Diabetes Central Privacy Policy

 

                    Diabetes Central Privacy Policy

 

This privacy policy applies to Diabetes Central.

At Diabetes Central your privacy is important, below is an outline of how we secure any data we may collect from you.

The Diabetes Central website is provided for general information and educational purposes and may contain links to other websites. Once you enter another website be aware Diabetes Central will not be responsible for the privacy of other websites. We encourage you to check the privacy statements for all websites you visit.

Overview

 

Diabetes Central is committed to complying with the Privacy Act 1988 and the Australian Privacy Principles 2014 and the privacy provisions of all applicable legislation. Updated Privacy laws commenced on 12 March 2014 that introduced the new Australian Privacy Principles (‘APPs’). The APPS set out the way organisations and government agencies such as the Diabetes Central can collect, use, disclose, secure and provide access to personal information.

This privacy policy covers all personal information we hold, that is, information, or an opinion about an individual, whose identity is apparent, or can be reasonably ascertained, from that information or opinion. This includes information we have collected from people through our office, over the phone and over the internet.

Collecting information

When we collect personal information from an individual, we will ensure that we do so in a fair manner and that we let the individual know where and how to contact our organisation. We will only collect information that is reasonably necessary for our functions or activities.

We will advise individuals or the purpose for which their personal information is collected.

If we collect sensitive information (as defined under the Act), we will treat it with the utmost security and confidentiality. We will ensure that it is not collected for any purposes, other than those for which we have obtained the individual’s consent, unless the law requires otherwise, or other exceptional circumstances prevail as described under the Act.

Where an individual chooses not to provide requested information, we will advise that individual of what consequences this non-disclosure may have. For example, withholding certain information may limit our ability to provide relevant offers or services to individuals.

Diabetes Central will take reasonable steps to ensure data is accurate, up-to-date and complete.

Using and disclosing information

We will only use and disclose personal information in accordance with the Privacy Act. This means that personal information may be used or disclosed:

  • For the purposes for which we have advised that we are collecting it, and for related purposes that the individual would reasonably expect,
  • Where we have the consent of the individual to do so,
  • As required by law, or
  • Under other circumstances where permitted under the

In the course of our business activities, we may need to disclose some of your personal information to relevant staff.

Diabetes Central does not disclose personal information to overseas recipients in any circumstances.

Unauthorised disclosure or access

As Diabetes Central is committed to protecting the privacy of individuals, we will view unauthorised disclosure of, or access to, personal information by our employees or contractors, as a serious breach of this policy. Appropriate action (which may include disciplinary or legal action) will be taken in such cases.

Opt- out

We will always provide individuals with a nil-cost way of contacting us to register a request to “opt - out” from receiving any product offers and direct marketing communications.

Access to personal information

Individuals will be able to access their personal information upon request. However, Diabetes Central may occasionally need to deny access to information in accordance with the exemptions contained in the Act.

Security

Our goal is to protect the personal information collected by Diabetes Central. Personal information will be managed confidentially and securely and destroyed appropriately when no longer required. We will monitor and implement appropriate technical advances or management processes, to safeguard personal information.

Data Quality

We will take all reasonable steps to ensure that the data we collect, use or disclose is accurate, complete and up to date, and has been obtained directly from individuals or other reputable sources.

Data Breach Notification Scheme

The Privacy Act establishes a mandatory Data Breach Notification Scheme (DBN Scheme) which requires ADEA to notify particular individuals and the Office of the Australian Information Commissioner about ‘eligible data breaches’.

A data breach is unauthorised access to or unauthorised disclosure of personal information, or a loss of personal information that an entity holds. A data breach is eligible if it is likely to result in serious farm to any of the individuals to whom the personal or sensitive information relates. Diabetes Central will make an objective assessment of whether a data breach is likely to result in serious harm and take remedial action according to its data breach response plan.

 

 

 

 

Diabetes Central Data Management and Data Breach Plan

Data breach response plan

Privacy Inquiries

Privacy related inquiries or concerns can be directed to Ann Bush  admin@diabetescentral.com.au

Availability and review of policy

We will make our privacy policy available upon request and will provide a link to this policy from our website.

This policy will be reviewed from time to time and any amendments will be incorporated into the updated

 

Last updated: August 2022