AIM Qld & NT Privacy Policy

Privacy Act 1988 (Cth)
 Effective 13 December 2001

Table of Contents

Overview

The Australian Institute of Management - Qld & NT (AIM) - ABN 40 009 668 553 - has handled Personal Information in relation to membership, events and training for over 60 years and has been pro-active and committed to developing policies and procedures to protect the privacy of all clients. AIM see this is an essential measure in delivering superior customer service and consequently has implemented Information Technology infrastructure to effectively manage privacy requirements.

AIM has introduced a compliance program in order to comply with the Privacy Act, effective 21 December 2001. Relevant policies and procedures have been developed and consolidated with the aim of improving awareness of and regulating access to all information.

The AIM Privacy Policy seeks to:

  • Ensure Personal Information is collected, stored, and used in accordance with the Privacy Act 1988 (Cth)
  • Acknowledge the responsibility of AIM in ensuring that client information is protected
  • Protect the privacy of clients by ensuring that only relevant Personal Information, which is necessary to provide products and services, is collected
  • Ensure that all Personal Information collected, used or disclosed is accurate, complete and up-to-date
  • Obtain consent to collect sensitive information
  • Take reasonable steps to make an individual aware of
    • Why we are collecting information about them
    • Who else we might give it to
    • Other specified matters
  • Destroy or permanently de-identify Personal Information if we no longer need it for any purpose for which we may use or disclose information

Purpose

AIM recognises the importance of privacy and security of personal details of all members, non-members and delegates. The following Privacy Policy indicates the minimum privacy standards for handling Personal Information, in relation to internal and external practices. The following Policy aims to protect and provide absolute privacy and quality assurance for all clients.

Scope

This document sets out the Policy of AIM to comply with the guidelines issued under section 27 (I) (e) of the Privacy Act and the 'National Privacy Principles' (NPPs) effective 21 December 2001.

The Privacy Officer will handle any privacy complaints and if no resolution is reached, the complaint will be forwarded to the Chief Executive Officer for further action.

Personal Information means "personal information" as defined in the Privacy Act 1988 (Cth).

This information may include details such as an individual's name, address, billing information, contact telephone number, email address or photograph.

AIM products and services means any product or service, provided to AIM members, non members and delegates in the normal course of AIM's functions and activities.

This can be an activity performed in relation to an individual that is intended or claimed (expressly or otherwise) by the person performing it to:

  • Assess, record and maintain personal contact details for marketing of upcoming events and training to members, non members, delegates and outside service providers;
  • Develop and continue our relationship with members, non-members, delegates and outside service providers.

Approved Third Parties are our Related Entity (TheCyberInstitute Pty Ltd ACN 094 916 917), our Associated Entities (AIM National and other corporate divisions of the Australian Institute of Management) and Outside Service Providers (including course facilitators, mentors, publishers and printers, judges, researchers and other similar service providers to AIM). We have taken reasonable steps to ensure that Approved Third Parties only handle Personal Information in accordance with the National Privacy Principles.

Breach

Discipline for Breach of the Privacy Policy
All incidents of breach in relation to this policy must be reported to the Privacy Officer in the first instance.

Breach of this policy by AIM employees will result in disciplinary action, and may result in summary dismissal.

Confidentiality

Unauthorised disclosure of AIM information including the misuse of intellectual property belonging to AIM is prohibited and may result in termination of employment.

AIMPP1: Collection

All information collected by AIM is for the purpose of providing a high quality service for all AIM members, non members and delegates.

1. When collecting Personal Information, AIM will take reasonable steps to inform the individual of the following:

  • The identity of AIM and its contact details
  • How the individual may obtain access to his or her Personal Information
  • Purposes for which the Personal Information is collected
  • To whom the Personal Information will be disclosed
  • What the consequences may be (if any) if the individual does not provide all of their Personal Information requested

2. AIM's information collection principles state:

  • Only Personal Information necessary to provide one or more of its functions or activities is collected
  • The collection of Personal Information should be conducted in a lawful and fair manner (approach taken is open and not misleading), and in a way that is not unreasonably intrusive
  • If it is reasonable and practicable to do so, collect Personal Information about an individual only from that individual
  • If Personal Information is collected about an individual from someone else, take reasonable steps to ensure that the individual is or has been made aware of the matters listed in 1 above

AIM does not actively collect Personal Information which is "sensitive information" (as defined in the Privacy Act 1988) but may collect "sensitive information" by consent if it is volunteered.

AIMPP2: Use and Disclosure

The following guidelines apply for use and disclosure of information:

Purpose of Collection

  • The 'primary' purpose for collection of data is always made clear.
  • Consent for secondary purposes may be obtained at the same time of gathering information for the primary purpose or by future call/contact.

Direct Marketing & Follow-up

Your Personal Information may be used for secondary purposes.

