The type of information WHI collects and holds includes (but is not limited to) personal information, including sensitive information, about:

• Name
• Address
• Email
• Phone
• Mobile
• Occupation
• Number of dependents

WHI will generally collect personal information held about an individual by way of meetings, questionnaires or phone calls. You do have the right to seek to deal with us anonymously or using a pseudonym, but in almost every circumstance it will not be practicable for us to deal with you or provide any services to you except for the most general responses to general enquiries, unless you identify yourself.

In some circumstances, WHI may be provided with personal information about an individual from a third party, for example, our Partner.

Under the Privacy Act the Australian Privacy Principles do not apply to an employee record. As a result, this Privacy Policy does not apply to WHI’s treatment of an employee record, where the treatment is directly related to a current or former employment relationship between WHI and employee. However, WHI must provide access and ensure compliance with the Health Privacy Principles under the Victorian Health Records Act 2001.

WHI will use personal information it collects from you for the primary purpose of collection, and for such other secondary purposes that are related to the primary purpose of collection and reasonably expected, or to which you have consented.

In relation to direct marketing, WHI will use your personal information for direct marketing where you have provided that information, and you are likely to expect direct marketing: only then you will be sent direct marketing containing an opt out. If we use your personal information obtained from elsewhere we will still send you direct marketing information where you have consented and which will also contain an opt-out. We will always obtain your consent to use sensitive information as the basis for any of our direct marketing.

We may use video surveillance for security purposes and the footage will be used only by WHI and by the providers of our security services for security purposes.

Surveillance videos are not used by WHI for other purposes and the footage is not publicly available. Surveillance cameras are not located in any bathrooms or change room facilities.

In relation to personal information of job applicants, staff members, and contractors, WHI’s primary purpose of the collection is to assess and (if successful) to engage the applicant, staff member or contractor, as the case may be.

The purposes for which WHI uses personal information of job applicants, staff members, and contractors include:

• for insurance purposes;
• to satisfy WHI’s legal obligations,

Where WHI receives unsolicited job applications these will usually be dealt with in accordance with the unsolicited personal information requirements of the Privacy Act.

WHI also obtains personal information about volunteers who assist WHI in its functions or conduct associated activities, such as to enable WHI and the volunteers to work together.

WHI does not use marketing companies for any fundraising activities.

WHI may disclose personal information, including sensitive information, held about an individual to:

• government departments;
• people providing services to WHI, and
• anyone you authorise WHI to disclose information to.

WHI will not send personal information about an individual outside Australia without:

• obtaining the consent of the individual (in some cases this consent will be implied); or
• otherwise complying with the Australian Privacy Principles or other applicable privacy legislation.

We do/do not use overseas providers of IT services including servers and cloud services.

In referring to ‘sensitive information’, WHI means:

• “information relating to a person’s racial-ethnic origin, political opinions, religion, trade union or other professional or trade association membership, sexual preferences or criminal record, that is also personal information; and health information about an individual”.
• Sensitive information will be used and disclosed only for the purpose for which it was provided or a directly related secondary purpose unless you agree otherwise, or the use or disclosure of the sensitive information is allowed by law. 

WHI’s staff are required to respect the confidentiality of personal information and the privacy of individuals.

WHI has in place steps to protect the personal information WHI holds from misuse, loss, unauthorised access, modification, interference or disclosure by use of various methods including locked storage of paper records and password access rights to computerised records.

The WHI endeavours to ensure that the personal information it holds is accurate, complete and up-to-date. A person may seek to update their personal information held by WHI by contacting the Privacy Officer of WHI at any time.

The Australian Privacy Principles and the Health Privacy Principles require WHI not to store personal information longer than necessary. In particular, the Health Privacy Principles impose certain obligations about the length of time health records must be stored.

You have the right to check what personal information WHI holds about you.

Under the Commonwealth Privacy Act and the Health Records Act, an individual has the right to obtain access to any personal information which WHI holds about them and to advise WHI of any perceived inaccuracy. There are some exceptions to this right set out in the applicable legislation. To make a request to access any information WHI holds about you, please contact the Privacy Officer in writing.

WHI may require you to verify your identity and specify what information you require. Although no fee will be charged for accessing your personal information or making a correction, WHI may charge a fee to retrieve and copy any material. If the information sought is extensive, WHI will advise the likely cost in advance.

Under our destruction and de-identification policies, your personal information that is no longer required will be de-identified or destroyed. In many circumstances, however, it will be kept for marketing purposes, as you will have consented to that in writing with us.

If you would like further information about the way WHI manages the personal information it holds, please contact the Privacy Officer. If you have any concerns, complaints or you think there has been a breach of privacy, then also please contact the Privacy Officer who will first deal with you usually over the phone. If we then have not dealt satisfactorily with your concerns we will meet with you to discuss further. If you are not satisfied with our response to your complaint within 30 days from this meeting then you can refer your complaint to the Office of the Australian Information Commissioner via:

email:  enquiries@oaic.gov.au

tel:  1300 363 992

fax:  +61 2 9284 9666

WHI uses 128 bit SSL encryption to protect the transfer of personal and financial information between your browser and our servers. When using WHI registration and donation pages, a small lock or key symbol in the status bar of your browser indicates that you are connected securely.

Personal information and financial transactions are stored on our secure database server. Stringent security guidelines are in place to protect this data, and its use and release are governed by our Privacy Policy.