RESPECTING PRIVACY 

Background

CWA Sydney City collects personal information relating to members, and maintains a database in the Association’s office 

Personal information is defined by the NSW Privacy and Personal Information Protection (PPIP) Act (1998) as: “any information or opinion about an individual or which is reasonably capable of identifying an individual”

As a member of CWA Sydney City you will receive communications by email, phone and / or mail. If you have any concerns in relation to this, please contact the Privacy Officer

Purpose

The purpose of this policy is to protect the privacy of individuals and organisations about whom CWA Sydney City collects and/or holds information. The policy outlines the guidelines which must be observed when collecting, storing and using personal and confidential information

Legislation

The NSW PPIP Act governs the collection, use and storage of personal information across NSW

Principles

The PPIP Act sets out 12 specific Information Protection Principles to guide the collection and use of personal information.
CWA Sydney City adopts these principles:

Collection

1. Lawful - when an organisation collects your personal information, the information must be collected for a lawful purpose. It must also be directly related to the organisation's activities and necessary for that purpose

2. Direct - your information must be collected directly from you, unless you have given your consent otherwise. Parents and guardians can give consent for minors

3. Open - you must be informed that the information is being collected, why it is being collected and who will be storing and using it. The organisation should also tell you how you can see and correct this information

4. Relevant - the organisation must ensure that the information is relevant, accurate, up-to-date and not excessive. The collection should not unreasonably intrude into your personal affairs.

CWA Sydney City uses ‘TryBooking’ to collect your membership details and fees. For specific information regarding TryBooking’s privacy policy, please see here

Storage

5. Secure - your information must be stored securely, not kept any longer than necessary, and disposed of appropriately. It should be protected from unauthorised access, use or disclosure

Access 

6. Transparent - the organisation must provide you with enough details about what personal information they are storing, why they are storing it and what rights you have to access it

7. Accessible - the organisation must allow you to access your personal information without unreasonable delay and expense

8. Correct - the organisation must allow you to update, correct or amend your personal information where necessary

Use 

9. Accurate - agencies must make sure that your information is accurate before using it

10. Limited - agencies can only use your information for the purpose for which it was collected, for a directly related purpose, or for a purpose to which you have given your consent. It can also be used without your consent in order to deal with a serious and imminent threat to any person's health or safety

 Disclosure

11. Restricted - the organisation can only disclose your information with your consent or if you were told at the time they collected it from you that they would do so. The organisation can also disclose your information if it is for a related purpose and they don't think that you would object. Your information can also be used without your consent in order to deal with a serious and imminent threat to any person's health or safety

12. Safeguarded - the organisation cannot disclose your sensitive personal information without your consent, for example information about your ethnic or racial origin, political opinions, religious or philosophical beliefs, health or sexual activities or trade union membership. It can only disclose sensitive information without your consent in order to deal with a serious and imminent threat to any person's health or safety

Responsibilities for managing privacy

Responsibilities for the management of personal information are the domain of any individual within the organisation with access to, or responsibilities for, such information. However CWA of NSW promotes specific responsibilities to certain individuals/positions. Those individuals will then be in a position to ensure that all staff are suitably instructed either through training or the introduction of policies and procedures, as to their obligations in relation to the protection of personal information in their handling

Privacy Contact Officer

As a matter of good practice, an organisation should have a designated officer to whom members of the public can direct
any queries or complaints in the first instance. Privacy Contact Officers are also the primary point of contact for liaison with Privacy NSW

CWA Sydney City appoints this role and responsibilities to its Privacy Officer