1. Your privacy is important
This disclaimer outlines the policy of MYND Initiative Inc. regarding the usage and management of personal information and/or sensitive personal information provided to or collected by us.
2. Collection of Personal Information
The type of information MYND Initiative Inc. may collect and hold includes, but is not limited to, relevant personal information, including sensitive personal information, about:
- speakers, and their family and/or friends;
- mental health issues; and
- things disclosed to our members, volunteers, contractors, stakeholders, visitors and clients in confidence.
Personal information refers to any data or information that can be used to identify you directly or indirectly, including but not limited to your name, address, email address, location data, or internet provider (IP) address. Sensitive personal information refers to a special class of personal data or information that is handled with additional care, including attributes such as but not limited to racial or ethnic origins, health status and/or health information, sexual orientation or preferences, religious or political beliefs, trade union (or other professional or trade association) membership, criminal records, genetics and biometrics.
MYND Initiative generally collects personal information and/or sensitive personal information held about an individual by way of phone calls, forms, meetings, etc. You do have the right to seek to deal with us anonymously or use a pseudonym, but in some circumstances it may not be practicable for us to deal with you or provide services to you except for the most general responses to general enquiries, unless you identify yourself.
In some circumstances MYND Initiative Inc. may be provided with your personal information and/or sensitive personal information from a third party.
Under the Federal Privacy Act 1988 (Cth), the Australian Privacy Principles do not apply to records of our members, volunteers and contractors. As a result, this Privacy Disclaimer does not apply to the treatment of records of members, volunteers and contractors, where the treatment is directly related to a current or former employment relationship between MYND Initiative Inc. and said member, volunteer or contractor. However, MYND Initiative Inc. may need to provide access and ensure compliance with the Health Privacy Principles contained in the Health Records and Information Privacy Act 2002 (NSW). Personal identifying details shall not be provided without prior informed consent of that individual to whom the personal information or sensitive personal information concerns.
Considering the above, with regard to collection of personal and sensitive personal information, MYND Initiative Inc. shall:
- only collect information that is necessary for its performance and primary function;
- notify our members, volunteers, contractors, stakeholders, visitors and clients about why we collect the information and how it is administered;
- if collecting information from a third party, be able to advise the person whom the information concerns, from whom their information has been collected;
- collect sensitive personal information only with the person’s informed consent;
- collect information from any individual below the age of 18 with the informed consent of their parent or guardian. If informed consent from a parent or guardian is not obtained, information will not be passed on to any other organisation or body and shall be destroyed within seventy-two (72) hours; and
- determine, where unsolicited information is received, whether the personal information or sensitive personal information could have been collected in the usual way, including through a Commonwealth record, and then if it could have, it will be treated normally. If it could not have been, it shall be destroyed or de-identified within twenty-four (24) hours of receiving the information, and the individual whose information has been destroyed or de-identified shall be notified about the receipt and destruction or de-identification of their information.
3. Use of Personal Information
MYND Initiative Inc. shall use your personal information and/or sensitive personal information for the primary purpose of its collection, and for such other secondary purposes only where:
- a secondary purpose is related to the primary purpose and you would reasonably expect us to use it for such a purpose;
- you have provided informed consent for us to do so, and especially so for sensitive personal information; or
- certain other legal reasons exist, or use or disclosure is required to prevent serious and imminent threat to life, health or safety.
In relation to direct marketing, MYND Initiative Inc. shall use your personal information and/or sensitive personal information for direct marketing where you have provided that information, and you are likely to expect direct marketing: only then will you be sent direct marketing containing an opt-out option. If we use your personal information and/or sensitive personal information obtained from elsewhere, upon obtaining informed consent, we will still send you direct marketing information, and this shall also contain an opt-out option. We shall obtain your informed consent prior to use of any sensitive personal information as the basis for any of our direct marketing, in accordance with our Social Media Policy.
We may use video surveillance for security purposes and the footage will be used only by MYND Initiative Inc. and by the providers of our security services for security purposes. Surveillance videos are not used by MYND Initiative Inc. for other purposes and the footage is not publicly available. Surveillance cameras are not located in any bathrooms or change room facilities.
In relation to personal information and/or sensitive personal information of our members, volunteers and contractors, the primary purpose of collection is to assess and (if successful) to engage the member, volunteer or contractor, as the case may be. The purposes for which MYND Initiative Inc. uses personal information and/or sensitive personal information of members, volunteers or contractors include, but is not limited to:
- for insurance purposes;
- for survey purposes; and
- to satisfy the legal obligations of MYND Initiative Inc.
Where MYND Initiative Inc. receives unsolicited job applications these shall be dealt with in accordance with the unsolicited personal information requirements of the Federal Privacy Act 1988 (Cth).
