privacy and information security statement
The Cat Protection Society of NSW Limited respects and values your privacy and takes all reasonable steps to protect the privacy and confidentiality of the personal information provided to us in our work.
Overview of how we deal with personal information
We view all personal information as sensitive information, the collection, storage, use and disclosure of which requires consent (written or verbal). The information we collect depends on our relationship with you (eg client, staff member, volunteer, member, supplier, donor).
Personal information is collected only to the extent necessary to allow us to effectively and properly conduct our business and as required by law. The use of information is limited to the purpose for which it was collected. We take reasonable steps to make sure that the personal information we collect is accurate, complete and up-to-date and that it is held securely against loss, unauthorised access, modification or disclosure and against other misuse.
The Australian Privacy Principles: how we manage personal information
Consideration of personal information privacy
We will only seek personal information necessary to deliver our services, activities and functions. We allow individuals the option of not identifying themselves when providing information except when it is impractical for us to deal with individuals who have not identified themselves or have used a pseudonym. It is possible that failure to provide relevant personal information will mean that we can’t undertake a service or task (eg adoption of a kitten or cat, for which it is a legal requirement that we know who is adopting and where the cat’s new home will be).
Collection of personal information
When collecting personal information about an individual, we will first inform the individual and proceed only if the individual consents. We will not keep personal information received about an individual, unless that person has given permission. We will also make sure that each individual providing personal information is informed about and understands the purpose of collecting the information and its intended use / disclosure. We will from time to time collect commercial information that is already available in the public domain.
Dealing with personal information
We use personal information only for the purpose for which it was collected. We will only disclose personal information without consent where such disclosure is required by law, or for law enforcement, or in the interests of the individual’s or the public’s health and safety.
Personal information will not be provided (by sale or otherwise) to another person or organisation for direct marketing nor will it be knowingly provided to overseas recipients unless legally required to do so. We will not use any government-related identifier (eg drivers licence no) as our identifier, nor will we disclose it.
Integrity of personal information
We take reasonable steps to make sure that the personal information we collect, use or disclose is accurate, complete and up-to-date.
Access to and correction of personal information
An individual may request access to the personal information we hold about him / her. Access will be provided unless there is a sound reason under the Privacy Act 1988 or other relevant law to withhold access. The accuracy of records and data held is very important. We will correct the personal information we hold about a person if is inaccurate, out of date, incomplete or misleading.
Information security
Whether held electronically or on paper, we take care to protect and hold securely, all personal information. Hard-copy records in use are held securely in our offices before being archived to external storage facilities. All premises are secured from unauthorised access by key-lock and alarm systems. Information no longer required to be kept is disposed of securely either by shredding or permanent erasure of electronic records.
Access and/or disclosure of personal information is allowed, consistent with the purpose for which it first collected or to comply with legal requirements (eg our financial auditors may wish to examine a sample of member or client records). Some of our functions are outsourced (eg accounting and information technology systems and support). Disclosure to those providers enables them to provide the services for which they are engaged. Our contractors are bound by the same rules around privacy and confidentiality as are our directors, employees and volunteers.
Access to electronic files is protected by user access controls which restrict access to appropriate files, a firewall for the network and sound anti-virus software. All electronic databases are backed up to off-site secure hosting services.
Financial transactions and website security
Payments made direct to us over this website utilise technology provided by reputable external service providers. Your credit card details pass directly to the providers to allow the transaction to be processed directly by our Westpac merchant facility. Our internal databases will retain only a record of the last 4 digits of the card used in any transaction in order to maintain a trail in the event of subsequent enquiry. Credit card details provided on paper (eg to facilitate a paper-based membership application) are “redacted” (blacked out) from the paper record prior to it being filed / archived as above. This website has a VeriSign Secure Site Pro SSL certificate to protect the transfer of sensitive data. It employs up to 256-bit data encryption (well above industry standard).
We will NEVER request from you, nor provide, financial information via email. If you receive a suspicious email that appears to be from us, please do not respond to it but contact us on 02 9519 7201 during business hours.
Visiting the website
Our web server collects the domain names (not the email address) of visitors to our website, This information is aggregated to measure basic usage data such as the number of visits, average time spent on the site, pages reviewed and how our users navigate through our site, so that we can use this data to improve our website for you.
Cookies
A cookie is a piece of data stored on the user’s hard drive containing information about the user. It is updated from time to time as you access a website. We do not use cookies to trace or record personally identifiable information about you.
Questions
If you have any questions about our privacy or information security policies please contact us: info@catprotection.org.au