1. Introduction
1.1 – This Privacy Policy applies to the practices and activities of Science and Technology Australia Limited (ACN 664 679 056 and ABN 71 626 822 845) (STA, Us, We, Our).
1.2 – We collect, hold, use and disclose personal information for the purpose of carrying out our functions and activities, and in accordance with the Privacy Act 1988 (the Act) and the Australian Privacy Principles (APPs) which are contained in Schedule 1 of the Act.
1.3 – STA is committed to respecting the privacy of individuals. This Privacy Policy sets out how STA handles personal information and has been prepared in accordance with APP 1.
1.4 – Personal information means any information or opinion about an individual who is reasonably identifiable (Personal Information).
1.5 – Sensitive information means Personal Information about an individual’s racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices, criminal record or physical or mental health (Sensitive Information)
1.6 – Any individual who provides Personal Information to STA consents to Us using, storing, and disclosing that Personal Information in accordance with this Privacy
1.7 – This Privacy Policy is freely available on Our website or by contacting Us directly to request a copy
1.8 – We may revise or update this Privacy Policy from time to time by publishing a revised version on Our website. Revised versions take effect from the time published.
2. What information does STA collect?
2.1 – We collect and hold Personal Information relating to a range of individuals, including people who:
(a) apply to become a member of STA on behalf of an organisation, or contact us on behalf of an organisation to discuss potential membership;
(b) are employed by Us or apply for employment;
(c) are nominated to serve on the STA board or a committee;
(d) apply to participate in Our programs;
(e) register and attend Our events;
(f) contact Us;
(g) subscribe to our newsletters;
(h) supply us goods and services;
(i) take part in a survey, interview, research project or consultation; and
(j) provide sponsorship or contact Us to discuss potentially providing sponsorship.
2.2 – Sensitive information is a sub-set of personal information that is given a higher level of protection. Sensitive information means information relating to your racial or ethnic origin, political opinions, religion, trade union or other professional associations or memberships, philosophical beliefs, sexual orientation or practices, criminal records, health information or biometric information. In the course of liaising with you, we may collect, or come across such sensitive information in different situations, including when reviewing your response to our surveys or interviews, and where we ask for your dietary requirements if we are arranging catering for you, including at an event. The types of sensitive information we collect include:
(a) racial or ethnic origin;
(b) political opinions;
(c) religion;
(d) trade union or other professional associations or memberships;
(e) health information;
(f) philosophical beliefs; and
(g) sexual orientation or practices.
2.3 – The information collected by STA about a particular person will vary depending on the circumstances of collection.
2.4 – Personal Information We collect, and hold may include Your name, address, email address, phone number, date of birth, country of residency, proof of identity, mailing address, other contact details, dietary and accessibility requirements, qualifications, accreditations, communication preferences, communication history, employment details, health information, and
2.5 – From time to time, We may collect more detailed Personal Information from You, for example to assist Us with Our program and event evaluations, marketing materials and staff
2.6 – We may also collect Your opinions, comments, and other data through surveys We conduct, which are generally hosted through ‘Survey Monkey’ and other third-party providers. You can access the Survey Monkey Privacy Policy at https://www.surveymonkey.com/mp/legal/privacy-policy.
3. How is Personal Information collected?
3.1 – The main way We collect Personal Information about You, is when You give it to Us.
3.2 – We may collect Your Personal Information directly from You through various means including via Our website, in person, email, fax, online and written forms, phone calls, or other forms of correspondence, writing, or recording. Examples of how We may collect Your Personal Information include when, You:
(a) enter Your Personal Information into, or agree to having your Personal Information entered into, one of STA’s online systems;
(b) access the STA website;
(c) provide details to Us in an application, consent form, survey, or feedback form;
(d) apply for a job with Us or are employed by Us or to volunteer with Us;
(e) contact us through Our website or by another means;
(f) register to attend, or attend, one of Our events;
(g) agree become an industry expert or media contact of Ours; and
(h) attend Our premises; and
3.3 – We may also collect Personal Information from:
(a) Our member associations;
(b) third parties that assist Us in running programs, events, or activities;
(c) direct marketing database providers;
(d) Government agencies such as the Australian Taxation Office;
(e) your current or former employer;
(f) educational or research institutions that you have attended; and
(g) Your authorised representative;
(h) publicly available sources; and
(i) any other government or law enforcement bodies where required by law.
