Protecting personal information is important to the ACS and personal information will be held in strictest confidence.
Personal information will only be used for the purposes it was collected or in any way that the provider gives ACS permission to use it.
“Personal Information” means information or an opinion (including information or an opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion.
The ACS collects personal information for the purpose of providing members with a comprehensive range of membership services and with valuable information regarding relevant products and services from the ACS and appropriate ACS contracted third parties. When collecting personal information by whatever means the ACS will ensure that appropriate notices are given and consents obtained in accordance with the National Privacy Principles. Most information is collected directly from the individual concerned. ACS also obtains some personal information from third party sources. In such cases ACS will require a warranty from the third party that the information has been collected in accordance with National Privacy Principles 1, including notification that the information may be disclosed to organisations like the ACS.
Disclosure of personal information
Personal information provided to ACS will not be disclosed to other organisations or individuals without the provider's express permission or when obliged to provide such information by lawful authority.
The ACS will from time to time enter into contractual agreements with other organisations to provide services/benefits to ACS members. On occasion, personal information on ACS members will be released to those contracted organisations for the purposes that the contract was entered into. Members will be given the opportunity of opting out of receiving communications from these organisations when applying for membership and when renewing membership, or at any time by contacting the ACS or by amending their details on the ACS member web site.
ACS will never sell, trade, lease or rent any personally identifiable information to other companies except as stated and agreed when collecting information from members or other persons.
The ACS reserves the right to communicate with members about the essential affairs of the Society.
All ACS employees, Office Bearers and other authorised persons are required to sign an undertaking (example attached) that they will protect personal information on ACS members that they collect or have access to in the course of their duties.
ACS Web sites
Visitors may remain anonymous when visiting an ACS website. ACS will not collect any personal information about individuals unless that information is required to provide a particular service such as when a visitor completes a membership application form or a conference registration online.
ACS will not intentionally collect personally identifiable information about visitors to its web sites. Like most web sites, when accessing ACS's web site log files can and will be generated by the web servers that show the IP address of the visitor, date, time, and pages visited.
ACS may review the information in the web sites logs from time to time and the logs may be periodically deleted. Information in web logs will be used in the aggregate to generate statistics about access to ACS sites.
Cookies will not be used for general tracking purposes but may be used where functionality requires it, i.e. in the intranet or members areas of websites. No attempt will be made to observe the use of the site by individuals except in the course of investigating any abuse.
ACS provides access to a number of electronic mailing lists some of which are provided by Yahoogroups. These lists are subject to the privacy standards of those organisations and list members should be advised to read the terms and conditions prior to joining such lists.
ACS also maintains in-house email lists and Branches should ensure they accord with the data protection standards in this document.
Security of personal information
ACS will maintain all personal information, including its membership and 'in-house mailing list subscriber details and web server logs, in controlled environments that are secured against unauthorised access. Proof of identity is to be required before information is released to any person, including a member.
Encryption must be used to protect personal information provided in online forms eg. the membership application forms while in transit on the Internet.
Member data is not to be held by individual Office Bearers unless the members concerned have given their approval. An Office Bearer wishing to contact members legitimately is to forward the message/letter to an ACS office for it to do the distribution on the Office Bearer’s behalf.
Correct, update or delete personal information
Every effort is to be made to ensure that personal information held on members is current, accurate and complete.
The Society must provide the opportunity and means for personal information to be accessed on request by the individual concerned and amended where appropriate. When a request is made, it must be acted upon in an expeditious manner.
Mailing List Subscription Providers and owners/administrators/moderators of contact lists other than the basic membership records must respond without unnecessary delay to any request to remove or edit the contact details of a list subscriber.
Member Access to His/Her Information
A member’s identity needs to be validated before his/her personal information is divulged when requested.
If a request is received by telephone a minimum of three (3) ‘matches’ of information held on the member is needed for validation [normally name, membership number and DOB or place of work, mobile phone number]. If in doubt do not divulge any information.
A member wishing to sight all the information that the ACS has collected on him/her can do so by, either in writing or by email, making a request to the ACS Privacy Officer Mr Sam Burrell at PO Box Q543, QVB, NSW 1230 (Email: email@example.com NO SPAM)
Such information can be provided by faxing, posting or emailing a ‘snapshot’ of the member’s record or by making arrangements for the member to inspect his/her record in person.
A member attending an ACS office by arrangement to sight his/her information will need to prove his/her identification which should include some photographic identity such as a driver’s licence or passport, plus ACS membership card or current subscription renewal.
Contracted Service Providers
The ACS has a detailed plan for ensuring continuing compliance with the terms of the Privacy Act.
The ACS Privacy Officer:
Mr Sam Burrell
Ph:02 9299 3666