Date: July 11, 2018
Author:

Golf NSW data privacy policy

Golf NSW Privacy Policy

 

Golf NSW Limited ACN 001 642 628 (Golf NSW, we, our orus) is the industry representative body for golf in New South Wales, Australia.

The purpose of this Privacy Policy is to ensure that Golf NSW complies with thePrivacy Act 1988(Cth) (Privacy Act) and the Australian Privacy Principles (APPs), which govern the way we must manage personal information (as defined in the Privacy Act), and to protect your personal information, which we take very seriously.  It is our intention that this policy will protect your personal information from being dealt with in any way that is inconsistent with applicable privacy laws in Australia.

This policy sets out how we collect, hold, use, disclose and otherwise manage your personal information.  We may update this Privacy Policy at any time and from time to time including by publishing a new version on our website, for example, to reflect changes to the law or to our business.  We encourage you to check our website regularly for any updates to this Privacy Policy.  

Types of information Collected

1.    We may collect and hold personal information about you, that is, information that can identify you such as your name, address, occupation, date of birth, proof of age, other contact details and the extent of your use of (and preferences in relation to) products and services offered by, or available from Golf NSW, and other information relevant to providing you with the services you are seeking.

2.    If you choose to correspond with us by email, we may retain the content of your email messages together with your email address and our responses.

 

Purpose of collection

3.    We will collect, hold and use your personal information for one or more of the following purposes:

·      To identify you and process an application you have made for membership or renewal of membership;

·      To establish and maintain your membership of Golf NSW, including providing you with newsletters, magazine and annual reports;

·      To identify you and process any application you have made for admission to a Golf NSW tournament;

·      To contact you to advertise and market events, promotions, competitions, activities and offers provided or procured by Golf NSW, or by a company in which Golf NSW has an ownership interest, (including by direct mail, telephone, email, SMS and MMS), and to register you for such events, promotions, competitions, activities and offers;

·      To provide products and services to you, and to administer any benefits to which you may become entitled;

·      To provide you with information about other services that may be of interest to you;

·      To provide you with promotional information about us;

·      To facilitate our internal business operations, including without limitation the fulfilment of any legal enquiries, addressing security concerns and training our employees and contractors;

·      To analyse usage of products and services offered by Golf NSW and customer needs; 

·      To analyse website usage; or

·      To comply with statutory requirements under legislation.

4.    Individuals can generally opt out of receiving marketing materials from us at any time, by clicking the 'unsubscribe' button in any promotional material sent to you, or contacting the Privacy Officer using the details set out below.

Collecting information

5.    Personal information will generally be collected directly from you through registration with Golf NSW as a member, use of any of our standard forms or competition entry forms, email, comments/contributions to our social media sites, or when you deal with us in writing, by telephone or in person.  

Job applicants, staff, contractors, suppliers and volunteers

6.    We also collect personal information about job applicants, staff, volunteers who work with us, and details of other people who come into contact with us such as contractors and suppliers for the primary purpose of assessing and engaging or employing the person.  We also hold and use such personal information for managing the employment or engagement to meet its legal obligations.

Failure to provide information

7.    Where possible and practicable, you will have the option to deal with us on an anonymous basis or by using a pseudonym.

8.    If the personal information you provide to us is incomplete or inaccurate we may be unable to provide you with the products or services you are seeking or you may be unable to take full advantage of our services.

Information received from other parties

9.    Sometimes, someone else may provide us with your personal information, with or without your direct involvement. For example, we might collect personal information from:

·      another organisation of which you are a member, such as a club or association;

·      a regulatory authority or another industry organisation; or

·      your representative(s).

Credit Card Details

10.  Credit Card details are only stored for the processing of payment and will be deleted once payment is processed.

Use and disclosure

11.  We only use your personal information for the purpose for which it was collected by us (primary purpose), unless:

·      there is another purpose (secondary purpose) and that secondary purpose is directly related to the primary purpose, and you would reasonably expect, or we have informed you, that your information will be used for that secondary purpose;

·      you have given your consent for your personal information to be used for a secondary purpose; or

·      we are required or authorised by law to use your personal information for a secondary purpose.

12.  We may disclose personal information about you:

·      To third parties who assist us in operating our business, perform functions on our behalf or provide services to us.

·      To our related bodies corporate, including for the purpose of them marketing their products and services to you;

·      To anyone to whom we are required or authorised by law to do so;

·      To relevant authorities when we believe that unlawful or undesirable activity is being or has been conducted; or

·      To anyone authorised by you to receive your personal information (your consent may be express or implied, and can be withdrawn at any time).

13.  We may also disclose personal information to a third party where we have a belief that its use and/or disclosure is necessary:

·      to lessen or prevent threats to an individual's life, health or safety;

·      to investigate any unlawful or undesirable activity or serious misconduct which is being or has been conducted;

·      to assist enforcement bodies, such as the police, with their activities;

·      to assist in locating a missing person;

·      to establish, exercise or defend a legal or equitable claim; or

·      for the purpose of confidential alternative dispute resolution.

Overseas transmission

We may disclose your information to third parties with data storage facilities that may be located overseas, including in Denmark.

