Privacy Policy

TRUSTEES OF THE DE LA SALLE BROTHERS
PROVINCIAL OFFICE
PRIVACY POLICY

1. Introduction --- Your privacy is important

1. The Trustees of the De La Salle Brothers (“the Trustees”) are a body corporate under the Roman Catholic Church Communities Lands Act 1942 (NSW) and that body corporate is the representative in Australian civil law of the religious institute by the name “The Brothers of the Christian Schools” (“the Order”). The Trustees are an organisation which is required to comply with the Commonwealth Privacy Act.
2. The Trustees regard their obligations under the Privacy Act as extremely important and are committed to ensuring that they and those who administer and support the works of the Order fully comply with both the letter and spirit of that Act.
3. In conformity with the Act and the National Privacy Principles established by it, the Trustees have adopted policies and principles in connection with privacy matters, as set forth herein.
4. This document constitutes the Privacy Policy of the Trustees in respect of records held by the Provincial office of the Trustees for the following categories of persons:
   
   1. members of the Order;
   2. former members of the Order;
   3. applicants for membership of the Order;
   4. other persons who have had occasion to supply personal information to the Provincial office (for example contractors, professional service providers and volunteers);
   BUT DOES NOT COVER records held by Schools administered by the Order (where separate policies are established) or records held in relation to employees of the Trustees.
5. This Privacy Policy details the information collected, why it is collected and how it is used, as well as procedures for use of, storage, protection, correction and access to such information.
6. The Trustees acknowledge that individuals covered by this Policy have a general right to access information about themselves.
   
7. By this Policy, the Trustees to seek to implement the requirements of the National Privacy Principles as they provide as at the date of publication of this Policy. The Policy does not replicate all the terms of those Principles, as it is unnecessary to do so. A full copy of the National Privacy Principles can be obtained from the Provincial Office of the Trustees upon written request.
   
8. The Trustees may, from time to time, review and update this Policy to take account of new laws and technology, changes to the Trustees’ operations and practices and to make sure it remains appropriate.
   
   

2. Important definitions

In this Policy the following words or expressions are defined in conformity with the definitions in the Privacy Act, as follows.

1. “Record” means a document, a database (however kept), or a photograph (or other pictorial representation of a person) created on or after 21 December 2001 but does not include a generally available publication, or letters or other articles in the course of transmission by post.
   
2. “Personal information” means information or an opinion (including information or an opinion forming part of a database) in a record, whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion.
   
3. “Sensitive information” means information or an opinion about an individual’s racial or ethnic origin; political opinions; membership of a political association; religious beliefs or affiliations; philosophical beliefs; membership of a professional or trade association; membership of a trade union; sexual preferences or practices; or criminal record – where each of the foregoing is also personal information, or health information about an individual.
   
4. “The Provincial Office of the Trustees” means the District of Australia, New Zealand and Papua New Guinea.

TIME PROVISO in relation to “records”: while the definition of a “record” is limited to records created on or after 21 December 2001, where after that date the Trustees amend or add to a record that was first created before 21 December 2001, the prior records would then be treated as being covered by this Policy as well.

3. Purpose of collection of information

The Trustees collect information that is personal information, including some sensitive information, about persons within the categories of individuals who are covered by this Policy for the purpose of the Trustees performing their functions and activities. For example, personal information may be collected to enable the Trustees to carry out the following functions:

1. assessing applicants for suitability for membership of the Order;
   
2. better understanding the skills, abilities, qualifications, experience, needs and requirements of applicants for, and members of the Order;
   
3. complying with any necessary regulatory requirements of Government authorities (for example, protection of children, occupational health and safety, health standards, and public safety);
   
4. establishing, maintaining and/or enhancing relationships with suppliers, other ministries and volunteers.
   
   

4. The type of personal information the Trustees collect and methods of collection

1. The following non exhaustive list is provided as examples of personal information or sensitive information that may be collected by the Trustees.
   
