Personal information and sensitive information
Personal information is any information or opinions about an identified individual or an individual who is reasonably identifiable, whether the information is true or not and whether the information is recorded in a material form or not.
Sensitive information is any personal information about racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual orientation or practices, criminal record, health, genetics, biometrics or biometric templates.
We generally collect sensitive information on a need-to-know basis (such as understanding your loved one’s needs to find them the right support through the One Day Off campaign) or when you volunteer it (for example, by including such information in a fundraising description). We only collect, use or disclose sensitive information only as allowed by law, for example where we have received your express or implied consent to do so or the collection is required by law.
How we collect your personal information
We collect personal information that is necessary for our activities and in order to provide and develop our services.
We may collect personal information in a number of ways, including:
- directly from you, when you provide it to us;
- from third parties who provide your information to us (such as a champion providing a Carer’s information to fundraise through One Day Off, or a Carer providing information about their loved one to organise an appropriate support worker);
- by analysing your use of our websites; and
- from publicly available sources.
We also collect information using passive information collection technologies such as cookies as you navigate through our websites.
We may use and combine such passively collected anonymous information to provide better services to our website visitors, customise our website based on your preferences, compile and analyse statistics and trends and otherwise administer and improve our websites for your use.
What personal information do we collect and why?
The types of personal information we collect through the ‘contact us’ page on our Caring for Carers website is your name, email address and any personal information you provide in your message.
The types of personal information we collect about Carers and Champions fundraising through One Day Off are:
- your name and contact details;
- a profile picture (if it is provided);
- information about when you would like a Day Off;
- any information you provide about yourself when setting up your fundraising page;
- any testimony you provide about One Day Off; and
- any other information you provide to us.
We collect personal information about a Carer’s loved one includes their name, contact details, gender and information about their care needs (including existing support arrangements) to help us arrange an appropriate support person for them.
The types of personal information we collect from donors through One Day Off are:
- your name and contact details;
- your payment details;
- any message you want to leave for the Carer you are supporting; and
- whether you wish to your donation to be anonymous or named.
The types of personal information we collect from our volunteers (including applicants) is your name, email address, mobile number and any personal information you provide in your application.
If we are not provided with the personal information that we request, we may not be able to respond to you, meet your request or provide our products or services to you.
The personal information you provide us may be used for a number of purposes connected with our operations, which include to:
- seek donations and raise funds to allow a Carer to have One Day Off;
- organise a Carer to have their Day Off and have professional support provided to their loved one;
- if you have purchased a product from us, to provide that product to you;
- if you have given us a testimony, to publicise that testimony on our websites and through other public channels;
- develop and improve our services and seek your feedback;
- update you about Caring for Carers and One Day Off, and to promote our activities; and
- if you are a volunteer, to facilitate you working with us.
Your personal information may be used so that we can provide you with information about our activities, fundraising campaigns and opportunities for Carers or to request your feedback for promotional purposes. We may contact you by email, post or telephone. You always have the right to opt-out of receiving such information or being contacted. You may exercise that right by contacting us as set out below.
We will not use your information for purposes other than those described above unless we have your consent or as permitted by law (including for law enforcement or public health and safety reasons).
Sharing your personal information
When a Carer has a page set up on One Day Off, we will share information that the Carer or their Champion has chosen to put on their fundraising page (such as a name, profile picture and any information submitted to be displayed on the fundraising page).
When we are organising the Day Off, we need to share information about the Carer and their loved one to the support person (and their organisation) who will care for the loved one. That information will include the loved one’s sensitive information. We require support persons (and their organisations) to keep this information confidential and only use it to provide support services for the Day Off.
If you are a volunteer, we share your name and contact details with other members of our Caring for Carers team to facilitate you working with us.
We also may also disclose your personal information to:
- others in accordance with a request made by you;
- in confidence, to our fundraising platform provider so they are able to provide the fundraising platform to us; and
- in confidence, to persons engaged in providing us with professional, technology and administrative services, when reasonably required.
Unless you consent, we otherwise will not disclose your personal information to third parties.
Does my personal information leave Australia?
No. Personal information we hold is held in Australia.
Access and correction
You may request access to any of the personal information we hold about you by contacting us as specified below.
We will take reasonable steps to ensure that the personal information we collect, use or disclose is accurate, complete and up to date. To ensure your personal information is accurate, please notify us of any errors or changes to your personal information and we will take appropriate steps to update or correct such information in our possession.
Storage and security
We will take all reasonable precautions to safeguard your information from loss, misuse, unauthorised access, modification, disclosure or destruction. We implement a range of physical and electronic security measures to protect the personal information that we hold, including:
Our platform provider implements physical controls designed to prevent unauthorized access to, or disclosure of, our supporter data. Our website resides in a data centers managed by our platform provider which is monitored 24×7 for all aspects of operational security and performance.
Our data center provider is certified to the following compliance standards: HIPAA, PCI-DSS, SOC 1 Type 2, SOC 2 Type 2, ISO 27001 and FISMA/NIST. Our cloud provider has the following certifications: PCI-DSS, ISO 27001, SOC 1 / 2 / 3, IRAP, ISO 27018 and ISO 9001.
To protect your data, our platform provider encrypts information in transit by supporting TLS 1.2. Data at rest is also encrypted using AES-256 encryption, and our site is compatible with PCI DSS SAQ 1 A-EP.
Only authorised platform provider personnel are permitted to access personally identifiable information through approved and logged devices, and only for the purpose of processing your information for event fundraising purposes on this website.
You should keep in mind that no internet transmission is ever completely secure or error-free.
We take every privacy complaint seriously and will aim to resolve any such complaint in a timely and efficient manner, and our target response time is 30 days.
How to contact us
Links to other websites