Protecting your privacy is important to us
Protecting your privacy is important to us. We handle your information in accordance with the Privacy Act 1988 (Cth) and our Privacy Policy. This policy also explains how you can access and correct your personal information, or make a complaint about a breach of the Australian Privacy Principles.
Privacy Policy
This Privacy Policy applies to personal information collected by Baker Heart and Diabetes Institute.
In this Privacy Policy, the expressions "the Baker Institute", "we", "us", "our" are references to Baker Heart and Diabetes Institute (ABN 98 131 762 948).
The Baker Institute is a not for profit medical research organisation. It is Australia's first-multidisciplinary organisation tackling obesity, diabetes, and cardiovascular disease through research, education and patient care. The breadth of our programs requires significant resources and we are extremely grateful for support we receive from individual members of the community as well as philanthropic trusts and foundations, industry and government.
The Baker Institute is committed to ensuring the privacy and confidentiality of your personal information. The Baker Institute will endeavour to handle your personal information in accordance with the Commonwealth Privacy Act (including the Australian Privacy Principles) and other relevant state and territory laws.
This Privacy Policy explains in general terms how the Baker Institute protects the privacy of the personal information that you provide to us (including via our website or social media) and to personal information that we collect about you under any other agreement or arrangement.
This Privacy Policy does not apply to the Baker Institute employee records.
Contents
- What is personal information?
- Types of personal information that we may collect
- How the Baker Institutecollects and handles your personal information
- Baker Specialist Clinics
- Participation in research and clinical trials at the Baker Institute
- Security of your personal information
- Anonymity and pseudonymity
- Gaining access to information we hold about you
- Keeping your personal information up-to-date
- Our website
- Cookies
- Changes to the Baker Institute's Privacy Policy
- Addressing your concerns
What is personal information?
Personal information is information or an opinion about an identified individual, or an individual who is reasonably identifiable:
- whether or not the information or opinion is true or not; and
- whether the information or opinion is recorded in a material form or not.
Sensitive information, a subset of personal information, includes information or opinion about an individual's racial or ethnic origin, political opinions, membership of a political organisation, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices, health information and genetic information.
Types of personal information we may collect
The kinds of personal information we collect about you may include your name, date of birth, address, gender, contact information, employment details, research areas of interest, goods and services you have obtained from us, event attendance and payment (including bank account, credit card and invoice) details.
We collect personal information from people who are connected to our operations and activities, including advisory committee members, research study and clinical trial participants, volunteers, suppliers and service providers.
We collect personal information from our donors and supporters including information to process your donation and information about your donation history and activities that you have indicated you may be interested in being involved with.
We collect information from publicly available sources to enable us to make personalised and tailored approaches to individuals and organisations relating to possible partnership opportunities.
We may also collect personal information including work experience and references in connection with the processing of scholarships, awards and courses or when we are canvassing for the recruitment of staff, students and volunteers.
Sometimes we might ask you for sensitive information in order to carry out the services we provide to you. For example, we may collect health information if you are participating in a health program or research study. We may collect racial or ethnic information as part of our mission to reduce death, disability and illness caused by non-communicable and communicable disease amongst Aboriginal and Torres Strait Islander peoples. Sometimes we collect photos or stories about you if you have gone to one of our events, or have visited our "share your story" link on our website and shared your experience or the experience of someone you know with heart disease, diabetes or a related condition. However, we do not collect sensitive information from you without your consent.
We will only collect personal information where reasonably necessary to conduct our functions or activities.
How the Baker Institute collects and handles your personal information
Collection
Where possible, we will collect your personal information directly from you. For example, we may collect personal information about you when we deal with you over the phone or when you have contact with us in person, by email, over the Internet or via social media, when you purchase a product, sign up for a service, enter a contest or promotion, or fill out a form or complete a survey at one of our events or that is sent to you in the mail.
Sometimes we collect personal information from third parties such as contractors (including fundraising service providers), list vendors, charitable and other like-minded organisations, health professionals, or from a publicly available source.
If we collect information about you from a third party, and it is unclear that you have consented to the disclosure of your personal information to us, we will take reasonable steps to ensure that you are aware of circumstances surrounding the collection and the purposes for which we are collecting your personal information, other persons or organisations to which we might give your personal information, the existence and content of this Privacy Policy and any other matters required by relevant privacy laws.
Use and Disclosure
We use your personal information to enable us to send you newsletters and bulletins as well as information about products, services, research, education and fundraising events and activities. We may use your information to contact you to seek financial support for medical research conducted at the Baker Institute, or to enable you to assist us with volunteering, community fundraising, advocacy and other activities where we seek the community's assistance.
