Privacy Policy
Taldumande Youth Services
Date: 25th July 2022
1. We respect your privacy
1.1 Taldumande Youth Services Inc (ABN 67 801 186 046) (‘TYS’, ‘we’, ‘us’ and ‘our’) is committed to protecting and upholding the right to privacy and confidentiality of its clients, website users and other individuals who interact with us. We adhere to the Australian Privacy Principles (‘APPs’) contained in the Privacy Act 1988 (Cth), the Health Privacy Principles contained in the Health Records and Information Privacy Act 2002 (Cth) and other applicable privacy laws.
1.2 This policy sets out:
- the way we collect, store, use, disclose and otherwise handle your personal information;
- how we protect your personal information; and
- your rights in relation to your personal information
1.3 You may obtain a copy of our current policy from our website or by contacting us directly using our contact details in Section 8 of this policy.
2. Personal information we collect and hold
2.1 TYS will from, time to time, collect and store personal information of its clients, website users and other individuals who interact with us. This personal information is only collected where necessary for TYS’s functions and activities.
2.2 The type of personal information collected by TYS will depend upon the reason for its collection but may include:
- name;
- residential address;
- contact details;
- date of birth;
- next of kin;
- driver’s licence;
- referee checks for prospective employees;
- qualifications for prospective employees; and
- sensitive information including, but not limited to, health information, memberships of a professional association, trade association or trade union, Working With Children Checks and criminal history for prospective employees.
2.3 TYS collects sensitive information where this is reasonably necessary for TYS’s functions and activities and you provide your consent, unless an exception applies (see subsection 2.4). For example, we will collect your health information (e.g. vaccination status for COVID-19) with consent when you attend our premises.
2.4 We may also collect sensitive information without your consent when an exception applies. Exceptions include:
- the collection is required or authorised by law or a court/tribunal order;
- TYS reasonably believes that the collection is necessary to lessen or prevent a serious threat to the life, health or safety of any individual, or to public health or safety;
- TYS suspects that unlawful activity, or misconduct of a serious nature, that relates to TYS’s functions or activities has been, is being or may be engaged in, and reasonably believes that the collection is necessary in order for TYS to take appropriate action;
- the collection is reasonably necessary to establish or defend a legal claim;
- the collection is reasonably necessary for a confidential alternative dispute resolution process; or
- as a non-profit organisation, TYS is collecting sensitive information that relates to its activities and the sensitive information relates solely to the members of TYS or to individuals who have regular contact with TYS in connection with its activities.
2.5 The main consequences for you if all or part of the information is not provided are:
- TYS may not be able to provide you with the services requested;
- you may not have access to certain services; and/or
- you may not have services tailored to your needs.
3. How we collect and hold your personal information
3.1 TYS collects personal information from you in a variety of ways, including when you interact with us in person, by email, on the phone, in writing, when you visit our website or when we provide our services to you. Where it is unreasonable or impracticable for TYS to collect personal information directly from you, we may collect your personal information from third parties, for example from family members, representatives, caseworkers, referees or a publicly available record.
3.2 For information on how we hold your personal information, see section 6 of this policy.
4. Purposes of collection, storage and use of your personal information
4.1 TYS may collect, hold and use your personal information:
- to provide you with information about our services such as accommodation services and family services for those in crisis;
- to improve our services and better understand your needs;
- to communicate with you e.g. responding to your query;
- to conduct research projects;
- for security and verification purposes e.g. if an individual is attending TYS’s premises;
- to consider job applications from job applicants;
- for security and verification checks on prospective employees;
- for our internal business purposes e.g. administration purposes; and
- as required or permitted by law.
4.2 We will not use personal information for a different purpose to that agreed with you unless you have consented to such use; such use is directly related to the purpose for which consent was given and you would reasonably expect us to use the information for this different purpose or another exception under relevant legislation exists. If you are a client, please note that you can withdraw or restrict your consent at any time.
5. Disclosure of your personal information
5.1 We may disclose your personal information to any of our contractors, service providers, agents and professional advisers, as well as government agencies, insofar as reasonably necessary for any of the purposes set out in Section 4 of this policy.
5.2 If you are a client of TYS and if you consent, we may disclose your personal information to other service providers when providing services.
We also report client information to the Australian Institute of Health and Welfare (AIHW) as part of its statistical reporting requirements to help improve homelessness services. However, this information is used in a way that does not identify the client.
5.3 We may, from time to time, need to disclose personal information to comply with a legal requirement such as a law, regulation, court order, subpoena, warrant, in the course of a legal proceeding or in response to a law enforcement agency request. For example, we have legal obligations under other legislation, including the Children and Young Persons (Care and Protection) Act 1998 (NSW), Health Practitioner Regulation National Law 2009 (NSW) and Domestic Violence Sharing Protocol (Part 13A of the Crimes (Domestic and Personal Violence) Act 2007 (NSW) and we may share your personal information in accordance with these obligations.
