Privacy and Confidentiality Policy
This policy is effective from Tuesday 17th May 2022.
This organisation respects and supports an individual’s right to privacy, confidentiality, and access to their own personal information. The organisation undertakes to provides a secure environment for its service users, employees, and other individuals, companies, businesses, and organisations with whom it interacts. As such, the organisation aims to abide by the Australian Privacy Principles in relation to the collection, use, and management of personal information.
(a) what information is collected and held by the organisation
(b) how the information is collected and stored
(c) the reason the information is collected, held, used, and disclosed
(d) how individuals can access their personal information and seek correction if required
(e) how individuals can complain about a breach of the Australian Privacy Principles and how those complaints will be dealt with
3,2 Cookies are also used to display remarketing advertisements, based upon the user’s previous visits to website(s) owned and operated by the organisation, particularly www.nickbowditch.com and www.nickbowditch.com.au.
3.3 Remarketing advertisements are displayed through Google’s display advertisement network, and other third party sites including Facebook. Users may opt out of Google’s use of personalised advertising at any tinme visiting the Google Ads Preferences Manager.
4. Collection of Personal Information
4.1 Only personal information which is reasonably necessary to perform the organisation’s functions and activities can be collected. Consent to collect and use the information is to be obtained wherever practical in line with informed consent considerations.
4.2 Personal information about an individual should be obtained directly from that individual unless:
(a) they consent to the information being provided by another person;
(b) it is impractical to do so, or they do not have the capacity to provide the information; or
(c) the collection is required or authorised as a result of legal proceedings
4.3 Information must be collected by fair and legal means and the organisation is to ensure that the collection process does not intrude to an unreasonable extent upon the personal affairs of the individual concerned
5. Anonymity, Psuedonymity
5.1 Individuals dealing with the organisation can use a pseudonym or remain anonymous if they choose to do so unless it is impracticable for the organisation to address their needs if they do so.
6. Use and Disclosure of Personal Information
6.1 Personal information held by the organisation can only be used for the purposes for which the information was collected unless:
(a) the individual has consented to its use for a specific/secondary purpose; or
(b) the secondary purpose is directly related to the primary purpose and individual would reasonably expect the information to be used for that purpose; or
(c) the information is to be used for research or statistical analysis and it is impractical to obtain the individual’s consent. In this instance, the information is to be anonymised; or
(d) there is a serious threat to the health, safety, or welfare of the individual or members of the public. In this instance, every attempt should be made to gain consent from the individual or if this is not possible to keep the individual informed of the disclosure of information; or
(e) the use is required or authorised by law
7. Direct Marketing
7.1 Direct marketing involves the use and/or disclosure of personal information to communicate directly with an individual to promote goods and services, e.g. by email. For the purposes of this policy, direct marketing applies to mass communications where the personal preference of each recipient to receive the specific information is not known to the sender.
7.2 Personal information can only be used for direct marketing when the organisation collected the information from that individual.
8. Security of Personal Information
8.1 Appropriate collection and storage practices for the organisation’s data and records ensures:
(a) all personal information, whether paper or electronic, will be protected from unauthorised access, alteration, and loss
(b) information will be retained for the period governed by legal and statutory requirements; and
(c) information no longer required will be destroyed unless its retention is required by law