Hornsby & District Chamber of Commerce & Industry Inc. (“HC”) ABN 83 583 278 930 provides membership and business services such as educational workshops, guest speaker luncheons and breakfasts and ad hoc events in conjunction with other organisations.
The purpose of this policy
We are bound by the Privacy Act and the Australian Privacy Principles (APPs) which regulate the collection, use and disclosure of personal information. This Privacy Policy explains:
- the scope of our Privacy Policy;
- why we collect personal information;
- what personal information we collect;
- how we collect and use your personal information;
- how we disclose your personal information, including to overseas recipients;
- your right to access your personal information;
- your right to correct your personal information;
- how we protect the integrity of your personal information;
- your right to make a privacy complaint; and
- how you can contact us regarding privacy concerns. We reserve the right to review, and if necessary, change this Privacy Policy.
Scope
This Privacy Policy governs all personal information collected by and provided to us and must be adhered to by all persons who access, use, process, control or otherwise deal with personal information on our behalf. This policy applies to independent contractors as well as individuals who provide us with their personal information. This Privacy Policy does not apply to our acts and practices which relate directly to the employee records of our current and former employees.
What is personal information?
Personal information is any information that can be used to identify you. This includes any personal information or opinions about you, whether true or not, no matter how the information or opinions are recorded. The information may be collected from you directly or provided to us by another party. Sensitive information is a special category of personal information and includes, but is not limited to, information about your health, race or ethnic origin, political or religious beliefs, membership of a trade union or association, or criminal record. Health information includes personal information collected from you in order to provide a health service. There are greater restrictions that apply to our collection, storage, use and disclosure of sensitive information under the Privacy Act.
Why do we collect personal information?
We collect personal information from you for the following purposes (Primary Purpose):
- to lawfully carry out our functions and activities;
- to deliver the products and services that you requested;
- to provide you with further information about the products and services you requested;
- to personalise and customise your experiences with us;
- to help us review, manage and enhance our services;
- to develop insights used in reports or other content developed by us;
- to communicate with you;
- for administration purposes, including charging, billing and collecting debts;
- to promote and market those of our other products and services which we consider may be of interest to you;
- when considering making offers to job applicants and prospective employees or for employment purposes; and
- to receive services from you or the organisation which employs you.
In addition to the Primary Purpose, we may use the personal information we collect and you consent to us using your personal information to:
- provide you with news about any products and services;
- send you marketing and promotional material that you may be interested in;
- communicate with you, including by email, telephone and mail;
- manage and enhance products or your experience on our Website and domains;
- conduct surveys or promotions;
- verify your identity;
- investigate any complaints about, or made by you, or if we have reason to suspect you have breached any relevant terms and conditions; and
- as required or permitted by any law. Unless otherwise provided by law, we will not collect, hold, use or disclose sensitive information without your consent.
What personal information do we collect?
The nature and extent of personal information we collect varies depending on your particular interaction with us and the nature of our functions and activities. Personal information that we commonly collect from you would include (but is not limited to):
- your name, and position in your company
- your address, email address, telephone numbers, gender;
- your financial information including credit card and banking information;
- details about your business, Australian Business Number; and
- nature of products or services being sought for the purposes of filling your order.
We also collect information that is not personal information, such as data relating to your activity on our Website. If you feel that the personal information that we are requesting at any point is not information that you wish to provide, please feel free to raise this with us.
How do we collect personal information?
Generally, personal information is collected by us from a variety of sources, including when dealing with members or customers, when dealing with individuals, undertaking marketing initiatives, or when recruiting. For example, we may collect personal information from you in the following circumstances:
- when you are dealing with membership services,
- fulfilling your registrations to events, or participating in surveys; or
- when you deal with us as an independent contractor.
Personal information may be provided by you using our website or by telephone, business cards, contracts, applications, competition entries, survey entries, mail or email, registration forms, face-to-face or in writing, whether verbally, in hardcopy or electronic format. Where possible, we collect your personal information directly from you. In some circumstances we may obtain personal information from a third party.
If you provide personal information about another person to us, we require that you:
- inform that person you have done so and provide them with a copy of this policy; and
- confirm to us that you have that person’s consent to provide such information for the purpose specified.
If we receive unsolicited personal information about you that we could not have collected in accordance with this Privacy Policy and the Privacy Act, we will within a reasonable period, destroy or de-identify such information received.
Website and Google analytics
Information we collect may include:
- the Internet Protocol address and a component of the domain name used (e.g. .com or .net);
- the type of browser and operating system you used;
- the date and time you visited our Website;
- the web pages or services you accessed at our Website;
- the time spent on individual pages and our Website overall;
- which files you downloaded; and
- information about your computer and Internet connections using cookies.
