This document sets out Scope Global’s policy regarding the collection, use, storage, disclosure of and access to personal and sensitive information, including health information. Scope Global is bound by the Australian Privacy Principles as set out in the Privacy Act 1988 (Cth) (“Privacy Act”) as amended from time to time.
This Policy aims to foster and maintain public trust and confidence in the integrity and professionalism of Scope Global by ensuring that Scope Global complies with the Australian Privacy Principles which protect personal information in our possession.
When an individual provides personal information to Scope Global they are agreeing to be governed by the terms of this Policy.
This policy applies to personal, sensitive and health information pertaining to any hardcopy or electronic record collected or created by Scope Global.
This policy does not apply to:
Scope Global is bound by the Australian Privacy Principles as set out in the Privacy Act. A summary of the most relevant of these principles, as adapted for Scope Global, is set out below:
Because of the nature of Scope Global’s core business, it will usually be impractical for individuals transacting with Scope Global to have the option of not identifying themselves or using a pseudonym. However where it is lawful and practical to do so, Scope Global will consider a written request by the individual.
The circumstances in which you can deal with Scope Global anonymously or using a pseudonym include:
An individual may request at the start of any telephone call with Scope Global, in relation to a general enquiry, to remain anonymous (or to use a pseudonym).
Scope Global will collect information only if the information is necessary for one or more of its functions or activities and with consent. Scope Global must collect information only by lawful and fair means and not in an unreasonably intrusive way.
Scope Global may collect and/or hold the following personal information (not including sensitive information):
Scope Global may collect and/or hold the following sensitive information:
Scope Global will not collect sensitive information about an individual unless:
Scope Global may collect and/or hold the following health information:
Scope Global collects, holds, uses and discloses personal, sensitive or health information to enable us to:
If it is reasonable and practicable to do so, Scope Global will collect personal, sensitive and health information about an individual only from that individual through online application forms and hard copy documentation. However, there will be instances where Scope Global will obtain such information from other sources, e.g. references for employment purposes, results data for prospective students / Award Holders / Volunteers etc. In such instances Scope Global will take reasonable steps to ensure that the individual is or has been made aware except to the extent that making the individual aware of the matters would pose a serious threat to the life or health of any individual.
If Scope Global does not collect the required personal, sensitive or health information it may not be able to provide an individual with the services requested, including access to a particular program or project.
Personal, sensitive or health information collected and held by Scope Global will only be accessed and used in a manner consistent with the original purpose stated at the time of collection.
If required, information may be used or disclosed for a secondary purpose:
Scope Global discloses information to necessary third parties, who assist to implement, provide, manage and administer our programs and projects. The third parties include (but are not limited to):
We may disclose information to overseas parties for the purposes of undertaking our projects and programs.
On receipt of personal, sensitive and health information, third parties are responsible for the management, use and disclosure of the information provided. Scope Global’s Policy will no longer apply to this information.
Scope Global may use personal information (excluding sensitive information) for the purposes of marketing and promoting our programs, projects, services and events to an individual. Examples include sending scholarship recipients invitations to alumni events.
If an individual no longer wishes to receive marketing/promotional material they may select the ‘opt-out’ option provided within the material sent to them or may send an opt-out request to the Privacy Officer using the contact details provided in this Policy.
Scope Global will only disclose personal, sensitive or health information about an individual to someone who is outside Australia if:
Scope Global will not adopt unique government related identifiers of an individual as its own (unless expressly allowed under the Privacy Act) nor will it require an individual to provide a unique identifier in order to obtain a service.
Scope Global holds all information in hard copy documents and/or in electronic format.
Scope Global will:
Scope Global implements this by using the following safeguards:
If Scope Global holds personal, sensitive or health information about an individual it will provide the individual with access to that information on request by the individual, except to the extent that Scope Global is governed by legal processes.
Where providing access would reveal evaluative information generated within Scope Global in connection with a commercially sensitive decision-making process, Scope Global may give the individual an explanation for the commercially sensitive decision rather than direct access to the information.
If Scope Global holds personal, sensitive or health information about an individual and the individual is able to establish to the satisfaction of Scope Global that the information is inaccurate, incomplete, irrelevant, misleading or not up-to-date, Scope Global will take reasonable steps to correct the information, having regard to the purpose for which it is held.
A request for access to, or correction of, an individual’s information should be directed to the Privacy Officer via the contact details provided in section 2 of this Policy.
Such a request will be dealt with by the Privacy Officer as soon as reasonably practicable. If the individual’s request is denied, Scope Global will provide a written notice detailing reasons for the refusal and the process for an individual to make a complaint about the refusal to grant the request.
Scope Global may deny access to an individual’s personal information if:
Scope Global will take appropriate steps to verify an individual’s identity (or the person’s authority to act as a legal guardian or authorised agent of the individual concerned) before granting a request to access or correct personal, sensitive or health information.
An individual also has a right under the Freedom of Information Act 1982 (Cth) (“FOI Act”) to request access to documents held by a government body and to seek correction or annotation of those documents. Due to the nature of Scope Global’s activities and involvement with a number of government bodies, Scope Global may hold information to which an FOI request relates. Scope Global will comply with a request for information (or the correct or annotation of information) made by a government body in relation to an individual’s FOI request, in accordance with the requirements of the Privacy Act.
Scope Global maintains strict ICT controls and risk mitigation strategies to ensure the safety and security and management of our data. In the unlikely event of a data breach occurring, the relevant Manager must immediately notify Scope Global’s Privacy Officer.
A data breach can defined by instances of personal information being held by Scope Global that is lost, subjected to unauthorised access, modification, disclosure, or other misuse or interference. This could include:
Any instances of data breaches will be managed in accordance with the Notifiable Data Breaches (NDB) requirements as outlined in the Data Breach Notification Guide and recorded on Scope Global’s Privacy Breach Incident / Complaint Form.
Any person, who on reasonable grounds believes that Scope Global has breached this Policy may complain in writing to the Privacy Officer specifying details of the alleged breach. A written complaint can be emailed or posted to the Privacy Officer using the contact details set out in this Policy.
It is requested that the written complaint be forwarded within six (6) months of the time the complainant first became aware of the breach. If a complaint is received after this time, Scope Global may not be able to investigate the complaint.
The Privacy Officer shall investigate complaints as expeditiously as practicable and shall provide a written copy of the findings of fact and recommendations made to the (“Executive Team”) and to the complainant within 30 days of receipt of the complaint.
The Executive Team will determine what action will be taken on any recommendation contained in the findings as presented by the Privacy Officer.
The Privacy Officer will keep a confidential record of complaints and resolutions.
If an individual is unsatisfied with the outcome of a complaint, the complaint may be referred to the Office of the Australian Information Commissioner to be resolved.
If an individual wishes to:
an individual can speak directly to a Scope Global staff member who will do their best to try to resolve the issue as simply as possible. Alternatively, an individual can write or send an email to Scope Global so that the Privacy Officer can consider the matter. The Privacy Officer will respond as soon as reasonably practicable.
Scope Global’s contact details are as follows:
Position: Privacy Officer – Senior Manager, People and Culture
Phone: +61 8 8364 8500
Email address: firstname.lastname@example.org
Postal address: 41 Dequetteville Terrace, Kent Town SA 5067
For more information on privacy, visit the Office of the Australian Information Commissioner’s website.
This Policy was last updated on 10 November 2017.