Purpose and Scope
In the course of our activities, the Refugee Advice & Casework Service(“RACS”, “we”, “us” and “our”) collects personal information in relation to our clients, staff, volunteers, Board members, supporters (including non-financial supporters), donors and others associated with RACS. RACS respects the privacy of these stakeholders and we are committed to complying with our obligations in connection with the collection, storage and use of personal information under relevant privacy legislation, namely:
- the Privacy Act 1988 (Commonwealth), in particular the Australian Privacy Principles; and
- the Health Records and Information Privacy Act 2002 (NSW)
Why we collect and hold personal information
We only collect personal information that is necessary to enable us to perform our functions and activities. This is to assist us in the task of providing a range of practical and personal support for refugees and asylum seekers living in the community.
In the case of clients, the information we collect will be restricted to what is relevant and necessary for their welfare and support.
We collect information about volunteers and Board Members for the purposes of administering an individual’s contribution to the work of RACS, for insurance purposes and to send updates about our work, events and fundraising appeals.
We collect information about donors and supporters directly and indirectly in order to process donations, issue tax receipts, manage event registrations, set up online fundraising pages, and send updates about our work, events and fundraising appeals.
Types of personal information we collect and hold
We collect clients’ personal information in the course of our work, including each client’s name, address, telephone number, email address, employment history, visa status, next of kin, date of birth, health and welfare information.
Employee records may include personal information about staff members including name; address; telephone number; email address; date of birth; next of kin; employment history; qualifications and experience; details of employment contract; visa status; driving licence; current NSW Working With Children Check clearance results; and relevant banking and financial details.
Information may include name; address; telephone number; email address; date of birth; qualifications; employment history; interests, skills and hobbies; previous voluntary work; current NSW Working With Children Check clearance results; driving licence; and contact details of referees and next of kin.
Information may include name; address; telephone number; email address; date of birth; qualifications; police checks; current NSW Working With Children Check clearance results; and employment experience.
Donors / Supporters
Information may include name; address; email address; date of birth; telephone number; bank account; credit card details; and donation history.
Types of sensitive information we collect and hold
We may collect and hold sensitive information such as relevant health information regarding clients, staff and volunteers which is necessary to perform our activities. We will only do so if you provide express consent at the time of disclosing the sensitive information.
How we collect information
In most instances we collect personal information directly from stakeholders, except where it is impracticable or illegal to do so in which case we may collect information from third parties, such as under child protection legislation.
How we use and disclose personal information
- treat personal information as confidential and will only use or disclose it for the primary purpose for which it was collected or for a directly related secondary purpose;
- not disclose personal information to other service providers or individuals without the express consent of the individual to whom it relates. This consent will usually be obtained by asking the individual to sign a release form. There are two exceptions to this:
- we may disclose personal information when we are required to do so by law. This could be in response to a warrant, subpoena, or other court order, the purposes of worker’s compensation or in response to legislative requirements (e.g. under child protection laws);
- we may disclose personal information to a third party if we believe on reasonable grounds that the disclosure is necessary to prevent or lessen a serious and imminent threat to the life or health of a stakeholder or that of another person;
- release personal information to a third party where the person to whom the information relates requests us to do so;
- use mailing lists, email lists and donor lists only for purposes directly related to RACS. We will not disclose personal information to third parties, except for third parties that facilitate our work, such as an email marketing service, mailing house, bank, etc.
Maintenance of personal information
We will take reasonable steps to ensure that personal information we collect, hold, use or disclose is accurate, complete, and up-to-date.
Security and Retention of personal information
- take reasonable steps to store personal information securely (whether it is held in paper, electronic or any other form), protecting it from unauthorised access;
- take reasonable steps to safeguard personal information collected from misuse, loss and modification;
- destroy personal information when it is no longer required. It will not be placed in recycling or general garbage containers.
Confidentiality of personal information
All employees, contractors, and volunteers at RACS are bound by:
- by state and federal privacy legislation
- by any agreement they sign with the RACS (e.g. Contract of Employment; Volunteer Agreement; and/ or Confidentiality Agreement)
It is mandatory that our employees, contractors and volunteers do not release images and or written or oral information that can identify asylum seekers currently in the process of seeking immigration status resolution. This information must be kept confidential and not released into the public domain.
Staff obligations in relation to the confidential information shall survive after they cease employment or working with RACS and their obligations in relation to the confidential information shall be enforceable at any time at law or in equity and shall continue to the benefit of and be enforceable by RACS.
Access and Correction to personal information
We will ensure individuals have a right to seek access to information held about them and to correct such information if it is inaccurate, incomplete, misleading or not up-to-date, subject to exceptions permitted by law.
Some relevant exceptions are:
- if providing access to the information would pose a serious and imminent threat to the life or health of any individual;
- if providing access would have an unreasonable impact upon the privacy of other individuals; or
- if providing access would be unlawful.
As the accuracy of information held depends largely on the information you provide, we recommend that you:
- advise RACS if there are any errors in your personal information; and
- keep RACS up-to-date with changes to your personal information, such as name and address details.
Individuals can change what type of information they receive from RACS by contacting RACS, or by following the opt-out instructions included in emails.
We will give stakeholders the option of not identifying themselves when completing evaluation forms or feedback surveys where it is reasonably practicable to do so.
- make the policy freely available in relevant publications and on RACS website.
At RACS, we are committed to fostering a culture that is respectful of the privacy of individuals. If you believe your privacy has been breached by us, or need to correct the personal information held by us, please contact the Executive Director 02 8317 6500 or via email to email@example.com. Alternatively you can write to us at Refugee Advice & Casework Service, 1-3 Eurimbla Ave, Randwick NSW 2031. We will promptly acknowledge and investigate any complaint we receive and respond in a reasonable period of time.
If you are not satisfied with our response, you may take your privacy complaint to the Office of the Australian Information Commissioner (OAIC). To make a complaint to the OAIC, please visit the OAIC’s website http://www.oaic.gov.au/privacy/making-a-privacy-complaint or phone 1300 363 992.