Last updated: 24 January 2014 (v3)
This is the Privacy Notice of the National Heart Foundation of Australia ABN 98 008 419 761 on behalf of the Heart Foundation group (hereinafter referred to as “the Heart Foundation”, “we”, “us” and “our”) comprising: National Heart Foundation of Australia ABN 98 008 419 761, National Heart Foundation of Australia (Q’ld Division) ABN 32 009 691 570, National Heart Foundation of Australia (N.S.W. Division) ABN 95 000 253 289, National Heart Foundation of Australia (A.C.T. Division) ABN 32 008 507 328, National Heart Foundation of Australia (Victorian Division) ABN 25 004 463 334, National Heart Foundation of Australia (Tasmania Division) ABN 17 009 481 707, National Heart Foundation of Australia (South Australian Division) Incorporated ABN 70 140 886 652, National Heart Foundation of Australia (Western Australian Division) ABN 99 863 968 377, and National Heart Foundation of Australia (Northern Territory Division) Incorporated ABN 48 842 342 239.
The Heart Foundation is Australia’s leading heart health charity, saving lives through funding heart health research, community education programs and services to patients. The Heart Foundation is funded almost entirely by public donations and gifts from people’s wills.
The Heart Foundation was established in 1959 and since then has played a leading role in decreasing the incidence of death from heart disease by almost 70%. Despite this success, heart disease remains the biggest cause of premature death in Australia today and the Heart Foundation works to help all Australians live longer healthier lives.
The Australian Privacy Principles
The Australian Government introduced new legislation, effective 12 March 2014, which further protects the privacy of individuals. These principles replace the National Privacy Principles that came into force on 21 December 2001. You can find out more about these principles by calling the Office of the Australian Information Commissioner on 1300 36 39 92 or through their website at http://www.oaic.gov.au/
The Heart Foundation respects and upholds your right to privacy protection under the National Privacy Principles in regulating how we collect, use, disclose and hold your personal information. We have a detailed policy and set of procedures to ensure that only authorised staff have access to your personal information and that it remains confidential and is only used for appropriate purposes and in accordance with this notice.
Why we collect your personal information
Your personal and sensitive information, including health information, is only collected as is necessary for a function or activity, or to enable the Heart Foundation to carry out its work and deliver services to the community.
The Heart Foundation is very grateful to the many thousands of people around Australia who provide financial support to allow us to continue our important lifesaving work. When you give us personal information such as your name and address, we record it on our database and may use it to contact you in the future.
We may use your personal information to send you information on heart health or to let you know about our programs, research funding, special events and fundraising programs. Each time we send you a direct marketing communication we will provide you with a simple way to ’opt out’ of receiving similar communications in the future.
You can also let us know that you do not wish to receive any further communications by contacting the Privacy Officer in your state or territory as detailed below.
The Heart Foundation will not collect sensitive information about health, racial or ethnic origin, political opinions or membership, religious or philosophical beliefs, trade association or union membership, sexual preferences or criminal record unless you have consented to give this information and it is relevant to the work of the Heart Foundation. We will always collect such information in a non-intrusive, lawful and fair manner. We will offer you the option of not identifying yourself or of using a pseudonym where it is practical to do so.
Opting out or modifying your information
If you want to change any information that you have previously given us, or if you want to opt out of future communications please contact the Privacy Officer in your state or territory as detailed below.
How we collect your personal information
We collect your personal information when you provide it to the Heart Foundation in a number of ways including but not limited to:
- through a call to our Health Information Service
- by participating in one of the Heart Foundation’s many community fundraising and information events
- when you respond to our fundraising campaigns.
We may also collect your personal information in other ways, for example through the purchase of commercial lists, and from publicly available sources such as the telephone directory.
You may be photographed when you attend Heart Foundation events however wherever practical we would seek to obtain your consent prior to using the image obtained.
How we keep your personal information secure
If you provide us with information via a form on our website, it is stored securely in our databases and only accessed by staff authorised by the Heart Foundation. The Heart Foundation uses a range of hardware and software security measures to protect our information and ensure that only authorised staff are granted access.
Disclosing your personal information
The Heart Foundation will not provide your personal information to any other individuals or organisations without your prior consent except where required by law to do so or where that information is provided on a confidential basis to contractors who provide services to the Heart Foundation (for example database management, printing and mailing). In these cases, we ensure that our contractors are also bound by the Australian Privacy Principles to keep your personal information confidential.
