Diabetes NSW (“we”, “us” and “our”) recognises the importance of protecting the personal information of individuals.
When handling personal information, we endeavour to ensure compliance with the rights, obligations and standards prescribed by Australian Privacy law.
What is Personal Information?
Personal information under Australian Privacy law is defined as:
Information or an opinion about an identified individual, or an individual who is reasonably identifiable:
- whether the information or opinion is true or not; and
- whether the information or opinion is recorded in a material form or not.
From whom does Diabetes NSW collect personal information?
We collect personal information from individuals connected to our organisation and its activities. This may include prospective and current members, donors, supporters, employees, health professionals, recipients of support services, service providers, and volunteers.
What kinds of personal information does Diabetes NSW collect or hold?
We only collect and hold personal information we consider reasonably necessary for carrying out our functions or activities.
The kinds of personal information we may collect or hold include an individual’s name, gender, date of birth, lifestyle information, postal address, residential address, email address, phone number, credit card details and/or other payment information.
To administer our services, we may also collect or hold sensitive information – including health information, racial or ethnic origin, and preferred language.
How does Diabetes NSW collect personal information?
We collect personal information, where possible, directly from the individual. This may include collecting information:
Face to face during fundraising events, interviews undertaken for the provision of diabetes services, or at a DNSW resource centre.
Over the phone – including on the Customer Care Line.
In writing – including the use of a Membership Application Form, Donation Form, DNSW Questionnaires or written mail.
Online – including the use of the online member and donation portals or member email system.
From time to time, we may also collect personal information from third parties. This may include legal guardians, organisations or health care professionals associated with the provision of the NDSS (i.e. diabetes care plans or contact details), and information providers (i.e. providers of personal information available in the public domain or list purchase providers).
How does Diabetes NSW hold personal information?
We are committed to ensuring the security of all personal information we hold from misuse, interference, loss and unauthorised access, disclosure or modification.
As a provider of a wide variety of diabetes related programs and services, personal information collected by us may be stored in paper or electronic format. This may occur simultaneously.
Paper-based: All personal information stored as a paper-based record is held either on the premises within locked cabinets or at an external secured access controlled facility.
Electronic – based: All personal information held as electronic data is securely stored on local and US servers backed up nightly or in real-time. Personal information held in this manner is subject to restricted access and password protection.
When personal information is no longer required for the purposes of carrying out our functions or activities, all reasonable steps are taken to destroy or ensure that the information is de-identified. This will apply unless we are required, under Australian law, to retain the personal information for a specified period of time.
Why does Diabetes NSW collect, hold, use and disclose personal information?
We collect, hold, use and disclose personal information for the purpose of providing and improving our services for members and other persons affected by diabetes. We collect, hold, use, and disclose personal information for:
Marketing: To enable current or prospective members and/or donors to be contacted for the purpose of membership renewal, donating and providing updated information.
Tailoring and providing communications: To enable current Diabetes NSW members, supporters, and donors to receive information that relates to their specific needs or interests. This may include information on specific education programs, events, research opportunities and fundraising campaigns.
From time to time personal information (including name, address and membership number) may be sent to our contracted mail house or printer for the purpose of providing individuals with Diabetes NSW publications, fundraising requests, and membership renewal through regular mail.
Health programs: To provide, run and manage health programs for current members and members of the general public at high risk of developing diabetes.
Services: To provide, run and manage services for current members and other persons affected by diabetes.
Research: To promote and fund research into diabetes.
Volunteering: To enable our volunteers to assist with the delivery of information through mail drives, events and programs when required.
Other purposes: To enable us to collect publicly available information from information providers. As well as to provide up-to-date information to members, supporters and donors regarding our operations, services and programs, to verify membership identity, and to comply with all relevant Australian laws and regulations.
Choosing not to provide personal information may affect the services and programs we are able to provide to an individual.
Does personal information collected by Diabetes NSW go overseas?
