Privacy Policy

Gallawah

Privacy Policy

1. Purpose and Scope

This Policy explains how Gallawah complies with the relevant Australian Federal, State and Territory Acts and Legislation in relation to the collection, use, disclosure and handling of your personal information.

This Policy does not apply to the collection or use of information about corporations.

2. Statement

Gallawah is an NDIS Registered Support Coordinator Provider. We provide services funded by both Federal and State Governments: and Commercial organisations. To enable you to access these services, there is a certain amount of data we are required to collect to support our funding.

We are committed to protecting the privacy of individuals who use our services. However, due to the nature of some of our services, it may be necessary for us to collect minimal personal data to facilitate our funding requirements and your safety.

3. Types of information we collect

3.1 Personal Information

Personal information that we collect and hold is information that is reasonably necessary for the proper performance of our functions and activities in providing remote professional Gallawah services.

While the type of personal information we collect and hold may vary depending on the nature of our interactions with you, we may collect the following information for every interaction

• Your phone number for telephone Gallawah and support
• Your IP Address for web-based Gallawah and support.

To facilitate the collection of your phone number, you may be required to call us from an unblocked number.

If you choose not to share this information with us, we may not be able to provide you with the Gallawah and support you need.

Additional information we may collect will generally include the following:

• your name, date of birth and address;
• e-mail addresses;
• username and passwords;
• comments and feedback;
• interests and communication preferences;
• other personal information collected to provide a health and Gallawah support service;

You may choose not to share any additional information with us; or alternatively, use a Pseudonym for your interaction with us.

3.2 Sensitive Information and Health Information

Subject to this Policy, we may also collect and hold sensitive information and/or health information disclosed by you, including (but not limited to):

• physical, mental or psychological health of an individual;
• a disability of an individual;
• sexual preference/gender identity
• political or religious views
• membership or affiliation with an industry union

4. Collection

We collect information only by fair and lawful means where it is reasonable and practicable to do so. We do so in order to conduct our organisation, effectively deliver our services, to provide accurate information to you, to market our goods and meet our legal obligations.

If you do not provide us with the information we reasonably request, we may not be able to provide the requested services in the most efficient manner possible, or at all. We also may not be able to provide you with the information about the services that you may want.

We may assign an identifier to your information that is generated by our client management system to facilitate de-identified storage of your information. This identifier is unique to Gallawah.

4.1 How We Collect Information

a) We collect information that you provide:

• when visiting our website at https://www.Gallawah.com.au
• in applications you lodge with us;
• during telephone, video, in-person, or online conversations with us;
• through transactions conducted with us; and
• in written correspondence to us (including email correspondence).

b) We also collect information provided by third parties when it is necessary for a specific purpose, such as checking information that you have given us or where you have consented, or would reasonably expect us, to collect your information in this way.

If it is unclear to us whether you have consented to the collection of information from a third party, we will take reasonable steps to contact you to ensure that you are aware of the reason and purpose of the collection.

c) We will also collect information about you if we are required to do so under Australian law. If so, we will inform you of this, where practicable, including details of the law requiring the collection.

d) We may also collect information about you from a range of publicly available sources including newspapers, journals, directories, the internet and social media sites

4.2 Internet usage

It is important that you understand that there are risks associated with the use of the internet and you should take all appropriate steps to protect your information. You can contact us by telephone or post if you have concerns about making contact via the Internet.

We may use cookies and web beacons when you visit our website (https://www.gallawah.com.au/) and, as a consequence, we may collect certain information from you such as:

• your browser type;
• your location;
• your IP address;
• information about when and how you use our website;
• your computer, device and connection information, such as browser type and version, operating system, mobile platform and unique device identifier and other technical identifiers; URL click stream data, including date and time, and content you viewed or searched for; and
• information about your past internet usage, such as websites you visit before coming to our website.

You can manage the use of cookies on our website (https://www.Gallawah.com.au) by clicking “help” on the toolbar in your internet browser. However, if you block the use of cookies, you may not be able to log in or make full use of our website.

4.3 Disposal

OTL shall have documented processes in place to facilitate the destruction of, or de-identification of personal and health information to prevent unauthorised access following retention periods. This shall be outlined in supporting ICT documents.

4.4 Unsolicited Information

Where we receive unsolicited information about you, we will check whether that information is reasonably necessary for our functions. If it is, we will handle this information in the same way we do other information we seek from you. If not, we will destroy or de-identify it.