We use Google Analytics to obtain a more detailed understanding of our Website users and their potential needs. We do not collect personal information by such methods; only aggregate data is used for planning purposes.
How do we use your personal information?
We will only use and disclose your personal information:
- for purposes which are related to the Primary Purpose; or
- if we otherwise get your consent to do so, in accordance with this Privacy Policy and the Privacy Act.
We will not use your personal information for any purpose for which you would not reasonably expect us to use your personal information. Additionally, we will not disclose your sensitive information without your consent, unless there is a need to disclose such information in accordance with the Privacy Act or to comply with any other regulatory requirement.
We will only use or disclose your personal information for the purposes of direct marketing if:
- we collected the information from you;
- it is reasonable in the circumstances to expect that we would use or disclose the information for direct marketing purposes;
- we provide you with a simple means to ‘opt-out’ of direct marketing communications from us; and
- you have not elected to ‘opt-out’ from receiving such direct marketing communications from us.
You may opt out of receiving such communications by:
- clicking a link on the email communications sent to you;
- emailing us at [email protected]; or
- writing to us at Hornsby Chamber of Commerce, PO Box 1622, Hornsby Westfield NSW 1635
What happens if you choose not to provide your personal information?
You are not obliged to give us your personal information. If you would like to access any of our services on an anonymous basis or using a pseudonym, we will take reasonable steps to comply with your request.
However, we will require you to identify yourself if:
- we are required by law to deal with individuals who have identified themselves; or
- it is impracticable for us to deal with you if you do not identify yourself or elect to use a pseudonym.
Please also be aware that your request to be anonymous or to use a pseudonym may affect our ability to provide you with the requested goods and/or services and the range of options available to you or the organisation as a member may be limited. For example, we may not be able to provide the full range of member services or allow you or your organisation to participate in networking functions, seminars and events, or successfully deliver any products and services that you have purchased from our Website if you do not provide your personal information.
When do we disclose your personal information?
For the purposes referred to above in this Privacy Policy, you acknowledge and agree that we may disclose personal information and you consent to us disclosing such personal information to:
- third parties engaged by us to perform functions or provide products or services on our or their behalf such as mail outs, marketing or advertising;
- third parties that sponsor or promote us;
- third party contractors engaged to provide online credit card account processing and related services.
When you pay your accounts online, a secure server is used via Stripe. Stripe encrypts the information you send through our website. For further information about Stripe and how they collect, use and disclose personal information, please use the link provided below. For further information about the encryption process, please use the link provided. We make no warranty in respect of the strength or effectiveness of that encryption and we are not responsible or liable for events arising from unauthorised access of the information you provide;
- our professional advisors, including our accountants, auditors and lawyers;
- persons authorised by you to receive information held by us; and
- any persons as required or permitted by any law.
Stripe’s Australian privacy policy: https://stripe.com/au/privacy
Do we send information overseas?
We may in some circumstances as necessary send personal information to overseas recipients (including recipients which may or may not be affiliated with us). The countries in which likely overseas recipients of personal information are located includes: USA.
- Our email marketing provider MailChimp is located in the USA and the information provided to MailChimp is only your name and email address. View MailChimp’s privacy policy here: http://mailchimp.com/legal/
- Our membership management software provider is located in the USA and the information provided to MembershipWorks includes your business name, personal name, address, email address, telephone number, fax number, website address, password, Australian Business Number, company industry, number of company employees, business logo, any images uploaded by the user, business description, website links to social media pages and details about business promotions. View MembershipWorks privacy policy and terms of service here: https://membershipworks.com/tos/
If we send personal information to overseas recipients, we will take reasonable measures to protect your personal information such as ensuring personal information is de-identified where appropriate before being transmitted. However, you acknowledge and agree that if we disclose personal information to overseas recipients, we are not obliged to take reasonable steps to ensure overseas recipients of your personal information comply with the Privacy Act and the APPs.
Access to your personal information
If you require access to your personal information, please contact our Executive Officer. You are required to put your request in writing and provide proof of your identity. We are not obliged to allow access to your personal information if:
- we reasonably believe that giving access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety;
- giving access would have an unreasonable impact on the privacy of other individuals;
- the request for access is frivolous or vexatious;
- the information relates to existing or anticipated legal proceedings between you and us and would not ordinarily be accessible by the discovery process in such proceedings;
- giving access would reveal our intentions in relation to negotiations with you in a way that would prejudice those negotiations;
- giving access would be unlawful;
- denying access is required or authorised by or under an Australian law or a court/tribunal order;
- we have reason to suspect that unlawful activity, or misconduct of a serious nature relating to our functions or activities has been, is being or may be engaged in and giving access would be likely to prejudice the taking of appropriate action in relation to the matter;
- giving access would be likely to prejudice one or more enforcement related activities conducted by, or on behalf of, an enforcement body; or
- giving access would reveal internal evaluative information in connection with a commercially sensitive decision-making process.