3.4 – From time to time We may obtain Personal Information from third parties not disclosed in this Privacy Policy where it is impractical to obtain it directly from You. When We do so, We will take reasonable steps to ensure that We make You aware of the collection of Your Personal Information in accordance with the
3.5 – Personal Information may also be collected where STA is required or permitted to do so by law.
3.6 – If we receive unsolicited Personal Information about You, it will be handled in accordance with the Act. We may keep records of unsolicited Personal Information if the Act permits it. If not, Our policy is to destroy or de-identify the Personal Information as soon as practicable, provided it is lawful and reasonable to do so.
4. Security and storage of Personal Information
4.1 – We take reasonable steps to protect your Personal Information. In the event of a data breach, STA is committed to complying with the requirements of the Privacy Act.
4.2 – Information may be stored in hard copy or electronic format in secure facilities that We own and operate, or that are owned and operated by Our service providers. This includes by our use from time to time of the following cloud based applications:
(a) Dropbox;
(b) EventsAir;
(c) Office 365;
(d) SalesForce;
(e) Calendly; and
(f) Xero,
(together Our Cloud Services).
4.3 – Our internally operated electronic databases and network are secured by a firewall and anti-virus software to ensure, so far as practicable, that it is not accessed by unauthorised parties. Our website has security measures designed to protect against loss, misuse, or alteration to Your Personal Information under Our control.
4.4 – We do not collect or store any credit card details. Currently We use the Stripe Payment Gateway, operated by Stripe Incorporated located in the United States of America (Stripe Inc), to process payments to ensure that all transactions meet industry security standards to ensure payment details are protected. Credit card and other payment details may be collected and stored by the Stripe Inc. We encourage you to review the Stripe Inc privacy policy available at https://stripe.com/au/privacy.
5. Why does STA collect Personal Information?
5.1 – The Personal Information You provide Us lets us contact You, enable Us to efficiently carry out Our business functions and activities. Some Personal Information is collected so we can meet our health and safety obligations.
5.2 – We may collect, hold, and use Personal Information of individuals to enable Us to perform our core functions, provide various services, and facilitate events and programs. This includes:
(a) administering, managing and providing access to the STA website and any other STA resources;
(b) keeping Our members and interested parties informed of news and information relating to science and technology via various mediums;
(c) providing services and publications;
(d) providing information, education, training, and technical support to those that engage with Us;
(e) facilitating events and programs including sending invitations;
(f) conducting market research and surveys to improve services, and analyse trends;
(g) administration of Your interactions and transactions with Us;
(h) complying with Our corporate governance and reporting obligations;
(i) communicating with prospective Members and sponsors; and
(j) communicating offerings from us, and third-party offerings.
(together Our Activities and Functions)
5.3 – Sensitive information: We only collect, hold, use and disclose sensitive information for the following purposes:
(a) any purposes you consent to;
(b) the primary purpose for which it is collected, such as for registration at an STA event, or submission of a form to apply to participate in an STA program;
(c) secondary purposes that are directly related to the primary purpose for which it was collected, including disclosure to the below listed third parties as reasonably necessary to do business with you; and
(d) if otherwise required or authorised by law.
5.4 – We try at all times to only collect the Personal Information We require to enable Us to perform the particular function or activity We are carrying out.
6. Use of Personal Information
6.1 – We will make You aware at the time of collection of Your Personal Information, how We intend to use and disclose that Personal Information and may also use and disclose Your Personal Information to enable us to perform and undertake Our Activities and Functions.
6.2 – We may also make secondary use or disclosure of Your Personal Information, in addition to Our Activities and Functions, where:
(a) You would reasonably expect Us to for a related purpose; or
(b) it is authorised or required by the Act, or any other Australian law or court/tribunal
6.3 – We do not sell Your Personal Information to third parties, but it may be disclosed to third parties from time to time to facilitate and administer our Activities and Functions.
7. Disclosure of Personal Information
7.1 – If you attend one of Our events, we may provide the sponsors of that event Your name, the name of Your organisation, and Your position within that organisation. Your contact details are not provided to event sponsors without your consent.
7.2 – If you participate in one of Our programs, we may provide the Government funding body of that program Your name, the name of Your organisation, and Your position within that organisation. Your contact details are not provided to Government funding bodies without your consent.
7.3 – We do not otherwise disclose Personal Information to other organisations unless:
(a) it is reasonably necessary to conduct Our Functions and Activities; or
(b) You give Your consent; or
(c) it is required or authorised by law including in emergency situations or to assist law enforcement, in accordance with the Act.
7.4 – We may disclose Your Personal Information in order to:
(a) manage and administer the services and programs We provide;
(b) enable third parties engaged by Us to provide services on Our behalf, for example deliver events You have registered for;
(c) assist You with enquiries;
(d) charge You for the services We provide and collect any amounts You may owe to Us, including any debt recovery action;
(e) ensure that Our internal business operations are running smoothly including any governance or legal requirements required;
(f) as required for reporting against Government funding grants; and
(g) otherwise to conduct Our Functions and activities.
7.5 – We will not disclose any Sensitive Information about You, unless You have provided express consent for Us to do so, or We are required by Law.
7.6 – We may disclose Your Personal Information to third party service providers who are contracted by Us to carry out advisory, administrative, analytical or technical research functions for Us or Our related bodies corporate. Where We do so, We will require those third parties to comply with the Act.
7.7 – In the case of these contracted service providers, We may disclose Personal Information to the service provider and the service provider may in turn provide Us with Personal Information collected from You in the course of providing the relevant products or services.
7.8 – We may disclose Personal Information to overseas parties, in the following situations:
(a) using Our Cloud Services from time to time, the location of which is not reasonably available;
(b) providing Your details to an overseas direct mail provider to send marketing material to You.
7.9 – If We disclose Personal Information overseas, We will take reasonable steps to ensure that any overseas recipient does not breach the Act.
8. Marketing
8.1 – We do not use or disclose Your Sensitive Information for the purposes of direct marketing.
8.2 – Where We have collected Your Personal Information directly from You, We may use or disclose Your Personal Information, for the purposes of direct marketing if:
(a) You would reasonably expect that Your Personal Information would be used for the purposes of direct marketing; and
(b) You have not advised Us that You do not want Your Personal Information to be used for the purposes of direct marketing.
8.3 – We may collect Personal Information from someone other than You for the purpose of direct marketing, where:
(a) You have consented to the third party to the disclosure of Your Personal Information for direct marketing; and
(b) You have not advised Us that You do not want Your Personal Information to be used for direct marketing.
8.4 – Any direct marketing will be conducted in accordance with the Act and other applicable legislation, regulation, or enactment. including the Do Not Call Register Act 2006 (Cth) and the Spam Act 2003 (Cth).
9. Website
9.1 – We may collect the following information through Our website, either ourselves or through Google Analytics (which is hosted by a third party):
(a) Your computer or device’s IP address (collected and stored in an anonymised format);
(b) device screen size;
(c) device type, operating system and browser information;
(d) geographic location (country only);
(e) referring domain and out link if applicable;
(f) search terms and pages visited (clickstream data); and
(g) date and time when website pages were accessed.
9.2 – We may also collect information through the use of Facebook Pixel (which is hosted by a third party) which tracks your activity on Our website and other social media platforms, and links that activity to your Facebook profile.
9.3 – We will treat any Personal Information collected through Our website in the same way as other Personal Information we collect.
10. Cookies
10.1 – A cookie is a piece of data sent from a website and stored in a user’s web browser. STA may collect cookies to understand how online services are used.
10.2 – We may use Cookies for several reasons, including utilising cookies to remember your log-in status and viewing preferences from a previous use of an online service.
