WE RESPECT YOUR PRIVACY
The objective of this procedure is to articulate Affinity Education Group’s compliance and commitment to ensuring that all personal information is only collected, disclosed, used and stored in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (“Privacy Legislation”).
1 COLLECTION OF INFORMATION
1.1 What information do we collect and hold?
We collect and hold personal information where it is reasonably necessary for one or more of our functions or activities, including for the purposes of identifying you, establishing your requirements, providing our products or services or responding to your query. We may collect and hold personal information about you and your child, including (but may not be limited to) your name, gender, address, phone number, facsimile number, email address, child’s name, contact details, child custody arrangements, CRN details, Medicare number, bank account or credit card details, place and type of business, Internet Protocol (IP) address and information relating to your dealings with Affinity Education. We may also collect from you and hold the personal information of any other parent or guardian of the child, as well as persons you authorise to collect your child from one of our centres.
We may also collect and hold sensitive information about you or your child (which includes information such as health or medical information (including immunisation records, any health management plans, allergies and other medical conditions), racial, or ethnic background). Sensitive information will only be collected with your consent, except where we are required or permitted by Privacy Legislation to collect sensitive information without consent. We will ask for your consent to collect sensitive information about your child.
If you do not wish to provide your personal information or that of your child, or you provide inaccurate information, it may impact on the services that we are able to provide to you. We will not be able to enrol your child if we cannot collect relevant personal information from you.
You may provide us with personal information on behalf of someone else, if it is unreasonable or impracticable to collect that information directly from that individual.
We may also collect personal information about you or your child from third parties such as your representatives or publicly available sources of information. We will not collect personal information unless the information is reasonably necessary for or directly related to one, or more of our functions or activities.
1.2 How do we collect and hold information?
We collect and hold personal information from you in a variety of ways, including for example:
- when you interact with us electronically, over the phone, or in person;
- in waiting list and enrolment forms;
- when you access our websites or applications;
- by application for products or services;
- applying for a position of employment with us; and
- contacting or corresponding with us, for example to ask for information.
1.3 Unsolicited personal information
1.4 Call recording
We listen to and record all phone calls into (and out of) our contact centre. We use and keep these recordings for the purposes of verifying enrolments, quality and training purposes, risk management and dispute resolution.
If you do not wish for your call to us to be monitored or recorded, you may notify the operator at the start of the call and you will be transferred to a line where no monitoring or recording will take place, or you can terminate the call and interact with us online or in person.
2 REMAINING ANONYMOUS OR USING A PSEUDONYM
You have the option to remain anonymous or use a pseudonym (a name other than your own) when interacting with us. We will try to provide you with this option wherever we can. However, you won't be able to be anonymous or use a pseudonym where it would be impracticable for us to provide you with our services or carry out our functions or activities, or if required by Australian law or a court or tribunal order.
3 HOW DO WE USE AND DISCLOSE YOUR PERSONAL INFORMATION
We use or disclose your personal information for the primary purpose for which it was collected, including in connection with the provision of childcare and associated goods and services. We may also use and disclose your personal information for a secondary purpose where permitted by Privacy Legislation, including where you would reasonably expect us to use or disclose your personal information for that secondary purpose, or where you have provided your express or implied consent.
For example, we may use your personal information to provide products or services to you, improve our services, and conduct product development and training.
We may need to share information about you including your personal information with our related entities (including, where you are enrolling your child, the centre(s) your child will attend), and other third parties, including service providers who assist us in the provision of conducting our business, including for example:
- insurance brokers;
- legal providers;
- data storage services;
- email filtering;
- virus scanning and other technology services providers;
- government departments or authorities; and
- where required by law.
In the event of a security incident involving unauthorised access, use or disclosure of personal information where a third party with whom we share personal information is involved, we will seek to work cooperatively with them to protect the personal information we have shared with them.
