Protecting your privacy
The WAM and its related entities (‘we’, ‘us’, ‘our’ and ‘Foundation’) are totally committed to protecting your personal information.
Please read this privacy policy carefully as it describes how we handle your personal information.
We may revise this privacy policy from time to time by publishing a revised version on our website. That revised version takes effect from the time it is published.
1. INTRODUCTION
The WAM (The Foundation) is committed to promoting and adhering to the highest standards of protection and accountability in its governance and operations to ensure the protection and privacy of personal information and personal data, both within the organisation and under its projects and programs.
The Foundation has governance and management systems and processes directed towards reinforcing its commitment under this policy. The measures put in place by The Foundation in this area are complemented by the initiatives it is undertaking to continually improve its operational effectiveness and further strengthen its governance, internal control, security, information protection and risk management practices.
This policy outlines how The Foundation will comply with our global standard, based in Indian law. The Privacy Act 19xx (‘Privacy Act’) is an Indian law which regulates the handling of personal information about individuals. Similar protections exist under other laws applicable within the jurisdictions in which The Foundation operates such as the General Data Protection Regulation in the European Union.
We make sure we comply with all our obligations and responsibilities under all relevant privacy laws in all jurisdictions and entities, whenever we handle sensitive information.
2. DEFINITIONS
Personal information
‘Personal information’, is any information or opinion that can identify or be used to identify an individual. The Foundation may collect and hold personal information from our donors, supporters, volunteers, contractors, visitors to our field programs, and other individuals.
Sensitive information
The Foundation may collect health or other sensitive information, such as information about an individual’s eye health. The Foundation may share health or other sensitive information with our health provider partners and suppliers and they may also share with The Foundation health or other sensitive information they have collected. By providing health or other sensitive information to The Foundation, an individual consents to The Foundation collecting this information and using and disclosing it for the purposes set out in this Privacy Policy.
Cookies
When an individual visits or uses a website of The Foundation, personal information may be collected automatically through cookies including: IP address and/or domain name; operating system (type of browser and platform); and the date, time and length of the visit to the website. This information primarily is used for the compilation of statistical information about the use of the website. Cookies may also be used to assist The Foundation and our third party service providers present targeted and customised advertising to an individual on our website and/or on third party websites.
Website traffic
The Foundation uses Google Analytics to track visits to our website. Google Analytics is a web analytics tool that helps website owners understand how visitors engage with their website. Google Analytics customers can view a variety of reports about how visitors interact with their website so they can improve it.
Google Analytics collects information anonymously. It reports website trends without identifying individual visitors.
This information is used to track the effectiveness of websites. Types of data collected include visits, viewed pages and the technical capabilities of our visitors. These statistics will not identify an individual. For more information read Google's Privacy Policy.
Links to other websites
The Foundation’s website may contain links to third party websites, and third party websites may also have links to The Foundation’s website. This Privacy Policy does not apply to external links or other websites. These third party websites may collect your personal information. The Foundation encourage individuals to read the privacy policies of any website you link to from The Foundation’s website/s.
3. SCOPE
This policy outlines how The Foundation will comply with our global standard, based in Australian law and details the alignment of its governance and operations to ensure the protection and privacy of personal information and personal data, both within the organisation and under its projects and programs. This policy applies to all staff of The Foundation and other individuals or partners implementing The Foundation’s activities and operations or representing The Foundation in any capacity.
4. PRINCIPLES AND ACTIONS
4.1 Collection of personal information
Most of the time, and where reasonable and practicable, personal information will be collected directly from individuals, particularly where that personal information may include sensitive information.
From time to time personal information may be obtained from third parties, such as third party health provider partners. In these circumstances, The Foundation will take reasonable and practicable steps at or before the time of collection (or as soon as practicable after collection) to notify the individual, or otherwise to ensure they are aware, that personal information has been collected and the circumstances of the collection, in accordance with all relevant privacy law in Australia.
4.2 Use of personal information
The purposes and uses of collected personal information may include:
- processing donations;
- communicating with our supporters;
- recruiting and managing staff, contractors or volunteers;
- conducting marketing activities; and
- enabling other activities and functions of the Foundation.
The Foundation may use personal information to send direct marketing messages or telemarketing communications. If at any time you do not want to receive further direct marketing messages or communications from The Foundation, please contact The WAM Foundation, This email address is being protected from spambots. You need JavaScript enabled to view it.
If there is a need to handle personal information for any other purpose not set out in this Privacy Policy, The Foundation will only do so with consent or where it may otherwise reasonably expected to do so.
