Privacy Policy

Download Privacy Policy

Introduction

1.          This policy has been prepared as part of a common governance pack for adoption by those organisations which centrally administer, manage or support the affairs of the Anglican Church Diocese of Sydney (the “Sydney Anglicans Group”). It has been adopted by the board of Safe Ministry Board (“we”, “us” or “our”) as part of the Sydney Anglicans Group.

2.          We undertake the following functions:

·        administering the Diocesan Pastoral Care and
Assistance Scheme for survivors of child sexual abuse, including through the
appointment of ‘contact persons’ to receive allegations of abuse and
applications for assistance,

·        administering the diocesan complaints procedure
in relation to clergy and church workers against whom complaints are made under
the disciplinary ordinances of the Diocese,

·        maintaining a database of persons against whom
complaints have been made, 

·        undertaking screening of all clergy and church
worker appointments for which a licence or authority is required from the
Archbishop, 

·        having overall responsibility for ensuring that
all parishes of the Diocese are child protection compliant,

·        providing Safe Ministry Training to members of
Anglican Churches and others (including through online means),

·        providing other support and advice to parishes
and diocesan organisations in respect to child protection, and

·        providing a secure records repository for use by
Anglican Parishes of the Diocese to store child protection and safe ministry
information.

More information about our work is available at www.safeministry.org.au.

Purpose

1.          This policy summarises how we deal with your personal information. We recognise and respect every person’s right to privacy and confidentiality.

Commitment

1.          We are committed to protecting your personal
information in accordance with the Privacy Act 1988 (Cth) and the
Australian Privacy Principles. 

2.          By visiting our pages on the Sydney Anglicans
website, using any of our services or otherwise providing us with your personal
information (or authorising it to be provided to us by someone else), you agree
to your personal information being handled as set out in this Privacy Policy.

Definitions

1.          For the purposes of this policy, and in accordance with the Privacy Act 1988

Personal Information                  is information or an opinion about an identified individual or an individual who is reasonably identifiable.

Sensitive Information                 includes personal information about health, race or ethnic origin, political opinions, religious beliefs, philosophical beliefs, sexual orientation or practices, or criminal record. 

2.          For the purposes of this policy –

Permitted general situation includes:

(a)        lessening or preventing a serious risk to life,
health or safety,

(b)        taking appropriate action in relation to
suspected unlawful activity or serious misconduct,

(c)        locating a person reported as missing,

(d)        where it is reasonably necessary for
establishing, exercising or defending a legal or equitable claim, and

(e)        where it is reasonably necessary for a confidential alternative dispute resolution process.

3.          For the purposes of this policy –

Proper administration of the Diocese is any act or practice which is –

(a)        performed pursuant to or under an ordinance or resolution of the Synod or the Standing Committee of the Anglican Diocese of Sydney or a canon of the General Synod of the Anglican Church of Australia,

(b)        reasonably necessary to give effect to an ordinance or resolution of the Synod or the Standing Committee

(c)        a discharge of the duties or exercise of the powers and authorities, however arising, of the Archbishop of Sydney,

(d)        reasonably necessary for the Registry or an officer of the Synod or the Standing Committee to discharge their duties in the central administration of the affairs of the Diocese,

(e)        reasonably necessary for us to provide a service to you, or to arrange for others to provide a service to you, which you have requested or we are required by the Synod or the Standing Committee to provide or arrange, or

(f)         otherwise identified in this Policy as necessary for the proper administration of the Diocese or is incidental thereto.

Collection of Personal information

  1. We collect and hold personal information about a range of people, including the people mentioned in the Schedule.
  2. We only collect personal information where it is reasonably necessary for the proper administration of the Diocese, the provision of our services, or for arranging others to provide you with a service you have requested, or if required or permitted by law. This may include the information set out in the Schedule.
  3. We may collect your personal information in various ways, including through making records of face-to-face meetings or via telephone, our website (including through entry into an online database), in writing (including by email or other electronic means) and/or through online forms/surveys, whether hosted on a third party website or our own.
  4. We may also use contractors or other service providers to collect personal information. An example is a Contact Person who receive disclosures via the abuse reporting hotline or online form.

Sensitive Information

  1. Some personal information we collect may also be sensitive information. Among the most common forms of sensitive information we collect is in relation to religious beliefs and values. For example, we may seek information about your religious beliefs (including your assent to a statement of faith), the church you attend and your broader involvement in ministry activities, for the purpose of determining your suitability for election or appointment to a position. See further below in relation to health information.
  2. We will only collect sensitive information about you with your consent unless –
  • we are otherwise allowed or required by law to collect that information,
  • a reasonable permitted situation arises in accordance with the Australian Privacy Principles, or
  • the information relates to our activities and relates solely to members of the Anglican Church Diocese of Sydney or to individuals who have regular contact with us in connection with our activities.
  1. An example of where we are allowed by law to collect sensitive information without your consent is if a “Permitted General Situation” exists in relation to the collection of the information and it is impractical to obtain your consent to the collection.
  2. If you provide us with sensitive information about yourself which is necessary for the proper administration of the Diocese or the provision of our services, we will treat this as collection of such information with your consent.

