genU, and its related entities (“we”, “our”, “us”) recognise the importance of protecting the right to privacy of the individuals with whom we engage (“you, your”).
The Commonwealth Privacy Act (“Act”), Victorian Health Records Act and other laws and contractual obligations limit how your personal information can be collected, used and disclosed. Under the Acts, “personal information” is any information or opinion that can identify you.
What personal information do we collect and hold?
We only collect personal information that is reasonably necessary to conduct our functions and activities.
Our functions and activities include disability, mental health, aged care, education and training, accommodation support, employment services, retirement village services, fund raising events and corporate operations.
We collect personal information from our clients and their families or guardians, suppliers and contractors, members, employees, volunteers and other contributors to the organisation.
The types of personal information we collect may include:
- health information
- mailing and street addresses
- email addresses, telephone numbers, social media and other telecommunications identifiers
- age and birth date
- lifestyle factors such as cultural background and individual life goals and plans
- sensitive information
- banking details
- profession, occupation or job title
- internet cookies about your experience with our website or intranet.
How do we collect your personal information?
You may choose not to identify yourself when you engage with us but, generally, you will need to provide your personal information where you wish to be involved in our functions or activities.
When we collect your personal information, we will take reasonable steps to tell you why the information is collected, where it is stored, to whom it is usually disclosed and any law requiring the collection.
We may collect personal information from you:
- during conversations with you about our functions and activities
- when you apply for, or engage in, one of our functions or activities
- through your access to, and use of, our Web site or intranet.
Unless it is unreasonable or impracticable to do so, we will collect your personal information directly from you and seek your consent to use and disclose it for a primary purpose.
Where it is unreasonable or impracticable to obtain your consent, we may collect your personal information from someone else such as:
- a responsible person such as your family member, a carer or guardian
- other organisations, government agencies or law enforcement bodies that we engage with regarding our functions and activities in relation to you.
If we receive your personal information from someone else without asking for it, and:
- we could not have collected the personal information ourselves or it is contained in a Commonwealth record, we will (if lawful) destroy it or ensure that it is de-identified
- we could have collected the personal information ourselves, we will handle it as though we had collected it in accordance with this Policy.
We may also collect your personal information without your consent in other cases such as where:
- we think it is necessary to lessen or prevent a serious threat to a person’s life, health or safety
- we suspect that unlawful activity or serious misconduct has occurred in relation to our functions or activities
- we think it is necessary for legal proceedings in a court or tribunal or a confidential alternative dispute process such as mediation.
How do we collect sensitive information?
“Sensitive information” is a special type of personal information which includes racial and ethnic information, religious beliefs, sexual orientation or practices and health information.
Health information includes information or an opinion about your:
- mental health
- health preferences and use of health services
- genetics and biometric information.
In general, we will not collect your sensitive information unless you have consented and the information is reasonably necessary for, or directly related to, our functions or activities or the collection is required by law.
However, we may also collect your sensitive information without your consent where we provide you with a health service or where, as a non-profit organisation, we have regular contact with you in relation to our functions or activities and the information relates to those functions or activities.
How will we use and disclose your personal information?
We will only use or disclose your personal information for our functions or activities, including sending you information about those things. We will not share, sell, rent, use or disclose your personal information other than as described in this Policy.
How can you access and correct your personal information?
You may access your personal information held by us on request. However, if one of the grounds allowed under the Act for refusing access exists, we may not allow access.
Where we provide you with services under a contract with a government department or agency, you may also be able to request information via a Freedom of Information request.
If you advise us that personal information we hold about you is incorrect, incomplete, inaccurate or irrelevant, we will amend it unless one of the grounds for refusal allowed under the Act exists.
Do we send your personal information outside Australia?
We will not disclose the personal information that we collect or hold to any overseas recipients.
How to make a privacy complaint:
If you believe that your privacy has been breached, please contact us using the contact information below and provide details of the incident so that we can investigate it.
If you believe that your privacy has been breached, or you wish to access or correct your personal information or you wish to make an FOI request, please phone us on 1300 558 368 or via the webmail form here: https://www.genu.org.au/contact/.