Privacy statement

Personal information collected by Craig’s Table is protected by the Privacy Act 1988  (Privacy Act). Personal information is any information or an opinion that identifies you or is reasonably identifiable and includes sensitive and health information.

Craig’s Table complies with the Australian Privacy Principles contained in the Privacy Act in handling personal information collected from clients/beneficiaries, business partners, donors, members of the public and Craig’s Table people (including members, volunteers, employees, delegates, candidates for volunteer work and prospective employees).

Craig’s Table has developed a Privacy Policy to protect your privacy. The Policy is available below. It contains more information about Craig’s Table' responsibilities, your rights, the information that may be collected by Craig’s Table, and how it would be used.

The primary purpose for collecting personal information from individuals is to provide services to vulnerable people, including planning, funding, monitoring and evaluating our services. The kind of information we collect will depend on your relationship with Craig’s Table.

Your personal information may be used to:

• provide you with a service,
• report to government or other funding bodies how funding is used,
• process your donation or purchase and provide receipts,
• communicate with you about how your donation is used or about Craig’s Table services, causes, events, products and services, which we believe may be of interest to you,
• respond to your feedback or complaints, and
• answer your queries.

It may also be used for:

• any other specific purpose for which it was requested and which was advised to you in the collection notice,
• and directly related purposes.

Wherever possible, Craig’s Table uses information in a de-identified form. Personal information will not be disclosed to third parties without your consent, except where permitted or required under the Privacy Act.

All personal information collected from individuals will be securely stored by Craig’s Table and protected from unauthorised use or access. All reasonable steps will be taken to ensure information is accurate and up-to-date. Our Privacy Policy also provides a process for requesting access to your personal information and making a privacy complaint.

If you have any enquiries in relation to privacy or personal information please contact: information@craigstable.net.au

Why does Craig’s Table need to collect this information?

We need to collect this information so that we can do one or more of the following:

• process your donation
• to verify your identity
• enable you to participate in our activities or provide you with information about our activities
• provide you with a tax receipt

What happens if Craig’s Table doesn't collect his information?

If Craig’s Table does not collect this information from you we may not be able to process your donation or membership, enable you to participate in our activities or provide you with direct marketing.

Anonymity/Nickname

You have the right to ask that we do not record your real name.

Tel: 1800 CRAIG’S TABLE (733 276)
Fax: 61 3 9348 2513
Email: privacy@redcross.org.au

Complaints

Information about how to complain is also in the Craig’s Table Privacy Policy. You can also complain direct to the Privacy Commissioner at www.oaic.gov.au

Will my information be stored offshore?

Your information is stored in Australia.

Privacy policy

Date of commencement: 24 February 2018

Craig’s Table ABN 95312046255 9953120462555312 046 255

This Privacy Policy explains how we collect and handle personal information. It tells you how to contact us if you have any questions about how we handle your personal information.

We take our privacy obligations seriously.  We will handle personal information in accordance with all relevant laws including the Australian Privacy Act.

What is “personal information”?

In this Privacy Policy, “personal information” means information or an opinion about an identified individual, or an individual who is reasonably identifiable. It includes information or opinion:

• whether the information or opinion is true; and
• whether the information or opinion is recorded in a material form or not.

“Personal information” includes sensitive information such as health information. It includes information which we request. It also includes information which is given to us, which we have not requested.

May I choose not to provide personal information?

You may choose not to agree to provide the personal information we request.

By providing your personal information to us, you confirm that you have agreed to us collecting, using and disclosing your personal information in accordance with this Privacy Policy.

Kinds of personal information we collect

The kinds of personal information that we may collect and hold about you include those listed here.

• Identifying information, such as your name and date of birth.
• Details of products or services that we provide to you.
• Information about how you use the products and services we provide.
• Records of our interactions with you.
• Contact information, such as your address, email and telephone number(s).
• Financial information, such as credit card, bank account or other payment details.
• Government-issued identifiers - such as health service providers’ practitioner numbers.
• Usernames and passwords that you create when registering for an account with us.
• Social media handles and other social media profile information that you make available to us or to the public.
• Information about your health.

