The purpose of this Policy is to provide a framework for WESTIR Ltd in dealing with privacy considerations.
What is the objective of the policy? In particular, the objects of this policy are to inform:
- the community about how their personal information will be used, stored and accessed after it is collected by WESTIR; and
- members of WESTIR staff of their obligations in relation to handling personal information and when they can and cannot disclose, use or how this data is collected.
‘Personal information’ is defined in the Privacy Act as: “personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable:
- whether the information or opinion is true or not; and
- whether the information or opinion is recorded in a material form or not.” The phrase “reasonably identifiable” deals with the concept of data matching. Data matching occurs where data about an unidentified individual is linked or matched with other data with the effect of causing the individual to become identified.
‘Sensitive information’ is a special category of personal information and is subject to stricter legal requirements for collection, storage, use and disclosure. Infomration is ‘sensitive information’ if it’s information or an opinion about a person’s, racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices, or criminal records.
‘Health information’ is generally afforded a higher level of protection under Privacy Laws. ‘Health information’ includes information or opinions about a person’s physical and mental health, disability (at any time), health preferences (including future provision of health services), use of health services, bodily donations (for example, blood, organs), and genetics.
As with employee records:
The other Acts that may affect us are: Government Information (Public Access) Act 2009 (GIPA Act 2009)
The GIPA Act 2009 gives members of the public a legally enforceable right to access government information except when, on balance, it would be contrary to the public interest to provide that information.
The GIPA Act 2009 helps members of the public by making government information more accessible. It does this by:
- Requiring government agencies to make certain types of information openly available
- Encouraging government agencies to proactively release as much other information as possible
- Providing the public with the enforceable rights to make both an informal and formal request for government information
- Restricting access to information only when there is an overriding public interest against disclosure
What is your Personal Information?
What Personal Information Do We Collect and Hold?
We may collect some of the following types of personal information for employment and governance matters:
- full name;
- mailing and/or street address;
- email address;
- telephone number;
- fax number;
- organisation which you are from;
- job title;
- taxation details where applicable
- banking details
- organisation and research participants
- details of the services you have purchased from us or which you have enquired about, together with any additional information necessary to deliver those and services and to respond to your enquiries;
- information you provide to us through surveys or visits by our representatives from time to time.
- any additional information relating to you that you provide to us directly through our or indirectly through our representatives or otherwise;
- the kind of membership you hold with WESTIR Ltd
We may also collect some information that is not personal information because it does not identify you or anyone else. For example, we may collect anonymous answers to surveys or aggregated information about certain topics of interest in which WESTIR Ltd is researching about.