1. About this Privacy Policy
1.1. Welcome to IDRS. The IDRS website is located at <www.idrs.org.au> (the ‘Site’). The Site is operated by Intellectual Disability Rights Service Inc (ABN 11 216 371 524) (“IDRS”).
1.2. IDRS is a registered charity and community legal centre that provides specialist legal information and advocacy Services for people with disability.
1.3. IDRS recognise the importance of privacy and community awareness regarding the collection and use of Personal Information. We are committed to ensuring that your privacy is protected. When you share your Personal Information with us, we treat it with care and take our responsibility to protect it seriously.
1.4. Please read this Privacy Policy carefully as it explains how IDRS collects, stores and uses your Personal Information and how IDRS complies with its obligations under the applicable Privacy Laws.
1.5. By using our Site, you consent to the collection, use and storage of your Personal Information as described in this Privacy Policy.
1.6. Any reference to “IDRS”, “we”, “our”, or “us” means Intellectual Disability Rights Service Inc (ABN 11 216 371 524). Any reference to “you, or “your” means you as a User of our Site and Services.
2. Definitions
2.1. “NDB” means the Privacy Amendments (Notifiable Data Breaches) Act 2017 (Cth).
2.2. “Personal Information” means information about an individual whose identity is apparent or can reasonably be ascertained from that information.
2.3. “Privacy Laws” means the Privacy Act 1988 (Cth), Privacy Amendment (Notifiable Data Breaches) Act 2017 (Cth).
2.4. “Sensitive Information” has the same meaning as provided for under the Privacy Act 1988 (Cth).
2.5. “Services” means the services provided by IDRS including the provision of legal advice, casework and support, policy and law reform, assisting legal professionals, and providing information to service providers and the community about the rights and needs of people with disability.
2.6. “Site” means the IDRS website located at <www.idrs.org.au>.
2.7. “Users” means a user of our Site or Services.
3. Purpose of this Privacy Policy
3.1. This Privacy Policy details how we safeguard your Personal Information and our privacy obligations to you in compliance with the Privacy Laws. It will give you an understanding of:
(a) the types of Personal Information IDRS collects and holds;
(b) how and when IDRS collects, discloses, uses, stores and otherwise handles Personal Information;
(c) the purposes for which IDRS collects, holds, uses and discloses Personal Information;
(d) how you may access your Personal Information, and seek correction of or update your Personal Information;
(e) how we store your Personal Information and keep it secure;
(f) how you can make a complaint, and how IDRS will deal with your complaint.
4. The types of Personal Information we collect
4.1. We collect Personal Information from you in order to provide you with information about our Services. This may include Personal Information such as your:
(a) name;
(b) business or company name (if applicable);
(c) phone number;
(d) address;
(e) email address;
(f) date of birth; and
(g) payment details such as your credit or debit card details (when you donate to IDRS).
4.2. We collect Personal Information from you when we provide you with our Services, including but not limited to, when you provide us with feedback, when you change your email preferences, when you respond to our surveys, when you communicate with our staff, and any other types of Personal Information you provide to us while interacting with us through your use of our Site and our Services.
4.3. We may collect Sensitive Information from you in order to provide you with our Services. This may include, for example, information relating to your health. We do not use your Sensitive Information for direct marketing.
4.4. You may choose to not identify yourself or use a pseudonym when communicating with us, unless we believe it is impracticable to do so in the circumstances. If you wish to remain unidentified, you must provide us with a written request.
5. How we collect your Personal Information
5.1. IDRS collects Personal Information from you in a variety of ways, including when you interact with us electronically or in person, when you access our Site and when we provide our Services to you.
5.2. We may also receive Personal Information from third parties in connection with the supply of our Services. If we do, we will protect your Personal Information in accordance with this Privacy Policy.
6. How we use your Personal Information
6.1. We use your Personal Information and you consent to us using your Personal Information to:
(a) provide you with our Site and Services;
(b) administer our business activities and internal record keeping;
(c) process transactions involving our Services and through our third-party payment gateway providers;
(d) manage, research and develop our Site including through data analytics;
(e) provide you with information about our Site and Services;
(f) communicate with you by a variety of measures including, but not limited to, by telephone, email, SMS or mail;
(g) meet legal, regulatory and compliance obligations; and
(h) investigate any complaints.
6.2. If you choose to withhold your Personal Information, it may not be possible for us to provide you with our Services or for you to access certain parts of our Site or for us to respond to your query.
7. Disclosure of your Personal Information to Third Parties
7.1. We will only share your Personal Information where you have given us your consent, and only for the purposes described in this Privacy Policy.
