Purpose and Scope
The Refugee Advice & Casework Service (ABN 46 008 173 978) values your privacy.
In the course of our activities, the Refugee Advice & Casework Service (“RACS”, “we”, “us” and “our”) collects personal information in relation to our clients, staff, volunteers, Board members, supporters (including non-financial supporters), donors and others associated with RACS. RACS respects the privacy of these stakeholders and we are committed to complying with our obligations in connection with the collection, storage and use of personal information under relevant privacy legislation, namely:
- the Privacy Act 1988 (Commonwealth) and, in particular the Australian Privacy Principles;
- the Health Records and Information Privacy Act 2002 (NSW); and
- the Legal Profession Uniform Law Australian Solicitors’ Conduct Rules 2015 (NSW); and
- the Migration Agents Regulations 1998.
Why we collect and hold personal information
We collect personal information that is necessary to enable us to perform our functions and activities. This is to assist us in the task of providing a range of practical and support for refugees and people seeking asylum.
In the case of clients, the information we collect will be restricted to what is relevant and necessary for the proper discharge of our professional obligations and our clients’ welfare and support.
We collect information about volunteers and Board Members for the purposes of administering an individual’s contribution to the work of RACS, for insurance purposes and in order to send updates about our work, events and appeals.
We collect information about donors, supporters and other people who interact with us in order to process donations, issue tax receipts, manage event registrations, set up online fundraising pages, and send updates about our work, events and appeals. Recipients of our communications can choose to have their names and addresses removed from our distribution lists by contacting us at any time.
Types of personal information we collect and hold
We collect clients’ personal information in the course of our work, including each client’s name, address, telephone number, email address, employment history, next of kin, date of birth, health and welfare information, as well as information associated with their immigration history and legal problem.
Employee records may include personal information about staff members including name; address; telephone number; email address; date of birth; next of kin; employment history; qualifications and experience; details of employment contract; visa status; driving licence; current NSW Working With Children Check clearance results; and relevant banking and financial details.
Information we may collect in relation to our volunteers include name; address; telephone number; email address; date of birth; qualifications; employment history; interests, skills and hobbies; previous voluntary work; current NSW Working With Children Check clearance results; driving licence; and contact details of referees and next of kin.
Management Committee members
Information we may collect in relation to Management Committee members includes name; address; telephone number; email address; date of birth; qualifications; police checks; current NSW Working With Children Check clearance results; and employment experience.
Donors and supporters
Information we may collect in relation to our donors and supporters include names; addresses; email addresses; dates of birth; telephone numbers; bank account and credit card detail; and details of donations.
Types of sensitive information we collect and hold
We may collect and hold sensitive information (such as the health, medical or other personal information) of clients, staff and volunteers which is necessary to perform our activities. We will only collect sensitive information directly and with your consent, or as otherwise authorised by law.
How we collect information
We collect personal information directly from clients and stakeholders, except where it is impracticable or illegal to do so. In other cases we may collect information from third parties, such as under child protection legislation.
How we use and disclose personal information
- treat personal information as confidential and will only use or disclose it for the primary purpose for which it was collected or for a directly related purpose;
- release personal information to a third party where the person to whom the information relates requests us to do so;
- not disclose personal information to other service providers or individuals without the express consent or instructions of the individual to whom it relates. Consent will usually be obtained by asking the individual to sign a release form. There are two exceptions to this:
- we may disclose personal information when we are required to do so by law. This could be in response to a warrant, subpoena, or other court order, the purposes of worker’s compensation or in response to legislative requirements (e.g. under child protection laws);
- we may disclose personal information to a third party if we believe on reasonable grounds that the disclosure is necessary to prevent or lessen a serious and imminent threat to the life or health of a stakeholder or that of another person;
- use mailing lists, email lists and donor lists only for purposes directly related to RACS.
We will not disclose personal information to third parties, except those parties that facilitate our work. These include our contractors, service providers, employees and volunteers. Such disclosure may include disclosure to contractors and services providers located outside of Australia, including in the United States of America and Japan.
Maintenance of personal information
We will take reasonable steps to ensure that personal information we collect, hold, use or disclose is accurate, complete and up-to-date.
Security and retention of personal information
- take reasonable steps to store personal information securely (whether it is held in paper, electronic or any other form), protecting it from unauthorised access;
- take reasonable steps to safeguard personal information collected from misuse, loss and modification;
- destroy personal information in accordance with our professional obligations.
Confidentiality of personal information
All employees, contractors, and volunteers at RACS are bound by:
- by state and federal privacy legislation
- by any agreement they sign with the RACS (including any Contract of Employment; Volunteer Agreement; and/ or Confidentiality Agreement)
Our employees, contractors and volunteers are required not information that can identify clients other than with their consent or on their instructions. This information must be kept confidential and not released into the public domain.
The obligations of staff and volunteers in relation to the confidential information survive after they cease working with RACS and their obligations in relation to the confidential information shall be enforceable at any time at law or in equity and shall continue to the benefit of and be enforceable by RACS.
Access and Correction to personal information
We will ensure individuals have a right to seek access to information held about them and to correct such information if it is inaccurate, incomplete, misleading or not up-to-date, subject to exceptions permitted by law.
Some relevant exceptions are:
- if providing access to the information would pose a serious and imminent threat to the life or health of any individual;
- if providing access would have an unreasonable impact upon the privacy of other individuals; or
- if providing access would be unlawful.
As the accuracy of information held depends largely on the information you provide, we recommend that you:
- advise RACS if there are any errors in your personal information; and
- keep RACS up-to-date with changes to your personal information, such as name and address details.
Individuals can change what type of information they receive from RACS by contacting RACS, or by following the opt-out instructions included in emails.
We will give stakeholders the option of not identifying themselves when completing evaluation forms or feedback surveys where it is reasonably practicable to do so.
- make the policy freely available in relevant publications and on RACS’ website.
RACS’ website may also use Google Analytics features which allow us to tailor our marketing to better suit your needs.
If you prefer not to allow this, you may be able to adjust your browser to turn off use of “cookies” or notify you when they are being used. You can also opt out of programs like Google Analytics. However, if you disable cookies, you may not be able to access certain areas or take advantage of certain features on our website.
If for any reason you wish not to take advantage of cookies, you may have your browser not accept them, although this may disable or render unusable some of the features of RACS’ website.
If you choose to not have your browser accept cookies from the RACS website, you will need to re-enter your personal information each time that you attempt to access information.
Email communications and any attachments are confidential and may be privileged between RACS and the addressee only. If you are not the intended recipient of an email from RACS, any use of such a communication is strictly prohibited. Confidentiality and privilege is not waived, and we request that you delete the email and notify us. RACS does not warrant and/or guarantee that the integrity of email communications has been maintained or that it is free of any virus, interception or interference. Any opinion expressed in it is not the opinion of RACS unless that is stated or apparent from its terms.
At RACS, we are committed to fostering a culture that is respectful of the privacy of individuals. If you believe your privacy has been breached by us, or need to correct the personal information held by us, please contact the Executive Director 02 8317 6500 or via email to firstname.lastname@example.org. Alternatively you can write to us at Refugee Advice & Casework Service, 1-3 Eurimbla Ave, Randwick NSW 2031. We will promptly acknowledge and investigate any complaint we receive and respond in a reasonable period of time.
If you are not satisfied with our response, you may take your privacy complaint to the Office of the Australian Information Commissioner (OAIC). To make a complaint to the OAIC, please visit the OAIC’s website or phone 1300 363 992.