Privacy policy

Our Privacy Principles

We have a simple approach to privacy, which adheres to the 13 Australian Privacy Principles (APPs) set out in the Commonwealth Privacy Act 1988 (Privacy Act). As an Australian based organisation, we are bound by the Privacy Act, which regulates how organisations may collect, use, disclose and store personal information, and how individuals may access and correct personal information held about them. Personal information is information or an opinion, whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained.  We are committed to handling your personal information in accordance with the APPs.

What information we collect 

We collect information when we provide services and products to you. This includes identification information such as your name, date of birth, occupation, driver’s licence and passport number; contact details like your address, phone numbers and email address; PINs and usernames that you use with us; and financial information such as your credit card and bank account numbers. We may not be able to provide products or services to you if we do not collect your personal information.

We may also collect more detailed and broader information such as:

  • Technical Information about your products and services. This includes details about how you use our website and services.
  • Information about the products and services that you use or acquire from us. This includes information about your devices and their operating systems; device and service identifiers, settings, status the software you use and network information. 
  • Financial and Credit Information about the financial relationship that you have with us. This includes your purchase and payment history.

We may collect sensitive information, which is defined as information or opinions about a person’s racial or ethnic origin; political opinions or memberships; religious or philosophical beliefs; professional or trade associations and memberships; sexual orientations or practices; criminal record; and health, genetic or biometric data. Examples include the collection of information about your health as a result of your request for financial assistance service or Centrelink details to provide you with a pensioner discount.  We adhere to strict requirements in relation to sensitive information, including only collecting and using sensitive information with your consent when it is necessary for our functions or otherwise in accordance with legislation such as the Privacy Act.

You may provide another person’s information to us (e.g. the authorised representative on your account).  If so, we rely on you to inform those persons that you are giving their personal information to us and to advise them about our Privacy Policy.

How we collect and hold information

We take active steps to protect the personal information we hold against loss; unauthorised access, use, modification or disclosure; and against misuse. These steps include password protection for all our IT systems. While we cannot share with you details of our entire security system for safety reasons, if you have any questions, you may contact us at privacy@jppspandc.org.au.

We may store your information electronically or in hard copy format. The information may be stored in our facilities or in facilities operated by other providers such as data centres that we use. We endeavor to keep your personal information safe and current. When no longer required, all personal information is destroyed in a secure manner or rendered anonymous.

Sometimes we collect personal information from a third party or from a publicly available source, but only if you have consented to your information being used in this way or would reasonably expect us to collect it in this way. We only collect this information from companies or sources that are allowed to disclose it to us. Below you will find a breakdown of the different ways your personal information is collected.

Information obtained from you

When you contact us, we will collect your information. This could occur when you set up an account, sign up to a mailing list or use one of our products or services, such as customer support. When you fill out an online contact form, we will collect that information and use it to get in touch with you in response to your query. 

If you make a credit card payment, your credit card details may be made fully available to us so that we can process your payment. We destroy all credit card information when the payment has gone through. If you pay through a payment service such as PayPal, we will only receive basic information and confirmation of payment. We will not have any access to your credit card details as these are handled by PayPal or another 3rd party payment provider in line with their terms of use.

Information collected from your use of our network

Data is generated and collected when you use our website and services. This could include records of your communications, device locations and identifying data. We may also use technologies such as cookies that identify your web browser. We use cookies and other digital identifiers that fall into the following 3 types:

  • Site performance indicators: these give us information about how our websites are used, so that we can make the necessary improvements or amendments to make your experience a better one.
  • Analytics Cookies: these give us statistics to understand how many people are on our website, which areas are popular and which areas we need to work on.
  • Advertising Cookies: we use these cookies to target advertising. That way, you receive ads that are more likely to be relevant to you.

You can always disable the use of cookies by changing the security settings of your browser. Just bear in mind that this may affect how some items are displayed on our website.

It is important to be aware that if you access another party’s website or application using one of our products, that other party will deal with your personal information in accordance with its own privacy policy.

Information we collect and receive from others

We may collect personal information from other companies that are able to disclose it to us in line with their privacy policies. Your activity on social media sites and apps such as Pinterest, Twitter, Google+, Facebook and LinkedIn may be publicly available and provided to us under the terms of those companies’ privacy policies. Embedded content such as Google Maps, YouTube videos etc. is embedded or placed on our website – it is not hosted on our servers and therefore any interaction with such services is done so according to their privacy policy. Where your personal information is contained in a user generated post or in a communication through a third party commenting system such as Disqus, Livefyre, IntenseDebate and Google+, the comment may become, and remain public.

