Privacy Policy

COMMITMENT TO PRIVACY

IFYS Limited ACN 131 388 102 and its related bodies corporate (IFYS/we/us/our) understands and appreciates that Service Users, donors and third parties having contact with IFYS, including visitors to and users of the IFYS website ifys.com.au (you/your), are concerned about their privacy and the confidentiality and security of any information that may be provided to us. 

We are committed to protecting your Personal Information and complying with our obligations under the Privacy Act 1988 (Cth) (Privacy Act) and, where relevant, the Information Privacy Act 2009 (Qld) and other State laws governing the use of Personal Information (collectively, Privacy Laws) which regulate how Personal Information is handled from collection to use and disclosure, storage, access and disposal. 

We endeavour to protect user privacy in compliance with the Australian Privacy Principles as prescribed by the Privacy Act.  Further information about the application of the Privacy Act can be found at the website of the Office of the Australian Information Commissioner at www.oaic.gov.au.

 

DEFINED TERMS

Personal Information is defined in the Privacy Act.  It generally means any kind of information in any form about a person that identifies that person, whether it is true or accurate or not, and regardless of how or where it is recorded or stored.  Where the context requires, a reference to Personal Information will mean and include Sensitive Information.

Sensitive Information is defined in the Privacy Act.  It includes Personal Information about racial or ethnic origins, political opinions, memberships of political associations, religious beliefs or affiliations, philosophical beliefs, memberships of professional or trade associations, memberships of trade unions, sexual inclinations, criminal records or health information about an individual.

Service Partner means an entity that provides support to IFYS through the provision of skills, personnel, funding or services, and includes suppliers and contractors.

Service User - a child, young person, adult, consumer, participant or customer receiving or purchasing support or care from an IFYS program.

 

WHO DOES OUR PRIVACY POLICY APPLY TO?

IFYS’ Privacy Policy applies to:

  • All current and past members and officers of IFYS whose Personal Information we have collected;
  • All Service Users or other such persons whose Personal Information is collected in relation to the services offered by IFYS; and
  • All individuals whose Personal Information is collected by us in the course of our functions and activities such as Service Partners and prospective employees.

The Privacy Act and IFYS’ Privacy Policy do not apply to acts or practices which directly relate to the records of employees of IFYS.

This Privacy Policy explains:

  • the nature of the Personal Information we may collect from you;
  • how we manage the Personal Information that we collect, use and disclose;
  • how to contact us if you:
    • have any questions about our management of your Personal Information; or
    • would like to access or correct the Personal Information we hold about you; or
    • would like to lodge a complaint with us regarding our compliance with Privacy Laws. 

 

THE INFORMATION WE MAY COLLECT

IFYS is a not-for-profit community service organisation, delivering programs and services throughout Queensland in areas including (without limitation):

  • Disability and Care Services
  • Foster Care
  • Child Protection
  • Youth Services
  • Family Support Services
  • Employment and Training Services
  • Social Enterprise Projects.

To provide its services, IFYS engages and coordinates employees, volunteers and Service Partners.  We rely on donations, funding and support from private and public corporations, community groups, various levels of government and from members of the community at large.

The types of Personal Information we may collect include (without limitation):

  • identifying information such as name, date of birth, gender and employment details;
  • contact information such as home and business addresses, phone numbers, postal addresses and email addresses;
  • government-issued identifiers including Tax File Numbers or Medicare numbers, ABNs or ACNs;
  • financial information, such as credit card details or bank account details;
  • information on personal issues and experiences, relationships, family background, supports Service Users may have in the community and areas of interest;
  • qualifications, skills and experience; and
  • health information including (without limitation) WorkCover history and/or medical history.

Where possible we collect your Personal and Sensitive Information directly from you.  IFYS collects information through various means including telephone and in-person interviews, appointments, forms and questionnaires.  If you feel that the information that IFYS is requesting, either on our forms or in our discussions with you is not information that you wish to provide, please feel free to raise this. 

In some situations, IFYS may also obtain Personal Information about you from a third party source.  If information is collected about you in this way, IFYS will take reasonable steps to contact you and ensure that you are aware of the purposes for which the Personal Information was collected and the organisations to which IFYS may disclose your information, subject to any exceptions under the Privacy Act.  For example, IFYS may collect information about you from a health care professional, such as (without limitation) your doctor. 

We do not create, use or store profiles of our Service Users and Service Partners.  We only record information that we reasonably require to properly carry out our services. 