Third Parties

  1. In most situations we collect your personal information directly from you. However, we may also collect information from third parties if it is impractical to collect it directly from you. An example is when we are investigating a complaint. Typically an investigator will gather information from a range of relevant witnesses without recourse to the person complained about. In other cases, we may collect information from a person you have authorised to deal with us on your behalf.
  2. We may also collect or receive personal information about you from another diocesan entity if the privacy policy of that entity permits the disclosure of the information to us. An example is the Archbishop’s Office and Diocesan Registry.
  3. We may also seek to collect information about someone else from you (for example, if you hold one of the positions listed in a paragraph above). However, you must not provide us with personal information about another person unless you have that person’s consent to do so, have told them that their personal information will be handled in accordance with this Privacy Policy and have told them where they can find a copy of this policy. We may also collect your personal information from publicly available sources.

Unsolicited personal information

  1. If we receive personal information about you that we have not requested (unsolicited personal information) we will generally, unless otherwise required or permitted by law, delete or destroy it as soon as practical after receiving it. If you provide us with unsolicited personal information about yourself we may retain this information if it is necessary for the proper administration of the Diocese, the provision of our services or to comply with our legal obligations, or we do so with your consent.

Collection of personal information required by law

  1. In certain circumstances we may be required or permitted by law to collect certain personal information about you. For example, we may need to collect your name, residential address, country of residence, date of birth, and other types of personal information to comply with our legislative obligations.

Consequences of not providing personal information

  1. You do not have to provide us with your personal information but if you do not provide us with the personal information that we need, we may not be able to provide services or assistance to you or continue to provide an existing service to you.

Use of personal information

  1. We only use personal information which we have collected for the purposes for which it was collected, related purposes that we consider to be within your reasonable expectations or as permitted or required by law.
  2. These purposes may include those set out in the Schedule.
  3. Personal information we collect or hold in connection with the Pastoral Care and Assistance Scheme will only be used or disclosed for the purpose of that scheme and related matters.

Disclosure of personal information

Disclose to other diocesan entities for the proper administration of the Diocese

  1. Any personal information provided to us may be disclosed to other entities of the Anglican Church Diocese of Sydney to enable the proper administration of the Diocese, except to enable an entity soliciting donations from you.
  2. We may also disclose your personal information to government bodies, regulators, law enforcement agencies and any other parties where authorised or required by law.

Disclosure to others

  1. We may disclose your personal information to third party service providers, agents or contractors from time to time if and to the extent this is reasonably necessary for us to provide a service you to you, or procure a service for you, which you have requested, or we are required by the Synod or the Standing Committee to provide or procure. If we do this, we generally require those parties to protect your personal information in the same way we do.
  2. We may also disclose your information to any other entities identified at the time of collecting your personal information or which you subsequently request or expressly consent to us providing with your personal information.

Disclosure to overseas recipients

  1. In general we do not disclose your personal information to any overseas recipients, although there may be some specific exceptions to this, for example if making an international transaction on your behalf. On such occasions we will seek your consent to disclose your personal information and will outline to you who it will be disclosed to and how it will be used by them.  

Sensitive information

  1. Any personal information that is sensitive information will only be disclosed in accordance with the preceding paragraphs where doing so is –
  • within the primary purpose of its collection,
  • a directed related secondary purpose and within your reasonable expectations,
  • with your consent, or
  • otherwise permitted by law.

Storage and Security

  1. We take reasonable steps to protect any personal information that we hold from misuse, interference and loss and from unauthorised access, alteration and disclosure. For example, we implement the following security measures –
  • security procedures for access to our internal office areas;
  • security procedures within our offices (including, locked cabinets and file rooms for personal information that is particularly sensitive);
  • Information Technology security procedures including password protection, firewalls, intrusion detection, cyber threat detection, vulnerability scanning, security permissions, file audit trails, and site monitoring; and
  • a requirement for all staff to maintain confidentiality except insofar as disclosure is reasonably necessary for the proper performance of employment duties (as outlined in workplace policies and/or employment contracts).
  1. Your personal information may be stored in a third-party data centre operated by Salesforce that is located overseas. We access this data through the Internet. Salesforce’s systems are subject to a number of internationally recognised privacy and security audits (see http://trust.salesforce.com).