We obtain information from external sources such as credit reporting bodies and marketing companies. If you have dealt with other companies that we do business with, they may provide us your information. Examples are credit reporting bodies, fraud and identity verification services, our wholesale service providers and our retail service providers.

Our purpose for collecting and using information

We collect your personal information so that we can provide you with products, services and information. We will only use your information with your consent, where we have a lawful reason or where it is in our legitimate interest. This includes:

  • Communicating with you about the products and services we provide.
  • To properly manage your accounts and services, prevent fraud and breaches of our terms and conditions.
  • Billing.
  • Monitoring use and performance, operating and developing our systems.
  • Credit assessment and debt recovery.
  • Direct marketing if the information was collected from you and you would reasonably expect your information to be used for this purpose. We do not send spam and all direct marketing correspondence that you receive from us via email will include an unsubscribe button or link.
  • Complying with applicable laws, codes and standards.
  • Assisting law enforcement agencies and emergency services.

We may disclose your information to parties that provide services to us or where it is a necessary part of providing your service or operating our business, such as:

  • Managing your purchases, for example where we use an external call centre;
  • Billing, debt recovery, credit assessments and credit reporting bodies.
  • IT and network contractors.
  • Investigations into criminal activities and service or network misuse; law enforcement and national security agencies or other government departments. 
  • Marketing.
  • Business development.
  • Our related entities, dealers and business partners.
  • Regulatory bodies such as the Office of Fair Traiding

We may disclose your information to parties with your consent, including:

  • The police.
  • Your authorised representative.

We only use personal information for the purpose that we collected it, or for the purposes which directly relate to our functions or activities. We will not provide your personal information to other entities or bodies, or any other party unless one of the following applies:

  • You have consented.
  • You would reasonably expect, or have been informed, that information of such a kind would be passed on to those individuals, entities or bodies.
  • It is otherwise required or authorised by law, or reasonably necessary for the enforcement of a criminal law or of a law imposing a pecuniary penalty, or for the protection of public revenue.
  • It may prevent or lessen a serious and imminent threat to somebody’s life or health.

How you may access and correct information

Quality of Personal Information

We want to keep your personal information up to date and accurate at all times as this allows us to deliver a better service to you. If any information we have for you needs to be corrected, you can contact us via privacy@jppspandc.org.au

Access and Correction

At the John Purchase Public School Parents & Citizens Association, we do everything we can to keep your personal information accurate. You can request a copy of the information that we hold about you privacy@jppspandc.org.au. If you find that the information is incorrect, please contact us and we will endeavour to address your concerns. We may apply an administrative charge for providing access to your personal information in response to a request. Please bear in mind that under Australian privacy laws, there may be situations where we cannot provide access to such personal information. For instance, if it would reasonably affect someone else’s privacy or may pose a threat to someone’s life, health or safety.

For any personal information that is collected by third parties, even when you are visiting our website, it is best to view their privacy policy and seek assistance from those parties directly.

How you may complain and how we will deal with your complaint

Complaints Handling

If you have a privacy complaint or feel that there has been a breach of the APPs or a registered APP code, you can contact us at privacy@jppspandc.org.au or via another contact option below. We will promptly acknowledge your complaint and inform you when we expect to respond. We will acknowledge credit reporting complaints within 7 days and aim to investigate and respond to such complaints within 30 days of receipt. If we need additional time, we will provide you with an updated time estimate and explain the reason for the delay. Such complaints may require us to obtain information from a credit reporting body or another credit provider.

If you are not satisfied with our handling of your complaint, you may complain to the Information Commissioner or the Telecommunications Industry Ombudsman, who can be contacted at:

Office of the Australian Information Commissioner
GPO Box 5218 Sydney NSW 2001
Email: enquiries@oaic.gov.au
Telephone: 1300 363 992
Fax: 02 9284 9666

How to Contact Us

We understand that your personal information is important to you. If you have any questions or concerns about this policy or our practices you can get in touch with us in the following ways:

Email: privacy@jppspandc.org.au
Address: John Purchase Public School Parents & Citizens Association, PO Box 217 Cherrybrook 2126

Overseas disclosure of information

Use and Disclosure

We use cloud service providers, which may be located overseas. Therefore your personal information may be disclosed to overseas recipients, i.e. our cloud services providers. Our cloud service providers handle data in accordance with their privacy policy. Our cloud service providers may be located in Canada, the USA, New Zealand, Chile, China, Hong Kong, Japan, Malaysia, Singapore, the Philippines, Vietnam, South Korea Taiwan, India, Sri Lanka, South Africa, the European Union, Russia, Ukraine, South Africa and the United Arab Emirates.