You generally have the right not to identify yourself when dealing with us where it is lawful and practicable for us to allow it.  However, on some occasions we may not be able to do this.

If you do not provide or authorise the provision of Personal Information we request, we may be unable to provide you with some or all of our services or the services of our Service Partners.

By becoming or remaining a Service User or Service Partner of IFYS, by utilising any of our services or the services of any of our Service Partners sourced through us, or by otherwise providing Personal Information (including Sensitive Information) to us you confirm that you, and other individuals whose information you provide, have consented to our collecting, using and disclosing your and their Personal Information (including Sensitive Information), however collected by us, in accordance with this Privacy Policy.

 

HOW WE MAY USE OR SHARE YOUR INFORMATION?

We may use Personal Information in any of the following ways:

  • responding to and fulfilling requests for our services;
  • endeavouring to ensure that the services we are providing are the most appropriate services to meet relevant needs;
  • meeting any requirements of government funding programs;
  • monitoring and evaluating existing services and planning for future service needs;
  • responding to questions or suggestions;
  • retaining information for statistical purposes so that we may improve or better direct our services;
  • storing information to save time when dealing with Service Users or with persons authorised to deal with us on a Service User’s behalf;
  • managing and developing our service and operational processes and systems;
  • conducting marketing, feedback and research activities;
  • managing and resolving any legal or commercial complaints or issues;
  • performing other functions and activities relating to our services and activities;
  • responding to applications for employment;
  • processing donations and providing receipts; and
  • compliance with our legal obligations generally. 

In doing so, and for the purposes of this Privacy Policy generally, we may disclose Personal Information to persons or organisations including (without limitation):

  • our Service Partners involved in managing or providing some of our services.  Steps are taken to ensure they comply with the APPs when they handle Personal Information and that they are authorised only to use Personal Information in order to provide the services required by us;
  • our professional advisers, including (without limitation) our lawyers, accountants and auditors;
  • former employers and referees of prospective IFYS employees, including (without limitation) volunteers;
  • doctors and other health care professionals, who assist in the delivery of our services;
  • other government or regulatory bodies, such as WorkSafe or WorkCover;
  • your agents and advisers or other persons authorised by, or responsible for you;
  • government departments or agencies who provide services or funding for our services;
  • other parties to whom we are authorised or required by law to disclose information; and
  • in other circumstances with your consent.

We acknowledge that you may click-through to third party sites from our website.  We cannot assume any responsibility for information from and content of third party sites, including those of our Service Partners.  Our Privacy Policy is applicable only to us and our website and accordingly, we recommend that you also refer to the privacy policies of the other sites you visit. 

 

HOW WE SECURE YOUR PERSONAL INFORMATION

We take all reasonable steps to protect your Personal Information from misuse, loss and from unauthorised access, modification or disclosure.  We store your information securely and have a range of security controls in place to ensure that your information and documents are protected.  Our employees receive Privacy awareness training, and access to Personal Information is restricted to appropriately authorised individuals.

We also take reasonable steps to make sure that the Personal Information that we collect, use and disclose is accurate, complete, up to date and relevant.  We keep your Personal Information for only as long as it is required in order to provide you with products and services and to comply with our legal obligations.  When it is no longer needed for these purposes, we take reasonable steps to destroy or permanently de-identify this Personal Information.

 

INFORMATION USED FOR MARKETING

We collect information from various sources, including external sources, for the purpose of raising funds and developing programs to further progress the aims and objectives of IFYS.  Except where the law would otherwise require, we may provide basic information regarding our contacts (name, address, and telephone numbers) to external organisations.  However, we provide our contacts with the opportunity to decline or modify any further direct marketing.

 

HOW WE COMMUNICATE WITH YOU

To keep you informed quicker, where you provide us with an email address we will send most communications to you by email. 

You can choose how we communicate with you and manage your consents to receiving information by contacting us through the contact details found at the foot of this Privacy Policy.

 

HOW YOU MAY ACCESS AND CONTROL YOUR PERSONAL INFORMATION

You can ask whether we are keeping Personal Information about you by contacting us.  If we have retained information on file, you may request a copy of it.  You may also wish to apply to amend the information if you believe it to be incomplete, inaccurate or irrelevant. 

We will generally provide you with access to your Personal Information, if practicable (although an administration fee may be charged), and will take reasonable steps to amend any Personal Information about you which is inaccurate or out of date.

You can get in touch with us through the contact details found at the foot of this Privacy Policy to request the above any time you wish to do so.

