Coral Rain Pty Ltd ABN: 95 494 975 662 trading as Hume Retirement Resort (referred to in this document as we, us or our) recognises that privacy is very important and we are committed to protecting the personal information we collect from our clients (referred to in this document as you, or your). The Privacy Act 1988 (Cth) (Privacy Act), and the Australian Privacy Principles (APPs) govern the way in which we must manage your personal information and this policy sets out how we collect, use, disclose and otherwise manage personal information .
1.1 Purpose of Collection
The personal information that we collect and hold about you, depends on your interaction with us as a Client. We will take such steps as are reasonable in the circumstances, to ensure that the personal information that we collect is accurate, up to date and complete.
Generally, we will collect, use and hold your personal information (including sensitive information) for the purpose of:
(a) facilitating our internal business operations, including the fulfilment of any legal requirements;
(b) identification; and assessment of required Services;
(c) providing Services to you or someone else that you know;
(d) providing you with information about Services that we, or our related entities and other organisations that we have affiliations with, offer (if you consent to receiving these); and
(e) analysing our services and customer needs with a view to developing new or improved services.
1.2 Types of Information Collected and Recorded
Coral Rain Pty. Ltd. collects and holds personal information about clients, that is, information that can identify you, including but not limited to your: full name; date of birth; address; photograph; and bank details. Additionally, unless otherwise permitted by law, only with your consent we may also collect and store sensitive information that is relevant to assessing you for, or providing you with, agreed Services. Sensitive information that we collect and store may include, information about your: health; or racial or ethnic origin; or religion; or (only where it is directly relevant to the Service being provided) criminal record.
1.3 Method of Collection
We generally collect your personal information directly from you through the use of any of our standard forms, in person during a consultation, over the internet, via email, or telephone conversation. There may, however, be some instances where we collect your personal information from someone else because it is unreasonable or impractical to collect it directly from you (for example, where one of our clients has obtained Services from you on your behalf). In such a case, we will take reasonable steps to notify you of this in advance, or where this is not practicable, as soon as reasonably practicable after your personal information has been collected.
In circumstances where we are collecting and holding personal and or sensitive information, provided to us by you for the purposes of providing Services to someone else: you must ensure that the person whose information has been provided to us by you, has been notified of this Policy, and that they have consented to the disclosure of their information by you, to us.
1.4 Internet Users
If you access our website, we may collect additional personal information about you in the form of an IP address and domain name. Our website may contain links to other websites. We are not responsible for the privacy practices of linked websites and linked websites are not subject to our privacy policies and procedures.
1.5 Use and Disclosure
Generally, we only use or disclose personal information about you for the purposes for which it was collected. We will take such steps as are reasonable in the circumstances to ensure that the personal information that we use or disclose is, having regard to the purpose of the use or disclosure, accurate, up to date, complete and relevant.
We may disclose personal information about you, to:
- other service providers who assist us in delivering Services to our clients;
- our related entities and other organisations with whom we have affiliations so that those organisations may provide you with information about services and various promotions (if you consent to receiving these);
- your nominated next of kin in an emergency involving you;
- (in the case of a transfer to hospital or other care), any medical practitioner, hospital, or service provider involved in the provision of care;
- your nominated family / carer;
- Government entities as part of summaries of service provision data (personal and identifying information may be provided, where this is specifically required to identify eligibility for funding or to inform future service planning);
- Emergency services personnel (Police, Fire, Ambulance), where required.
We do not disclose personal information to overseas recipients.
We store personal information in different ways, including in paper and in electronic form. The security of your personal information is important to us. We take reasonable measures to ensure that your personal information is stored safely to protect it from misuse, interference, loss, unauthorised access, modification or disclosure, including electronic and physical security measures.
You may access the personal information we hold about you, upon making a written request. On receipt of a written request, we will try to:
(a) provide you with access within a reasonable period after the request is made; and
(b) give access to the information in the manner requested by you, if it is reasonable and practicable to do so.
We may decline a request for access to personal information in circumstances prescribed by the Privacy Act.
If, upon receiving access to your personal information or at any other time, you believe the personal information we hold about you is inaccurate, incomplete or out of date, you should notify us. Upon notification we will take reasonable steps to correct the information, having regard to the purpose for which it is held, so that it is accurate, up to date, complete, relevant and not misleading.
1.8 Incomplete or Inaccurate Information
If the personal or sensitive information that we require, in order to provide Services to you, is not provided, or is incomplete, or is inaccurate, we may be unable to provide you, or someone else that you know, with the services that you, or they, are seeking.
1.9 Revision of Policy
All complaints and the outcomes are recorded into an electronic recording system that provides traceability of our communication with you. Our internal business processes prescribe responsibility and timeframes for timely complaint resolution. All documentary records of a complaint are kept confidential, and the information securely filed by the person closing out the complaint.
1.11 More Information
For more information about privacy in general, clients can visit the Office of the Australian Information Commissioner website www.oaic.gov.au
2 Relevant Legislation / Standards:
Privacy Act 1988 (Cth)
Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Cth)