The practice and principles that govern and guide privacy and confidentiality as applied to the services and business practices of Golden City Support Service. This policy sets forward a guide to these principles.
- Open and Transparent Management of Personal Information.
- Anonymity and Pseudonymity
GCSS will only collect information which is personally identified information where the identity is required to provide and maintain service delivery and associated activities including those provisions required by funding agencies. Where data is collected for any other purpose, such as research or surveys, the default position will be to maintain anonymity or use other non-identifying descriptors (pseudonyms).
- Collection of Solicited Personal Information
GCSS only collects information where it is reasonably necessary for, or directly related to the organisation’s functions or activities. GCSS understands that this also applies to sensitive information such as information about an individual’s race, ethnicity, political opinions, membership of political, professional and trade associations, trade unions and religious affiliations and beliefs, sexual orientation, or practices, criminal record health, genetic and biometric information. Personal information will be collected from an individual by lawful and fair means and unless this is unreasonable or impractical the information will be collected from the individual concerned.
- Dealing with Unsolicited Personal Information
GCSS will destroy or at least de-identify unsolicited personal information as soon as practicable if it is lawful to do so. If GCSS could have solicited to collect the same information and the information is a Commonwealth Record; as defined under the Archives Act (Cth) 1983, that information will be dealt with in accordance with the Act.
- Notification of the Collection of Personal Information
GCSS will take reasonable steps before and at the time personal information is collected to ensure that an individual is aware of the identity and contact details of GCSS, the purpose, facts and circumstances regarding collections of information, including if it is required or authorised under law and any usual disclosure of that information that GCSS may make. GCSS will also take reasonable steps to ensure that information about this policy is available. GCSS will also make clear if personal information is likely to be disclosed to overseas recipients and if practical, information about in which country(s) the information is located.
- Use or Disclosure or Personal Information
GCSS will only use or disclose personal information for the purpose it was collected except where an individual has consented or would have reasonably expected GCSS to use or disclose the information for another purpose. Where GCSS is required to by law, a court or tribunal, or believes it is reasonably necessary; personal information may be provided in accordance with this provision. In the conduct of providing services, GCSS may deem it reasonably necessary to use or disclose personal information for a secondary purpose. All times where this is deemed necessary, the personal information will be used or disclosed in strict accordance with the relevant sections of the Privacy Act that deal with Permitted Health Situations.
- Direct Marketing
If GCSS uses or discloses personal information for the purpose of direct marketing, GCSS will always allow the individual to request to not receive direct marketing communications (opt out) and GCSS will always comply with the request from the individual to “opt out”.
- Cross-border Disclosure of Personal Information
Before GCSS discloses personal information to an overseas recipient GCSS will take reasonable steps (and is accountable to ensure) that the overseas recipient does not breach the Australian Privacy Principles, except where GCSS reasonably believes the overseas recipient is subject to substantially similar privacy legislation or other binding schemes or where an individual has been informed and consents to disclosure or where GCSS is required or authorised by law (including certain enforcement related activities) or Australia has an international agreement to provide information to an overseas recipient or where information is permitted to be disclosed under any of the seven “Permitted General Situations” as defined in the Privacy Act.
- Adoption, Use or Disclosure of Government Related Identifiers
GCSS will not adopt or use a Government Related Identifier for GCSS’s own purpose of identification. This includes Medicare, Centrelink, driver’s license, tax file or Australian Passport numbers, unless an exemption applies under the Privacy Act. GCSS may collect Government Related Identifiers for other purposes but will ensure that information is only used and disclosed as defined by the Australian Privacy Principles. GCSS will not use or disclose a Government Related Identifier unless an exemption applies under the Privacy Act.