Privacy

Privacy Policy:

1. Purpose:

This policy outlines what kinds of personal information Activ collects, how it is held, used and disclosed. This policy applies to all staff, contractors, volunteers, students and customer personal information.

2. Scope:

This policy applies to all staff, contractors, volunteers, students and customers that capture, handle and manage personal information.

3. The Privacy Act 1988:

Activ uses this policy to comply with the Privacy Act 1988 and the 13 Australian Privacy Principles APP: https://www.oaic.gov.au/agencies-and-organisations/app-guidelines/

The Privacy Act 1988 (Privacy Act) regulates how personal information is handled. The Privacy Act defines personal information as:
“….information or an opinion, whether true or not, and whether recorded in material form or not, about an identified individual, or an individual who is reasonably identifiable.”

Thirteen Australian Privacy Principles or APP entities that provide guidelines on how to handle, use and manage personal information are included in the Privacy Act.

The Privacy Act is the legislative reason why Activ collects, holds, uses and discloses staff, contractors, volunteers, students and customer’s personal information, in the manner outlined in this policy.

For more information about the Privacy Act or your rights, please visit the website of the Office of the Australian Information Commissioner

4. Activ and Privacy:

(APP 1 – Open and transparent management of personal information)

Activ is committed to proactively engaging in managing personal information

The Privacy policy is used as one of the tools created to support the Activ Privacy Management Framework.

5. Remaining Anonymous or using a Pseudonym

(APP 2 – Anonymity and pseudonymity):

  • Activ provides individuals with the option of dealing anonymously or by pseudonym.
  • An APP entity is not required to provide those options where:
    • The entity is required or authorised by law or a court or tribunal order to deal with identified individuals, or
    • It is impractical for the entity to deal with individuals who have not identified themselves
  • Anonymity means that an individual dealing with an APP entity cannot be identified and the entity does not collect personal information or identifiers
  • A pseudonym is a name, term or descriptor that is different to an individual’s actual name. Where applicable, an APP entity must ensure that individuals are made aware of their opportunity to deal anonymously or by pseudonym with the entity.

6. Activ personal information handling practices:

Activ promotes secure and mindful handling of all electronic and hardcopy personal information, which is outlined in the Information Handling and Classification Policy, which may be found in the Privacy Management Manual.

7. Kinds of personal information collected and held

(APP 3 – Collection of solicited personal information, APP 9 – Adoption, use or disclosure of government related identifiers):

Staff, contractors, volunteers, students and customers will have personal information collected to assist Activ perform functions and activity’s.

Activ adheres with, by only collecting personal information where it is reasonably necessary for, or directly related to, Activs functions or activities.

The personal information captured will vary depending on the context of the collection.

  • Names, address and contact details (e.g. phone, email and fax)
  • Photographs, video recordings and audio recordings
  • Information about personal circumstances (e.g. marital status, age, gender, occupation, accommodation and relevant information about your partner, children, guardian)
  • Information about financial affairs (e.g. payment details, bank account details and information about business and financial interests)
  • Information about identity (e.g. date of birth, country of birth, nationality, passport details, visa details, drivers licence, birth certificates)
  • Information about your employment (e.g. work history, referee comments, remuneration
  • Information about your background (e.g education qualification, the language you speak)
  • Government identifiers (e.g. Centrelink Reference Number, Tax File Number, please note that Activ adheres to restricting the use of government identifiers unless required to assist individuals)
  • Information about assistance provided to you under government funding arrangements On occasions, a range of sensitive information may be collected or held about you, including information about:
  • Your health (including information about your medical history and any disability or injury you may have).

8. Dealing with unsolicited personal information

(APP 4 – Dealing with unsolicited personal information):

Unsolicited personal information is personal information received by Activ that has not been requested by Activ (e.g.: unsolicited resumes or c.v’s).

Activ will destroy or de-identify the information in accordance with the Activ Retention and Disposal R+D Schedule guidelines.

9. How Activ collects and holds personal information:

Activ collects personal information through a variety of methods:

  • Paper based forms
  • Electronic forms (including online forms)
  • Face to face meetings
  • Telephone communications
  • Email communications
  • Communications by fax
  • CCTV footage
  • Activ website
  • Activ social media accounts

Activ holds personal information in a range of different formats, both paper-based and electronic records.

Please note that the Information Management industry standards define a record in International Standard ISO 15489 as: “Information created, received and maintained as evidence and as an asset by an organisation or person, in pursuit of legal obligations or in the transaction of business.”

