Your privacy is important.
This statement outlines Mindgardens Neuroscience Network Limited (ACN 640 902 530) (Mindgardens, we, us, our) policy on how Mindgardens uses and manages personal information provided to or collected by it.
Mindgardens is bound by the Australian Privacy Principles contained in the Commonwealth Privacy Act and is compliant with the Privacy Amendment (Enhancing Privacy Protection) Act 2012.
Mindgardens may, from time to time, review and update this Privacy Statement to take account of new laws and technology, changes to Mindgardens operations and practices and to make sure it remains appropriate to the changing legal environment.
What kind of personal information does Mindgardens collect and how does Mindgardens collect it?
The type of information Mindgardens collects and holds includes (but is not limited to) personal information, including sensitive information, about:
- your name and contact details;
- copies of identification documentation;
- payment information and banking details if you are purchasing a product through us;
- Personal Information contained in forms or applications;
- Personal Information contained in queries, or feedback about our services;
- usage data (which may include your IP address, the pages you have clicked through on our websites, websites that referred you to our sites, information about the device you are using, and your wider geographic location).
Personal Information you provide:
Mindgardens will generally collect personal information held about an individual by telephone, by letter, by email, or through forms on our websites. You do have the right to seek to deal with us anonymously or using a pseudonym, but in almost every circumstance it will not be practicable for us to deal with you or provide any services to you except for the most general responses to general enquiries, unless you identify yourself.
Personal Information provided by other people:
In some circumstances Mindgardens may be provided with personal information about an individual from a third party, for example, Personal Information may be provided by third party websites.
In relation to employee records:
How will Mindgardens use the personal information you provide?
Mindgardens will use personal information it collects from you for the primary purpose of collection, and for such other secondary purposes that are related to the primary purpose of collection and reasonably expected, or to which you have consented.
In relation to direct marketing, Mindgardens will use your personal information for direct marketing where you have provided that information, and you are likely to expect direct marketing: only then you will be sent direct marketing containing an opt out. If we use your personal information obtained from elsewhere we will still send you direct marketing information where you have consented and which will also contain an opt out. We will always obtain your consent to use sensitive information as the basis for any of our direct marketing.
Job applicants, staff members and contractors:
In relation to personal information of job applicants, staff members and contractors, Mindgardens primary purpose of collection is to assess and (if successful) to engage the applicant, staff member or contractor, as the case may be.
Where Mindgardens receives unsolicited job applications these will usually be dealt with in accordance with the unsolicited personal information requirements of the Privacy Act.
Mindgardens also obtains personal information about volunteers who assist Mindgardens in its functions or conduct associated activities, such as to enable Mindgardens and the volunteers to work together.
Marketing and fundraising:
The future growth and development of Mindgardens is important.
Personal information held by Mindgardens may be disclosed to an organisation that assists in Mindgardens fundraising.
Who might Mindgardens disclose personal information to?
Mindgardens may disclose personal information, including sensitive information, held about an individual to, for purposes that you consent to, or for other related purposes that you would reasonably anticipate.
Sending information overseas:
Mindgardens will not send personal information about an individual outside Australia without:
- obtaining the consent of the individual (in some cases this consent will be implied); or
- otherwise complying with the Australian Privacy Principles or other applicable privacy legislation.
The Mindgardens website is hosted by WordPress.com, a US-based not-for-profit organization. The site is served from a WordPress hub in Sydney, Australia, and may also be mirrored on WordPress nodes in the USA, Singapore, Japan, Germany, Spain, India, Hong Kong, France, Brazil, UK, New Zealand, South Africa, Sweden, Canada, Taiwan, Netherlands, Austria and Italy.
How does Mindgardens treat sensitive information?
In referring to ‘sensitive information’, Mindgardens means:
“information relating to a person’s racial ethnic origin, political opinions, religion, trade union or other professional or trade association membership, sexual orientation or criminal record, that is also personal information; and health information about an individual”.
Sensitive information will be used and disclosed only for the purpose for which it was provided or a directly related secondary purpose, unless you agree otherwise, or the use or disclosure of the sensitive information is allowed by law.
Management and security of personal information
Mindgardens staff are required to respect the confidentiality of personal information and the privacy of individuals.
Mindgardens has in place steps to protect the personal information Mindgardens holds from misuse, loss, unauthorised access, modification, interference or disclosure by use of various methods including locked storage of paper records and passworded access rights to computerised records.
We have a data breach response plan, which we would follow in the unlikely event of a privacy or data breach.
Updating personal information
Mindgardens endeavours to ensure that the personal information it holds is accurate, complete and up-to-date. A person may seek to update their personal information held by Mindgardens by contacting the Privacy Officer of Mindgardens at any time.
The Australian Privacy Principles and the Health Privacy Principles require Mindgardens not to store personal information longer than necessary. In particular, the Health Privacy Principles impose certain obligations about the length of time health records must be stored.
You have the right to check what personal information Mindgardens holds about you.
Under the Commonwealth Privacy Act and the Health Records Act, an individual has the right to obtain access to any personal information which Mindgardens holds about them and to advise Mindgardens of any perceived inaccuracy. There are some exceptions to this right set out in the applicable legislation. To make a request to access any information Mindgardens holds about you, please contact the Privacy Officer in writing.
Mindgardens may require you to verify your identity and specify what information you require. Although no fee will be charged for accessing your personal information or making a correction, Mindgardens may charge a fee to retrieve and copy any material. If the information sought is extensive, Mindgardens will advise the likely cost in advance.
How long will Mindgardens keep my information?
Your personal information that is no longer required will be de-identified or destroyed. In many circumstances, however it will be kept for marketing purposes, as you will have consented to that in writing with us.
Enquiries and privacy complaints
If you would like further information about the way Mindgardens manages the personal information it holds, please contact the Privacy Officer via email: email@example.com or tel: +61 2 9399 1603
If you have any concerns, complaints or you think there has been a breach of privacy, then also please contact the Privacy Officer who will first deal with you usually over the phone. If we then have not dealt satisfactorily with your concerns we will meet with you to discuss further.
If you are not satisfied with our response to your complaint within 30 days from this meeting then you can refer your complaint to the Office of the Australian Information Commissioner via: email: firstname.lastname@example.org or tel: 1300 363 992