How we collect personal information

We collect personal information from people and organisations. This includes

• our employees
• job applicants
• volunteers
• members
• the people that we provide services to
• our suppliers
• the general public (such as donors and visitors to our website)
• our other business and research partners.

We collect personal information from you when you

• accept assistance from us
• receive our products or services
• donate
• become a member or volunteer
• provide us with products or services
• submit a query or request to us
• respond to a survey or fill in one of our forms.

We collect personal information from our service providers whom we engage to provide services on our behalf.

We collect personal information by tracking your use of our websites and mobile applications (in which case we may also collect information about your IP address, location or activity). This information helps us to keep connected with you through understanding use of our website. The information we collect may include information to enable us to personalise your experience on our website and to enable us to statistically monitor how you are using our website.

We may also use this information

• to conduct marketing and promotional efforts,
• to provide information to your browser that we think may be of interest to you,
• to determine the popularity of certain content.
• We collect personal information when you participate in programs or events that we run or support.

We collect personal information in several ways. These are face-to-face; over the phone; by email; over the internet (including social media platforms); and in writing.

Purposes for which we collect and use personal information

When we collect your personal information, we will provide you with more information about the reason for the collection.

If you have agreed, we collect and use personal information for one or more of several purposes. These will depend upon what is relevant to your situation.

• To enable us to help through our various community programs
• To manage our relationship with you, including confirming your identity, responding to any queries or requests and contacting you for follow-up purposes.
• To enable us to provide products and services.
• To enable us to raise funds – example: through direct fundraising, administering memberships and bequests.
• To analyse use of our products and services, and carry out quality assurance activities, including through working with third parties.
• To provide education and training, both internally and externally - example: to our staff and other organisations.
• To keep you informed of our activities, including through sending out newsletters and electronic communications.
• To manage and develop our business and operational processes and systems.
• To manage and resolve any legal or commercial complaints or issues.
• To comply with our legal obligations.
• To perform other functions and activities relating to our business.

We may use your personal information to send you marketing materials about products or services that may be of interest to you.
You can opt-out of receiving these marketing communications from us by contacting information@craigstable.net.au

We may also use and disclose your information in accordance with your requests or instructions.

People to whom we disclose personal information

If you have agreed, we may share your personal information with some other people. This will depend upon what is relevant to your situation.

When we collect your personal the information we will request your agreement to sharing it. We will provide you with more information about the reasons for the information to be shared.

If you have agreed, the other people with whom we may share your personal information, depending upon your situation, could be amongst those listed here.

• Our staff, contractors and volunteers, on a ‘need-to-know’ basis.
• Other persons authorised by or responsible for you
• Our business partners, agents, professional advisors and service providers (including health service providers, translators, interpreters and other third parties we work with or engage, to provide our services.
• Your representatives and advisers.
• Government agencies, such as those who we receive funding from.
• Universities and research organisations.
• Payment system operators and financial institutions.
• Other parties as authorised or required by law.

Storage and security of personal information

We generally store the personal information that we collect in electronic databases.

We use physical and technical security processes to protect the confidentiality and security of the information that we hold.

We also update our processes to address new and emerging security threats that we become aware of.

We will only keep your personal information for as long we need it for the purposes described in this Privacy Policy. Your personal information will be destroyed or de-identified when it is no longer required.

Access and correction

You may want to access any of the personal information that we hold about you.  You may also want to correct some aspect (for example, because you think it is incomplete or incorrect). If so, please contact our Privacy Compliance Team using the contact details below.

To make sure your information is only given to you, we will ask you to follow an access procedure, which will include steps to prove your identity.

In some cases, we may not be able to provide information in response to your request. For example, this could happen if for example it would interfere with the privacy of others or result in a breach of confidentiality. In these cases, we will let you know the reasons why we cannot comply with your request.

Queries and complaints

We aim to always meet the highest standards to safeguard your privacy.

Changes to this policy

We may make changes to this Privacy Policy from time to time, to take into account changes to our standard practices and procedures or where necessary to comply with new laws and regulations.