Our commitment to your privacy
The Institute for Chronically Traumatized Children (ICTC), PO box 407, Agnes Water QLD 4677 Australia. Email: firstname.lastname@example.org is responsible for handling your personal information. We are committed to keeping the personal and sensitive information you provide to us secure. We take all reasonable precautions to protect the personal and sensitive information we hold about you from misuse and loss and from unauthorised access, modification or disclosure.
The information we collect or receive
The ICTC can access customers information through a personal Tickettailor account. We use the information to enable you to attend the workshop such as to confirm your eligibility to attend our workshop (e.g. Registered Health Professional status), to provide you with the following: workshop details, pre-workshop materials, personalised workshop materials, post-workshop follow up information. Participants information is uploaded into a dropbox folder to enable remote access by the ICTC’s trainer and secretary to generate attendees lists or certificates of attendance.
After the workshop or training, hardcopies with personal information are destroyed and the file is removed from dropbox. The customers information is removed from Tickettailor and stored on the ICTC’s computer and 2 backup harddrives.
Customers can chose to use Stripe or Paypal for payment processing and personal information such as credit card details is dealt with according to their privacy policies. Ticket Service generates a tax receipt with the customers name and address but does not have access to credit card or banking details. The ICTC does not have access to credit card or banking details.
Registration via email
When customers register via email or outside the Tickettailor platform, their information is stored in dropbox and dealt with in the same way. An invoice is generated through the accounting system Xero and this invoice is paid via bank tranfer. The customer’s name and address is then stored in Xero and after payment Xero generates a receipt.
Personal information shared via email regarding training or workshops is only stored until the matter discussed is dealt with and then deleted. The ICTC uses an Outlook emailaccount.
Periodically, the ICTC sends out mailings. If you have provided the ICTC with your consent to keep you informed about future workshops and training, the ICTC will upload name and email address and country of residence into the ICTC’s Mailchimp account. This information is not shared with others than the director and secretaries of the ICTC. If you wish to opt out you can use the button in the mailing to ensure this becomes effective or email the ICTC via ICTC@ariannestruik.com.
Your information is stored solely to enable us to keep our agreement, except when legally required, for example for tax purposes.
Customers information about workshop, training and supervision is kept for 15 years to enable customers to receive for example a replacement Certificate of Attendance.
Customers information in Xero regarding payment processing is stored for 7 years according to tax regulations.
Personal information of which the storage term has passed or which is no longer needed, will be destroyed.
All information you provide to us is stored on our secure servers. Any payment transactions will be carried out by third parties over encrypted connections using SSL technology. The ICTC’s freelancers and employees only use protected wifi networks.
Service providers with access to your personal information are according to their contracts, obligated to handle your information confidentially and safely.
Freelancers, such as trainers and secretaries working for the ICTC sign a confidentiality agreement.
Mobile phones, computers and backup hard drives are protected by a password. When a usb stick is used it is protected by a password and the data are deleted after use. Passwords to access phones, email, the computer and backup hard drive are not automatically filled in or stored and changed periodically. The backup hard drives are stored in a locked filing cabinet inside the ICTC’s offices in two separate locations.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your data transmitted to our site and any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Sharing your information
We will only disclose your personal and sensitive information in the following circumstances:
- when we have your consent;
- to third parties where necessary for us to provide our services to you, or where you have expressly asked us to do so for the purposes of them or us providing further services. These third parties may include, without limitation, banks and payment processors;
- to comply with any law enforcement agency, judicial proceeding, court order, or legal process in any jurisdiction that is investigating any breach or suspected breach of any law in any jurisdiction regarding your identity or other personal and sensitive information provided by you to us;
- where disclosure is reasonably necessary to enforce our agreements with you or any rights we have, including investigation of potential violations, or to detect, prevent, or investigate a matter relating to security, fraud or other technical issues;
- where disclosure is reasonably necessary to protect the ICTC’s rights or intellectual property or to protect the safety of the ICTC’s employees, users or the public as required or permitted by law; or
- where we are otherwise permitted by law to disclose your personal and sensitive information.
How you may access your information
Copies of your personal and sensitive information which we hold may be reasonably requested by contacting us via email at email@example.com. We may charge you for the costs for this or refuse, in our sole discretion, to provide you access to your personal and sensitive information which we hold, where such refusal is permitted by the Privacy Act 1988 (Cth), the Privacy Principles, the GDPR or any other law.
The Office of the Australian Information Commissioner may be contacted on
Tel: 1300 363 992
or postal address at:
GPO Box 5218
Sydney NSW 2001
or online at: www.oaic.gov.au.
For more information about privacy issues in Australia and protecting your privacy, visit the Federal Privacy Commissioner’s website.