In some circumstances, we may not permit access to your Personal Information or may refuse to correct your Personal Information.  Where this happens we will provide you with reasons for this decision, seek alternatives and take any further legally required steps.

 

DO WE DISCLOSE PERSONAL INFORMATION OVERSEAS?

IFYS uses a Private Cloud platform, with physical servers built in an Australian Data Centre that are used exclusively by IFYS, to ensure that all IFYS data is hosted in Australia, is ISO 27001 certified and complies with Australian Signals Directorate Information Security Registered Assessors Program (IRAP) guidelines.

Accordingly, IFYS will not usually send or store Personal Information outside of Australia, unless there is some lawful compulsion to do so, and only to the extent necessary to ensure performance of our services. 

Should this ever occur, reasonable steps will have been taken to ensure that the data containing Personal Information is given the same type of protection as it is afforded within Australia.  This may be through satisfying ourselves that the overseas facility has controls in place to comply with the Privacy Laws or is located in a country which we believe has a similar privacy regime to Australia’s, or through contractually mandating the adequate management of the data.

On occasion, we may also disclose your Personal Information to overseas organisations where you instruct us or expressly consent to us doing so.  In such cases, we may not take the above steps in relation to the management of your information.

 

COUNTRIES IN WHICH PERSONAL INFORMATION MAY BE STORED

Listed below are countries in which it is possible that Personal Information may be hosted in the unlikely event that offshore data storage is required.  This list does not include countries where you may have specifically instructed us to send your information or expressly consented to us sending your information.

  • Germany
  • India
  • United Kingdom
  • United States of America.

This list may be updated from time to time.  You can visit our website at any time to view the latest version.

 

DO YOU HAVE ANY CONCERNS OVER THE WAY WE HAVE COLLECTED, USED OR DISCLOSED YOUR PERSONAL INFORMATION?

If you have any concerns or queries about the manner in which your Personal Information has been handled, please contact our Privacy Officer whose contact details are provided below.

If you wish to make a formal complaint, please provide your complaint in writing to our Privacy Officer.  We will consider your complaint promptly and contact you to seek to resolve the matter.

Generally, we will contact you to acknowledge receipt of your complaint and let you know who is managing your query within five (5) business days.  We will attend promptly to your complaint and will aim to respond to your concerns or otherwise keep you informed of our progress within thirty (30) days.

If we have not responded to you within a reasonable time or if your complaint is not resolved to your satisfaction, you are entitled under the Privacy Act to make a complaint to the Office of the Australian Information Commissioner.

 

OTHER IMPORTANT INFORMATION

IFYS may use Google advertising programs to improve the online experience including the display of relevant ads on external websites.  These programs are pieces of text that are transferred into the memory of your computer to store preferences, record session information and collect information on how you visit and access our website.  The use of these programs improves the efficiency of navigation throughout our website and assists us to provide services to you in the most convenient and prompt manner.  Anyone can opt out of these programs at any time by clicking here.

We may also use various technology to collect information when you access or use our website ifys.com.au, including placing a piece of data, commonly referred to as a “cookie” on your device. Cookies are small data files that are stored on your computer’s hard drive or in your device memory when you visit a website or view a message. By accessing ifys.com.au, you permit us to collect and use your information from activity on devices you use in accordance with this Privacy Policy.

IFYS may use third-party tracking services using web beacons to track non-personally identifiable information about visitors to our website.  The web beacons help us to better manage content on our website by informing us what content is effective.  In contrast to cookies, which are stored on a user's computer hard drive, clear gifs are embedded invisibly on Web pages and are about the size of the full stop at the end of this sentence. We do not tie the information gathered by clear gifs to our website users' personally identifiable information.

 

CHANGES TO OUR PRIVACY POLICY

This Privacy Policy was last reviewed in June 2020.  As this Privacy Policy is updated from time to time, to obtain a copy of the latest version at any time, you should visit our website at ifys.com.au.

IFYS reserves the right to change, modify or amend our Privacy Policy at any time by updating this Privacy Policy on our website without any form of notice.  If IFYS is of the belief that any change to our Privacy Policy will materially affect persons dealing with us, we will endeavour to provide a notice on our website of the relevant changes. 

Please direct all queries about this Privacy Policy and information regarding the retention of your Personal Information to:

IFYS Limited

Email:            admin@ifys.com.au

Post:              PO Box 1291

Maroochydore   QLD   4558

Australia

Telephone:    07 5438 3000