.
Information of volunteers
Forsight also collects personal information about volunteers who assist Forsight, to enable Forsight and those volunteers to work together.
When will we disclose your personal information to others?
Forsight aims to confine its disclosure of personal information to the primary purpose for which it has been collected, or for a related purpose. This means Forsight will usually only disclose personal information in connection with its provision of services and administrative functions, including when disclosure is necessary to provide you with a service that you have requested; help us with the running of our organisation; or for security reasons.
Sometimes we may also disclose your personal information outside Forsight for the purpose for which the information was collected, or for a related purpose – for example when disclosure is necessary to complete a transaction on your behalf, provide you with a product, service or activity you have requested, help us with the running of our organisation, or for security reasons.
We may provide your personal information to:
- outsourced service providers who perform functions on our behalf, such as organisations providing security services, conducting market research, providing email and mail handling services;
- authorised agents and representatives of Forsight who provide services on our behalf;
- anyone authorised by you to receive your personal information (your consent may be express or implied and can be withdrawn at any time);
- an actual or prospective purchaser in the event we sell part of our business; and
- anyone to whom we are required by law to disclose personal information.
We generally require third parties only to use your personal information for the specific purpose for which it was given to us and to protect the privacy of your personal information. We will only disclose your personal information to third parties on the basis that such parties agree with Forsight to keep your information confidential.
You consent to us disclosing your personal information to the third parties listed above for all the purposes listed above, and similar organisations. You can ask not to receive communications from us at any time by contacting us – contact details are set out at the end of this statement.
If you do not permit the disclosure of some personal information as Forsight requests, Forsight then may not be able to meet its legal obligations and may not be able to do business with you or engage you to work at Forsight. If this is the case, we will let you know.
When you visit the public pages of our website, our website server makes a record of your visit and logs the following information;
- your IP (‘Internet Protocol’) address (which, in general terms, is a unique identifier assigned to your computer when it is connected to the Internet);
- search terms used;
- the operating system and Internet browser software you are currently using; and
- the data that you download (such as web pages or other document files or software), and the time that you download it.
This information cannot be used to identify you and is only used for statistical purposes to help us identify what parts of our website our users visit the most, which in turn assists us to determine how to improve our services.
If you contact us through our website or email us, Forsight will only use your personal information to respond to your request or answer your queries. We will not add your email address to our mailing list without your consent.
To the extent that our website contains links to sites operated by third parties, including other organisations, those linked websites are not controlled by us and we are not responsible for the privacy practices of the site operators. Before you disclose your personal information to any linked websites, we advise you to examine their privacy policies and terms and conditions of use.
How we manage and secure personal information
Forsight staff are required to respect the confidentiality of all personal information and the privacy of individuals, and we have directed our staff that personal information must be dealt with in accordance with this statement.
Forsight has security systems in place which are intended to protect your personal information from misuse, loss, unauthorised access, modification or disclosure by the use of various methods including locked storage of paper records and password access only rights to computerised records.
If Forsight receives personal information about you which it did not request and which it does not reasonably require, Forsight may destroy or de-identify this information where appropriate.
If you reasonably believe that there has been an unauthorised use or disclosure of your personal information, please let us know by emailing email@example.com with your query and we will contact you within 48 hours to discuss your request.
Updating personal information that we hold about you
Forsight aims to keep all personal information that we hold accurate, complete and up to date. We encourage you to tell us if you change your contact details. If you believe that the information, we hold about you is incorrect, incomplete or out-of-date, please email firstname.lastname@example.org with your request and we will contact you within 48 hours to discuss your request.
Forsight is required by law to keep some types of information for certain periods of time. If we no longer require your personal information, we will generally destroy or de-identify that information. Forsight reserves the right to retain information for a period longer than that for which it is required to retain the information if Forsight considers that it is necessary, and as long as it is in accordance with the APPs.
How you can access personal information that we hold about you
Under the Act, an individual generally has the right to obtain access to any personal information which Forsight holds about him/her and to advise Forsight of any perceived inaccuracy in that information. There are some exceptions to this right.
In some circumstances, the Act entitles Forsight to deny access, for example if providing access would impact unreasonably on the privacy of others or prejudice negotiations in which we are involved. If we do refuse access, we will generally let you know the reasons for our refusal.
If you make a request for access to your personal information, we may ask you to verify your identity and specify what information you require. Forsight may charge a fee to cover our costs of locating, retrieving, reviewing and copying any material requested. If the information sought is extensive, Forsight will generally advise the likely cost in advance. To make a request to access any information that Forsight holds about you, staff should email Human Resources and Clients (or their family / carer / guardian) should email the Head of Operations
If your personal information has not been handled in an appropriate way, we will do our best to remedy your concerns quickly, including by acknowledging receipt of your complaint in a timely manner and trying to resolve the complaint within a 2-week period. If this is not possible, we will contact you to let you know an anticipated time frame for dealing with your complaint.
If your complaint is not satisfactorily resolved, you may approach an external dispute resolution service or apply to the Office of the Australian Information Commissioner (OAIC) to have the complaint heard and determined.
4. Related Policies and Procedures
- Data Protection FRP-004.V1