Privacy Policy

PRIVACY STATEMENT

Your privacy is important to us

This statement outlines how Conflict Resolution Service (CRS) uses and manages personal information provided to or collected by it. CRS takes reasonable steps to comply with the Australian Privacy Principles, the Privacy Act 1988 (Cth) (Privacy Act) and other applicable privacy laws and regulations.

CRS may, from time to time, review and update this Privacy Statement to take account of new laws and technology, changes to CRS operations and practices, and to make sure it remains appropriate to the changing legal environment.

CRS PRIVACY POLICY

This statement summarises the CRS privacy policy.  You can request a copy of the privacy policy by contacting CRS.

WHAT IS PERSONAL INFORMATION?

Personal information means any information or opinion about an identified person, or a person who is reasonably identifiable.

WHAT PERSONAL INFORMATION DOES CRS COLLECT?

CRS only collects personal information required to carry out its services and activities and to and to meet Australian and ACT Government and other funding bodies and partner reporting requirements and legislated requirements.

The personal information CRS collects includes:

  • Name
  • Address
  • Email address
  • Phone Number
  • Date of birth and age
  • Gender

To enable delivery of our services, CRS may also need to collect sensitive information about you including:

  • Health information
  • Criminal record
  • Cultural and ethnic origin
  • Sexual orientation
  • Financial position
  • Emergency contact or family information

There may also be other personal information held in case notes and client files.

HOW DOES CRS COLLECT YOUR PERSONAL INFORMATION?

CRS will collect personal information directly from you when you:

  • interact with us over the phone
  • interact with us in person
  • interact with us online or complete one of our forms
  • participate in surveys or questionnaires
  • attend a CRS event
  • subscribe to our mailing list
  • apply for a position with us as employee, contractor or volunteer.

CRS may also collect information about you from third parties who have your consent to make a referral to us or through publicly available sources.

CRS works regularly with children and young people may collect their personal information from their parent, guardian, carer or authorised representative.

You do not have to provide us with your personal information.  You have the right to remain anonymous using a pseudonym.  However, if you choose to deal with us in this way or choose not to provide us with your personal information, we may not be able to provide you with our services or otherwise interact with you.

CONSENT

CRS works with children and young people and may also work with people whose capacity to consent may be compromised.  CRS takes a best practice approach to seeking consent and will seek consent from the parent or guardian (or other appropriate person), unless it considers the young person has sufficient capacity to understand what they are consenting to.  Generally, a young person aged 15 or older is presumed to have the capacity to consent, whereas a person younger than 15 does not.

HOW WILL CRS USE THE PERSONAL INFORMATION YOU PROVIDE?

CRS uses the personal information it collects from you for many purposes in connection with our services and activities, including:

  • providing you with the information or services that you request from us
  • delivering services that respond to your needs
  • improving the quality of the services we provide
  • administrative purposes including keeping your records up to date
  • marketing and research purposes
  • complying with any law or court/tribunal orders; regulatory authorities or government requirements

CRS will only use your information for the primary purpose of collection, and for such other secondary purposes that are related to the primary purpose of collection and reasonably expected, or to which you have consented.

In relation to direct marketing and communications from CRS relating to its services and activities:

  • CRS will use your personal information for direct marketing and communications where you have provided it.  Direct marketing will contain an opt out solution.
  • If we use your personal information obtained from elsewhere, we will still send you direct marketing information where you have consented, and which will also contain an opt out solution.
  • We will always obtain your consent to use sensitive information as the basis for any of our direct marketing.

WHO MIGHT CRS DISCLOSE PERSONAL INFORMATION TO?

CRS will only use or disclose personal information held by us for the purpose for which it was collected.  However, CRS is permitted to use or disclose personal information when

  • you have given your consent to do so
  • it is reasonable to expect the disclosure to occur
  • it is necessary for delivery of our services (for example disclosure to partner organisations or people providing services with or on behalf of CRS)
  • CRS receives information regarding an immediate threat of harm to anyone or the abuse or neglect of a child, young person or vulnerable person
  • CRS is compelled by law to disclose
  • disclosure will prevent or lessen a serious and imminent threat to someone’s life or health or threat to public health or safety

CRS is required to report to funding bodies and government authorities and partner organisations. In such reporting, any information will be de-identified unless specifically stated and consented to.

CRS may use de-identified client data for research and advocacy. De-identified data is personal information that has names, aliases and addresses removed and typically retains information such as age, gender, ethnicity, geographical area, services sought and other non-personal details. 

