Better recovery pathways for young adults with challenging mental illness and addiction

MINDFX LIMITED PRIVACY POLICY

MindFX Limited recognises the importance of protecting the personal information of individuals. We take our privacy obligations seriously. We handle personal information in accordance with all relevant laws including the Australian Privacy Act 1988.

Definitions of Information

For the purposes of this Policy:

  • Personal information is information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether true or not, and whether the information or opinion is recorded in a material form or not (e.g. your name and address, your date of birth).
  • Sensitive information is a subset of personal information, attracting a higher level of protection under the Act (e.g. health information as well as information about race or ethnic origin, political opinions, sexual orientation, criminal record).
  • Health information is information or an opinion about an individual’s physical or mental health or disability, health preferences including future provision of health services.

Why we collect your personal information?

We collect personal information so that we can provide you with appropriate services. We only collect information necessary for our activities and whom we engage to provide services on our behalf, where relevant consent exists. More information on our services is available on our website: www.mindfx.com.au.

What personal information do we collect and hold?

The types of personal information that we collect about you will depend on your relationship with us, the nature of the services we are providing you or the activities that you are involved in, and any legal obligations we may have. For example, if you:

  • seek care and support services, we may collect your name, contact details, details of your authorised representative (if applicable), government identifiers (e.g. Medicare card), financial details (if necessary to assist with accessing government assistance or where claiming financial hardship for client contributions/fees), information about your circumstances (e.g. prescribed medications, allergies), any special needs (e.g. communication and language needs/preferences) as well as what you are seeking assistance with
  • provide care and support services to our clients, we may collect your name, organisation, background and screening checks, insurance details and contact details
  • make a donation to MindFX, we may collect your name, contact details, the amount and frequency of your donation and payment details
  • attend a MindFX event, we may collect your name, organisation, contact details, payment details (if applicable) and any dietary and accessibility requirements
  • participate in our surveys, we may collect your name, organisation, contact details and your survey responses
  • send us an enquiry, we may collect your name, contact details, information about your circumstances and details of your query
  • make a complaint, we may collect your name, contact details, the details of your complaint, information collected in any investigation of the matter and details of the resolution of the complaint
  • apply for a role at MindFX, we may collect the information you include in your application, including your cover letter, resume, contact details and referee reports as well as background and screening checks
  • Details of products or services that you provide to us
  • Social media profile information that you make available to us or the public when publicly tagging MindFx in social content.

We also collect some information that is not personal information because it does not identify you or anyone else (e.g. collection of anonymous answers to surveys, aggregated information about how users use our website for statistical purposes only).  Our electronic newsletters record anonymous data about articles you have expressed interest in. Some www.mindfx.com.au web pages use cookies along with social media app insights (data analysis techniques).

Sensitive information

We may collect your sensitive information when we have your consent and when the collection is reasonably necessary for us to carry out one or more of our functions or activities.

Sensitive information is generally relevant to an assessment of whether a person is eligible for our services, and for the delivery of care and support services. This might include information about whether a person has a mental illness or disability. When we do collection sensitive information, such as health information, we will seek your consent to the collection, use and disclosure of that information at the time of collection.

What if you don’t provide us with your personal information?

In some circumstances individuals can choose to deal with us anonymously or use a pseudonym (e.g. when viewing our website or making general phone queries). However, if you do not provide us with your personal information we may not be able to provide the required information or requested services, progress a complaint nor issue a tax-deductible receipt for donations.

How do we collect your personal information?

In most cases, we will collect your personal information directly from you. We collect this information from you through several different channels including:

  • through our website, donations platform or social media pages
  • when you correspond with us (e.g. by letter, email, direct message or telephone)
  • on hard copy forms (e.g. assessment forms, volunteer/employment applications, purchase orders)
  • in person (e.g. at job interviews, volunteer applications, meeting with a client face-to-face)
  • at events and forums.

We endeavour to gain your consent when collecting your personal information. This may happen before, during or after the process. Once you have provided your consent, you are able to withdraw it at any time by emailing [email protected]. By withdrawing your consent, we may not be able to provide you with the services you require.

If we are unable to collect personal information from you directly, we may obtain further information from:

  • your authorised representative (e.g. guardian, family member)
  • another organisation/s (e.g. during recruitment to conduct a background/screening check)
  • referrers who refer you to us for assistance (e.g. Queensland Health)
  • other sources where necessary to assist us in providing services to you.

To opt-out of MindFX Limited email subscriptions, please follow the prompts to unsubscribe to our newsletter services.

Unsolicited personal information

If we receive unsolicited personal information, we will make an assessment as to whether we could have collected the personal information from you ourselves. If we could not, we will destroy or de-identify it as soon as it is lawfully and reasonably possible to do so. This can be affected by the options available to us and the resources and costs of taking such action.

Purposes we collect, hold, use and disclose your personal information

We will only collect, hold, use and disclose your personal information where necessary to perform our activities and functions, and to provide the best quality service. There are various exceptions to this:

  • you have consented to the use of your personal information for another purpose
  • your personal information is used or disclosed for another related purpose
  • in relation to your sensitive information, the other purpose is directly related to the reason why it was collected
  • we are required or authorised by law to disclose your information for another purpose
  • the use or disclosure is otherwise permitted by the Act.

