Personal Information: Personal information is information or an opinion (including information or an opinion forming part of a database) from which it is possible to determine someone’s identity.
Personnel: Any person working at the DIAA and functioning as a member of the DIAA.
Records: Information (such as enrolment information, attendance sheets, assessments, email correspondence, participation notes, training records, and certification documents) relating to the
individual or company and may be retained by the DIAA in all forms (hard copy, electronic, audio tapes, photographs, and databases). It also includes standard reports that include name and/or identification numbers, attendance lists, labels and electronic records that contain some information not retained as a hard copy.
Sensitive information: Sensitive information is a type of personal information that also includes information or an opinion about someone’s:
- racial or ethnic origin.
- political opinions.
- membership of a political association, professional or trade association or trade union.
- religious beliefs or affiliations or philosophical beliefs.
- sexual preferences or practices.
- criminal record; or
- health, genetic information
Collection of Information
The information collected by the DIAA about a person will vary depending on the circumstances of collection. It may include, but is not limited to, a person’s name, email and/or postal address, phone number, date of birth, gender, credit card details, driver’s license number, insurance details, employment history, accreditations, or communication history with the DIAA.
If we think it is reasonably necessary for the circumstances, we may also collect sensitive information such as a person’s medical history, their ethnic background, or disabilities.
Collection from Third Parties
There will be occasions when the DIAA collects information directly from a person and other occasions where the information is collected from third parties.
Information may be collected from a person when the individual:
- applies for membership.
- renews a membership.
- enrols in a DIAA training course or event.
- commences an online education module.
- participates in one of the DIAA’s programs.
- subscribes to any publication of the DIAA, including electronic publications.
- voluntarily provides details to the DIAA.
- accesses the DIAA website.
- participates in any program, activity, competition, or event run by the DIAA.
- is elected/appointed to the Board or a committee of the DIAA.
- is contracted to deliver services to the DIAA or is employed by or volunteers for the DIAA; or
- where the DIAA is required to do so by law,
including where these activities are undertaken by the DIAA (or on its behalf) in countries other than Australia.
The DIAA will, before or at the time of collection, take reasonable steps to ensure that person is aware of:
- the purpose or purposes for which the information is collected.
- the organisations or type of organisations to which the DIAA usually discloses information of that kind; and
- whether the DIAA is likely to disclose the information to overseas recipients.
Why does the DIAA collect and use personal and sensitive information?
The DIAA, and third parties to whom we may disclose personal information in accordance with this
- verify your identity.
- administer the DIAA ‘s membership scheme.
- report information to the government (both State and Federal) where government agencies or departments which have provided the DIAA with funding.
- research, develop, run, administer, and market conferences, programs, awards, activities and other events relating to education and professional development.
- research, develop and market products, services, merchandise and special offers made available by us and third parties.
- respond to emergency situations involving or requiring medical treatment.
- administer, manage and provide you with access to diaa.asn.au, including for online learning, to use our self-service portal and for other IT based applications; and
- keep you informed of news and information relating to various events and programs via various mediums.
The DIAA may use health information to ensure that programs we operate are run safely and in accordance with any special health needs participant may require. Health information may also be kept for insurance purposes. In addition, we may use de-identified health information and other sensitive information to carry out research, to prepare submissions to government, or to plan events and activities.
The DIAA may collect information about race or ethnic origin and use or disclose such information to those third parties identified in the list below for statistical purposes about its courses and activities. You are not required to provide this information (when it is requested) and if you do not do so your membership or participation in any DIAA activity will not be affected.
Information Storage and Protection
The DIAA stores information in different ways, including in paper and electronic form
The DIAA may disclose your personal information but will de-identify the complainant/ appellant details prior to its disclosure to third parties where required by the law to a range of organisations. This includes but not limited to:
- organisations involved in the dairy industry.
- companies we engage to carry out functions and activities on the DIAA ‘s behalf, including direct marketing (refer to direct marketing section below)
- individuals or organisations seeking verification of your DIAA membership or related matters.
- our professional advisers, including our accountants, auditors, and lawyers.
- our insurers.
- Federal and State Government Departments
- other circumstances permitted by law. (Refer to other disclosures below)
In some circumstances, personal information may also be disclosed outside of Australia. In such circumstances, the DIAA will use its best endeavours to ensure such parties are subject to a law, binding scheme or contract which effectively upholds principles for fair handling of the information that are suitably similar to the Australian Privacy Principles. Where the DIAA conducts training or operations in other countries, it may disclose personal information to relevant industry associations in those countries.
The DIAA must obtain confidentiality agreements from both internal staff and third parties prior to distributing personal information, in order to make sure verbal and written disclosure of sensitive client information is managed appropriately.
- Staff will be governed by the staff handbook and signing of their relevant employment contracts
- Contractors will be governed by signing of their relevant contracts
- Third parties will be required to sign their respective contracts and confidentiality agreements
In addition, the DIAA may also disclose personal information:
- with your express or implied consent.
- when required or authorised by law.
- to an enforcement body when reasonably necessary; or
- to lessen or prevent a threat to an individual or public health or safety.
The DIAA Website
Websites linked to the DIAA website are not subject to the DIAA ‘s privacy standards, policies, or procedures. the DIAA cannot take any responsibility for the collection, use, disclosure, or security of any personal information that you provide to a third-party website.
We will assume consent to use non-sensitive personal information to provide better services and for marketing purposes (including disclosure of such information to service providers).
Every person whose data is collected by the DIAA has the option to refuse e-mail, SMS or posted offers from the DIAA by making a request in writing to the DIAA ‘s Privacy Officer via the contact details set out below, or by making use of the opt-out procedures included in any communications from us (however, information relating to the option to unsubscribe from those communications may be retained).
Accessing and seeking correction of information held by the DIAA
The DIAA will take all reasonable steps to ensure that the personal information it collects, uses, or discloses is accurate, complete and up to date.
We encourage all users to regularly review and update their personal information on the online database and via the “Member Login” link on the DIAA Webpage.
Individuals may also request access to their personal information held by us by making a request via the contact details set out in the procedure.
Resolving privacy issues and complaints
Any issues or complaints in relation to the collection, use, disclosure, quality, security of and access to your personal information may be made by contacting firstname.lastname@example.org
We will respond to your complaint within 30 days and try to resolve it within 60 days. If we are unable to resolve your complaint within this time, you will be contacted on weekly basis thereafter until the matter is resolved. If you are unhappy with the outcome, you may follow the appeals process, or you may contact the Office of Australian Information Commissioner via its enquiries line 1300 363 992 or website http://www.oaic.gov.au/ to lodge a complaint.
The DIAA CEO is firstly responsible to ensure that all the current Standards for the Privacy Principles are met. DIAA personnel are responsible for ensuring that members and non-members are aware of how the information they provide is managed, used, and stored as part of the DIAA’s Privacy and Records Management Policy and Procedures.
No additional reporting is required
Staff must maintain all records relevant to administering this policy in a recognised the DIAA’s recordkeeping system.
Terms not defined in this document may be in the DIAA’s glossary.
RELATED LEGISLATION REFERENCES AND DOCUMENTS
Related legislation, publications, and key documents: