This policy explains how the Tasmanian Foundation of Occupational Medicine (ABN 36395869483) operating as (We, Our or Us) collect, store, use, disclose, maintain and destroy personal information. In this policy We refer to an individual as You unless talking about all individuals generally. We comply with the Privacy Act 1998 (Cth) as amended (Act) including the Australian Privacy Principles. This policy was last updated 24 August 2020.
What’s the short version?
- We take steps to ensure individuals are aware when We collect their personal information or sensitive information
- We store information securely to prevent breaches of privacy
Individuals can access and/or correct or request to erase personal information We hold about them
- We only disclose personal information to others in the normal course of business
- We may use personal information for direct marketing but We always provide a simple opt-out mechanism
- Individuals can complain to Us or the Office of the Australian Information Commissioner about potential or actual breaches of their privacy
- Contact details for Our privacy officer are at the end of this document.
What is covered?
- The information We collect and hold includes, but is not limited to, personal information and sensitive information about:
- Customers and potential customers
- Potential employees
- Independent contractors and potential contractors
- Other individuals who come in contact with Us.
- This policy does not cover employee records (within the meaning of the Act).
- We do not act as a credit provider.
- Means information or an opinion about an identified individual, or an individual who is reasonably identifiable whether the information or opinion is true or not, and whether the information or opinion is recorded in a material form or not. Some examples of personal information include name, email address, mailing address, telephone number and payment card information. Personal information may also include ‘sensitive information’ about an individual.
- We do not act as a credit provider.
Means personal information relating to a person’s racial or ethnic origins, political origins, religion, education, occupation, trade union or other professional or trade association membership, sexual orientation, sexual practices, criminal record; and information about a person’s health or biometrics, or a person’s biometric templates. In general, We do not collect sensitive information from Our customers.
How is Information Collected?
We normally collect personal information, including sensitive information, directly from individuals. We may do this by asking the individual to register an account, complete a form (e.g. an order form), asking them to respond to a request for information (e.g. a job application) or in the course of discussions with them.
We may also collect personal information automatically when individuals interact with Us. This may include:
- Information collected when an individual visits Our website, including information about their web browser, cookies, information about what links are clicked and time spent on the website.
- Information collected when an individual telephones Us, including their telephone number where available by caller ID.
- We may also receive personal information about individuals from third parties. We will only do so where this is lawful and fair, and where it is not reasonably practicable for Us to acquire that information directly from the individual.
- Whose information do We collect?
- We do not normally collect personal information about individuals who simply visit Our website or make general enquiries by telephone. Individuals are welcome to remain anonymous or use a pseudonym in these circumstances.
- We collect personal information and sensitive information about Our customers and prospective customers to enable us to deliver services to them and to maintain Our relationship with them.
- We also collect personal information and sensitive information about contractors, potential contractors and potential employees to enable Us to determine whether to engage them, to work with them effectively and to maintain Our relationship with them.
- We may collect personal information from other individuals, in which case We will take reasonable steps to ensure they are aware of what personal information is collected and the purpose of collection.
How is information stored?
- We may store personal information and sensitive information We collect about individuals in either soft or hard copy, or both. We take reasonable steps to ensure there is no unauthorised access to or misuse of this information while We store it.
- We take appropriate security measures to protect Your personal information from unauthorised access, disclosure, alteration or destruction.
- We store personal information as regular business records. These may be destroyed when no longer required. Records of transactions are normally kept for seven years.
- Our employees, and any agents that access personal information are bound by confidentiality and privacy obligations in agreements with Us.
How do We use personal information?
- We only use personal information for the purpose for which it is collected or for related purposes. We only use sensitive information for the purpose for which it is collected or for directly related purposes, unless the individual agrees otherwise or the use or disclosure is allowed by law.
- We may use some personal information for direct marketing, but will always provide a simple opt-out mechanism and honour an individual’s request to not receive direct marketing materials from Us.
By using the TFOM website, You will be deemed to consent to Our use of Your personal information for the following purposes:
- Communicating with You generally and providing information or services requested by You
- Protecting against fraud or error
- Complying with legal or government requirements to fulfil any requests from You or for purposes that would be reasonably apparent to the average person at the time we collect it.
When do We disclose personal information to others?
- We will only disclose personal information to others for the purpose for which it is provided or a related purpose (for example, information may be given to a contractor to enable a payment to be processed or an order to be delivered).
- We will not normally disclose personal or sensitive information to anyone overseas. If We disclose personal or sensitive information to an overseas recipient, We will take reasonable steps to ensure they comply with the Australian Privacy Principles.
- We may disclose personal or sensitive information to others where required or authorised by law, for example in response to a court order or police investigation.
- When You interact with Us, payments are made through Our payment gateway provider(s)
- You will be providing payment card credit details directly to Our payment gateway provider(s) which operate secure server to process payment details, encrypting your payment card information and authorising payment.
- None of Your payment card details are permanently stored with Us.
- How can an individual access or correct personal information We hold about them?
- Individuals can request access to the personal information We hold about them by contacting Our privacy officer using the details listed below. There is no fee for requesting access to personal information but We may choose to charge a reasonable fee to provide access to that information.
- We will normally permit an individual to access their personal information, however if for some reason We do not We will explain why We have made that decision. We will normally respond to all requests within 30 days.
- If an individual wishes to update the information We hold about them they can do so by contacting Our privacy officer on the details listed below. There is no fee for requesting correction of personal information but We may choose to charge a reasonable fee to correct that information. We will normally respond to all requests within 30 days.
How can an individual complain about potential or actual breaches of their privacy?
- Individuals concerned about their privacy should contact Our privacy officer on the details below. We will investigate all complaints and provide a response within 30 days.
- We may indicate in that response that additional time is required to complete the investigation, in which case We will specify a timeframe for further communication.
How can We be contacted?
Enquiries about privacy (including complaints) should be directed to:
The Executive Officer, Tasmanian Foundation of Occupational Medicine –
Post: 14 ELIZABETH STREET
PO Box 1389 LAUNCESTON
TASMANIA 7250 or firstname.lastname@example.org
Office of the Australian Information Commissioner
Individuals may also make complaints about breaches of the Act (including if they are not satisfied with Our handling of their complaint) to the Office of the Australian Information Commissioner. Their details are:
Email: email@example.com Post: GPO Box 5218, Sydney, NSW, 2001 Phone: 1300 363 992 Fax: 02 9284 9666 Further information is available from the OAIC at https://www.oaic.gov.au