Virtual Church Assist (referred to as “we”, “us” or “our” in this policy) is committed to upholding the Information Protection Principles as detailed in the Privacy and Personal Information Protection Act 1998. More information on these principles can be found on the Information and Privacy Commission website at ipc.nsw.gov.au
We only collect information for lawful and required purposes, directly connected to the services we are providing.
We collect information from authorised persons, either from the person concerned, or from a person with permission to provide the information on behalf of the person concerned. We do not collect information from or about a person under the age of sixteen unless it is provided by their parent or guardian.
We will be open about why we are collecting information, what we will do with it and who else might see it. We will let you know if requested information is required by law and any consequences of not providing it.
We will ensure that personal information is relevant, accurate, complete, up-to-date and not excessive and that the collection and use of information does not unreasonably intrude into the personal affairs of individuals.
We will store information securely, keep it no longer than necessary and dispose of it appropriately. We will protect information from unauthorised access, use, modification or disclosure. Clients can contact us for a list of all electronic locations (including third party providers) where information is stored.
Clients can view their personal information by contacting us. We will allow people to update, correct or amend their personal information where necessary. We will only use personal information for the purpose (or a purpose directly related to the purpose) for which it was collected unless the person has given consent to do otherwise, or to prevent or lessen a serious or imminent threat to a person’s health or safety.
We will only disclose personal information with a person’s consent or if the person was told at the time that it would be disclosed, if disclosure is directly related to the purpose for which the information was collected and there is no reason to believe the person would object, or the person has been made aware that information of that kind is usually disclosed, or if disclosure is necessary to prevent a serious and imminent threat to any person’s health or safety, or is required by law.
VCA Pty Ltd Privacy & Data Breach Policy
The purpose of this policy is to outline our open and transparent way of handling personal information and what we do if there is ever an issue or unauthorised disclosure of your information.
What personal information do we collect?
We collect personal information including but not limited to names, contact telephone numbers, contact details and email addresses.
How personal information is collected
Information is usually collected directly from you or a representative of your company who is authorised to provide this information. This information can be collected in the following ways:
Having face-to-face meetings and telephone discussions with you;
Asking you to complete questionnaires;
Your correspondences with us; and
Through documents that you have provided to us.
You warrant that the personal information you provide is accurate, up to date and complete. If you become aware that personal information we hold about you is incomplete, inaccurate, irrelevant, or not up-to-date, please contact us and we will take reasonable steps to correct the information.
We endeavour to maintain a high standard of records, including the accuracy and completeness of client’s information. To ensure this, we may contact our clients to ensure that their records are up to date. If your details have changed, kindly notify us.
How personal information is held
The information is held in both paper and electronic form for seven years. All information is backed up on our internal servers and the cloud.
If we receive unsolicited information that is irrelevant and/or we would not have access to if solicited, and is not public information, we will, as soon as is reasonably practicable, destroy or de-identify the information.
Purposes for the collection, holding, use and disclosure of the personal information
We collect personal information when it is reasonably required for business purposes, which are consistent with our Service Proposal and Terms and Conditions.
Other reasons we collect personal information includes:
For internal use; or
For debt collection purposes.
Your personal information may be shared internally or with third parties. We may disclose any or all of your personal information to:
Parties which we work with (e.g. subcontractors, other customers);
A debt collection agency;
Third party suppliers and service providers in order to provide our services;
The Australian Taxation Office (ATO) to meet ongoing compliance;
Any other third parties required for legal obligations and other privacy exceptions.
Disclosing personal information to overseas recipients
Some of our contractors may be located offshore and as a result, we may be required to provide them with your personal information. By providing us with your personal information, you warrant that you consent for your information to be provided to any offshore contractors in places such as the Philippines. We are careful to ensure that our contractors protect your information to the highest standards.
We take all reasonable steps to protect the security of your personal information. We hold personal information for a period of seven years from the completion of any service. Once this time has passed, at your request we ensure your personal information is destroyed or de-identified.
How an individual can access and correct their personal information
You can view your personal information by contacting us by any of the means listed below. We will allow you to access your personal information without excessive delay or expense. We will allow you to update, correct or amend your personal information where necessary.
How we respond to Data Breaches
We take great care to ensure that personal information held on behalf of our clients is protected. However, it is possible that personal information may be accessed or disclosed without authorisation, or lost. In these rare circumstances we will endeavour to do the following:
Ascertain whether a breach is likely to have occurred;
What personal information is at risk;
Take steps to prevent the access or disclosure of personal information; and
Assess the risk of harm.
In circumstances where the access or disclosure of this information would be likely to result in serious harm, we will:
Notify you or any individuals who are at risk as soon as reasonably practical so that you may mitigate any potential loss;
Report the data breach to the Office of the Australian Information Commission; and
Take reasonable steps to prevent further breaches.
How you can complain if the Australian Privacy Principles are breached
If you have a complaint regarding the way we have handled your information, believe a breach of the Australian Privacy Principles has occurred, or have any questions please contact us immediately by any of the following means:
Phone: 0421 678 105
We will endeavour to resolve your issue as soon as practicable.
Otherwise, a complaint may be lodged with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.