We may collect personal information in a number of ways, including directly from you and with your consent, or where otherwise permitted by law from third parties such as your family members or health care professionals.
- Why we have collected the information;
- Any third parties or types of third party to which we usually disclose this kind of personal information;
- That you can seek access to any personal information held by us; and
- Any other matters required by law.
3. Data Security
We will take reasonable steps to protect the personal information the Stroke Foundation holds from misuse, interference, loss, or unauthorised access, modification, or disclosure. Should a notifiable data breach occur through unauthorised access, disclosure or loss (accidental or inadvertent) of personal information we will take all reasonably practicable steps to notify you. If we are unable to notify you directly, we will publish a copy of the disclosure statement submitted to the Australian Information Commissioner on our website www.strokefoundation.org.au. We train our workforce about the importance of confidentiality and maintaining the privacy and security of your information.
4. Use and Disclosure
The personal information we collect about you may be used for the following purposes (depending on the purposes communicated by you or us at the time we collect the information and on what may otherwise be permitted by relevant legislation):
- To provide you with Stroke Foundation information, newsletters, and/or marketing material;
- To register you to attend Stroke Foundation events;
- To answer your queries or address issues or problems with your use of our services;
- To ensure the continual improvement of our operations;
- To customise advertising and marketing content;
- To request a donation to the Stroke Foundation;
- For research purposes and to collect statistics;
- To process transactions, e.g. in connection with the making of a donation or a request for information; and
- To comply with legal requests from government departments or statutory authorities; and any other purpose disclosed or otherwise apparent to you at the time we collected the information. We may also use your personal information for other purposes permitted or required by legislation.
To request not to receive direct marketing material from us please contact the Stroke Foundation Privacy Officer at Level 7, 461 Bourke Street, Melbourne, VIC 3000 or firstname.lastname@example.org
We will not disclose your personal information to any third parties except:
- To related entities;
- To contractors and other third parties appointed by us; including for example website and data hosting providers, technology service providers, advertising and promotional agencies and other persons who perform services for us (and we will seek to agree upon confidentiality terms binding such contractors and other third parties in order to protect any personal information we disclose to them);
- To volunteers who assist us (we will seek agreement by our volunteers to confidentiality terms protecting any personal information we disclose to them);
- To our professional advisers, accountants, insurers, lawyers and auditors on a confidential basis;
- Otherwise with your consent; or as otherwise required or permitted by legislation.
5. Types of Personal Information Held
Personal information that is collected and held by the National Stroke Foundation often falls into the following categories (however these categories are not exhaustive):
- Name and contact details;
- Transactional information, e.g. in connection with the making of a donation or a request for information; and
- Health information.
6. Sending Personal Information Overseas
The Stoke Foundation may send your personal information outside Australia to third party service providers who perform services for us, such as for the purposes of data hosting or processing. We will seek to agree upon confidentiality terms binding such contractors and other third parties in order to protect any personal information we disclose to them.
Subject to some exceptions that are set out in the Act, all persons may gain access to their personal information that is held by us. Access may be refused in accordance with the Act, including if access would have an unreasonable impact on the privacy rights of other persons.
Where permitted by the Act, we may charge an access fee for giving you access to your personal information.
8. Correction of Personal Information
From time to time, we may request that you check and update the personal information that we hold about you. Alternatively you can seek to update or correct your personal information at any time by contacting the Stroke Foundation Privacy Officer at Level 7, 461 Bourke Street, Melbourne, VIC 3000 or email@example.com
9. Information Destruction or De-identification
If we hold personal information about an individual and no longer need that information, we will take reasonable steps to destroy or de-identify the information unless we are required by law to retain it.
10. Complaints and Feedback
We take all complaints and feedback seriously. We assess complaints with the aim of resolving any issue in a timely and efficient manner. We will use reasonable endeavours to review your complaint or feedback within 30 days of receipt and otherwise in accordance with the Act. Resolution of your complaint may be delayed if we are unable to contact you.
Further details on our complaints and feedback policy can be found on our website www.strokefoundation.org.au