On this page

Introduction

Vision Australia is committed to maintaining the privacy of your personal information. Vision Australia is also bound by the Privacy Act 1988 (Privacy Act). Any personal information we collect will be handled in accordance with the Australian Privacy Principles (APPs) outlined in the Privacy Act and any applicable state or territory legislation.

Privacy law is regulated by the Australian Information Commissioner. Further information about privacy legislation can be obtained from the Office of the Australian Information Commissioner website at: www.oaic.gov.au.

About this Policy

This privacy policy sets out how Vision Australia complies with its obligations under the Privacy Act regarding the collection, use, disclosure, storage, security of and access to the personal information of clients, donors, members, volunteers, job applicants and staff.

We reserve the right (at our discretion) to modify, amend or replace this policy from time to time. A new version of this policy will be posted to our website when this policy is modified, amended or replaced. We recommend that you regularly review our privacy policy.

Further information can be found in our Donor Privacy Policy and the Website Privacy Notice.

Policy

1. Types of personal information we collect -

Personal information is information or an opinion about you where your identity can be reasonably ascertained.

Sensitive information is a subset of personal information that generally has a higher level of privacy protection than other personal information, such as health information.

Vision Australia will only collect personal information necessary to deliver our services and conduct the business activities that support this.

We collect different types of information depending on our relationship with you, as follows:

Clients/customers:

We generally collect the following types of personal information regarding our clients/customers and their representatives:

  • name, pronouns, date of birth, contact details, details of next of kin or emergency contact, payment details, Medicare number, NDIS number and/or My Aged Care number as relevant to the service being provided, product being acquired and other information relevant to my relationship with Vision Australia, such as communication preferences, interests and interaction history.

In addition, where required to ensure safety and/or compliance with external obligations we may also collect sensitive information such as:

  • details of your eye condition and other health or cultural information, including COVID-19 vaccination status.

Job applicants, contractors, volunteers and employees:

We also collect certain personal information about employees, volunteers, applicants for those positions and contractors wishing to supply products and/or services to us as well as their employees, including:

  • resumes, employment histories and qualifications, training records and competency assessments, police checks and other suitability checks.

We may also collect sensitive information such as medical histories directly related to the individual’s ability to perform the inherent requirements of the position, and immunisation status where required by law or with your consent.

Donors:

We collect certain personal information about donors to process their donations, communicate with donors, and ensure a complete and accurate record of a donor’s history and engagement with Vision Australia, including:

  • personal details such name, pronouns and date of birth, contact details, transaction details including authorisations and dates and amounts of transactions, payment information for donations, records of your communication and interaction with us.

2. How we collect your personal information –

Vision Australia collects personal information through a variety of methods including electronic or face-to-face interactions, interaction with our website or over the telephone, requests for information, and from our employees, volunteers and contractors in the course of providing goods and services. Where possible, we collect personal information directly from individuals or their authorised representatives. However, information may also be collected through referrals from other service providers, the process of obtaining donations, lottery campaigns, and from commercial list providers or information provided by other charities.

Other methods of collection include the following:

(a) Information collected on our website –

i. Member account services

Where an individual elects to save their details on the Vision Australia website, we will collect this information to create an account showing their shop order history, donation history and/or access to library services.

ii. Visitor information

In common with many websites we may collect aggregated information which tells us about visitors to Vision Australia sites but not the identity of those visitors. For example, we may collect information about the date, time and duration of visits and which pages of the Vision Australia website are most commonly accessed. This information is used by us to help to administer and improve the Vision Australia website.

The Vision Australia website may use ‘cookies’. Cookies are small files which are stored on a user's computer. They are designed to hold a modest amount of data specific to a particular client and website and can be accessed either by the web server or the client computer. This allows the server to deliver a page tailored to a particular user, or the page itself can contain some script which is aware of the data in the cookie and so is able to carry information from one visit to the website (or related site) to the next. Cookies may also be used to manage security and store information about the type of browser being used. With most internet browsers, users can erase cookies from their computer, block all cookies, or receive a warning before a cookie is stored. However, some parts of the Vision Australia site may not function fully for users that disallow cookies.

