Effective date: 12 October 2020
Introduction: The Australian Privacy Principles
Macular Disease Foundation Australia ("MDFA", “we” or “us”) is bound by the Privacy Act 1988 (Cth) (as amended from time to time) (the “Privacy Act”), the Australian Privacy Principles (“APPs”) and the privacy provisions or other applicable legislation.
You can ﬁnd out more about the Privacy Act and the APPs by calling the Oﬃce of the Privacy Commissioner on 1300 363 992 or through their website.
MDFA respects and upholds your rights to privacy protection under the APPs in regulating how we collect, use, disclose and hold your personal information.
This policy describes the way MDFA collects, holds, uses and discloses personal information about individuals. Any personal information collected by the MDFA is covered by this policy. Personal information is information or an opinion about an identiﬁed individual, or an individual who is reasonably identiﬁable:
· whether the information or opinion is true or not; and
· whether the information or opinion is recorded in a material form or not.
The purposes for which we collect your personal information
Your personal and sensitive information, including health information, is only collected as is necessary for a function or activity to enable MDFA to carry out its work and deliver services to the community.
MDFA is very grateful to the many thousands of people around Australia who provide ﬁnancial support to allow us to continue our important sight saving work. When you give us personal information such as your name and address, we record it on our database and use it to contact you.
We may use your personal information to:
· send you information on macular disease or to let you know about our events and fundraising programs;
· provide you with products or services requested by you;
· respond to questions, comments and complaints about the MDFA or our services; and
· invite you to support our programs or initiatives.
You can let us know that you do not wish to receive any further contact from us by phoning our Helpline on 1800 111 709 or emailing firstname.lastname@example.org.
MDFA will not collect sensitive information about health, racial or ethnic origin, political opinions or membership, religious or philosophical beliefs, trade association or union membership, sexual preferences or criminal record, or any genetic or biometric information, unless you have consented to give this information to us and it is relevant to the work of MDFA. We will always collect such information in a non-intrusive, lawful and fair manner.
The personal information we collect:
The kinds of personal information MDFA will collect from you will depend on the nature of your dealings with us and may (but does not always) include:
• Date of birth;
• Personal and/or work contact details (e.g. phone numbers and email addresses);
• Health information (e.g. about your eyesight);
• Any information about you which you provide through promotions, competitions, surveys, fundraising events; and/or
• Payment details (e.g. credit card number).
Opting out or modifying your information
If you want to change any information that you have previously given us, or if you want to opt out of future communications you can contact us using one of the below methods:
• Email: email@example.com
• Phone: 1800 111 70
• Post: MDFA Suite 9.02, Level 9, 447 Kent Street Sydney NSW 2000
How we collect your personal information
We collect your personal information when you provide it to MDFA in a number of ways including:
• in person;
• by mail or email;
• through a call to our Helpline;
• by participating in one of MDFA’s education, information or fundraising events;
• registration of details on MDFA’s website; and/or
• when you respond to other awareness or fundraising campaigns.
If you do not or are not able to provide us with the requested personal information, we may not be able to provide you with the products, services or information which you have requested from us.
How we hold your personal information secure
If you provide us with your personal information, we will use our best endeavours to ensure it is securely stored in our database, which is accessed only by the authorised personnel of MDFA. Each user can only access the system via a unique username and password combination. In addition, our external access to e-mail and the Internet is protected by a Firewall/Router.
Using and disclosing your personal information
MDFA will only use and disclose your personal information in accordance with the Privacy Act and the Australian Privacy Principles (APPs). This may include where use or disclosure is required by law, where we have your consent to the use or disclosure or for the purpose for which it was collected, or related purposes that you would reasonably expect MDFA to use or disclose that information.
MDFA will not provide your personal information to any other individuals or organisations except on a conﬁdential basis to contractors who provide database management, printing and mailing services to MDFA. In these cases, we ensure that our contractors are also bound by the APPs to keep your personal information conﬁdential.
MDFA is very thankful to people who are willing to share their personal stories of their macular disease with others through media stories and in our newsletter. We will only use your personal information for publicity purposes or as stories in our newsletter with your express written or verbal permission.
If you provide us with your email address it will not be passed on to any other organisation.