We may need to disclose your personal information to others in order to:
- carry out our activities, including funders, financiers, grant and award providers, research institutions, health professionals, volunteers, agents, contractors and service providers who perform services on our behalf, such as mailing houses, printers, information technology service providers, database contractors, patent attorneys and fundraising agencies; or
- facilitate the sharing of information to charitable or like-minded organisations that may wish to contact you with information that may be of interest and third service providers who facilitate the sharing of information between such types of charitable or like-minded organisations.
Transfer of your personal information overseas
The Baker Institute may from time to time enter into contractual arrangements with third party service providers to assist the Baker Institute to carry out our activities and facilitate sharing of information to charitable or like-minded organisations. As a result personal information (but not payment details) provided to the Baker Institute may be transferred to, and stored at, locations outside Australia, including but not limited to the United Kingdom, United States of America and China. These organisations may engage third party service providers also operating outside Australia.
The Baker Institute acknowledges the importance of protecting personal information and will take reasonable steps to ensure that third parties, including overseas service providers, who have access to your personal information are required to protect this information in a manner that is consistent with this Privacy Policy by, for example, not using the information for any purpose other than to carry out the services they are performing for the Baker Institute.
Consent to transfer overseas
By submitting your personal information to the Baker Institute, you expressly consent to disclosure, transfer, storing or processing of your personal information outside Australia, as described above. In providing your consent you understand that countries outside Australia do not always have the same level of privacy protection as in Australia.
If you do not agree to the transfer of your personal information outside Australia, please contact us at privacy@baker.edu.au or by calling 1800 838 498, or write to us at:
Privacy Officer
Baker Heart and Diabetes Institute
75 Commercial Road
Melbourne, Victoria 3004, Australia
Opt-out
If you have received communications from us and you no longer wish to receive those sorts of communications, please contact us at privacy@baker.edu.au or by calling 1800 838 498, or write to us at:
Privacy Officer
Baker Heart and Diabetes Institute
75 Commercial Road
Melbourne, Victoria 3004, Australia
Baker Specialist Clinics
As a patient at the Baker Specialist Clinic, your personal information including health information will be collected. In addition to your name and address, this information may also include:
- Your medical history including (where clinically relevant) a family medical history.
- Your Medicare number and private health insurance information.
- Current medications or treatments used by you.
- The name of any care provider, health service provider or medical specialist to whom we refer you back or who has referred you to us, copies of any referrals and reports
- Test results and samples.
This information is used to ensure that you are given comprehensive medical treatment and quality care.
You may be referred for diagnostic tests such as pathology or radiology and our staff may consult with senior medical experts when determining your diagnosis or treatment. Our staff may also refer you to other health service providers for further treatment (for example, to a physiotherapist or outpatient or community health services).
These health professionals will share your health information as part of the process of providing your treatment. We will only do this while maintaining confidentiality of all this information and protecting your privacy in accordance with this Privacy Policy and privacy laws.
Participation in research and clinical trials at the Baker Institute
In order to conduct research and clinical trial activities, the Baker Institute may collect your personal information including health information. In addition to your name and address, this information may also include:
- Your medical history including (where clinically relevant) a family medical history.
- Your Medicare number and private health insurance information.
- Current medications or treatments used by you.
- The name of any care provider, health service provider or medical specialist to whom we refer you back or who has referred you to us, copies of any referrals and reports.
- Test results and samples.
This information is used to record your involvement in clinical trials and other research activities undertaken by the Baker Institute, to process the results of research and clinical trials and to contact you regarding participation in future studies.
From time to time we may collate statistical data from the information we have collected. In these cases, the data will be de-identified and aggregated before it is disclosed to third parties.
All research and clinical trials undertaken at the Baker Institute are approved by the Alfred Human Research Ethics Committee, the Bellbery Human Research Ethics Committee or the Central Australia Human Research Ethics Committee. Patients enrolled in trials or research will be given information detailing how health information will be handled by the Baker Institute.
Security of your personal information
We take all reasonable steps to ensure the security of the personal information we hold from misuse, interference and loss, and from unauthorised access, modification or disclosure. We maintain physical security over our paper and electronic data stores and premises, such as locks and security systems.
Your personal information may be stored in hardcopy documents, as electronic data, or in the Baker Institute's software or systems, or third party database storage or server. We maintain computer and network security; for example, we use firewalls (security measures for the Internet) and other security systems such as user identifiers and passwords to control access to our computer system. Backups of electronic information are written to drives which are stored offsite. Paper records are stored in offices which are secured to prevent entry by unauthorised people, or in locked filing cabinets in secure areas. Any personal information not actively being used is archived, usually for a period of 7 years, with a third party provider of secure archiving services.
Where personal information is stored by a third party, we have arrangements which require those third parties to maintain the security of information. We take reasonable steps to protect the privacy and security of that information, but we are not liable for any unauthorised access or use of that information.
