Skip to main content
If life is in danger call Triple Zero 000
If life is in danger call Triple Zero 000

Privacy & confidentiality

Lifeline WA recognises the importance of protecting your privacy. Please view our Privacy and Confidentiality Policy.


1 Policy Intent

Lifeline WA is committed to ensuring the privacy and confidentiality of its Service Users and its Staff Members. The terms 'privacy' and 'confidentiality' are commonly used interchangeably. The key difference between the two terms is that confidentiality relates to an ethical duty, whilst privacy is a legal right, which is reflected in the Privacy Act 1988 and the Australian Privacy Principles (APPs).
This policy sets out to define the principles required in the capture, use, disclosure and storage of personal information and to describe the rights of people who have personal information stored at Lifeline WA.


2 Scope and Responsibilities

Everyone at Lifeline WA is responsible for respecting the privacy of others and maintaining the confidentiality of staff, volunteer, service user or carer information they receive or have access to. This policy applies to anyone who encounters an individual’s personal information when working for Lifeline WA.
The duty of confidentiality continues beyond the end of any professional relationship and even beyond the death of a person about whom information is held, unless there are overriding legal or safety considerations.


3 Definitions

Confidentiality
Confidentiality relates to information only. Lifeline WA has an ethical duty of confidentiality to protect individuals’ personal and sensitive information from inappropriate disclosure to unauthorised people.

Data breach
The loss of, unauthorised access of, or unauthorised disclosure of, personal information.

Notifiable Data Breach
Is unauthorised access to, disclosure, or a loss of personal information, that an organisation holds, that is likely to result in serious harm to one or more individuals, and the organisation hasn’t been able to prevent the likely risk of serious harm with remedial action

Personal Information
Information or an opinion about an identified individual, or an individual who is reasonably identifiable:

  • Whether the information or opinion is true or not; and
  • Whether the information or opinion is recorded in a material form or not.

Primary Purpose
The purpose for which Lifeline WA collects personal information

Privacy
Privacy refers to the right of an individual to keep their personal and sensitive information private.

Privacy Impact Assessment
A systematic assessment of a service that identifies the impact that the service might have on the privacy of individuals, and sets out recommendations for managing, minimising or eliminating that impact.

Privacy Officer
CFO, for the purpose of this policy, is the Privacy Officer.

Secondary purpose
If Lifeline WA uses or discloses personal information for any other purpose other than the primary one.

Sensitive information
Sensitive information is a subset of personal information and requires more stringent obligations. Sensitive information includes information about an individual’s:

  • Health including mental health
  • Racial or ethnic origin
  • Political opinions
  • Membership of associations including political, professional, trade or trade unions
  • Religious beliefs or affiliations or philosophical beliefs
  • Sexual orientation or practices
  • Criminal records

Unauthorised Access
Personal information held by Lifeline WA is accessed by someone who is not permitted to do so.

Unauthorised Disclosure
Occurs when personal information is made accessible or visible to someone outside of Lifeline WA.The purpose for which Lifeline WA collects personal information

4 Relevant Legislation and Regulations

This policy complies with:

  • Privacy Act 1988 (Commonwealth) and the Australian Privacy Principles


5 Policy Details

5.1 Individuals’ rights
Lifeline WA respects every individual’s privacy and makes sure that:

  • Individuals know what information will be collected, used and stored relating to them
  • Personal information of an individual will be stored securely and only accessed by authorised persons
  • Lifeline WA will gain the consent of the individual prior to collecting sensitive information
  • Personal information will not be shared with others without the individual’s consent
  • Individuals can access the information held about them on request and can request to have information about them corrected
  • This policy will be made available free of charge on the Lifeline WA website
  • Individuals under the age of 18 years will be assessed as to whether they can make their own privacy decisions.
  • Decisions about privacy will be discussed with the individual using age-appropriate language.

5.2 Collection of personal information

  • When collecting personal information, Lifeline WA will only collect the information necessary to do our work. We will always gain consent to collect sensitive information about an individual.
  • Information that we have collected will only be used for its primary purpose unless we gain consent for secondary use.
  • Personal information may be used for normal business practices such as quality improvements, planning or audit.
  • Personal information will be de-identified in reports and for the purposes of practice supervision.
  • Lifeline WA will ensure that personal information collected about an individual is complete, accurate, consistent, unique and timely.
  • Lifeline WA will collect personal information respectfully and directly from the individual or from others with that individual’s consent.