If you make a request for access to personal information, we will:
- respond to your request within a reasonable period; and
- if reasonable and practicable, give access to the information in the manner requested.
If we refuse to give access to the personal information because of an exception or in the manner requested by you, we will give you a written notice that sets out at a minimum:
- our reasons for the refusal (to the extent it is reasonable to do so); and
- the mechanisms available to complain about the refusal.
We reserve the right to charge you reasonable expenses for providing access to personal information, for example, a fee for photocopying any information requested by you. Nothing in this Privacy Policy replaces other informal or legal procedures by which you can be provided with access to personal information.
Correction of your personal information
We request that you keep your personal information as current as possible. If you feel that information about you is not accurate or your details have or are about to change, you can email us at [email protected] and we will correct or update your personal information. If you make a request to correct your personal information, we will:
- respond to your request within a reasonable period; and
- if reasonable and practicable, correct the information in the manner requested.
If we refuse a request to correct personal information, we will:
- give you a written notice setting out the reasons for the refusal and how you may make a complaint; and
- take reasonable steps to include a statement with your personal information we refuse to correct.
Nothing in this Privacy Policy replaces other informal or legal procedures by which you can correct personal information.
Integrity of your personal information
We will take reasonable steps to:
- ensure that the personal information that we collect is accurate, up to date and complete;
- ensure that the personal information that we hold, use or disclose is, with regard to the relevant purpose, accurate, up to date, complete and relevant; and
- secure your personal information while it is being held by us.
We will take reasonable steps to protect personal information from:
- misuse, interference and loss; and
- unauthorised access, modification or disclosure.
Electronic information is protected by various security measures (including encryption and password protection) and physical paper files are stored in a secure location. Personal information is de-identified where appropriate. Data protection includes the use of password access areas and secure servers. You acknowledge that the security of communications sent by electronic means or by post cannot be guaranteed. We cannot accept responsibility for misuse, loss or unauthorised access to your personal information where the security of information is not within our control. If you suspect any misuse or loss of your personal information, please contact us immediately. We will take reasonable steps to destroy or de-identify any personal information held by us if we no longer need to hold the information for the purpose it was collected and we are not otherwise required by law to retain the information.
Complaints
If you have a complaint about how we collect, use, disclose, manage or protect your personal information, or otherwise consider there may be a breach of the Privacy Act or the APPs, please contact us in writing. We treat all complaints seriously and intend to resolve your complaint within a reasonable timeframe, usually 14 days or otherwise as soon as practicable. However, in some complex cases, resolution may take longer. Once the complaint has been received, we will try to resolve the matter in a number of ways:
- Request for further information: We may request further information from you. You should be prepared to provide us with as much information as possible, including details of any relevant dates and documentation. This will enable us to investigate the complaint and determine an appropriate solution. All details provided will be kept confidential.
- Discuss options: We will discuss options for resolution with you and if you have suggestions about how the matter might be resolved you should raise these with our Executive Officer.
- Investigation: Where necessary, the complaint will be investigated. We will try to do so within a reasonable time frame. It may be necessary to contact others in order to proceed with the investigation. This may be necessary in order to progress your complaint.
- Conduct of our volunteers and contractors: If your complaint involves the conduct of our volunteers or contractors, we will raise the matter with the individuals concerned and seek their comment and input in the resolution of the complaint. You are free to lodge a complaint directly with the Office of the Australian Information Commissioner (OAIC) online, by mail, fax or email. For more information please visit the OAIC website at http://www.oaic.gov.au/privacy/making-a-privacy-complaint.
Contact
Please forward all correspondence in respect of this Privacy Policy to the Executive Officer, who can be contacted by mail or email as follows:
- Hornsby Chamber of Commerce, PO Box 1622, Hornsby Westfield, NSW 1635 Australia
- [email protected]
Interpretation and Definitions
Personal pronouns: Except where the context otherwise provides or requires:
- the terms we, us or our refers Hornsby & District Chamber of Commerce & Industry Inc. (HC); and
- the terms you or your refers to any person who provides us with personal information, whether via the website or otherwise.
Defined terms: In this Privacy Policy unless otherwise provided, the following terms shall have their meaning as specified
HC means Hornsby & District Chamber of Commerce & Industry Inc., ABN 83 583 278 930.
Privacy Act means the Privacy Act 1988 (Cth) as amended.
Privacy Policy means this privacy policy as amended.
Website means the HC website at hornsbychamber.com.au
Terms italicised and defined in the Privacy Act have the meaning given to them in the Privacy Act.
Questions?
If you have any questions in relation to the HC Privacy Policy please contact our Executive Officer at [email protected]