North Cottesloe Surf Life Saving Club

Privacy Policy

Introduction

North Cottesloe Surf Life Saving Club will endeavour to handle your personal information in accordance with the Privacy Act 1988 and the Australian Privacy Principles which sets out the way organisations can collect, use, disclose and provide access to Personal and Sensitive Information.

This Privacy Policy includes information on how NCSLSC will handle your personal information. NCSLSC may revise the Privacy Policy and Terms and Conditions of Data Collection from time to time; changes will take effect when they are published on our website.

This Privacy Policy applies to all employees, consultants, contractors, volunteers and agents of NCSLSC, and covers all information collected by NCSLSC.

Relevant Legislation:

Privacy Act 1988
Australian Privacy Principles 2014 (APP)
Spam Act 2003

What is personal information?

The Privacy Act defines ‘personal information’ as information or an opinion about an identified individual, or an individual who is reasonably identifiable:

  • Whether the information or opinion is true or not; and

  • Whether the information or opinion is recorded in a material form or not.

Types of information

NCSLSC collects your Personal and Sensitive Information only if you have consented to the information being collected, if the information is reasonably necessary for one or more of our functions or activities or if one of the other exceptions applies under the APPs.

We may collect Personal Information about you, including the following which may not all be relevant to you depending on the services you access:

  • Your full name and contact details, gender and date of birth

  • Country of birth

  • Drivers License or Skippers Ticket License Details

  • Details of your parent, spouse of next of kin

  • Payment and purchasing details (where you make payments or donations to us)

  • Professional and/or education details

  • Any other information you provide to us

We may also collect Sensitive Information about you, such as:

  • Whether you are of Aboriginal or Torres Strait Islander origin

  • Language and cultural diversity information

  • Disability status

  • Health and lifestyle information you provide us during the provision of NCSLSC services

  • Any other information you provide to us

NCSLSC may combine the information which you provide to us with other information we collect from other sources and, if we do so, our use of the resulting combined information will be subject to our Privacy Policy.

Collection of Information

We only collect your information by lawful and fair means. We will always collect Personal Information from you directly unless it is unreasonable or impractical for us to do so.

We collect personal information from people who are connected to our operations including donors, supporters, employees, volunteers, service providers and suppliers.

We collect personal information in a few different ways, including:

  • Forms you provide to us

  • Electronically, such as through our website

  • Phone calls

  • Information you provide while visiting us or participating in programs or services provided by us

  • Other correspondence, such as email and mail.

We also obtain personal information from third parties such as Surf Life Saving WA, Surf Life Saving Australia or the WA Government Department of Communities. If we collect personal information about you from a third party and it is unclear that you have consented to the disclosure of your personal information to us, we will take reasonable steps to contact you and ensure that you are aware of the circumstances surrounding the collection and purposes for which we collected your personal information.

Use of your information

NCSLSC may collect your personal information for several purposes, including:

  • To provide you with information and support services

  • To communicate with you about donations, fundraising, products, services, campaigns and events

  • To provide you with information about volunteering

  • To verify your identity

  • To improve and evaluate our programs and services

Where NCSLSC collects your personal information for a specific purpose not outlined above, we will provide you with a collection notice which explains the primary purpose and any related secondary purposes for which we are collecting your personal information.

NCSLSC will provide statistical information to Surf Life Saving WA, or other organisations that provide funding to NCSLSC. This information is statistical information only and does not identify individuals.

We do not currently disclose your Personal Information to overseas parties. If your Personal Information is transferred overseas, we will comply with our obligations under the APPs.

Disclosure of your information

NCSLSC will only transfer your Personal Information to third parties in the following circumstances:

  • Where you have consented to the disclosure

  • To health care professionals and service providers in the event of a medical emergency

  • To contractors who perform services on our behalf, such as mailing houses, printers, information technology services providers, database contractors

  • Government agencies including enforcement agencies where a statutory requirement to report certain matters arises during the collection of personal information.

Anonymity

It is your choice to provide information to us. Wherever it is lawful and practicable, you have the option not to identify yourself or to use a pseudonym when interacting with us. You can remain anonymous when using some parts of our Websites. However, it may be necessary for us to collect your Personal or Sensitive Information if you would like to access certain materials or services. If you choose to withhold the information we require, we may not be able to provide the services you have requested.

Security of your information

We take appropriate steps to protect your Personal and Sensitive Information held by us from misuse, interference, unauthorised access, modification, loss or disclosure. This includes during storage, collection, processing, transfer and destruction of the information.

Your personal information will be stored on a password protected electronic database, which may be on our database, a database maintained by a cloud hosting service provider or other third-party database storage or server provider. Backups of electronic information are written to drives which are stored offsite.

Hard copy information is generally stored in our offices, which are secured to prevent entry by unauthorised people. Any personal information not actively being used is destroyed unless there is a statutory obligation for it to be retained, in this case it is usually for 7 years.

Your personal information will stay on the database indefinitely until you advise you would like it removed, unless we de-identify it or destroy it earlier in accordance with privacy law requirements.

