The Neurological Foundation's overriding purpose is to reduce the level of suffering and premature death from diseases of the brain and nervous system through research, education and information.
An important part of achieving that purpose is to raise money from individuals. This involves the collection, storage, use, and disclosure of personal information. There is also an individual’s right to request access and correction of personal information.
The Neurological Foundation recognises that if it is open and transparent about its information handling practices then members, donors and bequestors are more likely to share relevant and accurate information.
Purpose
- To inform members, donors and bequestors about how personal information is managed by the Neurological Foundation
- To ensure compliance with the Privacy Act 1993
Procedure
- Definitions
- Confidentiality means a duty to protect and hold in strict confidence all information concerning a person.
- Personal Information means information about an identifiable individual.
- Privacy Officer
- The Neurological Foundation will appoint a privacy officer.
- Collection
- The purposes for collecting personal information by the Neurological Foundation are:
- to raise funds to support research and education to reduce the level of suffering and premature death from diseases of the brain and nervous system;
- to provide an information service for donors, bequestors, members and supporters of the Neurological Foundation about diseases of the brain and nervous system; and
- to inform Neurological Foundation donors, bequestors, members and supporters of the Neurological Foundation's activities.
- In order to achieve its purposes, the Neurological Foundation collects the following information:
- Annual Appeal donations: name of donor, date of birth (as a means of identification), address, credit card details (if paying by credit card), any request for information about bequests or regular giving.
- Donation Coupons: name of donor, date of birth (as a means of identification), address, credit card details (if paying by credit card), any bequest to the Neurological Foundation in a will, any request for information about bequests or regular giving.
- Bequestor Records: name, date of birth (as a means of identification), address, other contact details (phone, e-mail), gender, reasons for making bequest, bequest date, date “bequest pin” given, interest in the Neurological Foundation including attending any of its events, donation and attendance at Neurological Foundation events history, contacts or communications with the Neurological Foundation including home visits, incidental and optional information for example: age, family names, pets.
- Members, supporters and prospective bequestor records: name date of birth (as a means of identification), address, other contact details (phone, e-mail), interest in the Neurological Foundation including attending any of its events, donation and attendance at Neurological Foundation history, contacts or communications with the Neurological Foundation including home visits, incidental and optional information for example: age, family names, pets, likelihood of becoming a bequestor
- When collecting personal information, the Neurological Foundation will identify:
- . the purposes for which personal information is collected;
- The purposes for collecting personal information by the Neurological Foundation are:
- who has access to the information;
- information which must be provided either by law or otherwise; and
- information which is optional.
- When collecting personal information, the Neurological Foundation will advise that the person has a right to request access and request correction of his or her personal information.
- In meeting the requirements of clauses 3.3 and 3.4, the Neurological Foundation will use the following statement on its forms:
Your contact details and other information are retained solely by the Neurological Foundation to send you information about research, Foundation events in your locality, making a bequest, and appeals to raise funds for neurological research and training. Your information is confidential and is only accessed by Foundation staff or may be released if required by law. You may check, update and request suppression of your details from our records by contacting the Neurological Foundation at the following address: the Neurological Foundation, PO Box 110022 Auckland Hospital, Auckland 1148. - The Neurological Foundation will collect information in a fair manner:
- No one will be electronically recorded including photographed, videotaped or audiotaped without their knowledge and, if necessary, consent
If a person wishes to discuss personal matters confidentially then the Neurological Foundation will provide opportunity for such a discussion.
- No one will be electronically recorded including photographed, videotaped or audiotaped without their knowledge and, if necessary, consent
- Storage and Security of Personal Information
- The Neurological Foundation may create a contact/membership number for any member, donor, bequestor or supporter which will not be the same as another unique identifier number used by another agency.
- The Neurological Foundation will take reasonable steps:
- to protect personal information from loss, unauthorised access, use, modification and disclosure; and
- to ensure that prior to use, personal information is accurate, up to date, complete, relevant and not misleading.
- The Neurological Foundation keeps files in a secure location, and information within them is accessed only by authorised staff.
- Other steps taken by the Neurological Foundation to keep personal information secure include keeping material not currently in use in locked filing cabinets, cupboards or offices; ensuring personal information is not able to be seen by unauthorised people; and restricting access to computer records by the use of passwords.
- Field staff are required to store their reports on the Neurological Foundation’s main server via remote access. There should be no confidential information of the Neurological Foundation, including information about members, donors, bequestors or supporters, on staff’s home computers.
- Field staff with Neurological Foundation laptop computers will use these instead of card records.
- If a staff member needs to take work home, he or she will take all reasonable steps to ensure that any Neurological Foundation material and any Neurological Foundation laptop computer travels securely (it is in a briefcase or fully enclosed envelope, file or folder) and is either not left unattended in or near a motor vehicle or is not visible from outside the motor vehicle. Staff will also take all reasonable steps to ensure such material or the Neurological Foundation laptop computer is not accessed by unauthorised people at home.
- Personal information is not sent by e-mail unless, in all the circumstances, it is reasonable to send personal information by such means and in those circumstances, the Neurological Foundation will check to make sure the email is addressed to the correct recipient and any necessary encryption or security measures are used.
