Board Role and Function
Board, CEO, Executive Management and other staff
Nick Holland, Manager Compliance
Athletics Australia Board
Athletics Australia (AA) is committed to the protection of personal information in accordance with the requirements of the Australian Privacy Principles (APPs) contained in The Privacy Act (1988) and The Privacy Amendment (Enhancing Privacy Protection) Act 2012, as amended, and its respective regulations (referred to hereafter as the “Privacy Legislation”).
It is a policy of AA not to interfere with an individual’s privacy rights in the way it receives, handles or disseminates personal information. Generally, AA will:
(a) not collect personal information unless it is necessary for its business activities, including but not limited to its role as a national sporting organisation and the recognised member in Australia of the International Association of Athletics Federations (IAAF);
(b) only collect personal information lawfully and fairly;
(c) not use or disclose personal information about an individual for a purpose other than that for which it was collected unless such use or disclosure would be reasonably expected or has been expressly authorised or waived by the individual concerned;
(d) take reasonable steps to ensure that the personal information it holds is accurate, complete and up-to-date;
(e) take reasonable steps to protect personal information from misuse or loss;
(f) where necessary, take reasonable steps to let a person know what sort of personal information it holds;
(g) where necessary and requested by the individual concerned and permitted by law and/or the rules of the sport, provide the individual with access to personal information held in relation to that individual;
(i) with some exceptions, only transfer such information to someone in a foreign country if that country has privacy laws similar to the Privacy Legislation. In addition in such instances, AA will inform an individual of the practical effect and potential consequences of the individual giving their informed consent for offshore disclosure and that there are new deeming liability provisions for breaches by offshore organisations. Exceptions shall include but not be limited to AA providing reasonably requested personal and performance details of an individual to the International Association of Athletics Federations (or its delegate or agent) for the purpose of participation in a competition outside Australia, the management and/or operation of an IAAF or World Anti-Doping Authority program or similar purpose for the good and proper governance of international athletics;
(j) not collect sensitive information without the consent of the individual concerned. Where AA discovers that it holds records of sensitive information for which no consent was obtained at the time, it shall take immediate steps to obtain retrospective permission.
2. PERSONAL INFORMATION
“Personal information” encompasses all information which allows the identity of a person to be ascertained such as names, addresses, contact details and the like.
“Sensitive information” includes political opinions, religious beliefs, professional or trade association memberships, sexual preferences and health information about an individual.
3. INFORMATION COLLECTED
Why does AA collect and hold information?
AA collects and holds personal information to enable it to properly and efficiently carry out its functions, including enabling AA or third parties to provide services and benefits, organise and operate events, maintain necessary records and to provide necessary information.
If you do not provide some or all of the information that we request from you, this may affect AA’s ability to communicate with you or provide the requested products or services.
By not providing requested information, you may jeopardise your ability to participate in programs or competitions or apply for employment or volunteer positions with AA. If it is impracticable for AA to deal with you as a result of you not providing the requested information or consent, AA may refuse to do so.
The kind(s) of personal information collected and held by AA:
In the course of AA’s normal business activities, the type of information that will normally be collected and disseminated are as follows:
(a) Persons registered with a Member of AA: AA will store on its or a Member’s database, the name, date of birth, address, contact details and such details of past sporting performances of persons registered with a Member of AA.
For the purposes of this Policy a Member of AA refers to a State or Territory Member Associations of AA as defined in the AA Constitution.
(b) Unless AA obtains the prior consent of the individual person concerned, it will not disclose such information to third parties but may itself use this information for the purpose of furthering the interest and affairs of AA and entities with which it is associated, including but not limited to the publication and dissemination of competition entry/start lists and results, listings of records and rankings and personal biographies.
Note: sensitive information including medical and anti-doping details concerning elite athletes participating in AA’s high performance program may be collected by AA. AA will only disclose such information to relevant third parties, such as the IAAF, WADA, ASADA or medical authorities, if deemed by the Chief Executive Officer to be necessary for the athlete’s wellbeing or to comply with the rules of the sport or any legislative requirements.
