Introduction and Purpose
Aged & Community Care Providers Association Ltd (ACCPA) is committed to respecting the privacy of its clients and stakeholders and adheres to the Australian Privacy Principles as set out in the Privacy Act 1988 (Cth), the Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Cth) and the Privacy Amendment (Private Sector) Act 2000 (Cth) (herein collectively referred to as the Privacy Act). The Australian Privacy Principles govern the way in which we collect, use, disclose, store, secure and dispose of your Personal Information. A copy of the Australian Privacy Principles may be obtained from the website of The Office of the Australian Information Commissioner at www.oaic.gov.au.
Overarching Policy Principles
ACCPA collects, utilises and administers a range of personal information for various purposes as detailed below under ‘Use of your Personal Information’. ACCPA is committed to protecting the privacy of Personal Information it manages.
ACCPA recognises the essential right of individuals to have their Personal Information collected, used and disclosed in ways which they would reasonably expect, and with appropriate storage, protection and accessibility arrangements in place. These privacy principles are reflected in and supported by our core values and philosophies and also reflected in this Policy, which is compliant with the Privacy Act.
ACCPA is bound by the Privacy Act and the Australian Privacy Principles which impose specific obligations when it comes to handling Personal Information. ACCPA has adopted the following principles contained as minimum standards in relation to handling Personal Information.
- Collect, use and disclose Personal Information only for our primary purpose or a related purpose, or for another purpose with the person’s consent;
- Where possible, ensure that stakeholders are informed as to why we collect the information and how we administer the information gathered;
- Store Personal Information securely, protecting it from unauthorised access;
- Provide stakeholders with access to their own information and the right to seek its correction; and
- Respond to any data breaches by reporting such breaches in accordance with the applicable laws.
What is Personal Information?
Personal Information includes a broad range of information, or an opinion, that could identify an individual. Examples of Personal Information we collect includes (but is not limited to), names, addresses, email addresses, telephone and facsimile numbers, photographs and employee record information (including taxation, superannuation, banking details, medical certificates, etc.).
Some Personal Information is further classified as Sensitive Information, which is defined in the Privacy Act to include information or opinion about such things as an individual’s racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record or health information, etc.
How we collect Personal Information
ACCPA collects Personal Information from a number sources including:
- Directly from the individual to whom the information relates;
- From companies about their employees and contractors;
- From companies about their customers and suppliers; and
- For marketing purposes, from business associates, potential clients and other third party
Personal Information may be obtained in many ways including correspondence, by telephone and facsimile, in writing, by email, via web enabled forms on our website at www.accpa.asn.au, from other websites, from media and publications, social media, from other publicly available sources, from cookies and other tracking technology, static documents such as letters, memos, from third parties, etc.
In addition, ACCPA uses social networking services such as Facebook, Twitter, YouTube and LinkedIn to communicate broadly with the public. We may collect your Personal Information to help us communicate with you and the public. Personal Information is commonly collected when individuals register to participate in an ACCPA event, forum or training program, are added to our newsletter subscription services or through registrations for meetings or consultations, lodgements of requests for advice and information and for a broad range of other circumstances associated with our provision of services to, and communications with, our Members. Additionally, Personal Information is collected when organisations provide employee details when managing their ACCPA Membership, Affiliation subscription or other services delivered by ACCPA.
We collect your Personal Information for the primary purpose of providing our services to you, and for providing information to our clients and for marketing purposes. We may also use your Personal Information for Secondary Purposes related to the Primary Purpose, in circumstances where you would reasonably expect such use or disclosure. You may unsubscribe from our mailing/marketing lists at any time by contacting us in writing or by using the ‘unsubscribe’ link on bulk email communications.
When we collect Personal Information we will, where appropriate and where possible, explain to you why we are collecting the information and how we plan to use it.
In collecting Personal Information, ACCPA will not do anything, or engage in any practice, that contravenes the Australian Privacy Principles including:
- Not collecting Personal Information unless the information is collected for a lawful purpose that is related to a function or activity of ACCPA, and is reasonably necessary for that purpose; and
- Not collecting personal or commercial information by any unlawful
Personal Information may be collected from time to time by a third party service provider on ACCPA’s behalf.
In accordance with current standards, our servers automatically recognise and record each visitor’s source IP address, date and time of visit, time spent on individual pages and pages viewed, but only discloses to us anonymous statistical data, which we need to evaluate our website performance and generally improve our website over time.
Use of your Personal Information
ACCPA undertakes to only use Personal Information in the following circumstances:
- For the Primary Purposes for which it was collected or a Secondary Purpose that you would reasonably expect us to use or disclose the information and is related to the Primary Purpose;
- For such other purposes as are subsequently agreed between ACCPA and you;
- Where we have engaged a third party service provider or partner to perform legitimate functions on our behalf (and where this occurs, the third party service provider will only use the information collected in the circumstances outlined within this Policy); and
- For such additional purposes as are authorised by law (in particular to protect ACCPA’s interests, e.g. if it believes on reasonable grounds that you have failed to fulfil your undertakings to ACCPA or have committed a breach of the law). In these circumstances, ACCPA will take any reasonable steps to communicate to you that the use of information has occurred, unless it is precluded from doing so by law.
