Act and amendments are effective from 12 March 2014.
The Privacy Act 1988 (Privacy Act), Australian Privacy Principles and registered privacy codes govern the way in which we must manage personal information. This policy sets out how NADA collect, use, disclose and otherwise manage personal information and provides guidance on our legal obligations and ethical expectations in relation to privacy and confidentiality.
The NADA Privacy and Confidentiality Policy is designed to ensure that personal information is collected, stored, used and disclosed in an appropriate manner complying with both legislative requirements and ethical obligations.
We take positive steps to ensure that NADA staff understand their privacy and confidentiality responsibilities in relation to personal and organisational information. This understanding is demonstrated in all work practices.
Internet users If you access the NADA website, we may collect additional personal information about you in the form of your IP address and domain name.
The NADA website may contain links to other websites. NADA is not responsible for the privacy practices of linked websites and linked websites are not subject to our privacy policies and procedures.
Holding member information Any member information held by NADA is stored on both electronic files and paper files in accordance with this policy and other internal policies.
Dealing with member information—use and disclosure NADA only use your information for the purpose(s) for which it was collected as disclosed at the time of collection.
Marketing and promotion NADA does not generally use or disclose any type of personal information for the purpose of direct marketing or promotion of our organisation. Even though NADA do not usually use member information for direct marketing purposes, we may seek your consent to use it for that purpose from time to time.
Integrity of member information
Data quality In relation to any member information collected, used or disclosed; NADA takes reasonable steps to align with requirements outlined in The Privacy Act 1988 in relation to information: accuracy, completeness and relevancy.
Data security NADA take reasonable steps to protect the member information held. This includes implementing physical, technical and administrative safeguards against loss, interference, unauthorised access, use, modification or disclosure and other information misuse. These steps also comprise reasonable physical, technical and administrative security safeguards for electronic and paper records.
Access to, and correction of, member information You have a right to access your membership and upon request we will provide access under the Privacy Act. We will generally respond to a request to access or amend information within the standard 45 days.
Complaints and feedback If you wish to make a complaint about a breach of the Privacy Act, the Australian Privacy Principles or a privacy code that applies to NADA, please contact us using the details below and we will take reasonable steps to investigate the complaint and respond to you. If you are not happy with our response, you may complaint directly to the Australian Information Commissioner (www.oaic.gov.au).
For more information on how to make a complaint, click here.
Types of information held NADA holds two types of information which are covered by this policy:
Organisational information. Publicly available and some confidential information about organisations.
Personal information. Information about individuals such as names and addresses. Some of this information may be confidential or sensitive in nature.
Organisational information is not covered in the Privacy Act (1988) but NADA strives to recognise and protect the confidentiality of some organisational information held by the organisation, particularly that which pertains to NADA and its member organisations.
Confidential information is difficult to define and legal protection is not applied to information rather to the relationship of confidence. The most important factor in determining whether information is confidential is whether or not it retains some kind of secrecy and whether it has entered the public domain. OAIC Information Sheet (Private Sector) 17 – 2003: Privacy and Personal Information that is Publicly Available
Principles NADA may collect and store sensitive (private and/or confidential) organisational or personal information about members, stakeholders and employees in the course of the organisation’s work or activities. NADA is committed to ensuring that this information is used in an ethical and responsible manner.
NADA acknowledges the need to be consistent, cautious and thorough in the way we manage what is written and said about members, stakeholders and employees and who we decide who can see or hear this information.
Members, stakeholders and employees have legislated rights to privacy of personal information. It is essential that we protect and uphold these rights, and also that we act correctly in those circumstances where the right to privacy may be overridden by other considerations.
To ensure privacy and confidentiality, each employee and board director need an appropriate level of understanding about how we meet our legal and ethical obligations.