CRS will not share information with third parties for direct marketing purposes unless the individual provides consent for their information to be used in this way.   

CRS will change information to a pseudonym or treat it anonymously if required by the person whose information CRS holds unless it is impracticable to deal with them on this basis.   

CRS will not use any government related identifiers unless they are reasonably necessary to our functions. 

CRS will take reasonable steps in the circumstances to ensure that personal information is accurate, complete and up to date. This includes maintaining and updating personal information when advised by clients that their personal information has changed, and at other times as necessary.  

SENDING INFORMATION TO THIRD PARTIES AND OVERSEAS

CRS will take reasonable steps to ensure that any disclosure of Personal Information to third parties both in Australia and overseas is compliant with Australian Privacy and related laws.

CRS uses cloud-based databases and systems, some of which may have data stored on servers overseas.  All systems used have multiple layers of data security and CRS has taken reasonable steps to confirm that they comply with privacy laws.

The database CRS uses to keep client personal and sensitive information is housed in Australia.

CRS uses systems such as payment gateways, financial systems, HR and recruitment systems, Microsoft 365 and web-based services, whose data may be housed in Australia, the USA or other territories.

Except as indicated above, CRS will not send personal information about you outside Australia without:

  • Obtaining your consent (in some cases, this consent will be implied); or
  • Otherwise complying with the Australian Privacy Principles or other applicable privacy legislation

MANAGEMENT AND SECURITY OF PERSONAL INFORMATION

CRS’s staff are required to respect the confidentiality of personal information and the privacy of individuals.

CRS has in place steps to protect the personal information CRS holds from misuse, loss, unauthorised access, modification, interference or disclosure by use of various methods including locked storage of paper records, password and permissions controlling access to computer records.

Through the CRS website, CRS may collect certain information such as browser type, operating system, website visited immediately before coming to the CRS site, etc. This information is used in an aggregated manner to analyse how people use our site to support continual quality improvements. 

CRS may from time to time use cookies on its website. Cookies are very small files which a website uses to identify users when they come back to the site and to store details about their use of the site.

When accessing the CRS website, having cookies enabled will allow us to maintain the continuity of your browsing session and remember your details when you return. We may also use web beacons, Flash local stored objects and JavaScript. If you adjust your browser settings to block, reject or delete these functions, the webpage may not function in an optimal manner. We may also collect information about your IP address, although this may not identify you.

Our website may contain links to other websites.  If you access a third party website through our website, personal information may be collected by that third party website.  That website is responsible for informing you about their privacy practices and we encourage you to read their privacy policies.

HOW LONG WILL CRS KEEP YOUR PERSONAL INFORMATION?

CRS will not keep your personal information for longer than we need to or are required to by law.  Under our records management policy, your personal information that is no longer required will be de-identified or destroyed.

UPDATING PERSONAL INFORMATION

CRS endeavours to ensure that the personal information it holds is accurate, complete and up-to-date. A person may seek to update their personal information held by CRS by contacting CRS at any time.

You have the right to check and correct what personal information CRS holds about you. There are some exceptions to this right set out in the Privacy Act.

To make a request to access any information CRS holds about you, please contact CRS in writing (our contact details are below). CRS may require you to verify your identity and specify what information you require.

PRIVACY AND DATA BREACHES

A data breach happens when personal information is accessed or disclosed without authorisation or is lost. Despite CRS’s best efforts to protect and safeguard your personal information, information data breaches may occur. CRS will notify you and relevant authorities if a data breach has occurred that is likely to cause you serious harm.   

COMPLAINING ABOUT A BREACH OF PRIVACY

If you believe your privacy has been breached, you may make a complaint to CRS and have it confidentially investigated and dealt with.  We may require proof of your identity and full details of your request before we can process your complaint.

A privacy complaint relates to any concern that you may have with our privacy practices as they relate to your personal information.

This could include how your personal information is:

  • Collected
  • Stored
  • Used
  • Disclosed
  • Provided
  • The accuracy of the information we hold.

CONTACT CRS

For privacy concerns, please contact us via:

📧 Email: Subject line – Privacy Officer and sent to admin@crs.org.au
📍 Post: The Privacy Officer, 1/32 Townshend Street Phillip ACT 2606
📞 Ph: 02 6189 0590

If your complaint is not resolved to your satisfaction, you may refer your complaint to the Office of the Federal Privacy Commissioner:

📧 Email: privacy@privacy.gov.au
📍 Post: GPO Box 5218, Sydney NSW 2001

Download a printable copy if this privacy policy here