The following are some examples of how your personal information may be used and disclosed:

  • answer enquiries, provide information and advice about care and support service options available to you
  • providing care and support services to you
  • enabling better co-ordination between us and others involved in your care and support (e.g. independent contractors, organisations)
  • update our records and keep your contact details up-to-date
  • providing information to an authorised representative (e.g. enduring power of attorney) if you are incapable or cannot communicate, unless you have requested that we do not disclose your health information
  • management
  • funding and accreditation bodies
  • service/quality improvement, monitoring, planning and evaluation
  • feedback and incident management
  • contracted service providers and suppliers (e.g. auditors, insurer or legal services, information technology, marketing and communication agencies, freight and courier services, printers and distributors of marketing material, consultants, web hosting providers)
  • client satisfaction and stakeholder surveys
  • staff education and training
  • invoicing, billing and account management
  • provision of reminders for appointments or follow-up care
  • inviting you to participate in events and fundraising
  • referees whose details are provided to us by job applicants.

Duty of Care and Security

In certain circumstances, if your communication with us raises safety concerns, we will try to contact you to check that you and/or others are safe. If necessary, we may need to pass on your contact information to authorities who can help protect you and/or others (e.g. Police). Where possible we will work with you openly, letting you know if our concerns reach the point where we need to involve other services. We are obliged to try to protect you and/or others if the information you submit causes us to suspect that:

  • you are being seriously hurt by someone else
  • you are thinking of seriously harming yourself
  • someone else is being, or is likely to be, seriously hurt by you or another person.

To prevent unauthorized access or disclosure, maintain data accuracy, and ensure the appropriate use of information, we have put in place appropriate physical, electronic, and managerial procedures to safeguard and secure the information we collect online.

Media

Our MindFX staff and volunteers are not permitted to comment about our clients on social media or to traditional media outlets unless as an authorised MindFX ambassador or spokesperson.

Donations

You may choose to provide your personal and financial information when you donate via our Donation and crowdfunding platform.

Donations can be made using Stripe our secure payment gateway which is compliant with the Act and the Payment Card Industry (PCI) Data Security Standard. We will only use your credit card details to process the donation; we do not store your credit card details on our website or elsewhere.

Direct marketing

We will not use your personal information nor provide your information to other organisations for the purpose of direct marketing.

Website and social media pages

To help keep our website working optimally, our site may collect statistics about visits (e.g. how many people visit our site, the user’s IP address, which pages people visit, the domains people come from and which browsers they use). This information will not be used to identify you.

Our website may contain links to other websites that are not ours.

If we obtain your consent to post your personal information on our website or social media pages, that personal information will be made public.

You may also wish to participate in our social media pages by commenting or sharing information. We however cannot be held responsible if you share personal information on these pages that is subsequently used, misused or otherwise appropriated by another user.

Other websites referenced on our website as well as social made platforms are not subject to this policy and we are not responsible for the privacy practices of these sites/platforms. These sites/platforms may have their own privacy and security policies, which we encourage you to read before supplying any personal information to them.

Law enforcement

It is also important to know that we may, at times, be obliged by law to allow law enforcement agencies and other government agencies with relevant authority, to inspect our IP logs.

Storage and management of your personal information

We generally store the personal information that we collect in electronic databases. Some of these databases may be held on our behalf by a third party data storage provider. We may also keep hard copy records of personal information in physical storage facilities.

We use physical and technical security processes to protect the confidentiality and security of the information that we hold. We will only keep your personal information for as long as we need it for the purposes described in this Privacy Policy.  Your personal information will be destroyed and de-identified when it is no longer required.

How you can access and correct your personal information?

You may want to access any of the personal information that we hold about you. You may also want to correct some aspect (for example, because you think it is incomplete or incorrect). If so, please contact us using the contact details below.

In some cases, we may not be able to provide information in response to your request. For example, it would interfere with the privacy of others or result in a breach of confidentiality. In these cases, we will let you know the reasons why we cannot comply with your request.

If we do not agree with your request to access or correct your information, we will provide you with written reason/s for our decision and available complaint mechanisms.

Contacting Us

If you have any questions or feedback about this Policy, would like to correct or access your personal information, or wish to make a complaint, please contact us: 0435 503 356 or [email protected].

If you believe your privacy has been breached please contact us and provide details so that we can investigate. We will endeavour to respond to your complaint within 30 days of receipt of your complaint (while complex cases may take longer to resolve, we will keep you updated on the progress of your complaint). We will attempt to confirm as appropriate and necessary your understanding of the conduct relevant to the complaint and what you expect as an outcome. After we have completed our enquiries, we will contact you to advise the outcome.

If you are unhappy with our response, you can refer your complaint to the Office of the Australian Information Commissioner.

Changes to this Policy

We will update this Policy from time to time. Any updated versions of this policy will be posted on our website. Please review it regularly.

Further information

Detailed information on privacy and the APPs is available on the Office of the Australian Information Commissioner’s website: www.oaic.gov.au.