There are 10 national privacy principles as follows-
Collection of personal information must be fair, lawful and not intrusive. A person must be told the organisation's name, the purpose of collection, any laws requiring the collection, the main consequences if all or part of the information is not provided, and that the person can get access to their personal information.
An organisation should only use or disclose information for the purpose for which it was collected unless the person has consented, or the secondary purpose is related to the primary purpose and a person would reasonably expect such use or disclosure.
An organisation must take reasonable steps to make sure that the personal information it collects, uses or discloses is accurate, complete and up-to date.
An organisation must take reasonable steps to protect the personal information it holds from misuse and loss and from unauthorised access, modification or disclosure.
An organisation must have a policy document outlining its information handling practices and make this available to anyone who requests it.
Generally speaking, an organisation must give an individual access to personal information it holds about that individual on request.
Generally speaking an organisation must not adopt, use or disclose an identifier that has been assigned by a Commonwealth government 'agency'. For example, a tax file number or Medicare number.
Organisations must give people the option to interact anonymously whenever it is lawful and practicable to do.
An organisation can only transfer personal information to a recipient in a foreign country in circumstances where it is necessary to do so to complete an agreement with a person, or where the information will have appropriate protection or the person has consented to the transfer.
An organisation must not collect sensitive information (for example, details of a person’s race, religion, sexual preferences or health) unless the individual has consented.
What information we collect-
The personal information we collect about you includes (but is not limited to) your name, contact details (including phone numbers and addresses), gender, date of birth and other information which may assist us in conducting our business.
We collect this information from you only if you consent to our collection of such information and the information is reasonably necessary for one or more of our functions or activities (or we are otherwise permitted or required by law to do so), including:
We also collect information about you that is not personal information. For example, we may collect data relating to your activity on our websites (including the type of internet browser you use, your operating system, address of referring site, your IP address and other clickstream information) via tracking technologies such as cookies, or we may collect information from you in response to a survey, promotion or competition.
How we collect it
We may collect your personal information from a variety of sources, including from you, advertisers, mailing lists, recruitment agencies, contractors and business partners.
We will generally collect personal information by way of forms filled out by people, face-to-face meetings, interviews, business cards, electronic communications, telephone conversations and from third parties (including representatives, agents). In addition, we collect personal information from our websites through receiving subscription applications, job applications, applications to participate in our research projects, competition applications and other electronic documents.
We may collect your personal information when you request, acquire or use a product or service from us, register with us as a subscriber, member or user, provide a product or service to us, complete a survey, consent form or questionnaire, complete assessment materials as part of our research projects in which you participate, enter a competition or event, participate in our services (including blogs and forums) or when you communicate with us electronically (including email and facsimile), by telephone or in writing (for example if you make a complaint or provide feedback) or where you provide personal information via social media (such as via Facebook, Twitter, Instagram etc).
If, at any time, you provide personal or other information about someone other than yourself, you must have that person's consent to provide such information for the purpose for which you provide it to us.
Why we collect it
The primary purpose for which we collect information about you is to conduct our business, provide and market our products and services to you, meet our legal or regulatory obligations, and also for the management of business transactions entered into with us and the administration of any accounts you have with us. We may state a more specific purpose at the point we collect your information (including but not limited to any law that requires or authorises the particular information to be collected).
If you do not provide us with all or some of the information that we request, we may not be able to provide you with our products or services or include you as a participant in our research projects. For example, if you do not register as a member of a website, you will not be able to access features or services that are reserved for members or subscribers only.
In addition to the primary purpose outlined above, we may use the personal information we collect, and you consent to us using your personal information:
Other than in relation to Non-Confidential Information, we will take all reasonable steps to protect the personal information that we hold from misuse, interference and loss, and from unauthorised access, modification or disclosure including by means of secure premises, firewalls, password access, secure servers and encryption PIIs.
However, you acknowledge that the security of online transactions and the security of communications sent by electronic means or by post cannot be guaranteed. You provide information to us via the internet or by post at your own risk. We cannot accept responsibility for misuse, interference or loss, or unauthorised access, modification or disclosure in respect of your personal information where the security of the information is not within our control.
If you suspect any misuse, interference or loss, or unauthorised access, modification or disclosure in respect of your personal information, or any other privacy breach please let us know immediately.