Data Breaches

  1. We take seriously any unauthorised access to, disclosure, or loss of personal information (data breach). The Privacy Amendment (Notifiable Data Breaches) Act 2017 (Cth) requires us to let you know if your information is impacted by certain data breach incidents. We will communicate to you if we become aware:
  • there is unauthorised access to or disclosure of your personal information, or if your personal information is lost; and
  • there is a reasonable chance that this could cause you serious harm, which may include physical, psychological, emotional, economic or reputation harm; and
  • we have been unable to remedy the breach in a manner consistent with the Act.
  1. Sydney Anglican Services has a Data Breach Response Plan and may be required to communicate with the Office of the Australian Information Commissioner (OAIC).

Access

  1. You may access personal information we hold about you, subject to certain legal restrictions or exemptions. Where such restrictions or exemptions exist, we will advise you of those reasons at the time of your request.
  2. If you wish to access the personal information we hold about you or request that it be corrected or updated, you should contact our Group Privacy Officer using the contact details below.
  3. While we do not charge you for a request for accessing your personal information you should be aware that we may charge a reasonable fee (which will be notified to you once you make a request) for our time and expenses in the following circumstances –
  • if an extended amount of time is required to collate and prepare material for you; or
  • if you wish to have your files photocopied for you.

Quality of Information and Correction

  1. We take reasonable steps to ensure that the personal information we hold about you is accurate, complete and up-to-date. However, we also rely on you to advise us of any changes to your personal information in a timely manner.
  2. If there are any changes to your personal information or if you believe the personal information we hold about you is not accurate, complete or up-to-date or is misleading, please contact the Sydney Anglicans Group staff member responsible for our provision of services to you, or if you are unsure who this person is, our Group Privacy Officer using the contact details below, so that we can update our records accordingly. In some cases we may refuse to make changes in the manner requested by you, and in such case will provide you with a written notice that explains the reasons for our refusal. In such circumstances you may provide us with a statement in respect to the need for correction and ask us to associate the statement with the information in question.

Anonymity & Pseudonymity

  1. For most of our functions and activities we usually need your name and contact information and enough information about the particular matter to enable us to fairly and efficiently handle your inquiry, request, complaint or application, or to act on your report.
  2. However, if you desire to maintain anonymity in your interactions with us, we will make provision where reasonable to allow you to interact with us anonymously or to use a pseudonym. For example, if you contact us with a general question, we may opt to not ask for your name unless we need it to adequately handle your question.

Collection Of Information – Website

  1. Any public website we use for the purposes of our business is hosted in Australia. There are several ways in which we may collect information through our website:

Web Analytics

  1. We use Google Analytics to collect data about your interaction with our website. The main purpose of collecting your data in this way is to improve your experience when using our site. We also use this data to understand and report on which content pages and downloads are accessed by visitors. We generally do not use statistical analytics to track or collect Personally Identifiable Information of visitors to our site.

Cookies

  1. Cookies are small data files transferred onto computers or devices by websites for record-keeping purposes and to enhance functionality on the website. Most browsers allow you to choose whether to accept cookies or not. The information generated by the cookie about your use of the website (including your IP address) may be transmitted to Google. If you do not wish to have cookies placed on your computer, please set your browser preferences to reject all cookies before accessing our website.

Complaint Handling

  1. If you wish to make a complaint about a breach of this Privacy Policy or Australian Privacy Principles you can contact us using the contact details below.
  2. You will need to provide us with sufficient details regarding your complaint together with any supporting evidence.
  3. We will refer your complaint to our Group Privacy Officer who will investigate and determine the steps (if any) that we will undertake to resolve your complaint. We will contact you if we require any additional information from you and will notify you in writing of the outcome of the investigation within 30 days of the date your complaint is made or the date you provided us with any additional information.
  4. If you are not satisfied with our determination, you can contact us to discuss your concerns or complain to the Australian Privacy Commissioner via oaic.gov.au.

Changes to the Privacy Policy

  1. We may update this Privacy Policy from time to time so please review it periodically on the Sydney Anglicans website at https://orgs.sydneyanglicans.net/s/ for any changes.
  2. Your continued use of our services (including online services), requesting our assistance or the provision of further personal information to us (directly or via an authorised person) after this Privacy Policy has been revised, constitutes your acceptance of the revised Privacy Policy.

Contact us

If you have a query relating to this Privacy Policy or wish to make a complaint, please contact us using the following contact details –

The Group Privacy Officer

Sydney Anglicans

PO Box Q190

QVB Post Office   NSW 1230

Phone:    02 9265 1555

Email:     privacy@sydney.anglican.asn.au

Scroll to Top