5. Use

5.1 Personal Information

We may use and disclose your personal information for the primary purpose for which it is collected, for reasonably expected secondary purposes which are related to the primary purpose, and in other circumstances authorised by the relevant Federal, State or Territory Act or legislation that applies.

In general, we use and disclose your personal information to:

• conduct our organisation;
• provide our services to you;
• market our organisation and services;
• communicate with you and assist you with enquiries;
• comply with our legal obligations;
• help us manage and enhance our service standards;
• gain an understanding of your needs;
• respond to requests, inquiries, complaints or applications;
• update you on relevant new services and benefits;
• personalise the service and select content to be communicated to you;
• contact you regarding our services or other services from third parties;
• invite you to participate in surveys, sweepstakes, competitions and similar promotions;
• conduct website administration, such as for the technical support of our websites and computer systems;
• conduct data analysis and audits;
• identify usage trends and analyse the effectiveness of our promotional campaigns;
• prevent and detect security threats, fraud or other malicious activity;
• comply with our legal obligations, resolve disputes, and enforce our agreements.
  • establish an account for you; and
  • improve your online experience with us.

5.2 Sensitive Information and Health Information

We will not collect Sensitive Information and Health Information about you unless:

• we obtain your consent to collect and use such sensitive information and/or health information; or
• the sensitive information and/or health information is reasonably necessary for one or more of our functions or activities; or
• the collection of sensitive information and/or health information is required or authorised by or under an Australian law or a court/tribunal order; or
• a permitted general situation exists in relation to the collection of sensitive information by us; or
• a permitted health situation exists in relation to the collection of sensitive information by us.

If you do not consent to these Policy terms we may not be able to provide services to you.

5.3 GallawahServices and Consent

If you engage with any Gallawah service (by any means including, but not limited to, in person, by telephone, online chat, or video) you will be:

• informed that your interaction with us will be digitally recorded and electronically stored by us, which may include the collection of your information;
• informed that information you provide is subject to the terms of this Policy and where you can read this Policy; and
• provided with the opportunity to consent or not consent to these Policy terms.

If you do not consent to these Policy terms we may not be able to provide services to you.

5.4 Disclosure

We may disclose your information (including producing documents) to another person, entity, authority or government body if:

• we are required to do so by an Australian law;
• we are ordered to do so by a court/tribunal order; and/or
• there is an immediate or imminent risk of serious harm to you, an identified third party and/or the general public.
• you have disclosed to us that you or another person has engaged in, or is planning to engage in, suspected unlawful activity or serious misconduct.
• Where a permitted general or health situation exemption applies under the Federal Privacy Act 1988

Disclosure to Related Entities and Service Funders

We may disclose information to our related entities and service funders according to the contractual obligations of our service agreement with each of those affiliated organisations. Where practicable, this information will be de-identified.

Where we are required to disclose information to another entity, either as requested by you, or under a relevant Australian law, we will ensure the receiving entity is governed by an Information Privacy system equal to the relevant APP, IPP or HPP that applies to your information.

6. Marketing and Internal Use

We may use and/or disclose your information in order to:

• provide you with news and information about our services and our organisation generally;
• conduct Gallawah supervision and/or ongoing professional development (provided such information is de-identified);
• provide you with marketing and promotional material that we believe you may be interested in; or
• seek your feedback on our services.

Only with your express consent will we use or disclose information about you for the purposes of direct marketing. You can ask us not to do this at any time by contacting the Privacy Officer at Gallawahby email at admin@Gallawah.com.au. We will not sell your information.

7. Storage and Security

We take reasonable steps to protect your information against misuse, interference, loss, unauthorised access, modification and disclosure. The protective steps we take include:

• confidentiality requirements of our employees and subcontractors;
• limiting access to information to employees who have a need to use the information;
• educating our employees in relation to obligations under the relevant Federal, State and Territory Acts and legislation and ethical codes of conduct for health practitioners;
• document and file storage security policies;
• security measures for restricted access to our systems; and
• deletion, destruction or de-identification of information where it is no longer required by us.

8. Correction

We aim to ensure that the information we hold is accurate, complete and up-to-date. We encourage you to contact us in order to update any information we hold about you. Our contact details are set out at the end of this Policy.

If you contact us regarding an apparent inaccuracy in relation to your information and we are satisfied that the information is inaccurate, out-of-date, incomplete, irrelevant or misleading, then reasonable steps will be taken to correct the information within 30 days, or a longer period as we agree with you in writing.

We will not charge you for a correction.

If we determine that the correction is not required, we will provide you with written notice stating the reasons why the correction was not made and refer you to our complaints procedure.