(b) Collection of payment information (for donations and payment for services)

Donations and payments can be made several ways, including via our Vision Australia Website or over the telephone.

If you make a donation via our website, you will be directed to a secure third-party payment gateway, using a VeriSign Trust Network Secure Socket Layer (SSL) Certificate with 128-bit high grade encryption. Payments made through such payment gateways are subject to the terms and conditions and privacy policy of the relevant third-party providers.

Unless provided otherwise, all online payments for donations are to be made by credit card. You must therefore provide to Vision Australia details of your credit card, including:

  • credit card type;
  • name on credit card;
  • credit card number;
  • expiry date; and
  • CCV number (where available).

Vision Australia will collect the same information if you make a donation or payment over the telephone.

Your details for payment will be collected and stored in-house by Vision Australia and processed within a reasonable timeframe. Vision Australia will delete your credit card details once successfully processed, except where you have authorised regular (such as monthly) donations or regular payments.

(c) Third Party Suppliers –

From time-to-time, Vision Australia may obtain details for prospective donors from like-minded organisations or third-party suppliers. Prior to acquiring a list of prospective donors’ contact details, Vision Australia enters into an agreement with like-minded organisations or third-party suppliers to confirm that:

  • the information on the list was obtained in accordance with the Australian Privacy Principles and/or that the list owner is held responsible if their disclosure of the data to Vision Australia or Vision Australia’s use of the data to contact
  • the supplier has provided the donors with the opportunity to have their details removed from the list.

If a prospective donor contacts Vision Australia to find out how we obtained their details, staff and volunteers are obliged to disclose this information. In particular, if Vision Australia obtained the prospective donor’s details from a list provided by a like-minded organisation or a third-party supplier, Vision Australia will let the prospective donor know the name of the list and the supplier. The list supplier will be contacted by Vision Australia and informed of the inquiry. Should the prospective donor not wish to be contacted, a request for the name to be suppressed from future data supply will be submitted by Vision Australia to the list supplier. Vision Australia will also record the prospective donors’ details in a suppression list provided the person consents, to avoid communicating to them in the future. In addition, Vision Australia will provide the donor with the Australian Direct Marketing Association’s (ADMA) no-mail service phone number, which is 1800 676 13.

(d) Recordings of calls and meetings –

In some circumstances, Vision Australia may wish to record a telephone call or meeting for training or other purposes. Vision Australia will always notify you and obtain your consent prior to recording a telephone call or meeting. This includes occasions where staff meetings or online training sessions (audio and visual) are recorded. Participants will receive a notification when signing into the meeting and will have the option to either accept and continue or leave the meeting. When seeking consent to record clients and or family/carers this will always be discussed prior, and appropriate consent obtained.

3. How we use your personal information

Vision Australia uses personal information in different ways depending on your relationship to us.

Clients:

We primarily use clients’ personal information to provide them with services. We also use clients’ personal information for other purposes including, but not limited to:

  • complying with our legal obligations;
  • quality assurance, safety and risk management and continuous improvement activities; and
  • to notify individuals of information and opportunities they may be interested in.

Job applicants, contractors, volunteers and employees:

We use personal information about job applicants, contractors and volunteers:

  • to assess their suitability to perform the duties required and deliver services to our clients, where required;
  • to meet our obligations under relevant laws;
  • manage workplace risk and safety; and
  • to improve the services we offer through quality improvement activities such as training.

Vision Australia may use anonymised volunteer personal information to market to similar people.

Donors:

We use personal information about donors:

  • to process donation payments;
  • to provide refunds;
  • to verify identity;
  • to respond to enquiries;
  • to assist us to better understand our donors and, based on your anonymised profile, to market to similar people; and
  • to keep donors up to date with information that may be of interest to them including via direct mail, email, SMS, Facebook, and other social media platforms.

De-identified Data:

De-identified data may be used to meet regulatory and funding requirements or for the purposes of research, internal reporting and improvement of services.