We will only use or disclose government related identifiers where permitted by Privacy Legislation, for example where
reasonably necessary to verify an individual’s identity for the purposes of our activities or functions.
4 Direct MARKETING
We may also use and disclose your personal information to notify you of opportunities, invitations to seminars or events, and products and services that we think you might be interested in, where you have either provided your consent or (other than for sensitive information) you have a reasonable expectation that your personal information will be used for this purpose. We may conduct these marketing activities via mail, email, telephone, SMS, social media, or any other electronic means. We will always provide an opt‐out option for you so you can stop receiving our marketing material. You can also let us know at any time if you no longer wish to receive direct marketing material from us by sending an email to [email protected] We will process your request as soon as practicable. However, please note that removal from our distribution lists may take several business days after the date of you request to be removed.
5 HOW WE STORE AND SECURE YOUR PERSONAL INFORMATION
We are committed to respecting your privacy at all times, and will take reasonable precautions to ensure your personal information is stored securely.
Your personal information may be stored in hard copy paper or electronic files on our secure IT systems and databases. We may also store information on cloud based servers located in Australia. Electronic records will be password protected and only accessible by authorised persons. Affinity will take reasonable steps to keep your personal information we hold secure from misuse, interference and loss, and unauthorised access, modification or disclosure. However, notwithstanding the reasonable steps taken to keep information secure, breaches may occur. In the event of a security incident we have in place procedures to promptly investigate the incident and determine if there has been a data breach involving personal information, and if so, to assess if it is a breach that would require notification. If it is, we will notify affected parties in accordance with Privacy Legislation.
Except to the extent liability cannot be excluded due to the operation of applicable laws, Affinity excludes all liability (including in negligence) for the consequences of any unauthorised access to your personal information. Please notify us immediately if you become aware of any breach of security.
If we determine that we no longer need personal information about you, or we are no longer required by law or a court/tribunal order to retain it, we will take reasonable steps to destroy that information or ensure that it is de‐ identified.
6.1 When you visit our websites
When you come on to our website we may collect certain information such as browser type, operating system and website visited immediately before coming to our site. This information is used in an aggregated manner to analyse how people use our site, such that we can improve our service.
6.3 Third party sites
Our site has links to other websites not owned or controlled by us. We are not responsible for these sites or their privacy practices.
7 DISCLOSURE OF YOUR PERSONAL INFORMATION OVERSEAS
8 ACCESS TO YOUR PERSONAL INFORMATION
You can access and update your personal information by contacting us at [email protected]. We will process all requests for access to personal information in accordance with the Privacy Legislation. In most cases we will provide you with access to your personal information within a reasonable period after the request is made. However, in certain situations as listed in the Privacy Legislation we may refuse access. If we refuse to give you access to your personal information, we will provide you with reasons for our refusal. We may charge a reasonable administration fee for processing your request.
If any personal information we hold about you is not accurate, up to date or complete, please let us know and we will subject to Privacy legislation take reasonable steps to ensure that it is corrected within a reasonable period.
9 COMPLAINTS ABOUT PRIVACY
If you have any complaints about how we use, disclose or collect your personal information or our privacy practices, you may make a complaint to us by:
- calling us on 07 3513 7700; or
- writing to us at: HR Department PO Box 440 Brisbane QLD 4001
- email us at: [email protected]
We take complaints very seriously and will investigate and respond as soon as we can after receiving written notice of your complaint.
If you are not satisfied with how we handle your privacy complaint, you can make a complaint to the Office of the Australian Information Commissioner (OAIC). For more information, you can visit the OAIC website at www.oaic.gov.au.
10 COMMENTs, feedback and requests for copies
Any feedback or comments on this policy, including its effectiveness, or requests for a copy of this policy should be sent to [email protected] Comments will be reviewed, and if applicable, responded to by the Privacy Officer.
- Privacy Act 1988 (Cth), including the Australian Privacy Principles (“Privacy Legislation”)