SUPPORT NETWORKS AUSTRALIA (SNA): Privacy Policy

  • Introduction
    • This Policy sets out the policies relating to the privacy and confidentiality relating to all personal information within Support Networks Australia (SNA). All SNA Members are to comply with this policy.
    • The SNA Management Committee (MC) are accountable for managing this policy within the SNA.
  • Overview
    • Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable:
      • whether the information or opinion is true or not; and
      • whether the information or opinion is recorded in a material form or not.
    • The SNA receive and maintain sensitive personal information of Members and Clients including, but not limited to:
      • Name, address and contact details;
      • Date of birth;
      • Next of kin details;
      • Medical conditions and health information;
      • Identification details (drivers licence/passport etc) ;
      • Bank account details and signatures;
      • Photographs;
      • File notes relating to individuals;
      • Email correspondence;
      • Incident/Accident claim correspondence; and
      • Criminal History Record correspondence.
    • Health Information
  • Information Storage and disposal
    • Personal Information is in most cases kept in soft copy in a cloud-based storage facility with access only to SNA core members. Local synchronised copies of the cloud storage exist on SNA members local storage or network access storage (NAS).
    • Some information is kept in emails on SNA members local PC storage or Cloud services such as Gmail, Hotmail, smartphones, iCloud, Google Drive etc.
    • In addition, some Personal Information is stored on SNA web services and available through private web sites which may be hosted overseas by third parties and access protected with username/passwords. The SNA public website and other materials may display photos and names of members and clients, published with permission.
  • Policy
    • The SNA will endeavour to handle Personal Information in accordance with this Privacy Policy and the Australian Privacy Principles.
    • This Privacy Policy summarises how the SNA handles personal information. We may revise this Privacy Policy from time to time. The revised Privacy Policy will take effect when it is published to members and posted on the SNA website.
  • Privacy and Confidentiality
    • When handling financial and personal information about clients or others with whom the SNA has dealings, members must observe the following principles:
      • Collect, use, and retain only the personal information necessary for the SNA’s business. Whenever possible, obtain any relevant information directly from the person concerned.
      • Retain information only for as long as necessary or as required by law. Protect the physical security of this information.
      • Limit internal access to personal information to those with a legitimate business reason for seeking that information. Use only personal information for the purposes for which it was originally obtained. Obtain the consent of the person concerned before externally disclosing any personal information, unless legal process or contractual obligation provides otherwise.
      • First discuss any concerns or suggestions to improve the service we provide to the client with a committee member
    • Breach Risks and Mitigation
      • The SNA mitigates breaches of Privacy by adopting the following actions:
        • The use of strong passwords.
        • Education of all members – including through the Code of Conduct.
        • Monitoring and tracking for breach.
        • Encourage breach reporting to SNA Management Committee.
      • Breach Management and Reporting
        • In the event of a privacy breach being identified, the MC will allocate a Breach Manager to investigate and mitigate the breach, reporting to the MC on a daily basis.
        • Where criminal activity may be suspected, the relevant statutory authority will be informed, and the SNA will fully cooperate with all authorities.
        • SNA is currently not large enough for mandatory privacy breach reporting to the authorities.
      • Complaint Management
        • If you have any queries or would like to make a complaint regarding relating to our Privacy Policy or how we handle your personal information, please contact the SNA President on barbara.kienast@supportnetworksaustralia.com.au or mobile 0491 616 326. We endeavour to respond to complaints and queries within fourteen calendar days of their receipt. If you are dissatisfied with our response, you may refer the matter to the Australian Information (Privacy) Commissioner (see www.oaic.gov.au).
        • If you do not provide some or all of the personal information requested, we may not be able to offer you services or provide you with information about our causes, events, programs and projects
      • Website usage information and cookies
        • When you access our website, we may use software embedded in our website (such as PHP and Javascript) and we may place small data files (or cookies) on your computer or other device to collect information about which pages you view and how you reach them, what you do when you visit a page, the length of time you remain on the page, and how we perform in providing content to you.
        • A cookie does not identify individuals personally, but it does identify computers. You can set your browser to notify you when you receive a cookie and this will provide you with an opportunity to either accept or reject it in each instance.
        • We may gather your IP address as part of our business activities and to assist with any operational difficulties or support issues with our services. This information does not identify you personally.
        • We may use Google Analytics features based on Remarketing, Google Analytics Demographics, and Interest Reporting. These features use first party and third-party cookies to inform and optimise content based on your past visits to our site.
        • We may also use pixel tracking, which indicates when your computer has visited pages on our websites where a pixel has been installed. As with cookies, this does not identify you personally, only the device you are using.
        • Google Analytics informs us of how visitors use our site based on your browsing habits, so that we can improve our site to make it easier for you to find the information you are seeking. Google also receives this information as you browse our site and other websites on the Google Display Network using Remarketing.
        • You can use the Google Analytics Opt­out Browser Add­on so you are not tracked into Google Analytics.
      • Cross-border disclosures of your personal information
        • We use data hosting facilities and third-party service providers to assist us with providing our goods and services. As a result, your personal information may be transferred to, and stored at, a destination outside Australia, including but not limited to New Zealand, Netherlands, China, Singapore, Hong Kong, Ireland, Canada, United States of America and the United Kingdom
        • Personal information may also be processed by staff or by other third parties operating outside Australia who work for us or for one of our suppliers, agents, partners or other support networks associated with the SNA. We take such steps as are necessary in the circumstances to ensure that any overseas third-party service providers we engage do not breach the Australian Privacy Principles, including through contractual arrangements.
        • If your personal information is collected using a collection notice that references this Privacy Policy, you are taken to consent to the disclosure, transfer, storing or processing of your personal information outside of Australia. You also acknowledge and understand that by providing such consent that we will not be required to take such steps as are reasonable in the circumstances to ensure such third parties comply with the Australian Privacy Principles.
      • General Data Protection Regulation (GDPR)
        • The SNA has no plans to market to the United Kingdom or Europe, nor use suppliers from countries using GDPR. Accordingly, SNA is not adopting GDPR principles, instead relying on the Australian Privacy Principles. Should this situation change this policy will be updated.
governance/privacy policies/SNA Privacy policy v0.2b.docx