4. Disclosure of Personal Information
MYND Initiative Inc. may disclose personal information, including sensitive personal information, held about an individual to:
- government departments, or any other similar enforcement bodies;
- people providing services to MYND Initiative Inc.; and
- anyone you authorise us to disclose information to.
MYND Initiative Inc. shall use and disclose personal and sensitive personal information only for the purpose for which it was provided, or a directly related secondary purpose, unless you otherwise provide informed consent, or the use or disclosure of sensitive personal information is authorised by law.
MYND Initiative Inc. treats marketing and seeking donations for its future growth and development as important. However, we shall not disclose personal information and/or sensitive personal information to any organisation that assists in our fundraising and marketing, unless approved by said individual.
Prior to any release of information to third parties, MYND Initiative Inc. shall inform the individual(s) concerned and request for consent.
We may use overseas providers of information technology (IT) services including servers and cloud services, which will be reviewed on a case-by-case basis by our Chief Technology Officer. MYND Initiative Inc. shall not send any personal information or sensitive personal information about an individual outside Australia without:
- obtaining the informed consent of the individual(s) concerned, bearing in mind that in some cases this consent may be implied; or
- otherwise complying with the Australian Privacy Principles and any other applicable privacy legislation, including but not limited to the General Data Protection Regulation (GDPR) 2018.
5. Access to and Correction of Personal Information
You have a right to seek access to and check information held about you, and to correct it if the information is inaccurate, incomplete, misleading, or not up-to-date, or remove it if you feel that the information is no longer relevant to the functions we perform. If any of your information is not accurate, we shall take steps to correct it. MYND Initiative Inc. may allow you to attach a statement to your personal information or sensitive personal information if we disagree that it is inaccurate.
There is no charge for making a request for your personal information and/or sensitive personal information, correcting your information, or associating a statement regarding accuracy with the personal information and/or sensitive personal information. However, where for a legal or other reason we are not required to provide you with access to the information, a mutually agreed intermediary may be considered to allow sufficient access to meet the needs of both parties. To make a request to access or correct any information MYND Initiative Inc. holds about you, please contact our Privacy Officer in writing at email@example.com, or alternatively, call us at +61 488 235 421.
MYND Initiative Inc. may require you to verify your identity and specify what information you require. Although no fee shall be charged for accessing your personal information or sensitive personal information, or making a correction, we may charge a fee to retrieve and copy any material. If the information sought is extensive, we will advise the likely cost in advance.
The Australian Privacy Principles contained in the Federal Privacy Act 1988 (Cth) and the Health Privacy Principles contained in the Health Records and Information Privacy Act 2002 (NSW) require that we not store your personal information and/or sensitive personal information for longer than necessary. In particular, the Health Privacy Principles impose certain obligations about the length of time health records may be stored.
6. Storage, Management and Security of Personal Information
Our members, volunteers and contractors are required to respect the confidentiality of your personal information and/or sensitive personal information, and your privacy. We have steps in place to protect your information that we hold from misuse, loss, unauthorised access, modification, interference or disclosure by use of various methods, including locked storage of paper records and password access rights to computerised records, as well as any other appropriate technical and/or organisational measures.
In addition to the above, and in accordance with our Records Management Policy, MYND Initiative Inc. shall:
- ensure that before it discloses any personal information and/or sensitive personal information to an overseas recipient including a provider of information technology (IT) services such as servers or cloud services, establish that they are privacy compliant; and
- as much as possible, ensure that our data is up-to-date, accurate, complete and relevant to the functions we perform.
7. Destruction and/or De-identification of Personal Information
Your personal information and/or sensitive personal information, once it is no longer required, may be retained for a maximum of seven (7) years, in accordance with our Records Management Policy, and then de-identified or destroyed, including from decommissioned laptops and mobile phones. In many circumstances, however, your personal information and/or sensitive personal information may be kept for marketing purposes, if you have provided informed consent to that in writing with us.
We may be able to provide some anonymity by changing your personal information and/or sensitive personal information to be under a pseudonym, and will not use any government-related identifiers unless they are deemed necessary for our functions. Please write to us, or call us, to find out more.
8. Enquiries and privacy complaints
If you would like further information about the way MYND Initiative Inc. manages the personal information and sensitive personal information it holds, please contact our Privacy Officer at firstname.lastname@example.org, or alternatively, call us at +61 488 235 421. If you have any concerns, complaints or you think there has been a breach of privacy, then also please contact our Privacy Officer who will first deal with you via email or over the phone. If you feel that we have not dealt satisfactorily with your concerns, then we will meet you in person to discuss this further.
If you are still not satisfied with our response to your complaint within 30 days from this meeting, then you may refer your complaint to the Office of the Australian Information Commissioner (OAIC) via:
- Telephone: 1300 363 992
- Fax: +61 2 9284 9666
- Alternatively, a direct link to their enquiries form is provided here.