INTRODUCTION AND PURPOSE
This Policy is freely available via our website or by contacting us as listed in Section 11.
The application of this policy extends to all employees across Calvary and its related entities and applies to any staff engaged by Calvary and its related entities on a full-time, part-time, contract, casual, temporary or volunteer basis, (except for Calvary Christian College and Emerald OSHC).
Related entities include Calvary International Ltd, Calvary Leadership College Ltd, and Calvary Care Ltd.
WHY WE COLLECT INFORMATION
Calvary is a loving, vibrant church community that seeks to maintain meaningful and professional contact with its participants. The primary purpose of the information we collect is to facilitate connection, pastoral care and communication with our church community in a manner that is relevant to them. Some additional purposes why we collect information include: ensuring we keep our participants safe, collecting demographics to improve how we run activities, and marketing what we have on offer.
You are welcome to attend our Church without supplying personal information – please be aware that Calvary services and events may be recorded (See Section 4 Images and Sound). To participate as a volunteer, enrol your children in our activities and participate in certain activities we run, relevant personal information is required to maintain our safety standards.
THE INFORMATION WE COLLECT
Images and sound
Calvary services/activities/events may be recorded using sound, voice and images. Recordings of the people attending a service/activity/event may be used and shown in other services/events including our Online Church services (broadcast internationally), to prepare resources, and for other promotional purposes. By attending any Calvary service/activity/event, you are deemed to have consented to Calvary using your image and voice in these recordings and for these purposes.
In the interests of security and safety, Calvary also operates security video cameras within and around Calvary premises.
Additional to the above, for people who attend Calvary services and activities, request a service from Calvary, participate in Church related travel, or who provide donations, Calvary may collect and/or hold personal information about yourself and/or your family, including:
- Phone & mobile number
- Email address
- Age and date of birth
- Parent/guardian details if you are under 18 years of age
- When relevant, your marital status, cultural identity, education, employment/qualifications and family details
- Financial and bank details
- Passport, drivers’ licence, and other personal ID information
- Working with Children Blue Card information
- Records of your attendance at church events
- Records of your contact with us
For job applicants, staff members, volunteers and contractors, Calvary may collect and/or hold information including:
- Church teams you participate in and their rosters
- Name, contact details (including next of kin), date of birth, and religion
- Information on job application
- Professional development history
- Salary and payment information, including superannuation details
- Medical information (e.g. details of disability and/or allergies, and medical certificates)
- Complaint records and investigation reports
- Leave details
- Workplace surveillance information
Work emails and private emails (when using work email address) and Internet browsing history
In referring to ‘sensitive information’, Calvary means:
Information relating to a person’s racial or ethnic origin, political opinions, religion, trade union or other professional or trade association membership, philosophical beliefs, sexual orientation or practices or criminal record, that is also personal information, health information and biometric information about an individual.
For safety and pastoral care purposes we may collect sensitive information such as:
- Health & medical information including allergies
- Cultural identity
- Religious affiliations
- Prayer requests
HOW WE COLLECT INFORMATION
We may collect this and other types of personal information during the course of dealing with you; for example, when you:
- Visit our website
- Complete a Communication Card
- Wish to obtain goods or services from Calvary
- Register for conferences or events
- Participate in Church activities or complete other forms
- Make an appointment to see a team member
- Participate in training
- Apply for a (Working with Children) Blue Card that is linked to our site
- Issue a complaint
- Complete an accident/incident report
- Donate to our tax-deductible building fund
Where practicable, the purpose for which we collect personal information will be made clear at the time of collection. If you do not provide us with certain information, we may be unable to provide you with access to some of our services or the assistance you have requested.
HOW WE USE YOUR INFORMATION
We will never share, sell, or rent your personal information to third parties for their promotional or commercial use.
We will use personal information we collect from you for the primary purpose of collection, and for such other secondary purposes that are related to the primary purpose of collection and reasonably expected by you, or to which you have consented, unless authorised or required by law.
We train our staff and volunteers in the ethical and legal management of personal information, and we have systems in place to ensure that the data that is available to certain team members is for an identified need only. Generally, uses of your personal information include:
- Keeping you informed of our services, activities, events, resources and conferences.
- To provide the products or services you have requested from Calvary including helping you find a Connect group with similar interests to you, and registration at events and conferences.
- To answer your enquiry.
- To fulfil our duty of care and to satisfy other legal obligations.
- To collect demographics to improve how we run Calvary activities.
- To third parties where we have retained those third parties to assist us to professionally and safely operate Calvary and provide the products or services you have requested, such as: catering and event coordinators, transport providers, health care providers, our bank, website hosts and IT consultants, and our professional advisers such as consultants, lawyers and accountants. In some circumstances, we may need to disclose information about you to third parties as part of the services you have requested.
- To participate in community research or apply for grants.
- When we are required by State and Commonwealth legislation to store and share personal information with agencies defined by law – for example in child protection matters. We fulfil our obligations to the full extent of the law in these situations.
- To manage employees and volunteers.
- To carry out analysis and market research and improve our website and communications.
HOW WE HOLD AND STORE YOUR INFORMATION
Calvary takes reasonable steps to protect your information from misuse, interference and loss, as well as unauthorised access, modification and disclosure.
Calvary takes thorough, reasonable steps to keep secure any personal information which we hold and to keep this information accurate and up to date.
Where we have an overseas Campus using a shared contact database platform (currently Elvanto), we will limit that overseas Campus to only have access to contact information for their Campus on the platform.
Information you provide electronically will be held on computers and servers in Calvary locations and on servers based in Australia and the USA. Personal information may be stored in the ‘cloud’ which means that it may reside on a cloud service provider’s server which may be situated outside Australia.
If you provide information in paper form, this information will be transferred to secure electronic systems or stored in secured physical filing systems.
Where Third Party service providers are used to process and/or store your information, agreements are in place to secure your information according to applicable data protection and privacy laws and restrict the use of your information to the purpose for which it is provided.
We will hold and store your information for as long as it is required and in accordance with the law.
Our staff and volunteers are trained and required to safeguard your information pursuant to this Policy and, using physical, electronic and procedural safeguards, we restrict access to personal information to those team members who are performing church business purposes only.
The Internet is not a secure method of transmitting information. Accordingly, Calvary cannot accept responsibility for the security of information you send to us over the Internet or for any unauthorised access or use of that information during transmission.
ACCESS TO YOUR INFORMATION
You can request access to the personal information that Calvary holds about you by contacting Calvary’s Privacy Officer as set out below. We will provide you with access to your personal information unless we are legally authorised to refuse your request. We may charge a reasonable amount for providing access.
If you wish to change personal information that is out of date or inaccurate at any time, please contact us. After notice from you, we will take reasonable steps to correct any of your information which is inaccurate, incomplete or out of date. If you wish to have your personal information deleted, please let us know and we will delete that information wherever practicable and not limited by law.
We may refuse your request to access, amend or delete your personal information in certain circumstances. If we do refuse your request, we will provide you with a reason for our decision and, in the case of amendment, we will note with your personal information that you have disputed its accuracy. These actions would usually occur in cases where our ability to amend your personal information is restricted by law.
BREACHES TO OUR DATA SECURITY
While we will make every effort possible to ensure the security of your data, there are increasing examples of data breaches within Australia by sinister individuals and groups. If this were to occur, we will follow the procedures outlined in the Notifiable Data Breaches scheme under Part IIIC of the Privacy Act 1988 (Cth). Under this scheme, we are required to notify you if a data breach is likely to result in serious harm to any individual whose personal information is involved in the breach. Serious harm may include serious physical, psychological, emotional, economic and financial harm, as well as serious harm to reputation.
The Australian Information Commissioner will be notified of eligible date breaches according to the scheme.
Calvary has delegated the General Manager as the organisation’s Privacy Officer.
We will respond to your enquiry within 30 days.
If you are not satisfied with our response to the above, you may refer your complaint to the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au. The OAIC is a government body that is independent of our entity.