Website usage information and cookies

When you access our website, you may interact with software used in the management of that website (such as Javascript), and small data files (known as cookies) may be stored on your device via your web browser. The use of cookies helps us provide you with a more useful website browsing experience.

A cookie does not identify individuals personally, but it does identify computers. You can set your browser to notify you when you receive a cookie and this will provide you with an opportunity to either accept or reject it in each instance.

We may gather your IP address as part of our business activities and to assist with any operational difficulties or support issues with our services. This information does not identify you personally.

We use Google Analytics features based on Remarketing, Google Analytics Demographics, and Interest Reporting. These features use first­-party and third-­party cookies to inform and optimise content based on your past visits to our site.

We also use pixel tracking, which indicates when your computer has visited pages on our websites where a pixel has been installed. As with cookies, this does not identify you personally, only the device you are using.

Google Analytics informs us of how visitors use our site based on your browsing habits, so that we can improve our site to make it easier for you to find the information you are seeking. Google also receives this information as you browse our site and other websites on the Google Display Network using Remarketing.

If you would like to opt-­out of customised Google Display Network services and Google Analytics for Display Advertising you can use Ad Settings. You can also use the Google Analytics Opt­out Browser Add­on so you are not tracked into Google Analytics.

Links to other sites

Our website contains links to other sites on the Internet. Those sites are not under our control and we cannot be held responsible for the privacy practices or content of those sites. Some sites may not be subject to Australian Privacy Law. We suggest that you review the privacy policy of each site before providing any response or information.

Accessing and Correcting information

We will take reasonable steps to ensure that all Personal Information that we collect, use or disclose is accurate, up-to-date, complete, relevant and not misleading. We will correct any Personal Information that we believe to be incorrect, out-of-date, incomplete, irrelevant or misleading.

You may request to access or correct your Personal Information at any time by contacting the General Manager using the details below. We will give you access to the information unless one of the exceptions under the Privacy Act applies. For example, if providing access would be unlawful or denying access is authorised by law.

We are not responsible for any problems that may arise if you do not give us accurate, truthful or complete information or if you fail to update such information. We will reject and delete any entry that we believe in good faith to be false, fraudulent or inconsistent with these terms and conditions.

If you wish to amend any of your details or the information you have provided to us please contact us using the details on the Websites. If you request to access or correct your information, we will respond within a reasonable time (usually within 30 days). If your request is refused, we will give you a written notice that sets out the reasons for refusal and how to complain about the decision.

Direct communication and promotional materials

Where NCSLSC uses your personal information to send you marketing and promotional information by post, email or telephone, we will provide you with an opportunity to opt-out of receiving such information. By electing not to opt-out, NCSLSC will assume we have your implied consent to receive similar information and communications in the future. NCSLSC will always ensure that our opt-out notices are clear and easy to find.

If you do not wish to receive direct marketing communications from NCSLSC, please email enquiries@ncslsc.com or phone 08 9284 2626.

Spam Mail

It is our policy that all electronic communications will include an unsubscribe facility. The Spam Act prohibits sending unsolicited commercial emails, SMS and MMS messages for commercial purposes.

Examples of unsolicited communications are ones that do not directly relate to a service you have previously signed up with or agreed to. While not-for-profit organisations such as NCSLSC do have some exemptions from the Spam Act, we are guided by the Code of Practice developed by the Australian Direct Marketing Association. See www.adma.com.au/comply/code-of-practice/ for further information.

Your direct debit or credit cards

NCSLSC uses Secure Socket Layer (SSL) certificates which is the industry standard for encrypting your credit card and debit card numbers, your name and address so that it cannot be viewed by any third party over the internet. Your financial information is encrypted on our servers and access to this information is restricted to our authorised staff only.

NCSLSC is committed to protecting consumer credit card data in compliance with the Payment Card Industry Data Security Standard (PCI DSS). Our alignment with this standard is reflected in the people, technologies and processes we employ.

Notifiable Data Breaches

The Privacy Act Amendment Notifiable Data Breaches (NDB) Act 2017 requires NCSLSC to notify particular individuals and the Office of the Australian Information Commissioner about ‘eligible data breaches’. A data breach is eligible if it is likely to result in serious harm to any of the individuals to whom the personal or sensitive information relates.  NCSLSC will make an objective assessment of whether a data breach is likely to result in serious harm and take remedial action according to its data breach response plan. See www.oaic.gov.au/ for further information

Complaints and Enquiries

NCSLSC is committed to the protection of your privacy. If you have any questions about how we handle Personal Information, would like to complain about how we have handled your information, or would like further information about our Privacy Policy, please submit a written query or complaint to our General Manager at enquiries@ncslsc.com or call 08 9284 2626.

The General Manager will assess any complaints and liaise with you to resolve any issues within a reasonable time (usually within 30 days).

If you are dissatisfied with our response, you may refer the matter to the Australian Information (Privacy) Commissioner (see www.oaic.gov.au).

Approved: March 2024