5.3 Security of personal information

  • Any personal information that is collected must be stored securely and protected from unauthorised access, modification, disclosure, misuse, interference and loss.
  • Lifeline WA will install device encryption in all end user devices to prevent unauthorised access to user and company data.
  • A Privacy Impact Assessment for each service will be undertaken, and reviewed regularly, to ensure the security of all personal information.

5.4 Quality of personal information

  • Lifeline WA will take steps to ensure that any personal information that we collect or disclose is accurate, current and complete.

5.5 Disclosure of personal information

  • Disclosure of confidential information is permitted under specific circumstances. Lifeline WA will discuss these possible exceptions to confidentiality with individuals before providing a service to them.

5.5.1 Disclosure with consent

  • If an individual (or a person authorised to make decisions for them) has consented to the disclosure, and the disclosure complies with the terms of that consent.
  • If a child is a mature minor, they are entitled to the same confidentiality about their health information as an adult patient. This means a parent or guardian does not have a right to know this information.

5.5.2 Disclosure without consent

  • Without an individual’s consent, confidential information can and must be disclosed in these situations:
    • to ensure the safety of the individual or others.
    • to prevent a serious threat to public health or public safety.
    • to provide patient care in an emergency, when the person can’t give consent.
    • when requested by a Court of Law.

5.5.3 Notification of third-party disclosure

  • Where a request for personal or sesitive information is requested by an individual or a third party and it meets the criteria for a privacy exception (with or without consent), the author of the record can be notified after an assessment by their Executive manager.
  • When a disclosure is required, Lifeline WA will discuss this including what information will be disclosed and to who, with the individual, before the information is disclosed or as soon as possible after the event.
  • In all cases of disclosure, a written record will be made and kept with the relevant individual’s file.
  • Lifeline WA does not routinely disclose or share personal information overseas.
  • Where disclosure without consent is due to a data breach, it will be reported as an incident and dealt with as per the data breach procedure.
  • Where disclosure without consent is due to a data breach, and this data breach involves personal information, Lifeline WA is committed to providing an apology (or expression of regret) and information about the breach to that person in an honest, timely and transparent manner.

5.6 Access to personal information

  • Lifeline WA respects the rights of individuals to access the information that we hold about them.
  • Individuals may request access to their information in writing. Lifeline WA will respond to this request within 30 days advising the outcome of the decision made. All decisions will be in consultation with the Privacy Act (1988).
  • If access cannot be granted, the reasons why will be offered to the individual concerned and advice on how to make a complaint about the refusal will be offered.
  • Lifeline WA will endeavour, where possible to provide the information in the mode that it is requested.

5.7 Correction of personal information

  • Where an individual advises Lifeline WA that the personal information we hold about them is inaccurate, incomplete, out of date, irrelevant or misleading, they can request that this is corrected.
  • Lifeline WA will respond to this request within 30 days advising the outcome of the decision made. All decisions will be in consultation with the Privacy Act (1988).


6 Relevant Internal References

The following internal documents relate to this policy:

  • Service Delivery Policy
  • Information and Record Management Procedure
  • Incident Reporting Procedure
  • Data Breach Procedure

Overview

Lifeline WA’s work is only possible because of generous Western Australians who choose to make donations and support our fundraising and marketing campaigns. Therefore it is crucial that we maintain secure and accurate records of our supporters. Lifeline WA recognises that security of donor’s personal information is critical and embraces the Australian Privacy Principles.

Lifeline WA manages donor’s personal information in accordance with our Privacy Policy. This policy should be read together with our privacy policy which provides more general information about how Lifeline handles personal information.

How donor's personal information is collected

Lifeline WA collects personal information supplied to us such as name, address, phone, email, date of birth and bank/credit card details to process donations and promote fundraising campaigns.

Lifeline WA may also collect personal information through public sources, the purchase of commercial lists or third parties contracted to provide us with services.

Use of personal stories

To educate donors and the public about the services provided by Lifeline WA it is necessary to share stories about personal experiences.

By submitting a personal story through Lifeline WA's website form, you consent to its publication on the website. Lifeline WA reserves the right to edit or delete submissions that it, in its sole discretion, are deemed to be abusive, obscene, or are otherwise inappropriate.

We reserve the right to modify or edit stories that are too long.

