Privacy policy
Churches of Christ in Queensland group of entities (we) manage personal information in an open and transparent manner. This policy sets out how we collect, hold, use and disclose personal information. We take the privacy of individuals seriously and are committed to complying with the Australian Privacy Principles in the Privacy Act 1988 (Cth) (Act).
What is personal information?
Personal information is any information or opinion which identifies an individual or can be used to identify an individual. It includes information that is generally available in the public domain such as name, address and telephone number. Sensitive information forms part of the definition of personal information, which may include, but is not limited to, racial and ethnic origin, political opinions, religious affiliations, criminal records, and health and genetic information about an individual.
What personal information do we collect?
The type, nature and quantity of personal information we collect depends on our legislative and operational requirements for the services we deliver. Generally, we only collect personal information that is reasonably necessary for enabling our services and functions as an organisation. With an individual’s consent or as permitted by law, the personal information we collect may include an individual’s name, age, contact details, medical records, guardianship information, relevant family history and relationship with us.
Why do we collect personal information?
We collect personal information to enable the delivery of our services. The specific purpose for which we collect personal information will largely depend on the type of relationship an individual has with us, for example, whether the individual is a care recipient, a potential job candidate or a contractor.
Examples of the reasons we are collecting personal information are as follows:
- assessing whether an individual is eligible to be admitted/enter into one of our services
- communicate with our potential clients/residents/care recipients and their government agency referrers, family members and external health or other service providers whose cooperation is required to deliver our service
- communicate with our existing clients/residents/care recipients, their families, carers, external health service providers, regulating government bodies and other service providers whose cooperation is required to deliver our service
- plan, provide and evaluate services to our clients/residents/care recipients
- manage and account for our services
- manage complaints, legal actions or claim against any of our services
- manage our employees, contractors and volunteers
- conduct industry surveys and research projects; and
- generally carry on our business
Only with the individual’s expressed consent, we collect personal information to:
- market our services
- compile funding applications
- Communicate with our members, sponsors, donors and other supporters and contacts for fundraising.
How we collect personal information
We collect personal information only by lawful and fair means. We collect personal information from the individual when the individual requests our services, meets with us, is engaged in one of our services communicates with us by letter, telephone, email or fax, gives us a business card, subscribes to our publications, registers for or attends our events, or submits information through our websites, blogs or other social media outlets.
When we are unable to collect personal information from the individual (for example, the individual is referred to our services), due to factors beyond our control, we collect information about an individual from:
- the government agency that refers the potential client/resident/care recipient to us
- the potential or current client/resident/care recipient’s families, carers, legal representatives, external health or other service providers whose cooperation is required to deliver our service
- third parties e.g. an individual’s employer or provider of an employment or other reference; and
- publicly available records.
- In the circumstances where personal information is not collected directly from the individual, we will take reasonable steps either to notify or to ensure the individual is aware that we have collected their personal information and the circumstances of the collection.
Cookies
We may ask other people to analyse traffic on our websites, blogs and other social media outlets and they may use cookies to do so. Cookies are small text files that are transferred by a website for the purpose of collecting information about a user’s identity, browser type or website visiting patterns.
General use and disclosure
We use and disclose personal information for the primary purpose for which it was collected. However, we are permitted to use and disclose personal information held by us for another purpose when:
- the individual has consented to the use or disclosure of the personal information
- the individual would reasonably expect us to use or disclose the personal information for another purpose and the purpose is related to the purpose for which the personal information was collected. In the case of sensitive information, the purpose is directly related to the purpose for which personal information was collected
- other purposes authorised by the Act and other legislations.
- In general, we use and disclose personal information for the purposes set out under "why do we collect personal information". In all other situations, the use and disclosure of personal information may only occur with the individual’s written consent.
Use and disclosure for direct marketing (not applicable to Children, Youth and Families Services)
We will only use an individual’s personal information (other than sensitive information) to market our services, donations or sponsorship opportunities, or to send invitations to our events, where we give that individual an opportunity to request us not to use the information for such purposes. We will not use an individual’s personal information for such purposes if the individual requests us not to do so.
To whom do we disclose personal information?
Unless with an individual’s expressed consent or permitted by law, we only disclose personal information for the particular purpose it was collected for, or for a directly related reason for which the personal information was firstly collected.
Generally speaking, we disclose personal information to the following recipients to deliver our services:
- to other persons in connection with the provision of our services including our clients and their families, carers, legal representatives, external health and other services providers whose cooperation is required for the delivery of our services
- to our employees and officers
- to credit reporting and debt collection agencies
- to anyone else whom the individual authorises us to disclose the information
- to the referring government agency and other regulators
- as otherwise authorised by the Act and other legislations
Disclosure to overseas recipients
In some cases, the organisations to who we may disclose your personal information may be located outside Australia. For example, we may disclose your personal information to our mission outreach health clinic in Vanuatu; we may disclose your personal information to our service providers located in USA and the countries within the European Union. We will take all steps as are reasonable in the circumstances to ensure that overseas recipients do not breach the Australian Privacy Principles which apply upon such disclosures.
How do we keep personal information secure?
We take reasonable steps to protect the personal information we hold from misuse and loss and from unauthorised access, modification or disclosure. We store information in access controlled premises, and electronic information on secure servers. We require all persons authorised to access electronic information to use logins and passwords to access such information.
We require all our contractors and others to whom we disclose personal information or who may have access to personal information we collect, to keep such personal information private and to protect such personal information from misuse and loss and from unauthorised access, modification or disclosure.
Unless we are prevented from doing so by the law, we de-identify or destroy securely all personal information we hold when no longer reasonably required by us.