The Foundation does not sell personal information to third parties, and except as provided for in this Privacy Policy does not make personal information available to third parties.
4.3 Retention of personal information
Subject to retention requirements for health information outlined below, The Foundation will only keep personal information for as long as it is needed for any purpose for which it was collected, or otherwise if it is part of a Commonwealth record or is required to be retained under Australian law or by a court or tribunal.
In accordance with the State-based health information protection laws, there is a requirement in certain circumstances to retain health information for 7 years after the last occasion on which a health service was provided to an individual, except where the information was collected while the individual was under 18 (in which case, the records will be kept until the individual has reached 25 years of age).
Where possible, all personal information which is no longer needed or required by law to be retained will be properly de-identified or destroyed.
4.4 Disclosure of personal information
Personal Information will be used and disclosed for the purposes described in ‘Use of personal information’ above. Although The Foundation generally does not disclose personal information to other organisations, this may be done upon the receipt of consent, or if it is required or authorised by law (including in emergency situations or to assist law enforcement), or if it is believed it is reasonably necessary to conduct the functions and activities of The Foundation.
The Foundation use a range of suppliers, service providers, contractors and partners to whom your personal information may be disclosed to enable the activities and functions of The Foundation. They may include information technology service providers, direct marketing agencies, banks, credit card companies, recruitment agencies, professional advisers and insurers.
This means that organisations and individuals other than The Foundation may collect access and use personal information held by The Foundation. The Foundation’s standard practice is to require these third party providers, through our agreements with them, to comply with our security guidelines, this Privacy Policy and all relevant privacy laws in Australia.
4.5 Disclosure of personal information
We are an international organisation with information sharing between our global offices and our health provider partners. This means that it is possible your personal information and sensitive information may be shared with our offices and our health provider partners based outside Australia in regions such as the European Union, North America, Asia and Africa.
We also engage external contractors who provide services to The Foundation who are bound by privacy legislation and laws where they are located. It is our standard practice to require these external contractors by written agreement with The Foundation to comply with our security guidelines and this Privacy Policy. Some of these external contractors are located or have information handling facilities outside Australia, in regions such as the European Union, North America, Asia and Africa.
You consent to us disclosing your personal information and other sensitive information outside Australia for the purposes set out in this Privacy Policy. Please understand that by giving us this consent, we will not be accountable and you will not be able to seek redress under the Australian Privacy Act, the Australian Privacy Principles or any other relevant privacy laws in Australia if the overseas recipient handles your information in breach of any relevant privacy laws. You may also not be able to seek redress in the overseas jurisdiction if there is a breach of your privacy. However, your consent does not in any way lessen our commitment, and the measures we take, to protect and secure your personal information and sensitive information.
4.6 Security of personal information
All reasonable steps are taken to ensure the security of personal information by storing it in a secure environment. If third party providers are used in connection with the storage of personal information it is standard practice to require these third party providers, through agreements with them, to comply with The Foundation’s security guidelines and this Privacy Policy. The Foundation requires our employees, contractors and third party service providers to respect and protect the confidentiality of personal information held.
The Foundation’s electronic databases are secured by a firewall and anti-virus software to ensure, so far as practicable, that it is not accessed by unauthorised parties. This website has security measures (minimum 128-bit secure sockets layer encryption) designed to protect against the loss, misuse and/or alteration to personal information under The Foundation’s control. Secure pages on The Foundation websites are protected by a 128-bit SSL certificate.
However, because of the nature of the internet, security of personal information cannot be guaranteed. All unencrypted information exchanged via the internet may be accessed and used by people other than those for whom it is intended.
4.7. Access or corrections to your personal information
All reasonable steps are taken to ensure that personal information collected, held, used, disclosed, stored and handled is complete, accurate, relevant and up-to-date. Access to, corrections or removal of personal information, may be requested by contacting the Supporter Services team at The WAM Foundation HQ@MYWAM>ORG
Requests will be responded to within a reasonable period of time unless it is unreasonable or impracticable to do so. Please allow at least 7 days for processing of a request. All reasonable steps to comply with a request will be made, unless there is a need to keep information for legal, auditing or internal risk management reasons.
4.8. Anonymity
Individuals may request to deal with The Foundation anonymously or through a pseudonym. The Foundation will accommodate your request if it is lawful, possible and practical to do so.
4.11. Privacy data breach obligations
Please contact The Foundation if you become aware of any breach of security. If reasonable grounds establish there has been a personal information security breach, we will comply with all our obligations and responsibilities under all relevant privacy laws in India.