   1. An applicant’s or member’s name, address, occupation, age, contact details, family background, parents’ present marital status and contact details, next of kin details, place of birth, country of citizenship, religious details and practice, health information (including physical and psychological details).
   2. Other information collected may include: private health insurance details, Centrelink details, Medical and Health Care card numbers and bank account details. This list is not exhaustive.
2. The Trustees will endeavour to collect information about an individual from that individual, to the extent that it is reasonable and practical to do so. Information collected from or about an individual can be collected in a variety of ways including, without being exhaustive, forms filled out by individuals, memoranda
   and file notes, copies of correspondence on files, email messages, notes recorded from face-to-face meetings, interviews or telephone calls.
   
3. When collecting information about an individual, the Trustees will endeavour to inform that person, at or as soon as possible after collection of the information from that person of the following matters:
   
   1. the identity of the body holding the information (ie the Trustees);
   2. that person’s right of access to the information;
   3. the purpose of collection of the information;
   4. the organisations or types of organisations to which the information is usually disclosed;
   5. any law requiring the collection of the information; and
   6. the main consequences (if any) for the individual if the information is not provided
4. Personal information provided by other people or entities: In some circumstances the Trustees may be provided with personal information about an individual from a third party, for example a report provided by a medical professional. Where information is obtained from a third party, reasonable steps will be taken by the Trustees to ensure the subject person is made aware of the matters listed in paragraph (c) above
   

Exception in relation to employee records: Under the Privacy Act, the National Privacy Principles do not apply to employee records. As a result, this Privacy Policy does not apply to the Trustees’ treatment of an employee record where the treatment is directly related to a current or former employment relationship between the Trustees and an employee.

5. Use and disclosure of personal information

1. The Trustees will use (which includes disclosing) personal information they collect:
   1. for the primary purpose of collection (see paragraph 3 above); or
      
   2. for a secondary purpose where such a secondary purpose is related to the primary purpose of collection, and the individual concerned would reasonably expect the Trustees to use or disclose the information forthat secondary purpose (provided that where the information to be disclosed is sensitive information, the secondary purpose of disclosure is directly related to the primary purpose); or
      
   3. where the individual concerned has consented to the use or disclosure,
      
   4. where the use or disclosure is required or authorised by law.
      
   Further, the Trustees may disclose personal information that is not sensitive information for various law enforcement purposes specifically authorised by the Privacy Act.
   
2. Personal information collected by the Trustees may be accessed by or disclosed by the Provincial or Superiors on the basis that the information will remain confidential.
   
   

6. Treatment of sensitive information

1. The Trustees will only collect sensitive information about an individual in certain confined circumstances under, and in accordance with the National Privacy Principles, namely:
   
   1. where required by law;
      
   2. to prevent an imminent threat to a person’s health or safety where that person is not able to give consent;
      
   3. with the consent of the individual concerned;
      
   4. in relation to members and persons who have regular dealings with the Trustees, provided that such persons are told at or before collecting the information that it will not be disclosed without that person’s consent;
      
   5. where necessary for legal proceedings.
      
2. Sensitive information will be used and disclosed only with the individual’s consent, or for the purpose for which it was provided, or for a directly related secondary purpose, or where the use or disclosure of the sensitive information is required or authorised by law.
   
   

7. Management and security of personal information

1. All of the staff of the Trustees are required to respect the confidentiality of personal information and the privacy of individuals.
   
2. The Trustees have in place measures to protect the personal information that the Trustees hold from misuse, loss, unauthorised access, modification or disclosure, including locked storage of paper records and pass-worded access rights to computerised records.
   
   

8. Updating personal information

1. The Trustees endeavour to ensure that the personal information they hold is accurate, complete and up-to-date.
   
2. A person may seek to update that person’s personal information held by the Trustees by contacting the Provincial at any time.
   
