In dealing with external parties, The Association Specialists adopts the following principles:
- The Association Specialists is governed by local privacy regulation e.g. The Australian Privacy Act and The Australian Privacy Principles.
- We will collect only the minimum amount of personal data required to provide a service to your organisation
- We will do our utmost to collect, process, store and transfer personal data in an effective and responsible manner. This will include IT equipment being secured, audits being conducted, appropriate logs kept, checks on the system security being conducted from time to time and privacy impact assessments being conducted when significant privacy impacting new business is being planned.
- We will not sell any personal details to third parties for promotional or other commercial purposes.
- In keeping with the key privacy protection principle “the right to be forgotten”, The Association Specialists will maintain personal data only as long as necessary. Should we receive a request that the organisation’s active participant/s should be deleted from our record, we will do so.
- Individuals in their own right or as individuals who have authority to sign for their organisation should give informed consent when they provide their personal data; that includes the right to know how their own data will be used by The Association Specialists.
- We have in place a Data Breach Notification process so that in the urgent situation that follows a data breach, everyone knows what to do.
- We have a Data Protection Officer who is responsible for dealing with your queries and ensuring good privacy practice.