10.3 – Our website may also transfer cookies on computers and devices that access Our website for record-keeping purposes. You may be able to change Your browser preferences to reject all cookies before accessing Our website.
11. Links to other websites
11.1 – Our website contains links or references to other websites or organisations. We are not responsible for the privacy practices or content of the linked web sites and other pages hosted by Us on behalf of non-STA organisations.
11.2 – Third party websites may have their own privacy and security policies, which we encourage You to read before supplying any Personal Information to them.
11.3 – Links to third party websites are provided for information, and do not indicate Our endorsement of that business or any assurances about the content on that site.
12. Social Media and networking
12.1 – We use social media networks, including Facebook, LinkedIn, Instagram and Twitter, to communicate with the public. When You communicate with Our social media platforms, We may collect Your Personal Information, for the purpose of using it to communication with You and the public. The social media webpages may also collect, use and hold Your Personal Information, for its own purpose. We recommend You consider the Privacy Policies of these social media websites prior to using the same.
12.2 – These social media websites may store Your Personal Information overseas.
13. Access to Personal Information
13.1 – You can contact Us if you would like to access the Personal Information we hold about You. We will request that You verify Your identity, before We provide You with access to Your Personal Information.
13.2 – We will provide You with access to Your Personal Information, within a reasonable period after the request, and in a way that is reasonable in the circumstances, unless exempted by the Act.
13.3 – We may refuse to provide You with access to Your Personal Information, or to provide access in the manner You have requested in circumstances where an exception to access applies under APP 12.
13.4 – If We refuse to provide You access to Your Personal Information, We will provide You with written notice that sets out Our reasons (other than to the extent it would be unreasonable to do so) and inform You of the how to complain about the refusal.
13.5 – We may charge a reasonable fee for providing You with access to Your Personal Information, which will be confirmed at the relevant time.
14. Correction
14.1 – You can contact Us if you would like to correct the Personal Information that We hold about You. We may ask You to verify Your identity before processing any correction requests, to ensure that the Personal Information we hold is properly protected.
14.2 – If We correct Your Personal Information after We have disclosed it to a third party who is also subject to the Act, We will only inform that third party of the corrected details at Your request. If You do request that We inform that third party of the correction, We will take reasonable steps to do so at no cost, unless this would be unreasonable, impracticable, or unlawful.
14.3 – If We refuse to correct Your Personal Information, We will provide You with written notice that sets out Our reasons (other than to the extent it would be unreasonable to do so) and inform You of the how to complain about the refusal; and
14.4 – If we refuse to correct Your Personal Information, you may request that We make a record of Your claim that the Personal Information is inaccurate, out-of-date, incomplete, irrelevant, or misleading. We will take reasonable steps to associate the record in such a way that will make it apparent to users of the Personal Information.
15. Complaints
15.1 – Any issues or complaints in relation to Your Personal Information should be made to Us directly, via the contact details provided below.
15.2 – We will respond to Your complaint within a reasonable period, and in the first instance Our Privacy Officer will endeavour to take any steps necessary to resolve the matter.
15.3 – If We are unable to resolve Your complaint or You are unhappy with the outcome, You may lodge a complaint with the Office of Australian Information Commissioner via its enquiries line on 1300 363 992, or via its website at http://www.oaic.gov.au.
15.4 – If You lodge a complaint with the Office of the Australian Information Commissioner, or another regulatory body, we may use and disclose Your Personal Information to assist in any resulting investigation or proceeding.
16. Contact Details
If You would like to request access to or amend Your Personal Information, would like to make a complaint regarding Our conduct in relation to Your Personal Information, or have any general enquiries in relation to Your Personal Information, please contact Us via the following details:
The Privacy Officer
Science & Technology Australia
Mail: PO Box 259, Canberra ACT 2601
Phone: (02) 6257 2891
E-mail: info@sta.org.au
17. Evaluation
As part of a continuous improvement system this Policy shall be reviewed annually, upon recommendation following review by senior management in consultation with staff or following changes to relevant legislation.