Updated August 2016
The Primary English Teaching Association Australia (PETAA) is committed to protecting the privacy of personal/business information it collects, holds and administers and takes all reasonable steps to maintain the security, integrity and privacy of that information in accordance with the Australian Privacy Principles (APPs), the Privacy Act 1988 and this policy.
Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable whether the information or opinion is true or not and whether the information or opinion is recorded in a material form or not.
‘Sensitive information’ means:
- (a) Information or an opinion about an individual’s (i) racial or ethnic origin, (ii) political opinions, (iii) membership of a political association, (iv) religious beliefs or affiliations, (v) philosophical beliefs, (vi) membership of a professional or trade association, (vii) membership of a trade union, (viii) sexual orientation or practices, (ix) criminal record, that is also personal information; or
- (b) health information about an individual,
- (c) genetic information about an individual that is not otherwise health information; or
- (d) biometric information that is to be used for the purpose of automated biometric verification or biometric identification, or
- (e) biometric templates.
The purpose of this policy is to document the procedures related to the collection, use, disclosure and storage of information and a framework for PETAA in dealing with privacy considerations in a sensitive and professional manner and consistent with APPs. This also includes issues relating to the responsibilities of PETAA staff, Board Directors, consultants, contractors and agents and covers all information collected by PETAA including on the PETAA website or any sites administered by PETAA.
Protecting the privacy of PETAA staff, Board Directors, consultants, contractors, agents and members and non-members in the broad education community is important to the PETAA. PETAA collects and administers a range of personal information for a variety of purposes and is committed to protecting the privacy of personal information it collects, holds and administers.
PETAA recognises the essential right of individuals to have their information administered in ways which they would reasonably expect — protected on one hand, and made accessible to them on the other. PETAA is not legally obliged to comply with the requirements of the Privacy Act 1988 (Cth). Therefore, whenever collecting and dealing with information such as names, addresses, email addresses, phone numbers or any sensitive information such as credit card and financial information, PETAA will ensure that this is undertaken in line with the APPs.
PETAA has adopted the following principles contained as minimum standards in relation to handling personal information.
What kind of information does PETAA collect?
The type of information that PETAA collects and holds will depend on the nature of a person’s involvement with PETAA. For example, PETAA may collect personal information about:
- consultants during the course of their engagement with PETAA
- members during the course of their engagement with PETAA
- job applicants, staff members, volunteers and contractors, and
- other people who come into contact with PETAA.
When using our website, there are three categories of information that we may collect about you:
- personal information that may be provided to us when you or someone else in your organisation is dealing with us via the Website, by telephone, by email, by fax or in person
- information that you provide to us in the course of making a purchase from the Website, and
- information, generated by our computer system, which tracks traffic on the Website (see the further information below under ‘Cookies’).
Depending on the reason for collecting the personal information, the personal information collected by PETAA may include name, residential address, email address, fax number, phone number, photos, date of birth, and bank account details. A person is not required to provide the personal information and/or sensitive information requested by PETAA, however if a person chooses not to provide information as requested, this may influence PETAA’s ability to service the person’s needs.
How does PETAA collect personal information?
PETAA will usually collect personal information directly from the owner of the personal information to:
- access and use any of PETAA’s website(s) or social media platforms
- communicate with us through correspondence, email, chat or other online forms
- register for any of our programs, courses initiatives, events or challenges
- participate in research or evaluation discussions, interviews or focus groups that PETAA might run or participate in (including about any of our programs, initiatives, events or challenges).
On occasion and only as necessary, PETAA may collect personal information from a third party.
PETAA will generally obtain consent from the owner of personal information to collect their personal information. Consent will usually be provided in writing however sometimes it may be provided orally or may be implied through a person’s conduct.
PETAA will endeavour to only ask a person for personal information that is reasonably necessary for the activities that the person is seeking to be involved in.
How will PETAA use personal information?
When you are using our website or in the course of performing our functions or activities, we may collect, hold, use or disclose a person’s personal information for the following general purposes:
- to identify you
- to enable you to carry out a purchase from the website
- to market and promote our services
- to obtain information from you to research and improve our services and develop new services
- to process a membership application to become a member of the association
- to process a registration in a professional learning course
- to process a publication sale
- to assist with services provided as part of memberships, publication purchases or course participation
- to allow PETAA to review and improve its programs
- to keep members and stakeholders informed of PETAA programs and opportunities.
If a person has any concerns about their personal information being used by PETAA, the person must notify PETAA.
Storage of information
PETAA takes all reasonable steps to protect all of the personal information held from misuse, interference and loss, and from unauthorised access, modification or disclosure. Personal information will be stored on a password protected electronic database, which may be on PETAA’s database, a database maintained by a cloud hosting service provider or other third party database storage or server provider. Backups of electronic information are written to drives which are stored offsite.
Hard copy information is generally stored in the PETAA offices, which are secured to prevent entry by unauthorised people. Any personal information not actively being used is archived, usually for seven years. Upon physical disposal, PETAA engages a secure disposal service.
Where personal information is stored with a third party, PETAA has arrangements which require those third parties to maintain the security of the information. Your personal information will stay on the database indefinitely until you advise you would like it removed, unless we de-identify it or destroy it earlier in accordance with privacy law requirements.
Direct Debit or Credit Cards
PETAA uses Secure Socket Layer (SSL) certificates which is the industry standard for encrypting credit card and debit card numbers, your name and address so that it cannot be viewed by any third party over the internet. Your financial information is encrypted on our servers and access to this information is restricted to our authorised staff only.
How a person can update their personal information?
PETAA is committed to holding accurate and up-to-date personal information. A person may contact PETAA at any time to update their personal information held by PETAA. PETAA will destroy or de-identify any personal information which is no longer required by PETAA for any purpose for which PETAA may use or disclose it, unless PETAA is required by law or under an Australian law or a court order to retain it.
How a person can access personal information?
If an individual wishes to access personal information held about themselves in order to seek correction of such information they may do so by contacting the General Manager in writing or via email.
PETAA may refuse access to personal information in a number of circumstances including where giving access to the information would pose a serious threat to the life, health or safety of a person, giving access would have an unreasonable impact on the privacy of a person, the information relates to existing or anticipated legal proceedings with you and would not be available under the discovery process, or denying access is required or authorised by an Australian law or court order. PETAA will seek to handle all requests for access to personal information as quickly as possible.
Complaints about a breach of the APPs must be made in writing to the General Manager in writing or via email. PETAA will investigate any complaint and will notify you, in writing, of any decision in relation to your complaint as soon as practicable.
The Spam Act 2003
The Spam Act prohibits sending unsolicited commercial emails, SMS and MMS messages for commercial purposes. Examples of unsolicited communications are ones that do not directly relate to a service you have previously signed up with or agreed to. PETAA is guided by the Code of Practice developed by the Australian Direct Marketing Association.
It is our policy that all electronic communications will include an unsubscribe facility. Electronic communication thereafter will only be on the basis of transactional business related to the recipients ongoing financial membership of PETAA.
Related PETAA Policies include:
- Equal Opportunity, Discrimination and Harassment Policy
- Complaint and Dispute Resolution Policy