Direct Marketing:

Where not previously requested, and in accordance with Privacy legislation, we may use personal information to communicate with individuals through newsletters or direct marketing. All such communications will provide an option to opt out or unsubscribe.

4. Circumstances in which we disclose your personal information -

Personal information collected about our clients may be disclosed to other parties involved in the providing services to our clients. This may include disclosure of information to, for example, a client’s doctor, eye care specialist, allied health service providers, or relevant government agencies.

We may disclose personal information (including sensitive information) about our clients to:

  • our agents and contractors (e.g., to enable them to perform services under contract with us which may directly or indirectly benefit the client from whom the information was collected);
  • marketing providers to facilitate our marketing of our services to current and prospective clients; including using your anonymised profile to market to similar people;
  • government agencies where this is necessary for us to receive funding and/or comply with our legal obligations to notify the government and police of certain matters;
  • our professional advisers, such as lawyers or auditors;
  • related organisations.

We may also disclose personal information (including sensitive information) about a client, volunteer, employee, contractor, or applicant when required by law or court order or where we are required to do so as a result of any obligations we owe under any contract.

Like-minded Organisations:

Occasionally we allow like-minded organisations to contact our donors with fundraising materials. In return, they help us reach more generous Australians to support our cause. If you do not wish to receive communications from other organisations, please follow the instructions provided on fundraising materials. Requests to opt out or unsubscribe from fundraising material can also be directed to [email protected] or to the National Contact Centre on 1300 84 74 66

5. Security and Retention of personal information –

Vision Australia will take reasonable steps to protect personal information from misuse, interference and loss, unauthorised access, modification or disclosure. Personal information held by Vision Australia is stored electronically in secure databases, or where retention of hard copy documents is required, in secure filing systems. Only authorised Vision Australia personnel are provided with access to individuals’ personal information. Vision Australia retains records as required by legislation and to ensure compliance with contractual obligations. Where personal information is no longer required by Vision Australia, or where required by law, Vision Australia will take reasonable steps to securely destroy or de-identify information in accordance with legal requirements for retention and disposal.

6. Data Breach Notification –

Vision Australia accepts its obligation to keep personal information safe and is open and transparent in how data is handled. In the event that personal data systems are breached, data is misused or lost in a way that is likely to result in serious harm, then Vision Australia will take all reasonable and practicable means to contact individuals whose personal information is involved. Vision Australia will advise such individuals of the extent of the data breach (if known) and advise individuals of the most appropriate means of regaining control of their information, in an effort to limit the personal impact of the breach. If appropriate, Vision Australia will also report any breach of data to the Office of the Australian Information Commissioner (OAIC).

7. Access and correction

Individuals may request access to the personal information Vision Australia holds about them. Where reasonable and practicable to do so, and in accordance with the provisions of the Privacy Act, Vision Australia will provide supervised access to an individual’s personal information. Requests to access personal information must be made in writing, either by email or hard copy and can be forwarded to [email protected]. In the event access to records requires a significant allocation of resources, we may charge a reasonable administration fee to cover costs.

Corrections or updates to personal information supplied by clients or their authorised representatives must be made by the individual or their authorised representative. In all cases, Vision Australia staff must be satisfied changes are authorised by the individual in question. Requests to change personal information supplied by clients or their authorised representative will be actioned as a priority.

8. Disclosure of personal information overseas –

Vision Australia will generally disclose an individual’s personal information to an overseas entity where an individual or their authorised representative explicitly requests disclosure of their personal information to the overseas entity to enable the individual to receive services in that country.

Vision Australia may outsource technological or administrative projects to overseas providers where local services are unavailable or cost prohibitive. In such cases, Vision Australia will take reasonable steps to ensure that the overseas recipient does not breach the APPs. Countries in which we may engage providers to complete this type of activity include New Zealand, the United States, India, Vietnam and the Philippines. Client information will be held in compliance with Vision Australia’s contractual and regulatory requirements.

9. Use, adoption or disclosure of government related identifiers –

Except in relation to a clinical referral to another agency on behalf of the client, Vision Australia will not use, adopt or disclose an identifier assigned to an individual by a Commonwealth agency unless required to by law or where reasonably necessary and in accordance with the APPs.