When using a personal story for feature in a fundraising or marketing campaign, Lifeline Australia only publish your story and/or imagery with your prior written consent.

Types of personal information collected from donors

Lifeline WA may record information including but not limited to name, address, telephone number, email, gender, and date of birth.

Lifeline WA suggests that you provide a date of birth as a security measure for future use to confirm your identity should you wish to access or update your information. Lifeline WA will specifically request your date of birth when you provide bank or credit card details.

Lifeline Australia suggests that you do not send sensitive information or credit card numbers via email or facsimile because these mediums are not secure. Lifeline WA cannot be held responsible if you choose to provide your personal information to us via these mediums.

Lifeline Australia will offer donors the opportunity to remain anonymous where practical.

You may be photographed when you attend public events involving Lifeline WA. Wherever practical we will seek to obtain your written consent prior to using the image obtained.

How we store donor's personal information

Lifeline WA stores donor’s personal information in a Customer Relationship Management Database. Lifeline WA will undertake all reasonable steps to ensure the secure storage of personal information provided both in soft and hard copy.

Credit card and bank details provided for regular donations are stored securely and are encrypted in our database and third party payment gateway. This information may only be accessed by authorised staff.

If bank or credit card details were provided for the purpose of authorising an on-going payment against a donation pledge (for example a monthly gift) a hard or soft copy authorisation form will be stored in a secure location which can only be accessed by authorised staff.

For on-going payments authorised over the phone, a voice recording will be stored by Lifeline WA or the contracted third party.

Records of donations will be stored for a minimum of 7 years.

Confirming Identity

It may occasionally be necessary for Lifeline WA to contact donors directly to update or confirm their personal or credit card details. In this circumstance, we will only disclose the last four digits of the credit card number and the expiry date. We will make every effort to confirm your identity through other personal information made available to us.

Use and Disclosure

We may contract third party service providers for purposes including but not limited to conducting surveys, soliciting donations, managing databases, facilitating information collection and managing events. Some of these service providers may conduct all or part of their business overseas and so your personal information may be transferred overseas as a result.

Lifeline WA’s donor database is hosted on a secure off-shore server in the USA and accessed through the “cloud.” We will not transfer your personal information overseas or into the “cloud” unless we have taken reasonable steps to ensure that the information which is being transferred will not be held, used or disclosed by the recipient of the information in a manner which is inconsistent with the Australian Privacy Principles.

Lifeline WA may provide donor’s personal information to other separately incorporated Lifeline entities for local fundraising and marketing purposes. Lifeline entities may also supply personal information to Lifeline Australia when in accordance with their privacy policy.

Lifeline WA will not disclose donor’s personal information to a third party for their marketing purposes. We may include messages from partner organisations or sponsors in our direct marketing. We do not trade, rent or sell our donor lists.

How to correct personal information or change communication preferences

To update your information or to opt-out of marketing and fundraising communications, you may phone 9261 4414 or email fundraising@lifelinewa.org.au. We will endeavour to action your request within two weeks.

Some direct marketing communications involve a long production time. Therefore, in some cases you may still receive a communication within 90 days of your communication preference update.

Lifeline WA uses the eWAY Payment Gateway for its online credit card transactions. eWAY processes online credit card transactions for thousands of Australian merchants, providing a safe and secure means of collecting payments via the Internet.

All online credit card transactions performed on this site using the eWAY gateway are secured payments.

Payments are fully automated with an immediate response.

Your complete credit card number cannot be viewed by Lifeline WA or any outside party. All transactions are performed under 128 Bit SSL Certificate.

All transaction data is encrypted for storage within eWAY’s bank-grade data centre, further protecting your credit card data.

eWAY is an authorised third party processor for all the major Australian banks.

eWAY at no time touches your funds; all monies are directly transferred from your credit card to the merchant account held by Lifeline WA.

For more information about eWAY and online credit card payments, please visit www.eWAY.com.au.

After ordering online, you will receive an email confirmation from Lifeline WA and eWAY containing your order details (if you have provided your email address). We will normally confirm receipt of your order within a few minutes of ordering. We will attempt to send your goods within 5 working days; however if goods are unavailable delivery will take a little longer.

We can only ship to Australian addresses at this time.

If you wish to query a delivery please contact us at marketing@lifelinewa.org.au.

Lifeline WA does not provide refunds or exchanges on any of its products unless they are faulty or unsuitable for use as described.