The CPMC respects the privacy of the individuals who visit our website, respond to our electronic communications and send us email. The Company will adhere to the provisions of the NSW Privacy and Personal Information Protection Act 1998 (“the Act”) in relation to the information it acquires, holds, uses or communicates relating to any of our stakeholders, customers, staff or other persons.
This Privacy Statement outlines what information CPMC will collect and how it will be used.
Information collected – De-identified
Without limiting the means by which information is collected by the CPMC, the usage analysis software used by the CPMC records:
- unique visitors and sessions
- requested pages, downloads, search terms used, posted forms, status and errors, hits and bytes downloaded per directory, file and file type
- entrance pages, exit pages, click paths, click to and click from and length of session
- domains, countries and IP addresses
- browsers, platforms and robots.
The statistics are de-identified at the time of recording. This information is used for administrative purposes, including to improve and assess services, and to monitor usage patterns on our site in order to improve navigation and design features – helping you to get information more easily.
Information collected – Identified
The CPMC may collect identifiable information such as contact details. Further, access to member only services has been made possible by using information contained in CPMC databases. Accordingly, we collect personal information to facilitate the granting of access to member only services.
Access to information collected
The CPMC will not knowingly make an attempt to identify users or their browsing activities. However, in the unlikely event of an investigation, a law enforcement agency or other government agency may exercise its legal authority to inspect our Internet Service Provider’s logs, and thus gain information about users and their activities.
All of the identified information that the CPMC has used to grant access can be viewed and changed by users when they view their personal details. In addition, users may contact the CPMC at any time to access personal information about themselves. Access will be provided unless the request is unreasonable or the applicable privacy legislation permits or requires the CPMC to decline that access. As permitted by law, a fee may be requested to cover the cost of access.
The CPMC engages third parties to perform certain business functions. Therefore, it is sometimes necessary to disclose personal information to those suppliers. Disclosures may also be made to other third parties, including advisors and regulatory authorities. Where disclosure takes place, the CPMC seeks to ensure that personal information is handled appropriately.
You can block Google Analytics tracking completely using Google’s Analytics Opt-out browser add-on.
We endeavour to ensure the SRSA website is secure through the use of firewalls. Personal data is maintained under strict security and can only be accessed internally by employees who have permission to do so.
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
We will notify the users via email within 72 hours from the time we realise it. We also agree to the individual redress principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or a government agency to investigate and/or prosecute non-compliance by data processors.
How long is data stored
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
Otherwise, data is stores as long as needed.
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under 13, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, the nation’s consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.
We do not specifically market to children under 13.
Changes to privacy statement
The CPMC reserves the right to modify or amend this privacy statement at any time, provided that those modifications or amendments comply with applicable laws.
The CPMC may provide further relevant privacy information to users at the point of collection, in which case, such information should be read in conjunction with this policy.