We promote the prevention and control of behaviour that is harmful or abusive to children and vulnerable people when in the care of an organisation, primarily through subscription to our services and our Safety Management Online (“SMO”) system. In the course of providing our services (or for other activities associated with providing the services, such as providing quotes or responding to questions), we may collect the following personal information:
Users of our SMO system may be required to upload personal and sensitive information directly to the URL created for your organisation, on which the information is held by a third party cloud computing provider.
The primary purpose for which this information is collected by us (“Primary Purpose”) is to enable users to:
A secondary purpose (“Secondary Purpose”) for which this information is collected is to allow you to keep records of any specific incidents relating to the harm and abuse of children and vulnerable people within the care of your organisation, and also to disclose this information to enforcement-related bodies for future child abuse related investigations, if needed. We consider this purpose to be directly related to the Primary Purpose as it is consistent with the protection of children and vulnerable people.
The following types of information may be uploaded by you directly or by your organisation (if your organisation has your consent to do so):
This information is only collected with your consent, and where that information is reasonably necessary for us to provide our services to you or your organisation.
There are many aspects of our website which can be viewed without providing personal information, however, we need to collect personally identifiable information about you in the following situations:
Some of your personal information will be collected from you directly through our website when you contact us. We may also collect your personal information from you directly by mail, email, telephone or meeting with you personally, if required.
We may also collect your personal information from third parties even if you do not directly access our services but you access the services of the third parties.
We collect, hold and use your personal information to enable us to provide our services to you, as well as for related purposes such as the Secondary Purpose which you would reasonably expect us to (and only directly related purposes for sensitive information). We will collect, hold and use your personal information to:
You may choose not to disclose your personal information, or to deal with us using a pseudonym, however, if you choose to do so, we may not be able to provide you with our services or respond to any query or complaint that you have in relation to our services.
We take reasonable steps to protect your personal information while it is in our control. The information that we collect from you directly is stored on our internal servers and file storage service, and is protected by passwords and firewalls.
The information that is uploaded onto the SMO system is stored on our third-party data storage (cloud) provider, an externally operated cloud (based in Australia). All transfer of data across public networks is encrypted. The service performs automated backups that are securely stored and can only be accessed through our provider’s account, to which our authorised privacy officer has sole access.
We also keep some payment information secure through engaging the services of and online encrypted payment transaction service.
Certain personal information about you may be linked with other information about you, including sensitive information. We will take reasonable steps to de-identify or destroy your personal information that is collected about you directly and held on our internal servers if we no longer require it. However, we may keep copies of the information uploaded onto our SMO system for the Primary Purpose and Secondary Purpose if necessary, which may also be disclosed to relevant authorities for this purpose.
If you are an individual accessing the SMO system on behalf of an organisation, we note that your organisation can access specific fields of personal information about you at all times, including but not limited to your name, date of birth, phone and email address.
We may disclose your personal information to:
If any of these entities hold data overseas, by providing your information to us you consent to the disclosure of your information to those countries, even if they do not have privacy legal regimes similar to those in Australia.
As outlined above, if you access our SMO system, your information is automatically uploaded to our external cloud computing provider for the purpose of data storage. This body stores your information within Australia and the information can only be accessed by our authorised privacy officer.
Our website may contain links to other websites. These links are provided solely for your convenience. If you submit personal information to or via any linked website, the privacy principles applying to that information are outside our control. You should check the privacy statement of the linked website before submitting information to or via that site.
You have a right to request access to or correction of your personal information that you have directly provided to us. If you would like to do so, we will give you access to the information within 7 days, and will make every endeavour to ensure that the information is updated correctly as soon as practicable.
If you are an individual that has uploaded information and data onto the SMO system and wish to access or correct this information, you should contact your organisation (which remains in control of the relevant information) for the timeliest response and correction.
Call: 03 9037 6415
Post: PO Box 7127, Banyule, VIC 3084
Our authorised privacy officer will contact you directly in response to your query within 10 business days from receipt of a request. If your complaint fails to be resolved, you may take it to the Office of the Australian Information Commissioner via the online privacy complaint form, by mail, by fax or by email – https://www.oaic.gov.au/about-us/contact-us