10. Providing consent

(APP 5 – Notification of the Collection of personal information):

Activ requires that consent forms are signed by customers, staff, volunteers and student placements:

  • Please note that all Activ customers are required to sign the Aqua 1990 Consent form, which outlines all situations in which customer information may be
  • Please note that PageUp is used to gain consent from staff, volunteers and student placements for Activ to collect and use personal information when on-boarding.
  • Aqua 1996 Confidentiality Statement, is used to capture further consent from volunteers and students for Activ to collect and use personal

11. Purposes for which personal information is collected, held, used and disclosed

(APP 6 – Use or disclosure of personal information, APP 7 – Direct marketing): Activ will collect personal information to assist in carrying out business activities:

  • Performing its employment and personnel functions in relation to Activ staff, contractors and employed customers
  • For the provision of service delivery for all customers
  • Performing administrative and legislative functions
  • Government funding agreement requirements
  • Complaints handling

Authorised third party or external parties that may be supplied with your personal information will vary depending on the nature of your relationship with Activ (staff member, customer, volunteer, student placement, and contractor):

  • Personal information, as/if required to other service providers (e.g. Doctors, Silver Chain and to ambulance officers if medical care is needed in an emergency); please note that in the event that you are receiving services from multiple disability agencies, you need to advise Activ staff as to when the service starts and ceases, your consent will be required to exchange information between the external party and
  • Personal information, as/if required to Government Agencies (e.g. Disability Services Commission, Department of Social Services DSS, NDIS, Centrelink, Australian Tax Office ATO, WorkCover WA Police etc.) where it is required by law or required so that services can be accessed; and
  • Personal information to others in cases an individual may be at risk of serious

Activ uses and discloses personal information for the primary purposes for which it is collected.

Activ will only use personal information for secondary purposes where it is able to do so in accordance with the Privacy Act.

Confidential agreement templates have been created to ensure confidentiality for these situations:

Aqua 2760 Confidentiality Agreement – Disclosure to Third Party Aqua 2761 Confidentiality Agreement – Mutual Disclosure

  • These templates are intended for use as agreements for when Activ shares information with third parties for such things as service agreements, engagements, legal projects and commercial
  • Please note that not all releases of personal information will require a confidential agreement. There are legal instances where Activ is required to release the personal
  • The Governance and Risk Manager may be contacted for consultation regarding the use of the confidential agreement
  • The Executive Managers are classified as Authorised Officers and are in a position to sign on behalf of
  • The information to be released is to be provided to the Privacy officer to be reviewed. The Privacy Officer is given the opportunity to review the information and signed off on it as being reviewed (via email) before the information is sent out of Activ. This is to mitigate the risk of a data
  • Confirmation is required and to be provided in writing (via email) when the destruction of the personal information has been officially carried out by the external
  • Not all Authorised Disclosure releases of information require a Confidential Agreement, a signed consent form from the individual authorising a third party to collect personal information is sufficient for the
  • A record of all authorised personal information that is released is to be kept. Please note that originals (unless under Court Order) are held by Activ, copies are provided to external
  • A summary of why the personal information has been authorised to be disclosed is also required.

Direct marketing;

Activ ensures personal information will not be used to communicate directly with an individual to promote goods and services, unless permission has been provided.

Activ allows individuals to request not to receive direct marketing communications ‘opting out’ and will comply with that request.

12. Personal information is to be kept accurate, up-to-date and complete

(APP 10 – Quality of personal information):

Activ provides staff with access to policies and procedures to assist them to capture and maintain personal information accurately and completely.

  • Staff have access to Askhr and may update their own personal details
  • Please note that the internal Privacy survey requires supervisors to remind staff to update their personal information in
  • Customers may update their personal details by supplying changes in writing to either their Team Leader/Employee Coordinator, or by annually completing the AQuA 2750 Customer Profile and AQuA 1990 Consent Form. Please note that the internal Privacy Survey requests staff to commit to auditing customer files to check that the Consent form and Customer Profile are up to date.

13. How to seek access to and correction of personal information:

(APP 12 – Access to personal information, APP 13 – Correction of personal information):

  • When Activ holds personal information about an individual, Activ will give the individual access to that information on
  • Activ supplies individuals the opportunity to access or seek correction of personal information, please email the Activ privacy email address Privacy@activ.asn.au for assistance if
  • Staff that have access to Askhr may update their own personal details
  • Customers may update their personal details by supplying changes in writing to either their Team Leader/Employee Coordinator, or by completing the annual AQuA 2750 Customer Profile.

14.  Data Breaches – Accidental or unauthorised disclosure of personal information:

Accidental or unauthorised disclosure of personal information is prohibited.

Activ takes any potential Data Breach seriously, there are existing mechanisms in place to manage any potential Data Breach.

The potential breach will be investigated and measured against the Office of the Australia Information Commissioner OAIC criteria that identifies what does and what does not constitute an Eligible Data Breach:

The OAIC Eligible Data Breach criteria may be found via this link: https://www.oaic.gov.au/agencies-and-organisations/guides/data-breach-preparation-and- response#identifying-eligible-data-breaches

Eligible data breach:

An eligible data breach arises when the following three criteria are satisfied:

For details of the Activ Data Breach Plan, please refer to section 14. Data Breach Response Plan, of the Privacy Management Manual.

