PURPOSE OF POLICY
The purpose of this document is to provide a framework for Ngaoara in dealing with privacy considerations.
- The board of Ngaoara is committed to protecting the privacy of personal information which the organisation collects, holds and administers. Personal information is information which directly or indirectly identifies a person.
- In carrying out Ngaoara’s functions and activities, it collects personal and/or health information from staff, students and third parties. It is the responsibility of Ngaoara to ensure that the overall management of that information, which includes collection, storage, access, use and disclosure, complies with Australian privacy laws.
- The purpose of this policy is to facilitate Ngaoara’s compliance with the Privacy Act 1988 (NSW) (“Act”) and other relevant privacy laws, including but not limited to regulations, statutory guidelines, codes of practice and privacy directions.
- Ngaoara collects and administers a range of personal information for the purposes of its campaigns. The organisation is committed to protecting the privacy of personal information it collects, holds and administers.
- Ngaoara recognises the essential right of individuals to have their information administered in ways which they would reasonably expect – protected on one hand, and made accessible to them on the other. These privacy values are reflected in and supported by our core values and philosophies.
- Ngaoara is bound by laws which impose specific obligations when it comes to handling information. The organisation has adopted the following principles contained as minimum standards in relation to handling personal information:
• Collect only information which the organisation requires for its primary purpose;
• Ensure that stakeholders are informed as to why we collect the information and how we administer the information gathered;
• Use and disclose personal information only for our primary purposes or a directly related purpose, or for another purpose with the person’s consent;
• Store personal information securely, protecting it from unauthorised access; and
• Provide stakeholders with access to their own information, and the right to seek its correction.