  • Secondary purposes include:
    • Direct marketing
    • Follow-up
    • Relationship development
    • Promotion of AIM and journal publications
  • If the information is used for secondary purposes, both of the following apply:
    • The secondary purpose relates to the primary purpose of collection, and if the Personal Information is sensitive information, directly related to the primary purpose of collection
    • The individual would reasonably expect the organisation to use or disclose the information for the secondary purpose
      or
  • The individual has consented to the use or disclosure
    or
  • If the information is not sensitive information and the use of the information is for the secondary purpose of direct marketing to non members:
    • It is impracticable for AIM to seek the individual's consent before that particular use
    • The individual has not made a request to the organisation not to receive direct marketing communications
    • AIM's procedures and guidelines on direct marketing are complied with.

AIMPP3: Data Quality and Security

AIM will take all reasonable steps to ensure that Personal Information is accurate, complete and up-to-date at time of use.

Data Quality Procedure
Procedures undertaken to ensure data quality include:

  • Online Member Profile Update forms
  • Verification of Personal Information during contact
  • Compliance Program procedures

Information Security
AIM has implemented the following security safeguard and procedures to ensure individuals' Personal Information are restricted from;

  • Misuse
  • Loss
  • Unauthorised access, modification or disclosure

Security of Data
Security safeguard presently in place includes:

  • Network access classes defined on a per user basis with access level based on a 'need to know' basis
  • General Ledger Access specified
  • Ability to lock-out all users
  • Physical database server is kept in a locked, temperature controlled room
  • Confidential documents are stored nightly in a lockable physical security area
  • Data is archived securely
  • Unique individual passwords for members and delegates

AIMPP4: Openness

AIM will provide on request a Privacy Statement information sheet outlining AIM's Privacy Policy.

Privacy Statement
The Privacy Statement outlines:

  • That the organisation is bound by a NPP's approved by the Office of the Federal Privacy Commissioner - September 2001
  • The reason certain types of information is collected
  • Anonymity and consequences
  • Contact details of the organisation

If further information is requested, the individual is directed to the AIM Qld & NT website at www.aimqld.com.au or to Dana Kennedy AFAIM, Privacy Officer, on 07 3227 4888 or email privacy@aimqld.com.au.

Access to personal information is provided by the Privacy Officer.

AIMPP5: Access and Correction

AIM understands that open communication with individuals in relation to access to Personal Information is necessary to gain trust and to build a relationship.

In relation to the AIM Privacy Policy, giving access means that on request, and if none of the NPP exceptions apply, AIM must give an individual access to personal information, it holds about the individual that falls within the definition of "Personal Information". This includes information it has collected from third parties and information it has received unsolicited and added to its records.

According to AIM Privacy Policy when individuals request information:

  • They are not required to provide a reason
  • All official requests for information must be in writing
  • An identity check is undertaken
  • Information is checked to ensure no information should be withheld (according to the Privacy Act.
  • Where access to certain details is to be withheld, reasons for this decision will need to be provided to the individual
  • Once the Personal Information is prepared and cleared for access, the information can be provided in the form most appropriate to the situation. This will take into account the wishes expressed by the individual in his or her original request.

The total time for processing a request for access to information will take no longer than 28 days from the time a request is received.

A fee of $10 per hour (or part thereof) plus GST for the time taken to provide access plus a fee of $1 plus GST per page printed or reproduced in providing personal information will be charged.

AIMPP6: Identifiers

In this Privacy Policy:

Identifier includes a number assigned by an organisation to an individual to identify uniquely the individual for the purposes of the organisation's operations. However, an individual's name or ABN (as defined in the A New Tax System (Australian Business Number) Act 1999) is not an identifier.

AIM does not employ as an identifier for an individual any identifier that has been assigned by:

(a) an agency; or
(b) an agent of an agency acting in its capacity as agent.

AIMPP7: Anonymity

The provision of your Personal Information is voluntary, but if this information is not provided AIM may not be able to provide you with the products or services you request.

AIMPP8: Transborder Data Flows

AIM will only transfer Personal Information about an individual to someone (other than the organisation or the individual) who is in a foreign country if:

  • The organisation reasonably believes that the recipient of the information is subject to a law, binding scheme or contract which effectively upholds principles for fair handling of the information that are substantially similar to the National Privacy Principles; or
  • The individual consents to the transfer; or
  • The transfer is necessary for the performance of a contract between the individual and the organisation, or for the implementation of pre-contractual measures taken in response to the individual's request; or
  • The transfer is necessary for the conclusion or performance of a contract concluded in the interest of the individual between the organisation and a third party; or
  • All of the following apply:
    • The transfer is for the benefit of the individual
    • It is impracticable to obtain the consent of the individual to that transfer
    • If it were practicable to obtain such consent, the individual would be likely to give it

The organisation has taken reasonable steps to ensure that the information, which is transferred, will not be held, used or disclosed by the recipient of the information inconsistently with the National Privacy Principles.

Queries

Any Privacy-related queries should be addressed to:

Dana Kennedy AFAIM
Privacy Officer
Australian Institute of Management - Qld & NT

Phone 07 3227 4888
Fax 07 3832 2497
Email privacy@aimqld.com.au