1. Policy Statement
· AMSA Board (supervisory)
· Volunteers involved in the gathering of information (implementation)
· AMSA members whose information is gathered (subjects)
“Personal information” means information or an opinion, whether true or not, and whether recorded in a material form or not, about an identified or reasonably identifiable individual. Personal Information collected will differ depending on the method of collection.
Information may include (but is not limited to) the kinds of personal information set out in Section 1 of the Procedure (below).
1. What personal information may be collected about you and how is it stored?
AMSA and its third party relationships may collect and store various kinds of information about you in connection with its legitimate functions or activities, including but not limited to:
a. Contact information including name, email, contact phone number
b. Date of birth, age, gender, university, year level, student status (domestic, international, graduate, undergraduate)
c. Details of AMSA events you have participated in
d. Details of any medical conditions you may have and emergency contact details provided to AMSA
e. Dietary requirements
f. Other personal information provided voluntarily by you, for example thoughts or opinions on various advocacy matters
g. Information you have provided regarding event feedback
h. Copies of communications between AMSA and yourself
i. Photos taken in the course of AMSA’s activities
j. Data stored, collected, and/or shared on social media platforms
k. Data collected through, or stored on, any mobile application owned or run by AMSA, including that
a. Stored locally, on mobile devices
b. Stored remotely, on AMSA servers
c. Stored remotely, on third party services
l. Data stored or transmitted on electronic platforms AMSA utilises, such as meeting and surveying technology
m. Payment details made to AMSA including credit card details
n. Information regarding any outstanding payments to AMSA
o. Information regarding any behavioural proceedings that were undertaken regarding you at an AMSA event, including incident reports and minutes of meetings and their outcomes, including deregistration and blacklisting from AMSA events
p. Any information provided to AMSA in the process of applying for a volunteer position or delegate status at an event
q. Non-personally identifiable information
r. Other personal information relevant to the conduct of AMSA’s legitimate activities
2. Principles of handling personal information
AMSA may use and disclose your personal information for the primary purpose for which it was collected and secondary purposes related to the primary purpose. You acknowledge that such primary and secondary purposes may include, without limitation:
· to provide you with products or services you have requested.
· to assist third party providers who may be reasonably expected by you to have access to this information (see 4).
· for promotional or advertising purposes.
· to provide relevant information collected to medical treatment providers if you come to harm, and may contact emergency contacts.
· to assist individuals in medical societies to identify their delegates at AMSA events.
· to link personal information across business procedures for the purpose of analysis and where it would be expected by the individual, for example in linking memberships to event ticket purchases.
- AMSA may utilise this information to inform business decisions.
· to disclose de-identified analysis performed on information for example numbers and university breakdowns of members to third parties such as sponsors.
· to utilise de-identified analysis performed on information to provide advocacy services.
· to retain information gathered in the course of disciplinary procedures and use this to inform practices to protect AMSA members such as barring individuals from AMSA events.
· to assist law enforcement bodies and security personnel, where considered necessary or appropriate.
AMSA does not:
· link sensitive information across business procedures.
· sell information about individuals to anyone else.
AMSA will not otherwise disclose personal information without permission, unless the disclosure is:
· required or authorised by law.
3. Third party relationships
AMSA may have contractual relationships with a number of third party suppliers and IT system administrators who assist AMSA, for example IT vendors who develop, test and maintain IT systems and websites, accommodation providers, accounting services, or groups who provide medical services at events.
At times, the third party suppliers and IT system administrators may have access to your personal information in the course of supplying products and services, including financial services, to AMSA.
At times these third party suppliers and IT system administrators may be located outside Australia.
4. Storage and security of personal information
AMSA aims to keep personal information secure. Any personal information collected is protected by reasonable safeguards such as password protection and is stored on AMSA networks.
In the instance of a security breach of information, AMSA will take steps to quickly address the breach and will undertake actions such as notification if appropriate as per the advice of the Office of the Information Commissioner.
If AMSA finds that it has no further need for your personal information it may remove it from its IT systems.
· AMSA may take all steps possible to destroy or delete this information completely.
· AMSA may retain any de-identified analysis obtained using personal information.
5. Providing access to or correction of personal information
If you have provided personal information to AMSA, you can update this information by email to firstname.lastname@example.org.
AMSA is responsible for protecting the information it holds about you. If you have provided your personal information to AMSA, you can request access to the information you have provided by email to email@example.com. If AMSA refuses your request to access your information it will provide reasons for the refusal.
This policy will be reviewed every year.