Further, AA will not provide information to a third party unless:
That third party is subject to the Australian Privacy Principles or similar provisions within its jurisdiction; or
AA receives an undertaking from that third party they shall not breach the Australian Privacy Provisions in relation to the use, disclosure, and storage of the information provided.
(c) Participants in AA permitted or organised sporting or related events: AA collects such details as the name, address and contact details of participants in sporting or related events permitted, organised or conducted under the control, auspices or patronage of AA or a Member. In this instance, the information may be collected by an event organiser on behalf of AA.
(d) Board Members: AA collects details such as the date, place of birth, address and contact details of individual board members. In accordance with the requirements of the Corporations Act, it will also require board members to disclose any material interest they may have in relation to any particular transaction AA undertakes as well as a member’s shareholding in certain corporations. Except with the consent of the board member concerned, AA will only disclose such information to regulatory bodies such as the Australian Securities and Investment Commission, fellow board members or to such persons the Chief Executive Officer deems necessary for the proper conduct of the business of AA.
(e) Staff Members, Contractors and Team Officials: AA collects and maintains information such as:
(i) contact details, performance or wages;
(ii) terms and conditions and hours of employment/engagement;
(iii) training, disciplining, resignation or termination;
(iv) recreation, long service, sick, personal, parental or other leave; and
(v) taxation, banking or superannuation affairs and trade union membership, if applicable for Staff Members, Contractors, Team Officials and such other persons who may be engaged in the organisation, conduct and delivery of AA competitions, events and programs on a remunerated and/or expense recovery basis.
AA will only disclose such records to its Chief Executive Officer and where necessary, staff members, insurance companies, consultant, advisor or such other persons for the proper conduct of its business or to comply with legal requirements.
How does AA collect information?
AA collects information by means of individuals disclosing that information to AA when they apply for memberships of an AA affiliated club or State/Territory organisation. Information may also be collected when you:
(a) subscribe to any publication of AA, including electronic publications;
(b) provide details to AA in an application, consent form, survey, feedback form or incident report;
(c) access the AA website;
(d) contact AA via email, telephone or mail or engage with AA via social media;
(e) participate in any program, activity, competition or event run by AA;
(f) purchase tickets to an athletics event from AA or an authorised agent;
(g) purchase merchandise, products or services from AA or an authorised agent or licensee;
(h) are elected or appointed to the Board or a committee of AA; or
(i) apply for employment or a volunteer position with AA.
Personal information may also be collected where AA is required to do so by law (for education, child protection, work health and safety laws, charitable collections, medical treatment or other legislation in Australia). AA may collect personal information regarding a child from the parent or other responsible person associated with that child.
How does AA ensure data quality and security of the information it holds?
AA stores information in different ways, including in paper and electronic form.
Much of the information we collect from you is added to AA’s membership database. When your information is entered into AA’s membership database, the information may be combined or linked with other information held about you.
Security of personal information is important to AA. AA will take all reasonable steps to protect the information we hold from misuse, loss, unauthorised access, modification, interference or disclosure.
AA will enforce the following security measures to ensure the protection of the information you provide:
Your information will be protected from unauthorised access either in protected electronic files at AA or in secure storage facilities used by AA; and
Security measures for access to these files and storage facilities will be protected by an electronic password or by lock and key; and
Only the CEO of AA or employees with the appropriate delegated authority will have access to the relevant password or key to access the information held by AA; and
All AA employees, volunteers and service providers handling information will be subject to strict confidentiality requirements in relation to the collection, use, storage and disclosure of your information; and
Security measures have been put in place on our website to protect the information collected by AA. When personal information (such as a credit card number) is transmitted to other Web sites, it is protected through the use of encryption, such as the Secure Socket Layer (SSL) protocol.
The AA website contains security measures to protect your information transmitted online. However the website may contain links which enable you to access other websites. AA is not responsible for the content or privacy practices of those sites.
Further, due to the internet not being a secure environment, any information sent to AA via the internet is sent at your own risk.
4. STORAGE AND DESTRUCTION OF INFORMATION
(a) Unsolicited information that should or could not have otherwise been collected shall be destroyed or de-identified as soon as practicable after such discovery.