15. Security of personal information:

(APP 11 – Security of personal information):

Activ promotes secure and mindful handling of all electronic and hardcopy personal information. This is outlined in the Information Handling and Classification Policy, which may be found in the Privacy Management Manual.

ICT policy and procedures underpin the confidential and secure management of business applications and systems. All staff are required to be aware of Data security, manage hardcopy and electronic personal information in a confidential, secure manner.

16. Personal information held overseas:

(APP 8 – Cross border disclosure of personal information):

Activ may engage in the services of cloud based overseas providers, agreements are in place with providers to securely manage personal information.

17. How to make a complaint:

There are dedicated Consumer Liaison staff to manage feedback regarding services, from both staff, customers, guardians and members of the public. There is Feedback form available via the Activ website, internally there is an email address Feedback@activ.asn.au, the phone number 9387 0555 may be used to contact Consumer Liaison Officer.

18. Privacy Policy updates:

The Privacy officer is required to regularly review the privacy Policy and the rest of the Privacy Management Manual. Mechanisms are in place for the Privacy Management Manual to be reviewed annually.

19. How to Contact a Privacy officer:

If you have any privacy query’s please contact the Activ Privacy officer by phone 9387 0555 or via email privacy@activ.asn.au

20.  Availability of the Privacy Policy:

The Privacy Policy is section 3 in the Privacy Management Manual and is available via the Activ intranet site, the Activ website and PageUp (recruitment portal). Please contact the Records Department regarding any issues that prevent you accessing the a current version of the Privacy Policy, by phone 9387 0555 or via email records@activ.asn.au.

ACTIV FACT SHEET – PRIVACY

ACTIV and PRIVACY MANAGEMENT

Who is responsible for Privacy Management?

All staff, contractors, volunteers, students and customers are responsible for securely and mindfully handling all electronic and hard-copy personal information.

All Staff are required to read the Activ Privacy Policy and the Activ Privacy Statement

Where can I find the Activ Privacy Policy and Activ Privacy Statement?

The Activ Privacy Policy and Activ Privacy Statement may be found in the AQuA 2788 Privacy Management Manual

Available via the intranet/Activ8.

How do I contact a Privacy Officer?

Please contact Records Staff at Wembley, Head Office

Phone number: 9387 0555 Email address: privacy@activ.asn.au

What is the Privacy Management Manual?

The Privacy Management Manual lists all the processes and tools that Activ use to manage Privacy.

What if I believe there has been an: Accidental unauthorised disclosure of personal information, or a Deliberate unauthorised disclosure of personal

A Data Breach may have occurred. Please contact the Privacy Officer immediately.

EASY ENGLISH – PRIVACY for CUSTOMERS

Privacy Statement:

This is a summary of the Activ Privacy Policy:

1. Purpose of the Activ Privacy Statement:

The Privacy Statement tell you:

  • what kind of information about you Activ collects,
  • how Activ stores your information
  • how Activ uses the information and
  • when Activ will tell other people about

This statement applies to all staff, contractors, volunteers, students and customers.

Activ must tell you how your information will be collected, used, stored and told to others because of The Privacy Act of 1988.

2. Kinds of personal information collected and held:

Staff, contractors, volunteers, students and customers will have personal information collected to help Activ do its work.

The personal information is:

  • Names, address and contact details
  • Photographs, video recordings and audio recordings
  • Information about personal circumstances
  • Information about your money
  • Information about identity
  • Information about your employment
  • Information about your background
  • Government identifiers (e.g. Centrelink)
  • Information about the government funded services you get

Some information that is sensitive may be collected like information about your health

3. How Activ collects and holds personal information:

Activ collects personal information through:

  • Paper based forms
  • Electronic forms (including online forms)
  • Face to face meetings
  • Telephone communications
  • Email communications
  • Communications by fax
  • CCTV footage
  • Activ website
  • Activ social media accounts

Activ keeps personal information in both paper and electronic records.

4. Consent:

All Activ customers must give us permission to collect your information on the Consent Form (AQuA 1990.)

5. Why personal information is collected, held, used and disclosed:

Activ collects personal information to help it do its business activities:

  • To carry out employment and staff functions
  • For supporting you
  • For administrative and legislative functions
  • Meet Government funding requirements
  • To handle Complaints

Activ will only use the personal information collected for the above reasons as set out in the privacy rules.

Activ will only use your personal information for secondary purposes where it is able to do so in the Privacy Act.

6. Accidental or unauthorised disclosure of personal information

Accidental or unauthorised disclosure or sharing of personal information is prohibited or not Activ takes sharing of personal information very seriously. Activ makes sure your information is safe.

You have the right to access and correct your personal information.

Please let staff know if you need your personal information changed.

If you have any privacy query’s please contact the Activ Privacy Officer.

We look forward to speaking with you.

08-9387-0555
Contact Us