Internet Protocol (IP) Addresses

14.  Our web servers gather your IP address to assist with the diagnosis of problems or support issues with our services. Again, information is gathered in aggregate only and cannot be traced to an individual user.

Cookies

15.  Our website uses cookies to provide you with a better experience and help us improve our website and services. These cookies allow us to monitor single user access, anonymously distinguish you from other users of our services and increase your security by storing your session ID.  This aggregate, non-personal information is collated and provided to us to assist in analysing the usage of the site.

16.  If you have switched off cookies then some of the functionality of our services may not be available to you.

Information Security

17.  We strive to ensure the security, integrity and privacy of personal information submitted to our website, and we review and update our security measures in light of current technologies. Unfortunately, no data transmission over the internet can be guaranteed to be totally secure.

18.  However, we will endeavour to take all reasonable steps to protect the personal information you may transmit to us or from our online products and services. Once we do receive your transmission, we will also make our best efforts to ensure its security on our systems.

19.  We have security systems in place which are intended to protect your personal information from misuse, interference, loss, unauthorised access, modification or disclosure by the use of various methods including locked storage of confidential paper records, firewalls and passworded access to computerised records (depending on the nature of the information that we are holding).

20.  In addition, our employees and the contractors who provide services related to our information systems are obliged to respect the confidentiality of any personal information held by us. However, we will not be held responsible for events arising from unauthorised access to your personal information.

21.  If we receive personal information about you which we did not request and which we do not reasonably require, we may destroy or de-identify this information where appropriate.

22.  In the event of a data breach, such as the unauthorised loss, use or disclosure of personal information, we will assess and respond in line with our applicable policies and procedures, which incorporate the requirements contained in the Privacy Amendment (Notifiable Data Breaches) Act 2017(Cth).

Access to Information

23.  If you wish to access the personal information we hold about you, please make a written request to our Privacy Officer.  We will provide you with access to the information requested within a reasonable period after the request is made, not exceeding 30 days. We may charge you a reasonable fee for processing your request.  We may decline a request for access to your personal information if the Privacy Act prohibits it or does not require us to provide access.

24.  We rely on the information you provide us to be accurate, complete and up to date. If, at any time, you discover that information held about you is incorrect, you may contact us to have the information corrected.

Links to other websites

25.  We provide links to websites outside of our website, as well as to third party websites. These linked websites are not under our control, and we cannot accept responsibility for the conduct of organisations linked to our website. Before disclosing your personal information on any other website, we advise you to examine the terms and conditions of using that website and its privacy statement.

Complaints

26.  If you wish to make a privacy complaint, please put your complaint in writing with as much detail us as possible and send it to us by letter or email using the details listed below.

27.  The Privacy Officer (or another representative of Golf NSW) will consider (and may investigate) the complaint and provide you with a written response within a reasonable timeframe (taking into consideration the nature of your complaint).

28.  If you are not happy with our response, you can contact the Office of the Australian Information Commissioner.

Contact

29.  If we become aware of any ongoing concerns or problems with our website, we will take these issues seriously and work to address these concerns.

30.  If you have any questions regarding our Privacy Policy or how your information is held, please contact:

 

The Privacy Officer

Golf NSW Limited

PO Box 195

ARNCLIFFE  NSW 2205

Telephone: 02 9505 9105

Email: info@golfnsw.org

31.  For information about privacy in general please visit www.oaic.gov.auor contact the Office of the Australian Information Commissioner.

European Union

32.  If you are a resident of the European Union for the purposes of the General Data Protection Regulation, being Regulation 2016/679 of the European Parliament and of the Council (GDPR), then the following applies to you in addition to what is set out above.

33.  Golf NSW is a data controller for the purposes of the GDPR.  By your consenting to this Privacy Policy, we are able to control the processing of your Personal Data (as defined in the GDPR) in accordance with this Privacy Policy.

34.  We currently engage GolfBox, which is a third party based in Denmark, as a data processer to process your data. You can find out more about GolfBox's data processing and handling procedures at http://www.golfbox.net/DPA/appendix3/EN

35.  Either we or a data processer engaged by us may use a number of automated processes using your Personal Data and your activity on our website as tracked by us: 

a.    in order to provide more tailored and relevant services to you such as informing you about events and tournaments held by Golf NSW through our website and email communication; and

b.    provide your Personal Data to third parties such as advertisers who may market our products and services to you, as part of automated processes aimed at providing more tailored and relevant services.

36.  In addition to your rights set out above, you may:

  • amend or correct any of the Personal Data that we hold about you, in the manner described in the “Access to Information” paragraph above;
  • withdraw your consent to our use of your personal information as described in this Privacy Policy by giving written notice to our Privacy Officer;
  • request that we delete all the Personal Data about you which we hold by giving written notice to our Privacy Officer;
  • request that we:
    • provide you with a copy of the Personal Data we hold about you; or 
    • provide your Personal Data to a nominated third party.

37.  If you have any concerns in relation to our collection and/or processing of your Personal Data, then in addition to the process set out in the "Complaints" section above (including the right to complain to the Office of the Australian Information Commissioner), you have the right to complain to a supervisory authority (within the meaning of the GDPR).