Integrity of personal information
We take reasonable steps to ensure that the personal information we collect is accurate, up to date and complete, and that the personal information we use or disclose is, having regard to the purpose of such use or disclosure, accurate, up to date, complete and relevant.
To that end, we encourage you to contact us to update or correct any personal information we hold about you.
Accessing your personal information
You may request access to personal information we hold about you. The request must be made in writing (a letter, fax or email). The individual must send their request directly to us and specify the particular information the individual wishes to have access to.
On receiving the request, we may require you to verify your identity and to specify what information you require. We deal with all requests for access to personal information as required by the Act. We may charge a fee where we provide access and may refuse to provide access if the Act allows us to do so.
Upon our assessment to allow access to your personal information, we make available the requested records within a reasonable period of time; usually 30 days depending on the nature and volume of documents requested. The individual is welcome to take notes and make copies of it; however, the file remains our property.
Correction of personal information
We take reasonable steps to correct all personal information we hold to ensure that, having regard to the purposes for which it is held, the information is accurate, up to date, complete, relevant and not misleading.
You may request corrections to personal information we hold about you. The request must be made in writing and sent directly to our Privacy Officer (details under the subheading "contact us"). On receiving the request, we may require you to verify your identity. We deal with all requests for correction to personal information as required by the Act. We may refuse to correct personal information if the Act allows us to do so.
Complaints
If you wish to make a complaint about this Privacy Policy or our collection, use or disclosure of personal information, please contact our Privacy Officer (details under the subheading "contact us") in the first instance. The complaint is required to be made in writing, and we will deal directly with you to investigate your complaint and respond to you within a reasonable time (usually 30 days depending on the nature of the complaint).
If you are not satisfied with the outcome, then you may make a complaint to the Office of the Australian Information Commissioner (OAIC). For information about how to make such a complaint, please refer to the OAIC website.
About this Privacy Policy
This Privacy Policy has been issued by Churches of Christ in Queensland and applies to all its subsidiary and related entities. This policy is effective as at 1 February 2016. From time to time, we may review and change this policy. If we do so, we may post the updated version on our website (www.cofc.com.au) and it will apply to all your personal information held by us at the time.
Contact us
To request access to or correction of personal information, to request not to receive marketing material or invitations from us, or to make a privacy complaint to us, please contact:
Privacy Officer
Churches of Christ in Queensland
41 Brookfield Road
Queensland 4069
Phone: +61 7 3327 1600
Fax: +61 7 3878 1268
Email: [email protected]
Collection notice
You are providing your personal information to Churches of Christ in Queensland Group of Entities (ARBN 147 481 436) including Churches of Christ in Queensland (ABN 28 953 930 342), Churches of Christ Care (ABN 22 304 038 262), Churches of Christ Housing Services Limited (ABN 25 604 517 026) and all Churches of Christ in Queensland subsidiary entities (we, us or our).
1. Who do we collect your personal information from?
We generally collect your personal information directly from you. However, in some cases, we may receive your personal information from a third party (for example from your guardian/caregiver and/or authorised representative, medical and other health providers, government agencies and other non-government service providers). In these cases, we will take reasonable steps to ensure you are aware that we have collected personal information about you and the circumstances of the collection.
2. Why do we collect your personal information?
We collect personal information to:
- provide and evaluate services to our clients
- assessing whether an individual is eligible to be admitted to one of our services
- communicate with our potential clients, existing clients, their families, carers, health service providers, care service providers and other service providers
- communicate with our members, sponsors, donors and other supporters and contacts
- manage and account for our services
- manage complaints, legal actions or claim against any of our services
- market our services, donation and sponsorship opportunities
- send invitations to our events
- conduct industry surveys and research projects
- manage our volunteers, employees and contractors
- assess application to become a volunteer or contractor or employee
- compile funding applications
- generally carry on our business
3. What would happen if we didn't collect your personal information?
Without your personal information we may not be able to provide the full scope of our services to you, respond to your complaint, and improve our service to meet your needs and/or meet our funding, professional and legal obligations.
4. Who are the types of bodies and persons to whom we usually disclose your personal information?
We may disclose personal information:
to other persons in connection with the provision of our services including our clients and their families, carers, health service providers, care service providers and other service providers
to our employees and officers
to credit reporting and debt collection agencies
to anyone else whom the individual authorises us to disclose the information
to the government and other regulators
as otherwise authorised by the Privacy Act 1988
Disclosure to overseas recipients
We may disclose personal information about an individual to overseas recipients only where consent to such disclosure is given by that individual or where required or authorised by law.
We will take all steps as are reasonable in the circumstances to ensure that overseas recipients do not breach the Australian Privacy Principles which apply upon such disclosures.
5. Other useful information
Our privacy policy contains information about how you may access and correct your personal information, as well as how to complain about a breach of the Australian Privacy Principles and how we will deal with such a complaint. It also contains other useful information. Our privacy policy is available on our website at www.cofc.com.au or email us at [email protected] for a copy.
Contact us
To request access to or correction of personal information, to request not to receive marketing material or invitations from us, or to make a privacy complaint to us, please contact:
Privacy Officer
Churches of Christ in Queensland
41 Brookfield Road
Queensland 4069
Phone: +61 7 3327 1600
Fax: +61 7 3878 1268
Email: [email protected]
Whistleblower Protection and Disclosure Policy
The purpose of this Whistleblower Policy (Policy) is to encourage honest reporting of any misconduct or wrongdoing in the Organisation and to protect individuals who make such disclosures.
Download now