Reading Recovery Australia Incorporated (“RRA”) understands that your privacy is important to you. We are committed to meeting your expectations and will comply with all applicable privacy and data protection legislation in relation to your personal information and sensitive information.
We also know you love the small print, but here’s a summary of how we protect your privacy:
- We only collect what we need to help you with your request or provide you with information that you ask for, personalising it to your interests.
- We won’t hang on to your information. If we don’t need it, and you don’t want us to keep it, we’ll delete it.
- We want you to understand everything we do with your information, so we’ll try our best to explain with no nonsense.
- No surprises — you decide what and how you hear from us.
- That goes for everyone. We do not pass your information to third parties for marketing purposes without your knowledge.
The rest of this policy provides you with more detail of our privacy and personal information handling practices.
Who we are
RRA is an incorporated association with Consumer Affairs Victoria (Registration Number: A0108117O). This requires us to collect personal information from you. “We”, “us” and “our” refers to RRA.
Our website address is: https://readingrecovery.org.au.
Data Controller Contact Details
Contact our Privacy Officer via email to: [email address]
We will endeavour to respond to you within a reasonable time.
What personal data we collect and why we collect it
We collect your Personal information to allow us to:
- administer your membership of RRA
- provide you with our materials and services
- inform you of and provide you with information on the services we provide (including events and opportunities to participate in projects/programs)
- manage our internal business operations
- respond to your questions.
Legal basis for processing your personal information
We will only process personal information where we have a lawful basis to do so. The basis for processing your personal data varies depending on the activity we collected it for. In some occurrences, we may have more than one lawful basis for processing.
The information below summarises the basis on which the RRA process personal information:
Membership and contract
RRA processes personal information which is necessary to record your membership of RRA. This includes, but is not limited to, membership subscription, contact details for training and events. We will also use your personal information for completing contracts.
RRA processes personal data which is necessary to comply with legal obligations. This includes, but is not limited to, providing personal information to regulators, law enforcement agencies and statutory bodies.
RRA processes personal data in order to meet our legitimate interests. This includes, but is not limited to responding to general enquiries, supporting training of tutors, research, preventing fraudulent activity and improving our services.
RRA processes personal data where you have provided your consent to do so.
Recipients of personal data
We also use other organisations to process your personal information to carry out services on our behalf. We use them to:
- Process payments
- Provide customer service, surveys and marketing
Where we use another organisation, we make sure that your personal information is protected and remains in our control.
How we collect personal information
We will only collect personal information by lawful and fair means. Personal information may be collected directly from you or your authorised representative.
We do not collect personal and sensitive information unless the information is reasonably necessary for our business functions or activities. We will obtain your consent before collecting any sensitive information.
When you deal with us, you will need to identify yourself in order for us to provide our services to you, as such we do not accept the use of pseudonyms.
If you access our websites, we may collect additional personal information about you in the form of your IP address and/or domain name.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
The way in which we use and disclose personal information
We will use or disclose your personal information only for the purposes for which it was collected. We will use or disclose your information for another purpose only if you have consented, or if you would reasonably expect us to do so or as required by law.
We may use your personal information for the purposes of our own direct marketing, however, we will ensure you have the ability to opt out of future such communications.
The steps we take to protect and keep secure the personal information we hold
We take reasonable technical and organisational measures to protect the personal information we hold against interference, loss, unauthorised access, use, modification or disclosure, and other misuse.
However, you should be aware that if you submit information to us electronically the internet is not a secure environment. We take reasonable steps to provide a secure channel for receiving information but cannot absolutely protect personal information before it reaches us.
When the personal information that we collect is no longer required, we will destroy, delete it in a secure manner, or ensure that the information is de-identified in accordance with our information destruction and de-identification policy, unless we are required by law to retain a copy of the personal information or the information is contained in a Commonwealth record.
You have the right to seek access to any of your personal information held by us unless there is a valid reason under the Privacy Act for us to withhold the information.
Valid reasons include:
- We have reason to suspect that unlawful activity or misconduct of a serious nature has been engaged in and giving access would be likely to prejudice the taking of appropriate action in relation to the matter; or
- Giving access would reveal evaluative information generated within us in connection with a commercially sensitive process.
- If your personal details change, or you believe the information we hold about you is incorrect, incomplete or out-of-date, please contact us so that we can correct our records.
Right to erasure
At your request, we will remove all the data we have for you which we are not required legally to retain.
Right to restrict processing
You have the right to restrict processing when you have exercised one of the above rights and it may take some time to process that request. For example: when you contact us to update your details you have the right to request restriction until your details are being updated.
Right to withdraw consent
For the processing activities where we have asked you for consent, you have the right to withdraw this consent at any point by unsubscribing from a message from us, or by contacting [contact email]
Right to object
You can object to the processing of your personal data.
Right to not be subject to automated decisions and profiling
None of our processing activities are purely automated and no decisions are made without human intervention. There are instances where we process data to analyse or predict behaviour, but we will ask you for explicit consent when this processing will involve your personal data.
Right to data portability
If you have provided us with your personal data with consent or under the contact obligations, you have the right to request the data you have provided to us in a machine-readable format should you decide to move to another data controller.
Making a request
Requests for access or correction to your personal information or other privacy rights described above should be addressed to The Privacy Officer by emailing [contact email]. All requests will be responded to in writing within a reasonable period of time. As part of this process we will verify the identity of the individual requesting the information prior to providing access or making any changes. If we cannot fulfil your request, we will respond and provide you with an explanation.
Making a complaint if you are unhappy about how we have dealt with or are dealing with your personal information
We have procedures in place to deal with your inquiries or complaints.
If you have any questions about our policy or any complaint regarding the treatment of your privacy by us, please contact [contact email]
If you feel we have intruded on your privacy or misused your data, you are able to complain to:
Office of the Australian Information Commissioner’s (OAIC) website at www.oaic.gov.au
The contact details for the OAIC are:
Level 3, 175 Pitt Street, Sydney 2000
Postal address (Sydney): GPO Box 5218 Sydney NSW 2001
Postal address (Canberra): GPO Box 2999 Canberra ACT 2601
Phone: 1300 363 992
Fax: + 61 2 9284 9666
Updates to this Policy
We aim for there to be no surprises in our dealings with your personal information. If we make significant changes to the policy and we have your email address, we will send you an email informing you of these changes, how they may impact you, and reminding you of your privacy rights.