Privacy Policy and Procedures
©St Francis Social Services April 2023
Introduction
St Francis Social Services (SFSS) and its associated entities (Centre 360 Youth and Family Service, House of Welcome and House of Welcome Catering) are committed to protecting the privacy of personal information which it collects, holds and administers. Personal information is information that directly or indirectly identifies a person.
Purpose
The purpose of this Policy is to explain how St Francis Social Services (SFSS) collects, holds and manages personal information, and your rights in relation to how we do this.
SFSS is committed to fulfilling its obligations under the Privacy Act 1988 (Cth) and other applicable laws which protect your privacy.
SFSS collects and administers a range of personal information. Personal information is information, or an opinion about an identified individual, or an individual who is reasonably identifiable. SFSS is committed to protecting the privacy of the personal information we collect, hold and manage.
SFSS recognises your right (and the right of everyone we work with) to have your information administered in ways which you would reasonably expect (i.e., protected on the one hand, and made accessible on the other). These values are reflected in and supported by SFSS’ core values.
Application
SFSS (including Centre 360, House of Welcome and House of Welcome Catering) is committed to adhering to its statutory obligations and values.
This Policy applies to all employees, volunteers, contractors, consultants, students on placement and Board members of SFSS (together, SFSS People). It also applies to SFSS clients, service users, suppliers and other visitors to our premises or other stakeholders (together, SFSS Partners).
The kinds of personal information that SFSS may collect
The kinds of personal information which SFSS may collect includes:
personal details, such as name, gender and date of birth;
contact details, such as address, email address and phone number;
organisation and role;
payment details, e.g., where you make donations to us, or we pay you;
details of any transactions, communications, activity and engagement with you or relating to SFSS and its operations;
for clients and service users, information relevant for the purpose of providing services to you, such as family contact details, relationship and living circumstances, education, work, income, disabilities, languages spoken, Aboriginal and Torres Strait Islander status, preferred pronouns, medications, risks and support services;
for SFSS People and people applying to work with SFSS, information relevant to your engagement, such as qualifications, employment history, referee details, work conduct and performance information, background checks (including criminal record and Working with Children Check), payroll information; and
any other personal information that you provide to us either directly or indirectly.
How we collect and hold personal information
SFSS collects personal information directly from you, for example if you provide it to SFSS in a form or online. SFSS may also collect personal information:
from external service providers;
from entities who refer clients and service users to SFSS;
from your parent, guardian or authorised representative, as appropriate;
from publicly available sources;
by creating new information such as analysis, commentary, reports and reviews; and
in accordance with this Policy.
Purposes for which SFSS collects, holds, uses and discloses personal information
SFSS collects, holds, uses and discloses personal information to manage its organisation and relationships, employ and manage staff, engage with stakeholders and better understand and interact with the individuals it deals with. This may include when we are:
providing services to clients and service users and managing their participation in our programs;
maintaining and managing our relationship with our clients and service users and their families;
monitoring service usage patterns;
managing human resources, including recruitment;
complying with our legal obligations – including where we are required or authorised by law to collect personal information, e.g., under the Fair Work Act, Superannuation Guarantee (Administration) Act, Income Tax Assessment Acts and other tax laws, child protection, occupational health and safety workers compensation and fundraising legislation;
protecting and defending our legal rights;
managing the safety and security of SFSS People, sites, systems and assets;
maintaining and updating our records; or
facilitating our internal operations:
SFSS may be unable to do these things or provide its services to you without your personal information.
Where SFSS engages in direct marketing, we will provide instructions for you to opt out.
We may disclose your personal information to the following Third Parties; including -
XERO, CSNet, DEX, Community Data Services, Barracuda to Cloud, Microsoft 365 and Microsoft Teams, Squarespace (website and online store hosting provider).
SFSS has an obligation to protect clients and service users. In certain circumstances, SFSS may also be required to supply your contact details to other services and law enforcement authorities, including in situations where:
a child or young person under the age of 16 years is at risk of significant harm from abuse or neglect;
there is a serious and imminent threat to life and health of any person, including the person seeking a service (e.g., a person is at risk of hurting themselves or harming others);
a person discloses information that would substantially assist in the prosecution of any offence punishable by 5 or more years imprisonment; or
a SFSS employee is required to provide documents (e.g., a person’s file) or give evidence under subpoena.
Disclosure
In connection with the purposes described above, SFSS may disclose personal information to Third Parties including:
SFSS service providers (including providers of IT, data storage, recruitment, insurance, investigation and delivery services);
lawyers and other professional advisers;
government agencies, including DCJ;
your parent, guardian or authorised representative, as appropriate;
referees and educational and training institutions (in order to work with SFSS); and
anyone authorised by SFSS.
Some of these parties (including cloud service providers) may be located overseas or store data in overseas jurisdictions.
Data quality and security
SFSS takes all reasonable steps to ensure the information we collect is accurate, current, complete and relevant to the functions we perform and services we provide. You can help us keep your personal information up to date by informing us of any changes.
We secure personal information in a number of ways, including electronic and hard copy paper files held at SFSS offices. The measures we use to keep your data safe depend on the circumstances, and can include implementing electronic data access controls, using locked storage and document security and protections against viruses and intrusion.
Anonymity
SFSS will give people the option of not identifying themselves when completing certain evaluation forms or opinion surveys. However, in general, it will not be possible for SFSS to provide services to clients on an anonymous basis.
Access and correction
You have the right to request access to personal information (including any health information) that SFSS holds about you and to seek correction if it is inaccurate, incomplete, misleading or not up to date. This is subject to some exceptions allowed by law. If you would like to request access or seek correction of your personal details, please contact us at the details below. Your request should:
be in writing;
state your name and address;
identify the information which you seek access to;
specify the form in which you would like that information to be provided; and
if the request is to correct information that SFSS holds, the updated information.
Depending on the nature of your request and where permitted by law, we may charge a fee for complying with your access request.
Complaints
We take your privacy concerns seriously. If you would like to report a breach of the Privacy Act 1988 (Cth), Privacy and Personal Information Protection Act, 1998 (NSW), Health Records Information Privacy Act, 2002 (NSW), or any other applicable privacy laws, you may contact us at the details listed below. We will open an investigation into your complaint and respond to you as soon as possible.
If you disagree with how we handle your complaint, you may refer the complaint to, depending on the circumstances:
the Office of the Australian Information Commissioner by visiting www.oaic.gov.au, calling 1300 363 992 or by emailing enquiries@oaic.gov.au, and/or
the NSW Privacy Commissioner by visiting www.ipc.nsw.gov.au, calling 1800 472 679 or by emailing ipcinfo@ipc.nsw.gov.au
Contact us
If you have any privacy enquiries, complaints, or wish to access or correct your personal information, please contact the Privacy Officer at the following:
Email: enquiries@stfrancis.org.au
Phone: (02) 9331 2691
Address: 461–463 Oxford Street, Paddington NSW 2021
©St Francis Social Services April 2023
All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the written permission of the publisher.