5.4 We will not disclose your personal information for a different purpose to that agreed with you unless you have consented to such disclosure; such disclosure is directly related to the purpose for which consent was given and you would reasonably expect us to disclose the information for this different purpose or another exception under relevant legislation exists.
5.5 We do not disclose personal information to overseas parties.
6. Security of your personal information
6.1 Personal information may be collected in hard copy form or electronic. TYS holds hard copy records in secure areas. TYS holds client information in a secure client information management system managed by TYS. Electronic records are held on a secure server and on databases with information security safeguards. Some of those databases may be government controlled or held by a third-party provider. Copies of correspondence sent from the website, that may contain personal information, are stored as archives for record-keeping and back-up purposes only.
6.2 We will destroy or de-identify your personal information if we no longer need it for the purposes for which it was collected, unless we are authorised or required by law to retain the information. For example, the Health Records and Information Privacy Act 2002 (NSW) requires us to retain health information collected while an individual was an adult for 7 years from the last occasion on which we provided a health service to the individual and retain health information collected while an individual was under 18 years old until the individual reaches 25 years of age.
6.3 The transmission and exchange of information over the Internet is carried out at your own risk. We cannot guarantee the security of any information that you transmit to us, or receive from us over the Internet.
7. Access to and correction of your personal information
7.1 You are entitled to request access to your personal information that is held by TYS. We will not charge you for making the request for your personal information but may charge you for giving access to your personal information. Charges will not be excessive. For example, we may charge you for reasonable staff costs in locating the requested personal information.
7.2 You also have the right to request the correction of your personal information. Where you inform TYS that information held by TYS about you is inaccurate, out‐of‐date, incomplete, irrelevant or misleading, TYS will review the request and if appropriate, will correct it. Before amending health information at your request or your authorised representative’s request, TYS will take reasonable steps to verify the authority of the person making the request and may request evidence of the identity of the person making the request and in the case of someone claiming to be your authorised representative, the authority of that person. TYS will not charge you for making a correction request, TYS correcting your personal information or where TYS refuses to correct your personal information, TYS associating a statement that the information is incorrect.
7.3 You can request access to or correction of your personal information held by TYS using the contact details at Section 8 of this Privacy Policy. We will respond to your request for access or correction within a reasonable period, usually within 30 days.
7.4 If TYS corrects personal information about you that TYS previously disclosed to another entity subject to the APPs (‘APP entity’) and you ask TYS to notify that other APP entity of the correction, TYS must take reasonable steps to notify that APP entity unless it is impracticable or unlawful to do so.
7.5 We reserve the right to refuse to provide you with access to your personal information in certain circumstances set out in the Privacy Act. We may also refuse to make a requested amendment to your personal information. If we refuse to provide access to, or allow correction of your personal information, we will notify you in writing setting out a written explanation of the reasons for the refusal (unless unreasonable to do so) and inform you of the mechanisms to complain about the refusal.
8. Complaints about privacy
8.1 If you have any complaints about our privacy practices, please feel free to provide details of your complaints to our Senior Compliance Manager by calling (02) 9460 3777, emailing administration@taldumande.org.au or writing to PO Box 61, St Leonards NSW 1590. We take complaints very seriously and will respond within a reasonable time (usually 30 days) after receiving written notice of your complaint.
8.2 If you are not satisfied with our response to your complaint, you may contact the Office of the Australian Information Commissioner by calling 1300 363 992, submitting a complaint using this form: click here, emailing enquiries@oaic.gov.au, writing to GPO Box 5218 Sydney, NSW 2001 or making an in-person enquiry by appointment only at 175 Pitt Street Sydney NSW 2000.
9. Changes to Privacy Policy
9.1 Please be aware that we may change this Privacy Policy in the future. We may modify this Policy at any time, in our sole discretion and all modifications will be effective immediately upon our posting of the modifications on our website. Please check back from time to time to review our Privacy Policy.
10. Website
10.1 When you visit our website
When you visit our website, we may collect your personal information. Personal information about visitors to our site is collected only when knowingly and voluntarily submitted. For example, we may need to collect such information to provide you with further services or to answer or forward any requests or enquiries. This information is used so that we can provide and improve our services.
10.2 Cookies
Cookies are data that a website transfers to an individual’s hard drive for record-keeping purposes. Cookies, which are industry standard and are used by most websites, including those operated by us, can facilitate a user’s ongoing access to and use of a site. They allow us to customise the website to your needs. If you do not want information collected through the use of cookies, there is a simple procedure in most browsers that allows you to deny or accept the cookie feature. But you should note that cookies may be necessary to provide you with some features of our on-line services.
10.3 Third party websites
We provide links to websites outside of our website, as well as to third party websites. These linked sites are not under our control, and we cannot accept responsibility for the conduct of companies linked to our website. Before disclosing your personal information on any other website, we advise you to examine the terms and conditions of using that website and the privacy policy of the third party.
Privacy Document Taldumande Youth Services: Issue date 25th July 2022