Orange Ex-Services’ Club (OESC), trading as The Greenhouse of Orange, is committed to respecting privacy and confidentiality in relation to the collection, maintenance, use, archive or disposal of records and information it collects in the performance of its business activities.
OESC is bound by the Australian Privacy Principles (APP) contained in the Privacy Act 1988 (C’th) and the Privacy Amendment (Enhancing Privacy Protection) Act 2012 (C’th).
While APP 2 allows individuals to interact with organisations by not identifying themselves and permits the use of a pseudonym OESC is subject to the provisions of the Registered Clubs Act 1976 (NSW) which requires the Club to obtain the following personal information:
Given the aforementioned legislative requirement the exemption provided in APP 2 precluding an individual (member or guest) from using a pseudonym or not identifying themselves when required to do so under an Australian law is applicable.
OESC only collects personal information that is necessary in the performance of its business activities (i.e. administrative matters, provision of informati on about Club activities and in accordance with legislative requirements).
Information collected by OESC will not be disclosed to third parties other than as specifically provided for in the privacy legislation.
Members and guests are entitled to expect that their personal information will not be subject to unauthorised interference or use.
OESC does not collect sensitive information of members and guests.
Any unsolicited personal information received by the OESC organisation, which it is not entitled to is (where lawful and reasonable) destroyed or de-identified as soon as practicable.
OESC has processes in place (i.e. signage, privacy information handouts & statements and readily accessible downloadable information on the website) to inform its members and guests:
OESC only collects personal information about an individual for the purposes outlined under APP 3 (the primary purpose) and will not use or disclose the information for another purpose (the secondary purpose) unless the individual consents to the use or disclosure, or another exception applies.
The exceptions that permit use or disclosure for secondary purpose are:
OESC only uses member information for the direct marketing of Club activities, events and business.
An ‘opt-out’ mechanism is provided to Club members so they can request the Club to stop sending direct marketing material. OESC will promptly stop sending direct marketing material to a member where such a request is received.
OESC does not send or disclose personal information of its members or guests to any overseas recipients.
OESC does not adopt, use or disclose a government related identifier of an individual (e.g. Medicare number) as its own identifier.
OESC takes all reasonable steps to ensure personal information it collects, uses or discloses is:
In the event OESC is required to use or disclose personal information the organisation will take reasonable steps to ensure that the personal information is accurate, up -to-date and complete as well as being relevant to th e purpose for which the information is being used or disclosed.
OESC takes reasonable steps (both physical and logical) to protect the personal information it holds from interference, misuse, loss and unauthorised access, modification and disclosure.
OESC takes reasonable steps to destroy or de‐identify information where the organisation no longer needs the information for any authorised purpose, unless:
OESC will respond to requests for access to personal information within a reasonable timeframe and provide access in the requested manner where reasonable and pr acticable. OESC will only provide an individual with access to their own personal information and not that of others.
OESC will not charge for requests to access personal information.
OESC will refuse a request to access to personal info rmation:
OESC has a formal complaints process that includes complaints relating to a breach of the Australian Privacy Principles (APP) . All complaints are to be directed the OESC Chief Operating Officer in writing and will be handled according to the following OESC grievance resolution process.
OESC takes reasonable steps to correct personal information to ensure that it is accurate, up-to-date, complete, relevant and not misleading.
Corrections to personal information are undertaken where OESC is satisfied it needs to be corrected, or where requested by the individual.
In the event OESC refuses to correct an individua l’s personal information a written statement outlining the reasons for not amending the personal information will be provided to the individual.
Where applicable OESC will provide to other organisations the updated corrected details of the individual’s personal information.
OESC will respond within reasonable period to any request for personal information correction and does not charge for corrections and updates.
OESC has a formal complaints process that includes complaints rela ting to a breach of the Australian Privacy Principles (APP). All complaints are to be directed the OESC Chief Operating Officer in writing and will be handled according to the following OESC grievance resolution process.
OESC is committed to the early and internal resolution of grievances. All attempts should be made to resolve any grievances internally with the OESC Chief Operating Officer before initiating a formal external grievance resolution proces ses.
Parties involved in a grievance must participate in the grievance resolution process in good faith.
Grievance resolution processes should be applied fairly, flexibly and quickly.
All parties involved in a grievance should be treated with respect and impartiality.
The confidentiality of parties involved in a grievance should be respected at all times, subject to the need to fully investigate the matter and any legal requirements for disclosure.
Both the complainant and/or respondent have the right to be represented by a third person. Where applicable, the complainant can request to have an interpreter to be present.
Complainants are able to raise issues of concern in an environment free from fear of retribution, victimisation or breach of confidentiality.
Reasons and full explanations for decisions and actions taken will be kept in writing by the OESC Chief Operating Officer and will be provided to both the complainant and/or representative at every stage of the grievance process – records of grievances remain confidential.
OESC supports an active approach to grievance resolution via internal mechanisms and processes however an external complaint process is also available for privacy complaints via the Office of the Australian Information Commissioner (OAIC) Tel: 1300 363 992 – www.oaic.gov.au
Failure to abide by this policy is a breach of both the Privacy Act 1988 (C’th) and the OESC internal policies and procedures.
Non-compliance may result in legal action being taken against the employee and/or disciplinary action or termination by the employer.
Implement: March 2014
Review: January 2017