The Heart Foundation is very thankful to people who are willing to share their personal stories of heart disease with others through media stories and in our newsletters. We will only use your personal information for publicity purposes or as stories in newsletters with your express written permission.
The Heart Foundation may, from time to time, include selected messages from Heart Foundation event sponsors, collaborators or third parties however we will not provide your details to any third party for marketing purposes without your prior consent.
Transfer of information overseas would normally only occur for data processing purposes, for example third party payment facilitators may process their data off-shore. The Heart Foundation’s payment gateway currently processes data in the USA. The Heart Foundation will not transfer your personal information overseas or into the “cloud” unless we have taken reasonable steps to ensure that the information which is being transferred will not be held, used or disclosed by the recipient of the information in a manner which is inconsistent with the Australian Privacy Principles.
The Heart Foundation will sometimes use third party service providers to conduct surveys and facilitate information collection and event registration. Some of these service providers conduct all or part of their business overseas and so your personal information may be transferred overseas as a result. The Heart Foundation conducts a due diligence process before entering into an agreement with these service providers and will take all reasonable steps to ensure that your information is not used in a manner inconsistent with the Australian Privacy Principles.
Visiting our website
Where you provide your email address to us we will only use it for the purpose provided unless you have consented to us using it for additional purposes, and we will not pass it on to any other person or organisation unless we have disclosed this to you. We may also disclose your information where required by law to do so.
The Heart Foundation’s websites may contain links to other sites of interest. The Heart Foundation does not control, and is not responsible for, the content or privacy practices of those websites. Please check the Privacy Policies on other websites before you provide your personal information to them.
Our Website Security
Forwarding credit card numbers or other sensitive information via email or facsimile is not safe. We suggest that you do not send information to us in either format.
Certain sections of the Heart Foundation’s websites are secured using SSL technology to encrypt data between your browser and the website. If you are entering any payment or credit card information on the internet, you should confirm that the page is secured (padlock symbol in your browser) before entering any information. We make every effort possible to make your donations and transactions within our site as secure and safe as possible for you.
By using this website you acknowledge and agree that the internet is inherently insecure and that you use the internet at your own risk. You acknowledge that you do not hold the Heart Foundation liable for any security breaches, viruses, Trojans or other malicious software that may infect your computer or any loss of data, revenue or otherwise that may occur as a result of using this website.
We recommend the use of Microsoft Internet Explorer v9 or higher with a minimum resolution of 1024×768 for best viewing of Heart Foundation websites.
From time to time the Heart Foundation may contact donors directly to update or confirm their personal or credit card details. We will only disclose to you the last four digits of your credit card number – any contact you receive requesting a full credit card number and CVV number should be considered a hoax and you should disregard it and report the contact to http://www.scamwatch.gov.au or contact the Heart Foundation’s Supporter Services team on 1300 72 44 75 for further information.
The Spam Act 2003
The Spam Act prohibits the sending of unsolicited emails, SMS and MMS messages for commercial purposes from or within Australia or to people in Australia, and bans the supply and use of software designed to harvest email addresses. While charities do have some exemptions from this Act, the Heart Foundation will be guided by the best practice guidelines developed on responsible electronic messaging practices by the Association for Data-driven Marketing & Advertising in conjunction with industry and consumer representatives and administered by the Australian Communications and Media Authority.
Changes to our Privacy Notice
The Heart Foundation may, without notice, amend or modify its Privacy Notice by posting the amended Privacy Notice to the Heart Foundation’s website.
How to access, correct or update your personal information
If you have any complaints, questions or concerns about what information the Heart Foundation holds or about the accuracy of that information, please contact the Privacy Officer in your state or territory.
If you would like to access the information that we hold about you, or to complain about a possible breach of the Australian Privacy Principles, you can write to the Privacy Officer at the address provided below. We will respond to your complaint or endeavour to give you access to the information requested within two weeks. In order to maintain the confidentiality of your personal information, we will ask you to come into the Heart Foundation office nearest you and to bring with you specific identification before we give you access. If it is not practical for you to visit our office, we will arrange to check your identification before we mail the information out to you.
If the information that we hold about you is incorrect or not up-to-date, we will update it as soon as possible after you have shown us how and why it is incorrect.
In the unlikely event that we are unable to provide you with access to your personal information for legal reasons as specified in the Privacy Act, we will provide you with reasons for denying access.
The Privacy Officer in your state or territory can be contacted by:
- Phoning: 1300 55 02 82
- Writing to:
The Privacy Officer
GPO Box 9966
In your capital city
- Emailing: firstname.lastname@example.org