Our e-communications (this includes emails) and e-commerce (the Diabetes NSW online store) go through platforms based in the United States of America. This means that personal information, including a person’s full name and email address used for the communication, will be stored securely on a remote server within the USA.
How can individuals ‘opt out’ of direct marketing communication?
Where personal information is used for the purposes of direct marketing communications – including surveys, research opportunities, fundraising campaigns, and support group information, we provide the individual with the opportunity to ‘opt in’ or ‘opt out’ of receiving such information.
Individuals may request to receive direct marketing communication by marking ‘Yes’ in the provided option on their online or paper-based Membership application form. Individuals may ‘opt out’ of receiving direct marketing communications by selecting ‘unsubscribe’ on subsequent email communications sent by us, or by one of the following ways:
- Contacting the Infoline on 1300 136 588
- Visiting any Diabetes NSW Shop
- Emailing firstname.lastname@example.org
- Writing to the Diabetes NSW Membership Manager GPO Box 9824, Sydney 2001
If individuals choose to ‘opt out’ of receiving our direct marketing communications, they may be asked to provide their full name, address, date of birth and membership number for verification purposes.
Website usage and cookies
An individual can browse and access our website without revealing their identity.
We collect the following data from individuals who visit our website:
- The number of visits
- Date and time of visits
- Number of pages viewed
- How users navigate through the site
To improve our website, we use ‘cookies’ in order to track individuals who use our website. A cookie is a small amount of data that is transferred to the individual’s browser by a Web server and can only be read by the server that gave it to the individual. It functions as the individual’s identification card, and enables us to record the individual’s passwords, purchases, and preferences. It cannot be executed as code or deliver viruses.
Most browsers are initially set to accept cookies. An individual can set their browser to notify them when they receive a cookie, giving them the chance to decide whether to accept it or not. (For some Web pages that require an authorisation, cookies are not optional. Users choosing not to accept cookies will probably not be able to access those pages.)
How can individuals access their personal information?
Upon request, personal information collected and held by us can be accessed, subject to applicable Australian law.
Access to personal information can be requested in writing addressed to the Diabetes NSW Membership Manager at GPO Box 9824, Sydney NSW 2001 or in an email to email@example.com
We require that individuals wishing to access their personal information provide their full name, address, date of birth and membership number for verification purposes.
We will deal with requests for access to personal information usually within 30 business days. Access to personal information will be provided in the manner requested by the individual, unless it is unreasonable and impracticable for us to do so.
How can individuals correct or update their personal information?
To ensure up-to-date, accurate and complete personal information, we provide members with the opportunity to personally update their details throughout the year – including by completing a DNSW Membership Renewal form or Donation form. These forms are provided to members via regular post or email (as specified by the member).
If individuals wish to update or correct their personal information they may also do this by:
- Contacting the Infoline on 1300 136 588
- Visiting diabetesnsw.com.au and completing the ‘Change membership details’ form
- Clicking on ‘Updated Contact Details’ on the home page of this website (or going to www.diabetesnsw.com.au/update)
- Writing to the Diabetes NSW Membership Manager at GPO Box 9824, Sydney NSW 2001
- Visiting a Diabetes NSW Shop at an address listed on our website
Individuals choosing to update or change personal information will need to provide identifying information –including full name, address, membership number and date of birth.
We will deal with requests to correct or update personal information usually within 30 business days.
Managing enquiries and complaints
We endeavour to handle personal information in an open and transparent way.
Any enquiry or complaint concerning the manner in which personal information is or has been handled by us can be made by contacting the Customer Care Line on 1300 342 238, by writing to the Diabetes NSW Privacy officer at GPO Box 9824, Sydney NSW 2001 or by emailing the Diabetes NSW Privacy Officer on firstname.lastname@example.org
We will deal with all inquiries and complaints usually within 30 business days.
 Privacy Act 1988 (Cth) s6.