10. Anonymity and pseudonymity –

Where practical, individuals may deal with Vision Australia anonymously or using a pseudonym. The majority of our services, however, will require collection of personal information to enable Vision Australia to provide the appropriate goods, services or response.

11. Review and improvement –

Vision Australia may update this Privacy Policy from time to time to reflect changes to legislation or internal process improvements. An up-to-date copy of this policy will be maintained on the Vision Australia website which can be accessed via this link: Vision Australia Privacy Policy. If you require this Privacy Policy in an alternative format please contact [email protected].

12. Complaints and enquiries –

Vision Australia takes all complaints seriously. To lodge a complaint, either complete the Complaints and Suggestions for Improvement form on the Vision Australia website or contact the National Contact Centre: 1300 84 74 66. Requests or enquiries regarding this Privacy Policy or personal information held by Vision Australia can be made by email: [email protected].

Complaints must be raised with Vision Australia first. However, if the individual is not satisfied with how Vision Australia has responded to the complaint, they may take the complaint to the Office of the Australian Information Commissioner (OAIC). The OAIC’s contact details are as follows:

Website: oaic.gov.au
Telephone: 1300 363 992
Post: GPO Box 5218, Sydney NSW 2001

Definitions

Australian Privacy Principles (APPs): principles pertaining to the handling of personal information as set out in Schedule 1 of the Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Cth) (Reform Act).

Client: Any person who engages the services of Vision Australia, including parents, family or guardians of children receiving services from the Vision Australia.

Donors: All persons who participate in or support Vision Australia’s revenue generation activities.

Identifier: A number or code assigned by Vision Australia to an individual to identify uniquely the individual for the purposes of Vision Australia's operations that is not identifiable with any number or code assigned to that individual by the Commonwealth.

Individual: a client, donor, member, volunteer, job applicant, or staff member of Vision Australia.

Member: a current member of Vision Australia Limited.

Personnel: All paid and unpaid persons undertaking work for the Vision Australia, including employees, volunteers, individuals on work experience, student placements, secondments and contractors.

Sensitive information: a subset of personal information. Includes information or an opinion about an individual’s racial or ethnic origin, political opinions, memberships, religious beliefs, sexual orientation, health information, criminal record or genetic information.

OAIC: Office of the Australian Information Commissioner. The OAIC is responsible for Privacy, Freedom of Information and information policy.

Vision Australia: Vision Australia Limited (ACN 108 391 83) includes the associated entities of Seeing Eye Dogs Australia Pty Ltd (ACN 004 758 641), 6RPH Pty Ltd ACN 608 797 762, 5RPH Pty Ltd ACN 608 798 661, Quantum Technology Pty Ltd ACN 001 381 728) and Vision Australia Foundation (ACN 007 428 284). Vision Australia Foundation is the trustee company for the Vision Australia Trust.

Cross References

Privacy Act 1988 & Australian Privacy Principles

Applicable state and territory health and information privacy legislation

Authorised by

Ron Hooton, Chief Executive Officer

Document Control

Date created: June 2008

Date last reviewed: July 2023

Version: 2.0

Policy level: 2

Prepared by: Vision Australia Privacy Manager

Approved by: Vision Australia Leadership Group

Next Review: November 2024

Version Control:

Version Prepared by Approved by Effective date Reason for changes Summary of changes
1.0 Privacy Manager Leadership Team Feb 2018    
1.1 Privacy Manager Leadership Team May 2021 Periodic Review Updated template, addition of recording point 5.
2.0 Service Compliance Lead and Board Secretary Leadership Team November 2021 Covid-19 compliance checks and external advice Greater alignment with APP's, advice from Russell Kennedy Lawyers
3.0 Fundraising & Digital Marketing Teams Leadership Team July 2023 Seek advice around data use for remarketing purposes Recommended wording from Russell Kennedy to ensure compliance with APP and allow for permissible use of anonymised contact data for re-marketing purposes