7.2. We may disclose your Personal Information to any of our employees, officers, insurers, professional advisers, agents, suppliers or subcontractors insofar as reasonably necessary for the purposes set out in this Privacy Policy.
7.3. We may share your Personal Information with third-party service providers to help us provide our Site and Services.
7.4. When we disclose your Personal Information to third-party service providers we do so on the basis that your Personal Information is treated with confidence, and only used for the limited purpose of providing support to our Site, and in a manner consistent with this Privacy Policy.
7.5. We may from time to time need to disclose Personal Information to comply with a legal requirement, such as a law, regulation, court order, subpoena, warrant, in the course of a legal proceeding or in response to a law enforcement agency request.
7.6. If there is a change of control in our organisation or a sale or transfer of organisation assets, we reserve the right to transfer to the extent permissible at law our data bases, together with any Personal Information and non-Personal Information contained in those databases.
8. How we secure your Personal Information and Data Breach
8.1. We are committed to ensuring that the Personal Information you provide to us is secure. To prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure data and to protect this data from misuse, interference, loss and unauthorised access, modification and disclosure.
8.2. A reportable “Data Breach” is a security incident where the integrity of Personal Information or Personal Data is compromised through being destroyed, lost, altered, corrupted, disclosed or accessed by an unauthorised person where it is likely to result in serious harm to any individual affected.
8.3. We have procedures and systems in place including a data breach incident response plan, specific data breach policies and procedures and personnel to deal with an actual or suspected “Data Breach” and will notify you and the applicable regulator in accordance with our obligations under the NDB.
8.4. Please report any actual or suspected data breaches for investigation to IDRS by using the Contact Us section provided below.
9. Cookies
9.1. We use cookies on our Site. Cookies are small files that are stored on your computer or mobile device when you visit our Site to keep track of your actions and preferences.
9.2. We use cookies and similar technologies:
(a) to bring you relevant content and improve user experience;
(b) to collect information such as your IP address and browser type, device information and language;
(c) to analyse data about webpage traffic;
(d) for advertising and marketing purposes; and
(e) to perform data analytics and improve our Site.
9.3. You can configure your Internet browser to accept all cookies, reject all cookies or notify you when a cookie is set. If you disable cookies from being stored in your computer or on your device, you may not be able to use the full functionality of the Site.
10. Third-Party Analytics Tools and Third-Party Remarketing Tools
10.1. We use technologies and third-party services that may use Google Analytics, pixels, tags and web beacons (code snippets) on our Site to customise content and advertising, to provide social media features and to analyse traffic to our Site, including about how you use and interact with our Site.
10.2. We may also share information about your use of the Site with our trusted social media, advertising and analytics partners.
10.3. Third-party analytics tools collect non-Personal Information such as how often you visit our Site, the web pages you visit, add-ons, and other analytics data that assists us in improving our Site and Services.
11. Access to and how you can control your Personal Information
11.1. You may request details of Personal Information that we hold about you in accordance with the provisions of the Privacy Act 1988 (Cth).
11.2. If you would like a copy of your data or believe that your data is inaccurate, out of date, incomplete, irrelevant, please Contact us using the contact details provided below.
12. Complaints About Privacy
12.1. Please contact us using the contact details below if you have any questions or concerns about our collection, use or disclosure of Personal Information. We will aim to resolve your complaint within 30 days.
12.2. If you remain dissatisfied, you may refer your complaint in writing to the Office of the Australian Information Commissioner.
13. Third Party Information and Links
13.1. Our Site may from time to time have links to other websites not owned or controlled by us or otherwise we may refer to third-party information on the Site.
13.2. Please note that we are not responsible for the privacy practices of other websites. It is the responsibility of the individual User to make decisions regarding the relevance, accuracy, currency and reliability of information found on other websites.
14. Changes to this Privacy Policy
We reserve the right to change this Privacy Policy from time to time. Changes will be effective immediately upon posting such changes on the Site.
15. Our contact details
15.1. Our principal place of business is at Suite 204, 370 Pitt Street, SYDNEY NSW 2000. Our postal address is PO Box 20228, World Square NSW 2002.
15.2. You can contact us:
(a) by post, using the mailing address given above;
(b) using our contact form on the Site, should one be made available to you;
(c) by calling us at (02) 9265 6300; or
(d) by email at info@idrs.org.au.
© 2018 Intellectual Disability Rights Service Inc. ALL RIGHTS RESERVED.
Privacy Policy last updated 17 September 2018.