Policy

Protecting the privacy of PETAA staff, Board Directors, consultants, contractors, agents and members and non-members in the broad education community is important to the PETAA. PETAA collects and administers a range of personal information for a variety of purposes and is committed to protecting the privacy of personal information it collects, holds and administers.

PETAA recognises the essential right of individuals to have their information administered in ways which they would reasonably expect — protected on one hand, and made accessible to them on the other. PETAA is not legally obliged to comply with the requirements of the Privacy Act 1988 (Cth). Therefore, whenever collecting and dealing with information such as names, addresses, email addresses, phone numbers or any sensitive information such as credit card and financial information, PETAA will ensure that this is undertaken in line with the APPs.

PETAA has adopted the following principles contained as minimum standards in relation to handling personal information.

What kind of information does PETAA collect?

The type of information that PETAA collects and holds will depend on the nature of a person’s involvement with PETAA. For example, PETAA may collect personal information about:

• consultants during the course of their engagement with PETAA
• members during the course of their engagement with PETAA
• job applicants, staff members, volunteers and contractors, and
• other people who come into contact with PETAA.

When using our website, there are three categories of information that we may collect about you:

• personal information that may be provided to us when you or someone else in your organisation is dealing with us via the Website, by telephone, by email, by fax or in person
• information that you provide to us in the course of making a purchase from the Website, and
• information, generated by our computer system, which tracks traffic on the Website (see the further information below under ‘Cookies’).

Depending on the reason for collecting the personal information, the personal information collected by PETAA may include name, residential address, email address, fax number, phone number, photos, date of birth, and bank account details. A person is not required to provide the personal information and/or sensitive information requested by PETAA, however if a person chooses not to provide information as requested, this may influence PETAA’s ability to service the person’s needs.

How does PETAA collect personal information?

PETAA will usually collect personal information directly from the owner of the personal information to:

• access and use any of PETAA’s website(s) or social media platforms
• communicate with us through correspondence, email, chat or other online forms
• register for any of our programs, courses initiatives, events or challenges
• participate in research or evaluation discussions, interviews or focus groups that PETAA might run or participate in (including about any of our programs, initiatives, events or challenges).

On occasion and only as necessary, PETAA may collect personal information from a third party.

PETAA will generally obtain consent from the owner of personal information to collect their personal information. Consent will usually be provided in writing however sometimes it may be provided orally or may be implied through a person’s conduct. PETAA will endeavour to only ask a person for personal information that is reasonably necessary for the activities that the person is seeking to be involved in.

How will PETAA use personal information?

When you are using our website or in the course of performing our functions or activities, we may collect, hold, use or disclose a person’s personal information for the following general purposes:

• to identify you
• to enable you to carry out a purchase from the website
• to market and promote our services
• to obtain information from you to research and improve our services and develop new services
• to process a membership application to become a member of the association
• to process a registration in a professional learning course
• to process a publication sale
• to assist with services provided as part of memberships, publication purchases or course participation
• to allow PETAA to review and improve its programs
• to keep members and stakeholders informed of PETAA programs and opportunities.

If a person has any concerns about their personal information being used by PETAA, the person must notify PETAA.

Storage of information

PETAA takes all reasonable steps to protect all of the personal information held from misuse, interference and loss, and from unauthorised access, modification or disclosure. Personal information will be stored on a password protected electronic database, which may be on PETAA’s database, a database maintained by a cloud hosting service provider or other third party database storage or server provider. Backups of electronic information are written to drives which are stored offsite.

Hard copy information is generally stored in the PETAA offices, which are secured to prevent entry by unauthorised people. Any personal information not actively being used is archived, usually for seven years. Upon physical disposal, PETAA engages a secure disposal service.

Where personal information is stored with a third party, PETAA has arrangements which require those third parties to maintain the security of the information. Your personal information will stay on the database indefinitely until you advise you would like it removed, unless we de-identify it or destroy it earlier in accordance with privacy law requirements.

Direct Debit or Credit Cards

PETAA uses Secure Socket Layer (SSL) certificates which is the industry standard for encrypting credit card and debit card numbers, your name and address so that it cannot be viewed by any third party over the internet. Your financial information is encrypted on our servers and access to this information is restricted to our authorised staff only.

How a person can update their personal information?

PETAA is committed to holding accurate and up-to-date personal information. A person may contact PETAA at any time to update their personal information held by PETAA. PETAA will destroy or de-identify any personal information which is no longer required by PETAA for any purpose for which PETAA may use or disclose it, unless PETAA is required by law or under an Australian law or a court order to retain it.

How a person can access personal information?

If an individual wishes to access personal information held about themselves in order to seek correction of such information they may do so by contacting the General Manager in writing or via email.

PETAA may refuse access to personal information in a number of circumstances including where giving access to the information would pose a serious threat to the life, health or safety of a person, giving access would have an unreasonable impact on the privacy of a person, the information relates to existing or anticipated legal proceedings with you and would not be available under the discovery process, or denying access is required or authorised by an Australian law or court order. PETAA will seek to handle all requests for access to personal information as quickly as possible. ​

Cookies

We may use a ‘cookie’ file containing information that can identify the computer you are working from. You can choose to refuse cookies by turning off the cookies function in your browser and/or deleting the cookies from your hard drive. You will not be able to maintain a logged in session if cookies are not enabled in your browser or if they are removed from your hard drive.

Complaints

Complaints about a breach of the APPs must be made in writing to the General Manager in writing or via email. PETAA will investigate any complaint and will notify you, in writing, of any decision in relation to your complaint as soon as practicable.

The Spam Act 2003

The Spam Act prohibits sending unsolicited commercial emails, SMS and MMS messages for commercial purposes. Examples of unsolicited communications are ones that do not directly relate to a service you have previously signed up with or agreed to. PETAA is guided by the Code of Practice developed by the Australian Direct Marketing Association.

It is our policy that all electronic communications will include an unsubscribe facility. Electronic communication thereafter will only be on the basis of transactional business related to the recipients ongoing financial membership of PETAA.

Responsibilities

The Board of the PETAA will be accountable for reviewing this policy and relevant procedures in order to ensure that PETAA acts consistently with the APPs and the Privacy Act 1988. The General Manager will be accountable for coordinating PETAA’s implementation of the Privacy Policy and procedures as outlined in this policy on behalf of Board. Staff with supervisory responsibilities will be held accountable for ensuring that staff under their supervision are informed about and carry out their responsibilities as outlined in this Policy. Employees, contractors, consultants and agents have a duty to carry out their responsibilities as outlined in this Policy.

Related PETAA Policies include:

• Equal Opportunity, Discrimination and Harassment Policy
• Complaint and Dispute Resolution Policy

Useful Information

• The Australian Privacy Act 1988
• Australian Privacy Principles
• Australian Direct Marketing Association