This document sets out the principles that the Newcastle Art Gallery Foundation (ACN 001 547 968) acting as trustee for the Newcastle Art Gallery Foundation Trust (ABN 27 761 310 771) (we, us, our) adopts in relation to the protection and handling of personal information.
We are committed to protecting your personal information and do so in accordance with the Australian Privacy Principles (APP), which are set out in Schedule 1 of the Privacy Act 1988 (Cth) and any other applicable state or territory legislation.
NOTE: This Policy does not apply to the personal information of employees of the Organisation.
WHAT IS PERSONAL INFORMATION ?
Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not, and whether the information or opinion is recorded in a material form or not.
Sensitive information is a type of personal information and includes health information, genetics, race, political opinion or membership, religion, philosophical beliefs, union membership, sexual preference and criminal record.
Health information includes information about physical or mental health or a disability an individual has had at any time, an individual’s express wishes about future provision of health services to him or her, any health service that has been or is to be provided to an individual, any personal information collected to provide or in providing a health service, information collected in connection with a donation or intended donation of body parts, organs or body substances, genetic information that is or could be predictive of health at any time of the individual or a relative of the individual and healthcare identifiers.
WHAT KINDS OF PERSONAL INFORMATION DO WE COLLECT ?
In certain circumstances, we may collect personal information about you, for example when you contact us, volunteer make a donation, use our services or join our mailing list. The type of information we collect may include (but is not limited to):
• your name and date of birth
• your contact details, such as home and email addresses, and telephone number;
• information about your personal circumstances (eg gender identity, occupation)
• information about your background (such as languages spoken, links to organisations, your donation history)
• bank or credit card details; and
• photographs (where your identity is clear or can be reasonably ascertained from the relevant image).
We may also monitor and record details of our interactions with you (including any contact we have with you in person, by email, online or on the telephone).
Where we collect sensitive information from you, including health information, we will do so only with your consent or where otherwise authorised by law. You may withdraw your consent for the Organisation to retain this information at any time.
From time to time, we may also receive unsolicited information, being information that we have not taken active steps to collect. Examples include misdirected mail, and promotional flyers containing personal information.
When we receive such information, we will decide within a reasonable period whether we could have collected it pursuant to the requirements in the APP. If we determine that we could not have collected the information, we will destroy or de-identify it as soon as practicable. Alternatively, if we determine that we could not have collected the information and wish to retain it, we will deal with this information in accordance with our obligations under the APP.
HOW DO WE USE OR DISCLOSE PERSONAL INFORMATION ?
The primary purposes for which we collect, hold, use and disclose personal information are to:
• help us to administer and improve the Foundation’s charitable purposes including disclosure of personal information for fund raising purposes;
• process donations and payments;
• manage our member database;
• keep you up to date with our activities;
• identify individuals;
• assess employee or volunteer applications;
• conduct surveys and research;
• protect our lawful interests; and
• respond to your queries or concerns.
We may also collect, use and disclose personal information in connection with lawful information requests from courts, government agencies and lawyers and in connection with suspected fraud, misconduct or unlawful activity.
If you are a donor, member, mailing list registrant or volunteer, we may use your personal information to provide you with ongoing promotional materials and marketing communications about our events, products, services and fundraising initiatives by telephone, email, online or by other means (unless you opt out or we are subject to legal restrictions).
We may exchange your personal information with other not-for-profit organisations and service providers, including government agencies, who may provide you with assistance or assist us with archival, auditing, accounting, legal, business, banking, payment, delivery, data processing, storage and analysis, research, investigation, website or technology services.
The Organisation may disclose your personal information to external service providers who are based overseas, for example cloud based services which are based in the United States of America who may stored data in the United States and overseas such as Hong Kong, Japan, Malaysia, Singapore and South Korea and include Salesforce, Microsoft Office 365 (Sharepoint), Woo Commerce, Woo Commerce payment gateway, Mailchimp and WordPress.
HOW DO WE HOLD AND SECURE PERSONAL INFORMATION ?
The Organisation handles personal information electronically and in hard copy form, both at our own premises and with the assistance of our service providers. In either case, a range of measures are implemented to protect the security of that personal information. We also take reasonable steps to destroy or permanently de-identify personal information where it is no longer needed for a permitted purpose.
HOW DO WE TREAT INFORMATION DISCLOSED THROUGH OUR WEBSITE ?
Using our websites
When you visit our website to read, browse or download information, our system may record information such as browser type, operating system, the date and time you visit the websites, the pages accessed and any information downloaded. This information is used to analyse how people use our website so that we can improve our offerings.
Like many other websites, our website may use an internet browser feature from time to time called ‘cookies’. A cookie is a small data file that may be placed on a web user’s computer (usually in the browser software folder) the first time that a computer visits a website that operates cookies. Cookies by themselves cannot be used to personally identify you – they only identify the computer used to visit our website and help us maintain the continuity of your browsing session by remembering your preferences for when you return. You can configure your web browsing software to reject cookies, however this may limit the functionality of our website or prevent you from accessing some parts of our website.
We use Google Analytics to inform and optimise content based on your past visits to our website.
Google Analytics informs us of how visitors use our website based on their browsing habits, so that we can improve our website, and make it easier to find information. Google also receives this information as you browse our website and other websites on the Google Display Network using remarketing.
If you would like to opt-out of customised Google Display Network services and Google Analytics for Display Advertising you can do so through Google “Ad Settings”. You can also use the “Google Analytics Opt-out Browser Add-on” so you are not tracked by Google Analytics.
Further information about how Google handles your personal information can be found at https://policies.google.com/privacy?hl=en-US.
Third party websites
Our website may contain links to other websites that are not owned or controlled by us. We are not responsible for the privacy practices or policies of those websites.
HOW CAN YOU REQUEST ACCESS OR AMENDMENTS TO YOUR PERSONAL INFORMATION OR MAKE A COMPLAINT ?
Please contact us using the details set out below if you have any queries or concerns about privacy or wish to access or correct any personal information we may hold about you. We may need to verify your identity.
If you are making an access or correction request, please provide details of the particular information you seek, to help us to locate it. If we deny any request for access or correction, we will provide our reasons. Where we decide not to make a requested correction to your personal information and you disagree, you may ask us to make a note of your requested correction with the information.
We take your privacy concerns very seriously. Where you express any concerns that we have interfered with your privacy, we will respond to let you know who will be handling your matter and when you can expect a further response.
For information about privacy generally, or if your concerns are not resolved to your satisfaction, you may contact the Office of the Australian Information Commissioner at www.oaic.gov.au and on 1300 363 992.
We will publish and update this policy on our website (www.nagfoundation.org.au) and make hard copies available on request.