×
DONATE NOW
0

No products in the cart.

Privacy & Data Collection Policy

Purpose

Heart Hub South West (HHSW) collects, uses and manages personal information to deliver community programs, workshops, and road-trauma support activities; manage volunteers and staff; maintain donor and stakeholder relationships; and meet reporting requirements to funders.

HHSW is committed to protecting the privacy of individuals in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

Scope

This policy applies to all Committee members, employees, contractors, and volunteers who collect, access, or manage personal information on behalf of HHSW.

HHSW collects and administers personal information for the purpose of delivering community and wellbeing programs; managing volunteers and employees; and maintaining relationships with donors, sponsors, and participants.

Although HHSW’s operations fall below the mandatory threshold under the Privacy Act 1988 (Cth), the organisation voluntarily complies with the APPs to demonstrate good governance and community trust.

HHSW is committed to:

  1. Collecting only the information necessary for its activities and functions;
  2. Informing individuals about why information is collected and how it will be used;
  3. Using and disclosing personal information only for legitimate operational purposes or with consent;
  4. Storing and disposing of information securely to prevent unauthorised access; and
  5. Providing individuals with access to, and correction of, their personal

Collection of Personal information

HHSW collects information directly from individuals wherever practicable, including:

  • Contact details and communication preferences;
  • Information required for participation in programs, workshops or volunteer roles;
  • Payment or donation information; and
  • Demographic or feedback data used to improve services.

Information may also be received from partner organisations or referrers with the individual’s consent.

Where information relates to a person under 18 years of age, consent will be obtained from a parent or guardian.

Use and Disclosure of Information

Personal information will be used only for the purpose for which it was collected or for a related purpose reasonably expected by the individual. Information may be disclosed:

  • To trusted third-party service providers under contract
    (e.g. Microsoft 365, secure cloud based CRM systems, accounting software, web hosts, or payment processors);
  • To funders in aggregated or de-identified form to meet reporting obligations;
  • For evaluation or continuous-improvement activities using de-identified data; or
  • Where required by law.
  • Individuals may opt out of HHSW mailing lists or marketing communications at any time. HHSW does not sell or rent personal information to any organisation or individual

Website and Online Data Collection

HHSW collects limited information through its website for merchandise sales, event bookings, workshop registrations, and service enquiries.

Data is used only for its intended purpose and stored securely by HHSW or approved third-party providers.

The website may use cookies or analytics to monitor general usage; users can disable cookies in their browser if preferred.

HHSW aims to store website data within Australia wherever possible.

Social Media and Digital Engagement

HHSW manages social-media accounts and digital newsletters to share updates and engage with the community. Information shared publicly on these platforms may be visible to others.

HHSW does not control how third-party platforms collect or manage user data, and individuals should review each platform’s privacy policy before engaging.

Data Storage and Security

HHSW protects personal information through password-protected systems, reputable cloud providers, and locked physical storage. Access is restricted to authorised personnel for legitimate business purposes. Where feasible, HHSW ensures data is stored on Australian-based servers

Access and Correction

Individuals may request access to, or correction of, their personal information by contacting the Secretary or President.

Requests will be responded to within 30 days unless otherwise required by law. If concerns cannot be resolved, individuals may contact the Office of the Australian Information Commissioner (www.oaic.gov.au).

Third-Party Service Providers

When engaging external providers, HHSW requires them to comply with confidentiality and data-security obligations consistent with the Privacy Act 1988 (Cth).

Privacy Breach Management

All suspected or actual privacy breaches must be reported immediately to the President or Secretary.

HHSW will assess the breach, take remedial action, and, if required, notify affected individuals and the OAIC in accordance with the Notifiable Data Breaches (NDB) Scheme.

Training and Awareness

All staff, volunteers, and committee members who handle personal information receive periodic privacy and data-security training and are required to adhere to this policy. The President may delegate privacy responsibilities to another authorised committee member or consultant as required.

Record Retention

Personal information will be retained for as long as necessary to fulfil its purpose or as required by law or funding contracts.

Disposal of records will be undertaken securely in line with HHSW’s record

Contact for Privacy Matters

Email: support@hearthubsw.com.au 

Postal: 1 Hampton Court, Collie WA 6225

All privacy enquiries will be managed promptly and confidentially.

Review

This policy will be reviewed every two (2) years or sooner if significant legislative, technological, or operational changes occur.