Updated July 2021
Cafs is committed to providing quality services to you and this policy outlines our ongoing obligations to you in respect of how we manage your Personal Information.
We are bound by the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) (the Privacy Act), the Information Privacy Principles contained in the Information Privacy Act 2000 (Vic), and the Health Privacy Principles contained in the Health Records Act 2001 (VIC) which govern how organisations may collect, use, disclose and store personal information, and how individuals may access and correct personal information held about them.
A copy of the Australian Privacy Principles may be obtained from the website of The Office of the Australian Information Commissioner at www.oaic.gov.au
2. What is Personal Information and why do we collect it?
Personal Information is information or an opinion that identifies an individual. Examples of Personal Information we collect includes names, addresses, email addresses, and phone numbers.
Cafs collects personal information in a number of different ways, for example when you contact us, through forms, telephone, through our website and from third parties.
If, as part of our service provision, personal information is given to us in confidence about an individual who is not receiving our service, we will
- confirm with the person that the information is to remain confidential and
- record the information only if it is relevant to the provision of our service or the care of the individual
- take reasonable steps to ensure that the information is accurate and not misleading
- take reasonable steps to record that the information is given in confidence and is to remain confidential.
We collect your Personal Information for the primary purpose of providing our services to you, and is collected by lawful and fair means. We may also use your Personal Information for secondary purposes closely related to the primary purpose, in circumstances where you would reasonably expect such use or disclosure.
When we collect Personal Information we will, where appropriate and where possible, explain to you why we are collecting the information and how we plan to use it.
3. Sensitive Information
Sensitive information is defined in the Privacy Act to include information or opinion about such things as an individual’s racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record or health information.
Sensitive information will be used by us only
- For the primary purpose for which it was obtained
- For a secondary purpose that is directly related to the primary purpose
- With your consent; or where required or authorised by law.
4. Third Parties
Where reasonable and practicable to do so, we will collect your Personal Information directly from you and with your consent. However, in some circumstances we may be provided with information by third parties. In such a case we will take reasonable steps to ensure that you are made aware of the information provided to us by the third party.
5. Marketing and Communications
We may collect, use and disclose information that we have received through our marketing activities for purposes to process and record donations, provide receipts, contact you about our activities, and to provide you with our newsletters, reports, invitations and requests for support. We may contact you using a number of different mediums for example by phone, mail, email, social media, SMS etc.
You will be offered the opportunity to ‘opt out’ if you do not wish to receive this information. You can also contact us on 1800 692 237 if you prefer not to receive future communication from us.
6. Disclosure of Personal Information
Your Personal Information may be disclosed in a number of circumstances including the following
- Third parties where you consent to the use or disclosure and
- Where required or authorised by law.
7. Security of Personal Information
Your Personal Information is stored in a manner that reasonably protects it from misuse and loss and from unauthorised access, modification or disclosure.
When your Personal Information is no longer needed for the purpose for which it was obtained, we will take reasonable steps to destroy or permanently de-identify your Personal Information. However, most of the Personal Information is or will be stored in client files which will be kept by us for a minimum of 7 years.
8. Access to your Personal Information
You may access the Personal Information we hold about you and to update and/or correct it, subject to certain exceptions. If you wish to access your Personal Information, please contact us in writing (details of which are set out below).
Cafs will not charge any fee for your access request, but may charge an administrative fee for providing a copy of your Personal Information.
In order to protect your Personal Information we may require identification from you before releasing the requested information.
9. Maintaining the Quality of your Personal Information
It is an important to us that your Personal Information is up to date. We will take reasonable steps to make sure that your Personal Information is accurate, complete and up-to-date. If you find that the information we have is not up to date or is inaccurate, please advise us as soon as practicable so we can update our records and ensure we can continue to provide quality services to you.
10. Complaints Procedure
If you have provided us with personal and sensitive information, or we have collected and hold your personal and sensitive information, you have a right to make a complaint and have it investigated and dealt with under this complaints procedure.
If you have a complaint about Cafs’ privacy practices or our handling of your personal and sensitive information please contact our Privacy Officer (details of which are set out below).
11. Unique Identifiers
We will not normally adopt as our own, an identifier of an individual that has been assigned by other organisations. We will not disclose an identifier assigned to an individual unless the disclosure is permitted under the Privacy Legislation.
Where lawful and practicable, Cafs will take all reasonable steps to comply with a request to access our services on an anonymous basis or using a pseudonym. However, we may not be able to deliver the services in question if you do not provide us with the personal information requested.
13. Trans-border Data Flows
If we are otherwise required to send information overseas we will take measures to protect your personal information, by either ensuring that the destination country has similar protections in relation to privacy or that we enter into contractual arrangements with the recipient of your personal information that safeguards your privacy.
14. Policy Updates
This Policy may change from time to time and is available on our website.
15. Privacy Enquiries
For information about privacy generally, or if your concerns are not resolved to your satisfaction, you can contact