Sensitive Information will be used by us only:
- For the Primary Purpose for which it was obtained;
- For a Secondary Purpose that is directly related to the Primary Purpose; and
- With your consent or where required or authorised by
Specifically, we use your Personal Information to:
- Maintain your organisation’s ACCPA Membership or Affiliation subscription and appropriate records (for Members and Affiliates only);
- Communicate with you to provide your organisation’s Membership or Affiliate benefits, including but not limited to:
- Key ACCPA and industry news via e-communications;
- Responses to your queries by our employees or contractors;
- Advice of upcoming ACCPA events, workshops, forums and training opportunities; and
- Advice to Member Representatives of key company information, including but not limited to, Director election and General Meeting related documentation; and
- Support your organisation with advice and expertise on key sector
- Provide you with access to various collaborative forums and communities of practice with your peers and ACCPA employees;
- Deliver business services on behalf of our clients (e.g. payroll services, claims and billing services);
- Undertake market research, Member satisfaction and other surveys and Member data analysis;
- Provide you with promotional information about our products and services that may be of interest;
- Provide you with information to support your learning outcomes and information regarding our courses;
- Provide you with updated information on events you have registered for;
- Provide you with access to promotions and discounts from time to time;
- Process applications or nominations for Director and Committee positions or for positions on external Boards;
- Monitoring whether you have opened e-communications;
- Deliver business products and services requested by you;
- Tailor and enhance our products and services to you and our Members;
- Administer and support our service delivery, including billing and debt collection;
- Process and administer applications for employment as part of our recruitment function;
- Manage the working and administrative arrangements for our employees and contractors; and
- Communicate with
Disclosure of your Information
In certain instances, we may disclose your Personal and/or Sensitive Information to certain third parties so that they may use and disclose your information for any of the purposes referred to above.
When we disclose your information to a third party who is providing services to us, we will require the third party to protect your information in accordance with the Privacy Act and treat it confidentially, through the contract of service we sign with them. Such third parties may include, but are not limited to:
- Third party software platforms (such as Microsoft, MemNet, MYOB, Salesforce, EventsAIR or similar (for event management), Zoom, RateIt, Survey Monkey, Basecamp, Care Systems, Jira, Axcelerate, CentroAssist, MS Teams, Confluence and other databases or programs;
- Government agencies;
- Superannuation entities;
- Insurers (including Workcover Insurers);
- Legal advisors;
- External organisations we partner with, or who have been contracted to deliver a service on our behalf, including but not limited to publishing and mailing houses, including magazines and journals;
- Independent returning officers appointed for election purposes;
- Consultants and contractors engaged to undertake services requested by you on your behalf; and
- Debt collection
In the delivery of our consultancy services, any consumer information in our reports to our client is deidentified (via use of initials only).
Disclosure to Overseas Recipients
As mentioned above, ACCPA uses a number of third party products to provide its services. These include, but are not limited to, Salesforce, Meltwater, EventsAIR (events management), Basecamp, Survey Monkey, Zoom, Youtube, and social media platforms such as Facebook, Twitter, LinkedIn and WhatsApp. These service providers are located overseas, and therefore require ACCPA to send Personal Information it holds overseas for the purpose of its service delivery communications, marketing and event management.
ACCPA is not accountable for the actions of an overseas third party with regard to the use of information, and there is no redress under the Privacy Act should the overseas third party breach the Australian Privacy Principles. Additionally, you may not be able to seek redress in the overseas jurisdiction. You should also be aware that the overseas third party may not be subject to the same privacy obligations and may be compelled to disclose Personal Information to a further third party by an overseas authority. It should be noted that if you opt out of these marketing and communication services, ACCPA will not disclose your Personal Information to the overseas third party.
To the greatest extent possible, when utilising the services of overseas providers, ACCPA ensures that these external providers have appropriate controls to manage the privacy of the information they hold.
Security of Personal Information
We hold Personal Information in hardcopy and electronic formats. ACCPA takes reasonable steps to ensure that Personal Information we hold is secure and protected from misuse, loss, unauthorised access, modification or disclosure.
Reasonable steps are taken to hold information secure in an electronic or physical form. Information is stored in access controlled premises using lockable cabinets or in electronic servers and databases with restriction of access, use of logins, passwords, firewalls, multi- factor authentication and other security measures. All staff with access to confidential information are subject to confidentiality obligations.
Generally, we will only retain your personal information for as long as it is required for the purpose it was collected and in accordance with our other legislative obligations.
Under the Privacy Amendment (Notifiable Data Breaches) Act 2017, we must report certain data breaches to the Office of the Australian Information Commissioner and the impacted individuals when a data breach has occurred and is likely to result in serious harm to any individuals whose Personal Information is involved in the breach.
An eligible data breach occurs when:
- There is unauthorised access to or unauthorised disclosure of Personal Information, or a loss of Personal Information, that ACCPA holds;
- That is likely to result in serious harm to one or more individuals, and
- ACCPA has not been able to prevent the likely risk of serious harm with remedial
ACCPA has a Data Breach Response Plan in place in the event of a data breach.
Access and Correction
You have rights under the Australian Privacy Principles to request access to and correction of information we hold about you. We encourage you to advise us of any personal detail changes as they occur.
To access or correct your data, please contact the ACCPA Privacy Officer via:
Phone: 1300 111 636
Post: ACCPA Privacy Officer, Level 2, 176 Wellington Parade, East Melbourne VIC 3002
Enquiries and Complaints
If you have any queries regarding privacy at ACCPA or would like to enquire or make a complaint about a breach of your privacy, please contact the ACCPA Privacy Officer at the above address. We will respond to you within 30 days of receipt of your complaint. Should you not be satisfied with the resolution of your complaint by ACCPA, you can contact the Office of the Australian Information Commissioner on 1300 363 992 or via email at email@example.com.