All officers, directors, employees and volunteers of Red Frogs USA are required to comply with the Policy and may be given restricted access to personal information solely to fulfill the purposes as set out in this Policy.
All other persons or organizations who act for, or on behalf of, Red Frogs USA are also required to comply with the principles and the Policy and may be given restricted access to personal information solely to fulfill the purposes as set out in this Policy.
Principle 1 - Accountability
Red Frogs USA is responsible for personal information which we collect, use or distribute and any personal information in our custody or under our control.
Red Frogs USA has appointed Judy Hearn as the Privacy Director who will be responsible for overseeing the Policy as well as any inquiries, requests or concerns relating to privacy matters. The Privacy Director may, from time to time, designate one or more individuals within Red Frogs USA to act on her behalf.
Principle 2 - Identifying Purposes
Red Frogs USA is committed to ensuring that the purposes for which personal information is collected, used, or disclosed are identified and are reasonable and appropriate in the circumstance.
Red Frogs USA will only collect personal information from employees, volunteers, candidates, donors and contacts that is necessary to fulfill the following purposes:
- To verify identity
- To assess ongoing suitability for employment and/or licensing
- To identify individual preferences
- To understand individual needs
- To provide requested products and services
- To inform regarding Red Frogs USA priorities, policies and practices
- To make contact for fundraising
- To meet government requirements
- To facilitate historical research
Principle 3 - Consent
Red Frogs USA will obtain express consent of employees, volunteers, candidates, donors and contacts to collect, use or disclose personal information wherever possible and appropriate, and ensure the individual can reasonably understand why and how the information will be used when it is given. Seeking consent is inappropriate where the individual is under 16 years of age, and may be impossible where the individual is seriously ill, or mentally incapacitated.
Consent can be implied where the purpose for collecting using or disclosing the personal information would be considered obvious and the employees, volunteers, candidates, donors and contacts voluntarily provides personal information for that purpose.
In general, the use of products and services by an employee, volunteer, candidate, donor or contact, or the acceptance of employment or benefits by an employee, constitutes implied consent for Red Frogs USA to collect, use and disclose personal information for all identified purposes. Consent may also be implied where employees, volunteers, candidates, donors and contacts are given notice and a reasonable opportunity to opt-out of his or her personal information being used for certain purposes and the employee, volunteer, candidate, donor or contact does not opt-out. Individuals may withdraw their consent at any time subject to legal or contractual notice, by providing reasonable notice to Red Frogs USA of their intent to withdraw their consent.
The following are examples of when we may collect, use or disclose the personal information of an employee, volunteer, candidate, donor or contact without their consent:
- When the collection, use or disclosure of personal information is permitted or required by law;
- When the collection, use or disclosure of personal information is requested by a government institution for the purpose of communicating with the next of kin or authorized representative of an injured, ill or deceased person;
- When collection is clearly in your best interests and we are unable to obtain your consent in a timely way;
- In an emergency that threatens an individual’s life, health or personal security;
- When disclosure is required for statistical, archival collection and research purposes;
- When the personal information is available from a public source (eg. a telephone directory);
- When the personal information is available through observation at a public event to which you attended voluntarily;
- When the collection, use or distribution is necessary to determine your suitability to receive an honour, award or similar benefit or to be selected for a religious, athletic or artistic purpose;
- When we require legal advice from a lawyer;
- For the purposes of collecting a debt or other obligation;
- To protect ourselves from fraud;
- To investigate an anticipated breach of an agreement or a contravention of law;
- When the personal information is voluntarily disclosed by the person to whom it applies by using equipment or data owned by the Red Frogs USA (eg. through the use of company computers, email addresses etc.).
Principle 4 - Limiting Collection
Red Frogs USA will limit the collection of personal information to that which is necessary for identified purposes. Red Frogs USA will only collect personal information by fair and lawful means and for purposes that a reasonable person would consider appropriate in the circumstances.
Principle 5 - Limiting Use, Disclosure and Retention
Red Frogs USA will not use or disclose personal information for purposes other than for those for which it was collected except with the consent of the individual or as required or permitted by law.
Red Frogs USA will only retain personal information as long as it is needed for the purposes for which it was collected or consented to. Red Frogs USA will maintain reasonable schedules to ensure that personal information is reviewed on an ongoing basis to determine relevance and if retention is required.
Every individual has the right to request their data be deleted in a quick and timely manner. When personal information collected is no longer relevant to its purpose or when it is permitted by law, Red Frogs USA will ensure that it is deleted, destroyed or made anonymous in a secure manner.
Principle 6 - Accuracy
Red Frogs USA will take reasonable efforts to ensure that personal information is accurate and complete.
Red Frogs USA will update information when it is necessary to fulfill the purpose for which the information was collected or when an individual notifies us. A request to correct personal information can be made in writing or by phone. Sufficient detail to identify the personal information and the correction being sought must be provided.
Principle 7 - Safeguards
Red Frogs USA shall stress to both employees and volunteers the importance of safeguarding the confidential nature of personal information and will provide training in this regard.
Red Frogs USA will routinely review and update our security measures which will include: Physical measures such as locking filing cabinets and restricted access to offices as appropriate; Organizational measures, such as security clearances and policies governing access to information; Technological measures, such as the use of passwords and encryption.
Red Frogs USA shall protect personal information disclosed to third parties by contractual agreements and/or third party policies that stipulate the confidentiality and safeguard requirements that are comparable to our own.
Red Frogs USA shall from time to time use web applications where personal information is sent to another jurisdiction for processing, and where it may be accessed by the courts, law enforcement and national security authorities of that jurisdiction.
Principle 8 - Openness
Red Frogs USA is committed to making its privacy policies and procedures available and clear to all interested parties.
Any questions or concerns regarding our policy or procedure may be directed in writing to our Privacy Director.
Principle 9 - Individual Access
Employees, volunteers, candidates, donors and contacts have a right to access their personal information, subject to limited exceptions including, but not limited to:
- Situations of solicitor-client privilege
- Situations where disclosure may reveal the personal information of another individual
- Situations where the health or safety of an individual may be jeopardized
- Situations where the information was provided confidentially, such as the references for candidates
A request to access personal information must be made in writing and provide sufficient detail to identify the personal information being sought and should be forwarded to the attention of the Privacy Director.
In certain situations, it may not be possible to provide access to all the personal information that is held and a request may be refused in whole or in part, providing the reasons for refusal and the recourse available. For example, information may not be provided if to do so would reveal personal information about a third party or jeopardize the security of another.
Principle 10 - Challenging Compliance
The procedure of Red Frogs USA for dealing with complaints is as follows:
- Record the date and nature of a complaint when it is received
- Acknowledge receipt of the complaint promptly
- Review the matter fairly and impartially, providing to the individual, where possible, access to all relevant records
- Notify the individual of the outcome of the investigation promptly and clearly
- If the complaint is found to be justified, we will take appropriate measures, including, if necessary, amending our policies and practices. We will also, if and as required, correct any inaccurate or incomplete information when possible.
If the Privacy Director is unable to resolve the concern, the employee, credential holder, candidate, donor or contact may also write to the Executive Officer Committee of the PAOC. If they are still unable to resolve the concern, they may also write to the Federal Privacy Commissioner.
The contact information for the Privacy Director is as follows:
Privacy Director – Mr. Daniel Terry
322 Wecker Road, Carindale, Brisbane, QLD, Australia.