Samarinda is bound to comply with the Privacy Act 1988 (Cth). The Privacy Act is the primary privacy law applicable to Samarinda. We are committed to complying with the Privacy Act’s Australian Privacy Principles (APPs) whenever we collect and handle personal information (including sensitive and health information).
We are also bound to comply with the following laws:
- Health Records Act 2001 (Vic): This Act and its Health Privacy Principles (HPPs) apply to Samarinda whenever we collect and handle health information in Victoria.
- Privacy and Data Protection Act 2014 (Vic): This Act and its Information Privacy Principles (IPPs) apply to Samarinda when we provide statutory services on behalf of the Victorian Government.
- The Notifiable Data Breaches scheme
3. What personal information do we collect?
At all times we try to only collect the information we need for the particular function or activity we are carrying out.
The personal information we may collect, hold and use about you will depend on the type of product/service you receive from us. Examples of personal information we may collect include, but are not limited to:
- Personal identification and contact details
- Banking, payment and contribution details
- Tax file & Medicare numbers
- Health (including clinical) and claims information
- Records of service contacts
- Financial situation, needs and objectives
- Employment details and history
- any other personal information which is either required to acquire a product or service or needed during the lifecycle of that product or service.
We will only collect, use and disclose personal information about you if it is necessary for us to adequately provide you with the products and services you have requested.
You have the right not to disclose your personal information to us. However, this may limit our ability to provide you with the products and services you have requested.
Personal information records are held for a period considered appropriate to provide you with the product/service you require and consistent with Privacy Laws and other applicable Laws and the Privacy Act. Should you cease to be a client of Samarinda, any personal information which we hold about you will be maintained for the relevant periods required by Law or until it is no longer required for any purpose related to the reason for which it was collected.
4. How do we collect your personal information?
We collect your personal information from:
- face to face interactions
- written forms
- correspondence (written and verbal)
- contact over the telephone, your mobile or other messaging technology
- via the internet, including websites and social media
In most cases, we collect your personal information directly from you. However, if this is not practical, we may collect information about you from another person (a person whom you have authorised to deal with us on your behalf).
4.1 Collecting through our website
Samarinda has its own public website – www.samarinda.org.au. There are a number of ways in which we collect information through our website.
We use Google Analytics to collect data about your interaction with our website. The purpose of collecting your data in this way is to improve your experience when using our site. The types of data we collect include:
- your device’s IP address (collected and stored in an anonymized format)
- device screen size
- device type, operating system and browser information
- geographic location (country only)
- referring domain and out link if applicable
- search terms and pages visited
- date and time when website pages were accessed
Cookies are small data files transferred onto computers or devices by websites for record-keeping purposes and to enhance functionality on the website.
Our website generally sets the following cookies:
- _ga: Google Analytics cookie
- bb2_screener_: security cookie (anti-spam)
Most browsers allow you to choose whether to accept cookies or not. If you do not wish to have cookies placed on your computer, please set your browser preferences to reject all cookies before accessing our website.
4.1.3 Email lists, registration and feedback
We will collect information that you provide to us when signing up to mailing lists and registering for our events, or when submitting feedback on your experience with our website.
Analytics are performed when you click on links in the email, or when you download the images in the email. They include which emails you open, which links you click, your mail client (e.g. ‘Outlook 2016’ or ‘iPhone’), if your action occurred on ‘mobile’ or ‘desktop’, and the country geolocation of your IP address (the IP address itself is not stored).
4.1.4 Social Networking Services
We use social networking services such as Facebook to communicate with the public about our work. When you communicate with us using Facebook we may collect your personal information, but we only use it to help us to communicate with you and the public. The social networking service will also handle your personal information for its own purposes.
These services have their own privacy policies. You can access the privacy policies for Facebook on their websites.
5. How do we use your information?
We use your information to manage, deliver and administer the products and services you request.
We also use your personal information to identify you and conduct appropriate checks and to manage, train and develop our employees.
6. Who do we disclose information to?
For example, we may disclose your personal information to:
- A person acting on your behalf including a financial advisor, trustee, attorney or person to whom you have granted a delegated authority
- Service providers engaged to carry out functions on our behalf
- Hospital and other health service providers, including to provide you with clinical services for a specific condition
- Your financial advisor
- External dispute resolution bodies as necessary to resolve a matter you have raised.
7. Accessing and correcting your personal information
Under the Privacy Act (Australian Privacy Principles 12 and 13) you have the right to ask for access to personal information that we hold about you, and ask that we correct that personal information. You can ask for access or correction by contacting us and we must respond within 30 days. If you ask, we must give you access to your personal information, and take reasonable steps to correct it if we consider it is incorrect, unless there is a law that allows or requires us not to.
We will ask you to verify your identity before we give you access to your information or correct it, and we will try to make the process as simple as possible. If we refuse to give you access to, or correct, your personal information, we must notify you in writing setting out the reasons.
If we make a correction and we have disclosed the incorrect information to others, you can ask us to tell them about the correction. We must do so unless there is a valid reason not to.
If we refuse to correct your personal information, you can ask us to associate with it (for example, attach or link) a statement that you believe the information is incorrect and why.
You also have the right under the FOI Act to request access to documents that we hold and ask for information that we hold about you to be changed or annotated if it is incomplete, incorrect, out- of- date or misleading.
8. Privacy Enquiries and Complaints
If you have an enquiry or complaint about our information handling practices, you should do this in writing. If you need help lodging an enquiry or complaint, you can contact us by calling 1300 591 464 or alternatively write to:
286 High Street
Ashburton, VIC 3147
It is our intention to resolve any enquiry or complaint as quickly as possible and to your satisfaction. If you are unhappy with our response to your enquiry or complaint, you may refer your concerns to the Office of the Privacy Commissioner for further consideration.
Office of the Australian Information Commissioner (OAIC)
Phone: 1300 363 992