Invasive Animals CRC > Invasive Animals Ltd – Privacy policy

Invasive Animals Ltd – Privacy policy


Our commitment to privacy

Invasive Animals Limited is committed to the protection of privacy and to complying with the Australian Privacy Principles (APPs) and any other obligations it may have under Privacy Law.

This Policy outlines Invasive Animals Limited’s practices and policies for the collection, use and management of personal information. It covers all personal information (including sensitive information) collected by Invasive Animals Limited, and applies where personal information is collected directly and where it is sourced from third parties.

All Invasive Animals Limited (IAL) workers and suppliers are required to comply with this Policy.

This Policy is a public document and it may be accessed via our website and made available to a person who requests it.

Definitions

In this policy:

  • “APPs” means the Australian Privacy Principles set out in the Privacy Act 1988 (Cth).
  • “Privacy Law” means the Privacy Act 1988 (Cth), and any applicable Commonwealth, State or Territory law about the protection of personal information or health information.
  • “Personal Information” means information or an opinion about an individual who is identified or is reasonably identifiable, whether the information or opinion is true or not, and whether recorded in a material form or not. Unless otherwise indicated, ‘Personal Information’ in this policy also includes ‘Sensitive Information’.
  • Sensitive Information” means personal information that is about:
  • Racial, or ethnic origin
  • Political opinions
  • Membership of a political association
  • Religious beliefs or affiliations
  • Philosophical beliefs
  • Membership of a professional or trade association
  • Membership of a trade union
  • Sexual preferences or practices; or
  • Criminal record
  • Education Information
  • Health information
  • Genetic information that is not otherwise health information.

Our collection of personal information

In performing its functions, Invasive Animals Limited may need to collect personal information about:

  • People who are wanting to receive or are receiving services from or through IAL and Invasive Animals Cooperative Research Centre (IACRC) (‘service clients‘)
  • Employees, research students and other individuals who are affiliated with organisations that are participants of Invasive Animals Cooperative Research Centre (IACRC) (‘research affiliates‘)
  • Invasive Animals Limited employees, and contractors and service providers and their employees (‘workers and suppliers‘);

Invasive Animals Limited usually needs to collect names and contact details from people with whom we deal. However, where practicable we will allow people to deal with us anonymously or using a pseudonym, although this is usually only practicable in the case of preliminary or general inquiries.

The types of information we collect and the purposes for which we collect it vary according to the type of individual it relates to.

Service Clients

While Invasive Animals Limited does not provide services directly, we provide information and conduct a range of other activities relating to management and research services provided by IAL and Invasive Animals CRC.

For this purpose we may need to collect sensitive information and personal information about:

  • consumers,
  • subscribers to newsletters and media lists,
  • registrants to competitions, workshops or public events,
  • providers of management and research services.

We use this information for a range of purposes related to the research services of the IACRC, including to review and evaluate services and programs and to undertake service planning and analysis activities. Some of this information may be required to be provided to funding bodies.

Such information is generally collected, used and disclosed in de-identified form only. If we need to identify an individual recipient of research or other services we will ensure that the individual’s consent has been obtained. Aggregated and de-identified data may also be used in IAL and IACRC evaluation studies and reports, and in feedback material provided to funders, other research professionals or professional bodies.

Invasive Animals Limited tries to collect personal information about an individual only from that individual, but in some circumstances we may need to obtain personal information from a third party. For example where it is necessary to provide an urgent referral, we may collect personal information from a family member, carer or treating practitioner of a service client. Unless we are otherwise required or authorised by law, we will only collect sensitive information with the individual’s consent.

If you do not provide the information we require, we may not be able to provide or refer you to appropriate information or services.

Research affiliates

If you are a research affiliate, Invasive Animals Limited may collect your personal information in order to:

  • Provide services and programs for, or support services and programs offered by, your organisation and its staff;
  • Receive and deal with complaints or queries about programs and services provided by your organisation; and
  • Conduct planning and evaluation activities in relation to research programs and activities.