- It is unacceptable for any staff member to intentionally breach the Privacy Act, read or copy personal information when unauthorised to do so, or use personal information for a purpose other than the Neurological Foundation purposes without the consent of the individual concerned.
- Access to and Correction of Personal Information by the Individual
- Any person or their authorised agent (in writing) may ask the Neurological Foundation whether personal information is held about him or her and have access to such information if it exists subject to the exceptions contained in Part IV of the Privacy Act. Access is not limited to “the file” and may include diary notes and/or other material in separate files.
- In these circumstances the Neurological Foundation will:
- Check the identity of the requester
- Provide assistance to the requester if necessary.
- Transfer the request if personal information is not held by the Neurological Foundation and the Neurological Foundation is aware of another agency holding personal information.
- Identify if personal information is held and identify if any personal information is to be withheld pursuant to sections 27-29 of the Privacy Act.
- Respond to the request as soon as practicably but no later than 20 working days after the request is made (unless it is necessary to seek an extension).
- Provide information in the way asked by the requester unless to do so would impair efficient administration. This can include providing an opportunity to inspect a file (under supervision to protect the integrity of the file and to provide explanations if necessary), providing the individual with a copy of any document, furnishing oral information about a file’s contents and giving a summary of the contents.
- If the request for access is declined, the Neurological Foundation will explain why the request is declined and advise the requester of his/her right to complain to the Office of the Privacy Commissioner.
- If the requester says that information held is incorrect (with which the Neurological Foundation agrees) or a staff member is aware that incorrect information is held, the Neurological Foundation will take all practicable steps to have the file corrected immediately with any change noted carefully to ensure that an adequate audit trail of changes exists.
- If the Neurological Foundation does not agree with a request for correction, then the requester will be given an opportunity to have a statement of correction held with the information. The information and correction will be held in such a way so that anyone accessing the file will understand there are two statements held on file.
- If the Neurological Foundation receives a request to have the information suppressed or deleted then the Neurological Foundation will take such reasonable steps as are necessary to ensure that any record remaining is accurate, with a clear audit trail of any changes to the information or otherwise hold such information separately for the purposes of audit only.
- Disclosure of Personal Information to Third Parties
- The Neurological Foundation does not disclose personal information to third parties except that it will do so if required by law to release the information (for example a request from the Department of Inland Revenue under its legislation; or a request from the Police pursuant to a search warrant).
- The Neurological Foundation does not disclose personal information to third parties except that it may do so in the following circumstances:
- it is for one of the Neurological Foundation’s purposes; or
- the situation is covered by one of the other exceptions set out in principle 11 of the Privacy Act.
- The Neurological Foundation does not use any personal information of members, donors, bequestors or supporters (including photographs) for its newsletter or website without consent.
- Volunteers are required to keep personal information confidential to the Neurological Foundation and will be required to sign the following, together with any other terms of engagement as determined by the Neurological Foundation:
I agree to keep confidential all information that I obtain about the Neurological Foundation and its members, donors, bequestors or supporters, including after my volunteer work with the Neurological Foundation is ended or terminated, unless otherwise than as necessary for the proper performance of my duties and responsibilities or as required by law. - Staff members do not give personal information out over the phone unless the staff member is reasonably satisfied that the receiver is a person to whom personal information may be disclosed.
- If the Neurological Foundation receives an enquiry from the Police, process servers from the Court or Other Government Officials then the request will be managed by the Neurological Foundation’s privacy officer or his/her delegate.
- Retention, Use and Disposal of Personal Information
- The Neurological Foundation does not keep personal information for longer than is required for its purposes without consent from the individual concerned, unless required by law or for audit purposes.
- The Neurological Foundation only uses personal information for the purposes identified in this policy.
- If personal information is to be destroyed then documents will either be shredded or placed in a locked bin which has the contents disposed of in a confidential and secure manner.
- If disposing of computer based records, digital material or computer hardware, this will be disposed of with the assistance of a computer technician to ensure the record is completely deleted, or the hardware physically destroyed.
Online data
What data we collect
We may collect the following information:
- Contact Information – This refers to your name, email, address and other information you provide our website
- Website activity – This refers to your browsing activity on the Neurological Foundation website.
- Device and browser information – The device or browser you use to access the Neurological Foundation website.
- Ad data – The online ads we have served (or attempted to serve) to you. It includes the number of times this has been served, the page the ad appeared on, and whether you clicked or not on the ad.
- Data from Advertising Partners – This is data that we receive from other digital advertising companies that we work with (i.e. Google, Adroll, Facebook) to help us deliver ads to you and recognize you across browsers and devices.
We use this data to help our Advertisers identify and serve ads to you that are more relevant to you. We also use this data to operate, improve and enhance our services including enhancing the data points we or our Advertising Partners have about a particular user, browser, or device, or to target, optimize, cap, or synchronize advertising.
On ads served by AdRoll, look for an AdChoices logo (the blue triangle) in the corner of the ad. Click the logo to learn more about interest-based advertising, who served the ad, and manage your ad options. You can also opt out of seeing personalized ads from AdRoll (and other companies) using the NAI opt out tool here. Please note you will still see ads even if you opt out, but they will not be personalized by AdRoll.