The Baker Institute uses Secure Socket Layer (SSL) certificates which is the industry standard for encrypting your credit card and debit card numbers and your name and address so that it cannot be viewed by any third party over the Internet. Your financial information is encrypted on our servers and access to this information is restricted to our authorised staff only. All third party gateway providers are PCI DSS (Payment Card Industry Data Security Standard) compliant. EFTPOS transactions are conducted in accordance with the EFT Code of Conduct.
Anonymity and pseudonymity
Where lawful and practicable, you will be given the option to deal with us without identifying yourself (e.g. when inquiring about the activities that the Baker Institute undertakes) or using a pseudonym (e.g in publications or newsletters). Individuals should be aware that contact details are required in order for the Baker Institute to issue a tax deductible receipt.
While we seek to recognise the contributions of our donors and supporters in our publications, individuals wishing to remain anonymous in our publications and at other public forums should advise this in writing to the Director of the Baker Heart and Diabetes Institute.
Gaining access to information we hold about you
The Baker Institute will, on request, provide you with information we hold about you, unless there is an exception which applies under relevant privacy laws. Access can only be denied in certain circumstances.
Unless there is an exception which applies under privacy laws we will provide you with a photocopy and/or printout of information held within 14 days. No charge will be made for this service.
If we refuse to grant you access to your personal information, we will provide you with reasons for that decision (unless it is unreasonable to do so) and the avenues available for you to complain about the refusal.
Keeping your personal information up-to-date
We take reasonable steps to ensure that your personal information is accurate, complete and up-to-date, relevant and not misleading having regard to the purpose for which it is held.
If you wish to update or correct the personal information we hold about you, please contact the Privacy Officer immediately and we will take reasonable steps to either correct this information or, if necessary, discuss alternative action with you.
Our website
Visiting a Baker Institute website (e.g. www.baker.edu.au) generates the following statistics:
- Your server address.
- Your top level domain name (.com, .gov, .au, .uk etc.).
- The pages you access and documents downloaded.
- Any keywords or search words you enter.
- The type of browser you are using.
These statistics are gathered so we can improve our website for future visitors. This information does not make it possible for you to be identified.
If you send us an e-mail, your e-mail address (together with any other information you send us) will only be used for the purpose for which you have provided it, except where you give consent for another purpose. This site does not provide facilities for the secure transmission of information across the Internet. Users should be aware that there are inherent risks in transmitting information across the Internet.
We may create links to third party websites. The Baker Institute is not responsible for the content or privacy practices employed by websites that are linked from our website.
Cookies
'Cookies' are employed on all Baker Institute websites to allow us to deliver a more efficient and personalised service. A cookie is information that a web site puts on your hard disk so that it can remember something about you at a later time.
Our websites use two different kinds of cookies:
- Session cookies
Temporary cookies that only last until you close your browser. - Persistent cookies
Cookies that are stored for a longer term on your computer.
Persistent cookies are employed on the Baker Institute website for online donations to allow us to provide content that is of more interest to you and to present you with retargeting advertising on other sites based on your previous interaction with the Baker Institute’s website.
How do cookies work?
When you visit a Baker Institute website a persistent cookie is sent to your browser and stored. When you leave the website and visit a second website, retargeting ad technology is able to recognise this browser cookie and may define the topic of an ad that is served to you.
These cookies do not store any personal information (such as your name, email address, postal address or telephone number) and his type of information can in no way be used to identify a specific person or user.
Cookie management
You can configure your internet browser to accept all cookies, reject all cookies or notify you when a cookie is sent. Most browsers accept cookies by default. To learn more about cookies, including how to refuse cookies on your computer, click these links:
- Microsoft Internet Explorer — http://windows.microsoft.com/en-au/internet-explorer/delete-manage-cookies.
- Mozilla FireFox — https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences.
- Google Chrome — https://support.google.com/chrome/answer/95647.
- Apple Safari — https://support.apple.com/kb/PH17191.
This does not mean you will no longer receive online advertising, but it does mean that you will no longer be shown customise ads based on your interests and web usage patterns using cookie-based technology.
Changes to the Baker Institute Privacy Policy
This Privacy Policy was last updated in January 2017 and may be amended from time to time. This page represents the most up-to-date copy.
Addressing your concerns
If you have a query on how your personal information is collected or used, or any other query relating to this Privacy Policy, please contact:
Privacy Officer
Baker Heart and Diabetes Institute
75 Commercial Road
Melbourne, Victoria 3004
Australia
P: 1800 838 498
F: +61 3 8532 1160
E: privacy@baker.edu.au
We will respond to your query or concern as soon as possible and will try to resolve any complaint within 10 working days. If this is not possible, we will contact you within that time to let you know how long we estimate it will take to resolve your concern. If you are unsatisfied with the outcome, we will advise further options including, if appropriate, review by the Office of the Australian Information Commissioner.