IAL will usually need to collect your name, age, gender, the organisation you work for or represent, its ABN or ACN, your work address, postal address, telephone and fax numbers and email address. We may also collect other personal information, including health information, information about your professional interests and experience, information about scholarships, education progress and post submission employment details, where it is relevant to a particular program or activity.

If you do not provide the information we require, we may not be able to provide any or all of the services Invasive Animals Limited offers.

Workers and suppliers

If you are a worker, the information IAL collects will usually include your name, age, gender, your physical address, postal address, telephone and fax numbers and email address. We may also collect information about your work history, and previous employment or engagements that are relevant to your work for IAL.

If you are one of our suppliers or provide services to us, we may also collect other information about you that is necessary to engage the provider or administer the provider contract, such as the products and services that you provide, quotes that you provide and direct credit or other banking details. We may from time to time need to check professional or trade references, which we will only do with consent.

If the information we require is not provided, we may not be able to utilise or fully utilise the services that workers and suppliers are able to provide.

Collection of information required by law

We may be required by law to collect information about providers of research services that require certain information to be collected for funding, evaluation and fraud prevention purposes.

How is personal information collected?

The means by which IAL collects personal information depends on the circumstances and the purpose for which it is collected. For example, we usually collect personal information whenever a person uses or requests a product or service, completes a survey, questionnaire or enrolment form or communicates with IAL. This may happen by email, via our website, via a Customer Relationship Management (CRM) system, via third-party subscription services (i.e. MailChimp, SurveyMonkey) by telephone or fax, in writing, or in person.

IAL also collects personal information from individuals who apply to provide services to or employment at Invasive Animals Limited through our staff recruitment and selection process.

IAL also collects personal information from the public domain sources, including public directories and membership lists published by professional registration boards.

What do we tell you about our collection of personal information?

When we collect personal information, we are required by the APPs to take reasonable steps to ensure that the individual is aware of certain details relating to the collection of personal information. We are required to do this whether we collect the information directly from the individual or indirectly via a third party.

Usually, IAL does this by ensuring that a privacy notice is provided at the time the personal information is collected. This information will also be provided when personal information is collected by telephone and is displayed or via our website.

The privacy notice will generally include information about:

  • The purposes for which we are collecting the information in the particular circumstances;
  • The types of organisations that that information may be disclosed to;
  • The consequences if we are unable to collect the information;
  • Whether there is any legal requirement for the information to be collected;
  • Whether any of the information is likely to be disclosed outside Australia;
  • Obtaining access to personal information we hold; and
  • Making a privacy complaint.

We may also inform people about our collection of personal information by other means, including through the media, through mail-outs or notices on our website.

Our use and disclosure of personal information

IAL uses the personal information it collects for a range of purposes connected with our functions as the managing entity for the Invasive Animals CRC, including to:

  • Provide information (such as publications, promotional resources, subscriptions, training materials and products) to research organisations, research professionals, research students and others;
  • Provide basic advice and referral information to service clients and other community members;
  • Conduct research and evaluation of products, materials, programs and services provided by IAL, IACRC and our participant organisations;
  • Monitor participation in, and use of, IAL and IACRC educational materials and products by research professionals, research students and educational institutions;
  • Promote and organise educational and training activities, including events and conferences; and
  • Perform our corporate and contractual obligations.

IAL promotional and educational activities may involve collecting individual research stories and publishing and/or broadcasting them to promote research and collaboration. We do not publish names or other identifying information (such as photographs) that may enable identification of an individual service client, a research affiliate or employee without first obtaining that person’s written consent.

Where IAL provides or administers education or participation activities for community members, research professionals or research students, we may disclose personal information to:

  • Relevant institutions for the purposes of monitoring the participation (eg course or institution requirements); and
  • Participant organisations for the purpose of recording professional development.

In some cases, information on the education or participation activity status of research professionals and research students is provided to an educational institution, provided the consent of the research professional or research student has been obtained.

IAL may disclose personal information to contractors or service providers to whom IAL out-sources certain functions or which provide services to IAL, such as:

  • IT service providers;
  • Bodies that undertake or assist in research or analysis; and
  • Print, data capture, mailing and distribution houses.