3. The National Privacy Principles require the Trustees not to store personal information any longer than necessary.
   
   

9. The right of an individual to scrutinise and correct personal information held by the Trustees

1. Under the Privacy Act, an individual has the right to obtain access to any personal information which the Trustees hold about him/her and to advise the Trustees of any perceived inaccuracy.
2. There are some conditions on this right prescribed in the Act:-
   1. Any request to access any information the Trustees hold about an individual should be made in writing. The Trustees may require the individual to verify his/her identity and specify what information is required to be accessed.
      
   2. The Trustees may charge a fee to cover the cost of verifying an application and for locating, retrieving, reviewing and copying any material requested. If the information sought is extensive, the Trustees will advise the likely cost in advance.
      
   3. If a request is declined, the person making the request will be told why.
      
   4. The Trustees may charge a fee for access and will advise the likely cost in advance.
      
      

10. Destroying records of Personal Information

Records of personal information will be retained for an appropriate period as determined by the Provincial, and thereafter will be destroyed by secure means.

11. Records held by the Trustees that were created prior to 21 December 2001

In the case of records that were created prior to 21 December 2001 and which have not been amended or added to after that date, use, disclosure and access will be permitted at the discretion of the Provincial, who shall in the exercise of that discretion have regard generally to the spirit of the National Privacy Principles.

12. Gaining access to personal information held by the Trustees

Information and assistance in relation to gaining access to information held about an individual by the Trustees can be obtained by contacting the Privacy Officer at the Provincial Office, 26 Meredith Street, Bankstown, NSW, 2200, Australia.
Anyone seeking further information about the way the Trustees manage the personal information they hold, should contact the Provincial.

13. Transborder data flow

1. The Trustees operate offices of the Provincial Office in Australia, New Zealand and Papua New Guinea. Personal information about Brothers and other individuals has been collected and is held in each of these offices. The following provisions of this clause deal with information held in the New Zealand and Papua New Guinean offices, and the transfer of information held in Australia to places outside Australia. In this clause, personal information includes sensitive information.
   
2. Personal information held about the Brothers or an individual in the New Zealand and Papua New Guinean offices will be treated as follows:
   
   1. In the case of records created after 21 December 2001, or records created before that date but amended after that date, retention, use, disclosure and access will be permitted in accordance with the NPPs, except to the extent that any provision of an NPP is contrary to the laws of the country of the office concerned, in which case the law of that country will apply.
   2. In the case of records created prior to 21 December 2001, and which have not been amended after that date, retention, use, disclosure and access will be permitted at the discretion of the Provincial, who shall in the exercise of that discretion have regard generally to the spirit of the NPPs and the applicable laws of the country in which the relevant office is located.
3. In relation to the transfer of information held in records in Australia to places outside Australia, the following shall apply:-
   
   
   1. The Australian Office of the Trustees may transfer personal information about an individual to either the New Zealand office or the Papua New Guinea office in accordance with the National Privacy Principles.
      The Australian Office of the Trustees may transfer personal information about an individual to someone who is in a foreign country but not in either the New Zealand office or the Papua New Guinea office in accordance with the following:-
      
      1. The Trustees reasonably believe that the recipient of the information is subject to a law which effectively upholds principles of fair handling of the information that are substantially similar to the National Privacy Principles; or
      2. The individual consents to the transfer; or
      3. The transfer is necessary for the performance of a contract between the individual and the Trustees, or for the implementation of pre-contractual measure taken in response to the individual’s request; or
      4. The transfer is necessary for the conclusion or performance of a contract concluded in the interest of the individual between the Trustees and a third party; or
      5. All of the following apply:-
         
         1. The transfer is for the benefit of the individual;
         2. It is impracticable to obtain the consent of the individual to that transfer;
         3. If it were practicable to obtain such consent, the individual would be likely to give it; or
         The Trustees have taken reasonable steps to ensure that the information which it has transferred will not be held, used or disclosed by the recipient of the information inconsistently with the National Privacy Principles.
      
      
   Br Ambrose Payne fsc