If a correction is made to any information that was previously disclosed to a third party, as long as it is reasonable to do so, we will give each such recipient written notice of the correction within a reasonable period. We will also notify you that the correction has been made.

9. Access to your Information

You are entitled to access the information held by us.

If you wish to access your information, you must lodge a written request for access by contacting the Privacy Officer at Gallawah by email at admin@Gallawah.com.au.

Your request must contain your name and address, the contact number you used to access our services, sufficiently identify the information you wish to access and provide your authority if requesting information on behalf of another person.

We may charge a fee to cover our reasonable costs in meeting an access request. You will be provided with access to the information within 30 days of the request (unless unusual circumstances apply).

We are not required to give you access to your information if:

• it would be unlawful to do so; or
• denying access is required or authorised by an Australian law or a court/tribunal order; or
• to do so would likely prejudice one or more enforcement-related activities conducted by, or on behalf of, an enforcement body.

If we do not give you access to your information you will receive written notice that explains the reason for the refusal.

10. Complaints

Complaints about alleged breaches by us of a relevant Australian Federal, State or Territory Act, legislation related to Information Privacy, or this Policy can be made by contacting the Privacy Officer at:

Email: admin@Gallawah.com.au
Telephone: 0419 699 917

If you do not consider that your privacy complaint has been adequately dealt with by us, you may make a further complaint to the following commissions;

• Office of the Australian Information Commissioner, which has complaint-handling responsibilities under the Federal Privacy Act,
• the Victorian Health Complaints Commissioner, which has complaint-handling responsibilities under the Health Complaints Act 2016 (Vic) or the
• New South Wales Privacy Commissioner, which has complaint handling responsibilities under the Health Records and Information Privacy Act 2002 (NSW).

11. Access to this Policy

This Policy will be reviewed from time to time to take account of new laws and technology, changes to our operations and practices and the changing environment that our organisation operates in.

The most current version of this Policy will be uploaded to our website at https:// http://www.Gallawah.com.au/privacy-policy/ or can be obtained by contacting the Privacy Officer: as above.

12. Further Information

If you have any questions about privacy-related issues, please contact the Privacy Officer.

For further information about privacy, the protection of privacy and credit reporting can also be found on visit the Office of the Australian Information Commissioner’s website at www.oaic.gov.au.

13. References/Related Documents

• Australia Government Australia Law Reform website https://www.alrc.gov.au/publications/2.%20Privacy%20Regulation%20in%20Australia/state-and-territory-regulation-privacy
• Department of Premier and Cabinet PC 012 Information Privacy Principles Instructions SA Feb 2017
• Freedom of Information Act 1982 Cwth
• Freedom of Information Act 1992 WA
• Health Quality and Compliance Commission Act 2006 QLD
• Health Records (Privacy and Access) Act 1997 ACT
• Health Records Act Vic 2001
• Health Records and Information Privacy Act 2002 NSW
• Health Services Act 1991 QLD
• Information Act 2002 NT
• Information Privacy Act Vic 2000
• Information Privacy Bill 2007 WA
• Information Standard 42 QLD
• Mental Health Act 2014
• Office of Australian Information Commissioner – https://www.oaic.gov.au/
• Personal Information Privacy Act 2004 Tas
• Privacy Act 1988 (National) – includes Australian Privacy Principles
• Privacy Act 1988 Cwth
• Privacy Amendment Act 2012 Cwth
• Privacy and Personal Information Protection Act 1988 NSW
• State Records Act 2000 WA
• The Records Information Privacy Act NSW
• Victorian Government Health website – https://www2.health.vic.gov.au/

14. Definitions

APPs means the Australian Privacy Principles introduced under the Privacy Act.

Information is used in this Policy to describe Personal Information, Sensitive Information and Health Information collectively.

IPP means the Information Privacy Principles under relevant Federal, State or Territory legislation.

Health Information is defined in the Health Records Act 2001 (Vic) and the Health Records and Information Privacy Act 2002 (NSW) as applicable.

HPP means Health Privacy Principle under relevant Federal, State or Territory Act or Legislation.

Personal Information means information or an opinion about an identified individual, or an individual who is reasonably identifiable:

• whether the information or opinion is true or not; and
• whether the information or opinion is recorded in a material form or not.

Privacy Act means the Privacy Act 1988 (Cth) as amended from time to time.

Sensitive Information is defined in the Privacy Act to include things such as race, sexual orientation, political opinions, members of a trade association or trade union, criminal record or health information.