(b) AA will take all reasonable steps to educate staff, contractors and volunteers who find themselves in possession of, or with access to, such information that they must:
(i) inform the Chief Executive Officer (or his agent) of the existence and location of the information as soon as practicable, so that destruction or de- identification may occur; and
(ii) ensure that such information is not disseminated further nor stored in such a way that it would be accessible to others.
(c) Information solicited or otherwise validly obtained in accordance with this Policy should be stored and used only in terms of the Policy and when determined by the CEO (or his agent) that it is no longer necessary or appropriate for it to be kept, for it to be destroyed or de-identified within a reasonable time.
5. EDUCATION OF DIRECTORS, STAFF, CONTRACTORS AND VOLUNTEERS
(a) AA will take all reasonable steps to educate and inform its Directors, MAs and Staff of the terms of this Policy and matters related thereto.
(b) It shall take similar steps in relation to those of its contractors and volunteers who are reasonably likely to be involved in the collection of personal information either directly or incidentally or find themselves with access thereto.
6. PROCEDURE FOR HANDLING COMPLAINTS AND INQUIRIES
(a) Any complaint or enquiry as to the application of this Policy or any matter related thereto shall be referred in the first instance to the CEO (or his agent) or if the complaint relates to any action or inaction by the CEO, to the President.
(b) The CEO (or the President as the case may be) shall instigate or otherwise determine the matter in accordance with the investigation procedures set out from time to time in the AA By-Laws or policies dealing with complaint handling procedures.
7. REVIEW OF POLICY OPERATION AND COMPLIANCE ISSUES
At any time after a breach of, or compliance issue with, this Policy has been the subject of a complaint or otherwise identified, the CEO shall either personally or by appropriate and, where necessary, discreet delegation, initiate a review of the Policy or the circumstances which gave rise to the breach or compliance issue.
8. ACCESS TO AND CORRECTION OF PERSONAL INFORMATION
AA will take all reasonable steps to ensure that the personal information it collects, uses or discloses is accurate, complete and up-to-date. However, we rely on the accuracy of personal information as provided to us both directly and indirectly.
We encourage you to regularly review and update your personal information. If you would like to access the personal information that we hold about you, please let us know by making a request via the contact details set out below. We will respond to your request for access within a reasonable period. If you find that the personal information we hold about you is inaccurate, incomplete or out-of-date, please contact us immediately and we will correct it.
If you believe that AA have breached the Privacy Act 1988 or the Australian Privacy Principles and you wish to make a complaint, please contact AA at the details below.
We will respond to your complaint within a reasonable period, and try to resolve your complaint for you. If we are unable to resolve your complaint or you are unhappy with the outcome, you can contact the Office of Australian Information Commissioner via its enquiries line 1300 363 992 or website http://www.oaic.gov.au/ to lodge a complaint.
10. USE OF PERSONAL INFORMATION FOR AA’S BUSINESS ACTIVITIES
Why does AA use and disclose personal information?
AA uses and discloses the information collected in accordance with this Policy for the development of the sport of athletics, to keep persons informed about the sport, its activities and related products and for direct marketing purposes.
At any time, an individual may notify AA should their contact details change or if they do not wish to receive marketing materials or any other communications from AA, by either telephoning AA on (03) 8646 4550 or sending a request in writing to the below address;
Level 2, 31 Aughtie Drive Albert Park Vic 3206
11. AA WEBSITE
When you visit the AA website, our systems may record certain information about their use of the site, including the web pages visited and the time and date of their visit. AA uses this information to help analyse and improve the performance of the AA website.
Websites linked to the AA website are not subject to AA’s privacy standards, policies or procedures. AA cannot take any responsibility for the collection, use, disclosure or security of any personal information that you provide to a third party website.
12. DISCLOSURE WITHOUT PRIOR AUTHORISATION
In certain circumstances, AA may be authorised by law to disclose personal information even where such written consent has not been provided, including:
• where there are grounds to believe that disclosure is required in order to prevent a threat to health or life;
• where AA suspects that unlawful activity is or has been engaged in, such personal information may be used to investigate the suspected unlawful activity; or
• the use is authorised by law or reasonably necessary to enforce the law.
For further information on AA’s management of personal information, please contact AA.
Adopted as a policy of Athletics Australia Limited by the Board on 26 May 2016