Returned & Services League of Australia (Queensland Branch) ABN 79 902 601 713 (we, us and our) respects and upholds the privacy rights of individuals in accordance with the Australian Privacy Principles and the Privacy Act 1988 (Cth) (Privacy Act).
The words “Australian Privacy Principles”, "personal information" and "sensitive information" have the same meaning as under the Privacy Act.
Collection of your personal information
We only collect personal information that is necessary for what we do (such as providing membership services, veteran research and rehabilitation services, pension, advocacy and welfare services, accommodation services, financial support services and the operation of the RSL Art Union).
The types of personal information we may collect depends on the purpose for which we need the information and may include the following:
- full name, street address, telephone number;
- date of birth and age;
- email address;
- service record;
- information concerning your dealings with the Department of Veterans Affairs;
- payment information, including details of your superannuation fund;
- RSL membership number;
- health information, including your medical history and treating doctor;
- IP address;
- proof of identity information and documentation including driver's license, passport or birth certificate information;
- proof of income information and documentation;
- next of kin and emergency contact information.
Website usage information and cookies
Our websites at www.rslqld.org and www.rslartunion.com.au, use small data files called cookies on your computer, which you can choose to accept or decline.
There is also information about the hardware and software on your computer that is automatically collected by our website. This information can include your IP address, browser type, domain names, browsing preferences, access times and the addresses of referring websites. This information is used by us to maintain the quality of our website and to provide us with information regarding the use of our website.
We encourage you to review the privacy statements of websites you choose to link to from our website so that you understand how those websites collect, use and share your information. We have no control over and are not responsible for the manner in which the hosts of other websites use personal information they collect from you.
We will where possible only collect your personal information directly from you. If we collect your personal information from another person and it is unclear that you have consented to the disclosure of that information to us, we will, whenever reasonably possible, make you aware that we have done this and the reasons for doing so.
If you do not provide some or all of the personal information we request, we may be unable to effectively provide our services to you.
What we do with your personal information
We use the personal information we hold about you to do the following things:
- provide membership services to you;
- act as your representative in any matters that may arise from time to time involving the Department of Veterans Affairs;
- provide welfare services to you;
- provide accommodation services to you;
- administer your entry in lotteries run by us;
- liaise with our District Branches and Sub Branches with whom you are involved;
- administer contracts into which we may enter with you;
- accept donations from you;
- supply goods to you;
- administer your involvement as a volunteer with us;
- communicate with you concerning our activities;
- respond to feedback from you;
- develop and/or test our systems;
- for our own internal administrative purposes.
With your consent, we do the following:
- communicate promotional offers and special events to you;
- conduct fundraising;
- conduct marketing activities;
- for planning to improve services we offer to our members and the veteran family in accordance with our charitable objects.
Before any personal information is disclosed to a recipient in a foreign country, the Privacy Act requires us to take such steps as are reasonable in the circumstances to ensure that the recipient does not breach the Australian Privacy Principles in relation to the information. However, if you consent to the disclosure of your personal information to overseas recipients, we are not required to take such steps.
By submitting your personal information to us, you expressly consent to the disclosure, transfer, storage or processing of your personal information outside of Australia. In providing this consent, you understand and acknowledge that countries outside Australia may not have the same privacy protection obligations as Australia in relation to personal information.
By submitting your personal information to us, you expressly consent to us using your personal information to provide you with information about our products, services or events or any other direct marketing activity which we consider may be of interest to you. We may also use your personal information for the purpose of providing you with other information, if it is within your reasonable expectations that we would send you such information given the nature of previous communications with you. You may at any time opt out of receiving any communications from us (other than as required for the operation of our activities, e.g. regarding the payment for RSL Art Union tickets) by using the “unsubscribe” facility included in an email you receive from us or by contacting us using the details set out at the bottom of this document.
Pseudonymity or Anonymity
You have the option of not identifying yourself, or of using a pseudonym, when dealing with us provided it is lawful and practical to do so.
We store personal information:
contained in paper based and other hard copy documents both at our office and at off site secure storage facilities; and
contained in electronic records, in a controlled and secure environment.
Those records are only accessible by those persons who require access to the personal information for the purposes of carrying out their work on our behalf.
We will take all reasonable steps to protect the personal information we hold from misuse and loss and from unauthorised access, modification or disclosure.
When personal information (such as payment information) is transmitted to other websites, it is protected through the use of encryption, such as the Secure Socket Layer (SSL) protocol.
We will destroy or de-identify personal information when our legal obligations to retain the information have expired and the information is no longer needed by us.
Your payment information
RSL Art Union’s systems and providers are compliant with the Payment Card Industry Data Security Standard (PCI DSS), and undergo rigorous audits and testing to ensure that confidentiality and the integrity of our systems and information are upheld. RSL Art Union regularly performs security, vulnerability and malware scanning that is conducted by an external ASV (Accredited Scanning Vendor) to ensure our site remains free of vulnerabilities or malicious software. Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information supplied is encrypted via Secure Socket Layer (SSL) and Transport Layer Security (TLS) technology. We implement a variety of security measures and encryption methods when a user places an order enters, submits, or accesses their information to maintain the safety of your personal information. All transactions are processed through a gateway provider and your credit information is not stored on our systems.
Access to your personal information
You may request access to the personal information we hold about you by writing to our Privacy Officer at the address below. You do not have to provide a reason for requesting access. Except in circumstances established under law, if we hold personal information that you are entitled to access, we will endeavour to provide you with a suitable range of choices as to how you may access that information (e.g. post or collection). We may ask you to complete an Access Request form to help us identify and locate the information being requested.
If you believe that personal information we hold about you is incorrect, incomplete or inaccurate, you can ask us to amend it. We will consider your request and:
- if we agree that the information we hold is inaccurate, we will amend it; or
- if we do not agree, then we will add a note to the personal information stating that you disagree with its accuracy.
If a data breach occurs and we are required to do so by law, we will we will immediately notify the Privacy Commissioner and affected individuals as soon as practicable after becoming aware of that data breach.
If we suspect that a data breach has occurred, we will undertake an assessment into the circumstances of the suspected breach within 30 days after the suspected breach has occurred.
Where it is ascertained that a breach has actually occurred and where required by law, we will notify the Privacy Commissioner and affected customers as soon as practicable after becoming aware that a data breach has occurred.
Complaints and Concerns
We treat complaints relating to privacy very seriously. If you submit a concern or complaint, we will endeavour to deal with it comprehensively and reach an outcome where all parties are satisfied. If you are not satisfied with our response to your complaint, or if you would like further information about privacy in Australia, then we suggest you contact the Office of the Australian Information Commissioner at oaic.gov.au.
Our Contact Details
Last updated: 20 May 2018