IAL may also disclose personal information in circumstances where it is required or authorised to do so by law. This includes where we consider disclosure is reasonably necessary to avoid serious risks to health or safety or for the investigation of unlawful or seriously improper conduct, or where we are required to disclose by the order of a court or tribunal.

If you attend or participate in an IAL or IACRC conference or event, your name, organisation and contact details may be used to compile a delegate list that is made available to other delegates, speakers, event organiser, accommodation providers, service providers, event sponsors and persons associated with related events. However, when collecting the information we will always give you the opportunity to elect that your personal information not be used or disclosed for this purpose.

IAL does not supply, sell or rent the personal information it collects to unrelated third parties for the purpose of marketing those third parties’ products or services. IAL may send you information from time to time about its own activities, programs and services. If you do not want to receive such information you should contact the IAL Office Manager Building 22, University of Canberra, Bruce ACT 2617. We will then remove you from our mailing lists.

IAL uses contracted IT service providers who may store personal information in or route personal information through servers and or data storage facilities located outside Australia, which may include in Singapore and the United States.

Our use of cookies

When you visit the IAL website or IACRC related websites, our web server may download a cookie to your computer. A cookie is a small piece of information sent by our server to your browser. To protect your privacy, your browser only permits a web site to access the cookies it has already sent to you, not the cookies sent to you by other sites. If you do not wish to receive any cookies, you may set your browser to refuse them; go to the browser’s help menu for instructions. Cookies do not contain personal information about users. However, cookies can identify a user’s browser. The cookies transferred by the IAL and IACRC related websites are used for such things as capturing information about a user’s web browser, controlling a pop-up window or enabling login access to password protected areas of the website.

How is personal information protected?

IAL takes reasonable steps to safeguard your personal information against loss, theft and misuse, as well as against unauthorised access, disclosure, alteration and destruction.

IAL uses contractual measures that require all contractors and service providers to comply with Privacy Laws and to take reasonable steps to protect personal information they collect in providing services to us or on our behalf.   All contracts that flow to IAL eg from the funders, and contracts that IAL and IACRC enters into with Participants, research professionals and other service providers, require compliance with the Privacy Act and contain confidentiality and privacy clauses.

IAL maintains the confidentiality and security of personal information by restricting access to only those staff and service providers with a legitimate need to access it. Security measures are in place to prevent the misuse, unauthorised access, modification or disclosure of personal information.

IAL requires all new staff to be trained on the requirements of this Privacy Policy and their privacy obligations and, provides such training as part of the staff induction process.

Access and correction

At any time you can advise IAL of changes to your personal information.

You have the right to ask for access to any personal information we hold about you, and to ask us to correct any inaccuracy in that information. There are some exceptions to this set out in the Privacy Act 1988.

If you make a request for access or correction, IAL will ask to verify your identify and specify what information you require. IAL may ask the reason for your request so we can assist you most effectively. However, you are under no obligation to provide a reason if you do not wish to.

Complaints about Privacy

If you believe your personal information is not properly protected, or that there has been a breach or potential breach of this privacy policy or the Privacy Act 1988 please contact Invasive Animals Limited to lodge a complaint. All complaints will be addressed in accordance with the Invasive Animals Limited Complaint / Dispute Policy.

IAL takes breaches seriously and has procedures to help identify and resolve a breach, potential breach or complaint as quickly as possible. This includes appropriate escalation processes to the Invasive Animals Limited Executive Management Team and CEO and notification processes in the event of a breach.

If you want to make a privacy complaint, you should contact the IAL Office Manager Building 22, University of Canberra, Bruce ACT 02 6201 2887 or contact@invasiveanimals.com   about the way we handle your personal information. Complaints are forwarded to the Business Manager for investigation. You will be notified of the process for dealing with the breach or potential breach. Your complaint will be investigated and a genuine attempt made to negotiate a resolution with you.

If you are not satisfied with the resolution of your complaint by IAL, you may contact the Office of the Australian Information Commissioner (OAIC) at oaic.com.au/privacy. The OAIC may investigate your compliant and has the power to award compensation against IAL in appropriate circumstances.