Visiting our website
When you come to our websites (www.mdfoundation.com.au or www.checkmymacula.com.au) may collect certain information such as browser type, operating system, website visited immediately before coming to our site, etc. This information is used in an aggregated manner to analyse how people use our site, so we can improve our service.
By using the MDFA website, you agree that the Internet is inherently insecure and accordingly MDFA cannot provide any deﬁnitive assurance regarding security of personal information. MDFA will not be liable in any way in relation to any breach of security or any unintended loss or disclosure of that information.
Cookies and other similar technologies
Cookies are not malicious programs that access or damage your computer. Most web browsers automatically accept cookies, but you can choose to reject cookies by changing your browser settings. However, this may prevent you from taking full advantage of our website.
Our third-party credit card transaction processor uses "cookies" for transaction integrity and anti-fraud purposes. Our provider is compliant with the APPs and will not utilise your details for any activity other than supporting the primary purpose of making a donation to MDFA or purchasing a MDFA product.
Remarketing to website visitors
MDFA may use remarketing services to advertise its products or services. Remarketing services will display relevant ads to website visitors through third party services such as Facebook. This means MDFA ads may appear on this website or other websites you visit.
You can opt out of Facebook ads by adjusting the profile settings on your account. For more information regarding behavioural advertising, including ways to manage your online privacy and ads, visit the Office of the Australian Information Commissioner.
Third party sites
MDFA’s website contains links to other sites of interest. MDFA does not control, and is not responsible for, the content or privacy practices of those websites.
Please check the Privacy Statements on other websites before you provide your personal information to them.
Our website security and security of personal information
All forms used within this website are encrypted. We make every eﬀort possible to make your donations and transactions within our site as secure and safe as possible for you. All information that leaves any form (including your credit card number) is encrypted automatically by your browser until it reaches our servers.
MDFA will treat all personal information with due care and take all reasonable steps to protect any personal information we hold from misuse, interference and loss and from unauthorised access, modiﬁcation or disclosure. We will take reasonable steps to ensure that all personal information we collect, hold, use or disclose is accurate, complete, up-to-date, relevant and not misleading.
The Spam Act 2003
The Spam Act prohibits the sending of unsolicited emails and SMS messages for commercial purposes from or within Australia, or to people in Australia, and bans the supply and use of software designed to harvest email addresses. While charities do have some exemptions from this Act, MDFA will abide by the best practice guidelines, which have been developed on responsible electronic messaging practices by the Australian Communications and Media Authority.
Changes to our Privacy Statement
MDFA may, without prior notice to you, amend or modify its Privacy Statement by posting the amended Privacy Statement to the MDFA website.
How to access your personal information
If you have any questions about the personal information Macular Disease Foundation Australia holds about you, the accuracy of that personal information or the management of that personal information, please contact: Macular Disease Foundation Australia Level 9, 447 Kent Street, Sydney NSW 2000 T: 1800 111 709 E: firstname.lastname@example.org
If you would like to access the personal information that we hold about you, you can contact the Operations Manager using the contact details provided above. We will endeavour to give you access to that personal information within two weeks. To maintain the conﬁdentiality of your personal information, we will ask you to provide speciﬁc identiﬁcation before we give you access.
If you would prefer to deal with us anonymously, you are not required to provide personal or sensitive information unless we are required by law to deal with individuals who have identiﬁed themselves or it is impractical for us to deal with individuals who have not identiﬁed themselves. If the personal information that we hold about you is incorrect or not up to date, we will update it as soon as possible after you have shown us how and why it is incorrect.
In the unlikely event that we are unable to provide you with access to your personal information, we will provide you with written reasons for denying access. Even if you don’t make a request, if we are satisﬁed that, having regard to the reasons for which we hold your personal information, that personal information is inaccurate, incomplete, out-of-date, irrelevant or misleading, we may take reasonable steps to correct that information.
If you have any concerns or complaints in relation to how we manage privacy matters, please submit in writing to:
Operations Manager, MDFA
Suite 9.02, Level 9, 447 Kent Street Sydney NSW 2000
MDFA will endeavour to respond to concerns about privacy matters, including complaints about how we handle personal information and concerns that we have breached the APP, within ten business days.
If you are not satisﬁed with how we have handled your matter, you may wish to contact the Oﬃce of the Australian Information Commissioner.