Shelter NSW respects and upholds your right to privacy protection under the National Privacy Principles in regulating how we collect, use, disclose and hold your personal information (see Schedule 3 of the Commonwealth Privacy Act 1988). We are not covered by this Act (because our annual turnover is too small), but we implement the National Privacy Principles as good practice.
Our funding agreement with Housing NSW requires that we comply with:
- the Information Protection Principles as set out in sections 8–19 of the NSW Privacy and Personal Information Protection Act 1998; and
- the Health Privacy Principles as set out in Schedule 1 of the NSW Health Records Information Privacy Act 2002.
Our policy on data collection, storage, access, use and disclosure is fully contained in this document, which is a public document.
- Collection: We collect data lawfully, directly from the people concerned (unless consent is otherwise provided) and openly (by informing people what data we are collecting and why), and we collect data that is relevant, accurate, not excessive and up-to-date.
- Storage: We store personal information securely and only for as long as is necessary, and we dispose of personal information appropriately.
- Access: We allow people to access their personal information without unreasonable delay or expense; we allow people to update, correct or amend their personal information where necessary; and we will destroy personal information no longer in use upon request.
- Use: We ensure that personal information is relevant and accurate before using it, and we only use the personal information for the purpose for which it was collected.
- Disclosure: We only disclose personal information where the person has given their consent.
We use personal information in the course of our general business activities and activities concerning our member register, email addresses and email lists, social research, our website and employee records. Our specific practices in these areas are outlined below.
General business practice
Shelter NSW collects names and addresses because it is necessary for activities of its business to do so.
We will not sell, rent or otherwise pass on to any third party the contact details voluntarily given by customers or research subjects. We will give the contact details of an individual member or stakeholder to someone requesting it from us only where we have a firm reason to believe that the person would not object to us doing so.
We keep records up-to-date and delete inaccurate records from them, on an ongoing basis. We do not use numeric identifiers for any individual, though our email list takes the form of an electronic database that is generated by our website and that auto-generates a record number.
We protect contact data we hold from misuse and loss, and from unauthorized access, modification or disclosure. We use the latest versions of anti-virus software, and we update virus definitions on a weekly basis to minimize the chance of email address lists being raided by hackers. Individuals may choose not to identify themselves when entering into transactions with us, by, for example, using a pseudonym.
We will not transfer personal information about an individual to anyone outside Australia. We collect no sensitive information on individuals (such as information about religion or political affiliation).
We are required, as an incorporated association under the NSW Associations Incorporation Act 2009, to keep a register of members. Shelter NSW’s constitution requires the register to show the name, address, date of commencement of membership, and date of termination of membership, for each member. This member register is in an electronic database program that auto-generates a record number. A member may view their record on-screen during office hours or get a printout of their record, by arrangement with the Executive Officer.
Email addresses and email lists
We keep email address lists for distribution of information to members and stakeholders. These lists are only used to notify members, subscribers and addressees of Shelter NSW activities and information on housing issues.
The Commonwealth Spam Act 2003 (section 16) prevents Shelter NSW from sending emails to people (members, customers and other stakeholders) about the services we provide where those emails are not solicited by the recipient.
No one is added to our email lists unless they request it. We include an ‘opt in’ checkbox on our membership/subscription application/renewal form and the registration forms for events. We do not harvest other people’s email lists to gather email addresses for our email lists or records.
In line with the Spam Act (sections 17–18), the emails that we send about our services include Shelter NSW’s name, street address and phone number. They also give an email address which the recipient can use to unsubscribe from the email list.
Our email lists are not available for promoting activities of third parties: we reject requests of other persons, corporations or organisations to email notices of their events directly to people on our email lists.
Bulk emails to members, customers and others are sent utilising our email software’s ‘BCC’ (or ‘blind carbon copy’) facility so that recipients’ email addresses are not revealed.
When Shelter NSW undertakes social research we prepare a project information statement. This includes information on the project aims; how a respondent is being asked to participate, for example, an interview/focus group; matters that will be covered in an interview/focus group; how the research data/findings will be used; and anonymity and confidentiality. This statement is given to all participants (research subjects/respondents).
Respondents may choose not to have quotes attributed directly to them, in analyses that use research data. If they choose not to be so identified, giving them a coded identity in transcripts will protect their identity, so that if they are quoted, the quote is attributed to this coded identity. However, a respondent might be able to identify anonymously coded pieces of text in reports and papers, even where their identity is disguised. Consequently, we cannot guarantee their anonymity.
Information given by respondents is treated as confidential unless consent is given to the contrary. We guarantee the confidentiality of data in terms of security of access and storage, as distinct from use in reports, conference papers and journal articles. Once (if) transcription has occurred, an audiotape will be erased. Any names used during an interview will be replaced by pseudonyms. Contact details will be kept separately from a transcribed interview. Computer files will be kept secure and accessible only to the researcher. If an interview is transcribed, a respondent will have the option of viewing it. If they choose to view the transcript, they may make changes to it within a three-week period. After they view and return a transcript, they will no longer be consulted about direct quotations from the interview.
The web server for Shelter NSW’s website automatically collects data about visitors’ use of the site – as most web servers do. This data consists of general information about things like time spent on each session, browser types, referring domains, referring search engines, and the continents of visitors’ network locations. The data is aggregated for all visitors – the reports Shelter NSW receives do not identify the activities of any particular individual on the site.
Activities on the website may require the creation of a session-based cookie on the user’s computer. The purpose of these cookies is to improve the user experience and to assist them as they use features of the website. These cookies do not collect or return personal information to the website.
No data on individual visits or visitors to the site are given to any partner, sponsor, client or other third party, in any circumstance. The Shelter NSW website has links to other websites. We are not responsible for the privacy practices or the content of those sites.