What is privacy?
Diabetes SA is covered by the Privacy Act 1988 (‘the Privacy Act’) and the Australian Privacy Principles (‘APPs’) which commenced on 12 March 2014. The APPs set out the way organisations can collect, use, disclose and provide access to Personal and Sensitive Information.
Privacy Act 1988
Australian Privacy Principles 2014
Spam Act 2003
‘Personal Information’ is any information that identifies or could identify a person, whether it is true or not. It includes, for example, your name, age, gender and contact details.
Personal Information can also include ‘Sensitive Information’, which is information about your health and health services provided to you.
Who is Diabetes SA?
Collection of information
Diabetes SA collects your Personal and Sensitive Information only if you have consented to the information being collected, if the information is reasonably necessary for one or more of our functions or activities or if one of the other exceptions applies under the APPs. We may collect Personal Information about you; including the following which may not all be relevant to you depending on the services you access:
- your username and password,
- your full name, address, email address and telephone number,
- gender and date of birth,
- Medicare or Department of Veterans’ Affairs number,
- country of birth,
- details of your parent or carer and details of your medical practitioner,
- products and services purchased and purchasing preferences,
- credit card details and method of payment (where you make purchases/donations or other payments),
- any other information you provide to us.
We may also collect Sensitive Information about you, such as:
- whether you are of Aboriginal or Torres Strait Islander origin,
- main language spoken at home,
- diabetes type,
- health and lifestyle information such as height, weight, daily physical activities, nutrition and lifestyle choices,
- whether your immediate relatives have had diabetes,
- treatment information,
- insulin status,
- any other information you provide to us.
Information collection and storing
We only collect your information by lawful and fair means. We collect your information in a few different ways, including:
- forms you provide to us,
- electronically, such as through our websites,
- phone calls,
- information you provide while visiting us or our agents including NDSS Access Points,
- information you provide while participating in diabetes support services, education sessions or seminars/events provided by us,
- other correspondence, such as email and mail.
We will always collect Personal Information from you directly unless it is unreasonable or impractical for us to do so. When a person with diabetes is under 15 years old, or lacks the mental capacity and legal competence to make decisions, the person’s primary carer or guardian must consent to the collection of the person’s information.
Use of your information
We only use your Personal and Sensitive Information for purposes which are directly related to the reason you provided us with your information and where you would reasonably expect us to use your information. We will not use your Personal Information for another purpose unless you have given consent (for example by agreeing to our website terms and conditions or on the NDSS registration form).
We will not use your Personal Information for another purpose unless you have given consent or one of the exceptions under the Privacy Act applies. For example, if the use of the information is authorised by Australian law or is necessary for law enforcement by an enforcement body, such as the Australian Federal Police.
Disclosure of your information
Diabetes SA will only transfer your Personal Information to third parties in the following circumstances: where you have consented to the disclosure;
- to protect or defend the legal rights or property of Diabetes SA, our affiliated and group companies or their employees, agents and contractors (including enforcement of our agreements);
- to protect against fraud or for risk management purposes;
- to comply with law or legal process; or
- to enable the sale of Diabetes SA or its assets.
From time-to-time, Diabetes SA will provide statistical information to the South Australian Department of Health, the Commonwealth Department of Health universities or other organisations that provide funding to Diabetes SA. This information is statistical information and does not identify individuals. By agreeing to these terms and conditions you consent to your information being de-identified, included in this statistical information and presented to the South Australian Department of Health, the Commonwealth Department of Health, universities or other organisations that provide funding to Diabetes SA.
We do not currently disclose your Personal Information to overseas parties. If your Personal Information is transferred overseas, we will comply with our obligations under the APPs.
Accessing and correcting information
We will take reasonable steps to ensure that all Personal Information that we collect, use or disclose is accurate, up-to-date, complete, relevant and not misleading. We will correct any Personal Information that we believe to be incorrect, out-of-date, incomplete, irrelevant or misleading. This includes taking reasonable steps to notify any organisation or government agency to which information was disclosed about the correction. You may request to access or correct your Personal Information at any time by contacting the Privacy Officer using the details below. We will give you access to the information unless one of the exceptions under the Privacy Act applies. For example, if providing access would be unlawful or denying access is authorised by law.
We are not responsible for any problems that may arise if you do not give us accurate, truthful or complete information or if you fail to update such information. We will reject and delete any entry that we believe in good faith to be false, fraudulent or inconsistent with these terms and conditions.
If you wish to amend any of your details or the information you have provided to us please contact us using the details on the Websites. If you request to access or correct your information, we will respond within a reasonable time (usually within 30 days). If your request is refused, we will give you a written notice that sets out the reasons for refusal and how to complain about the decision.
It is your choice to provide information to us. Wherever it is lawful and practicable, you have the option not to identify yourself or to use a fictional name when interacting with us. You can remain anonymous when using some parts of our Websites. However, it may be necessary for us to collect your Personal or Sensitive Information if you would like to access certain materials or services.
If you choose to withhold the information we require, we may not be able to provide the services you have requested.
Security of your information
When we no longer need Personal Information for any purpose we will take reasonable steps to destroy the information or ensure that the information is de-identified. This will apply except where the information is part of a Commonwealth record, or we are required by law or a court/tribunal order to retain the information.
Direct communications and promotional materials
From time to time, we may contact you or send out promotional materials for the purposes of Diabetes SA or the NDSS. If you do not wish to receive these communications, please contact Diabetes SA to unsubscribe (see contact details below). Your information may also be used by us to provide you with details of our services and events where permitted by the Privacy Act or where you have consented to the use or disclosure of your Personal Information for direct communications and promotional materials.
It is our policy that any direct communication or promotional material will include a statement advising that you may request not to receive further material by contacting us using the details provided. Even if you unsubscribe, if you are registered with the NDSS or a member of our organisation you will still receive important information about diabetes and NDSS product safety issues.
It is our policy that all electronic communications will include an unsubscribe facility. The Spam Act prohibits sending unsolicited commercial emails, SMS and MMS messages for commercial purposes. Examples of unsolicited communications are ones that do not directly relate to a service you have previously signed up with or agreed to. While not-for-profit organisations such as Diabetes SA do have some exemptions from the Spam Act, we are guided by the Code of Practice developed by the Australian Direct Marketing Association.
See www.adma.com.au/comply/code-of-practice/ for further information.
Complaints and enquiries
If you are unhappy with the outcome, you may lodge a complaint with the Australian Information Commissioner who can order the payment of compensation by Diabetes SA in certain circumstances.
See http://www.oaic.gov.au/privacy/making-a-privacy-complaint for further information.
PO Box 1930
Hilton SA 5033
Phone: 08 8234 1977