ALDE Privacy Policy
Effective Date: 15 November, 2024

Introduction
The privacy policy details the methods the Association of Land Development Engineers (ALDE or we) uses to gather, utilise, reveal, and safeguard the personal data of our members and others who engage with us. We pledge to honour your privacy rights and adhere to the Associations Incorporation Reform Act 2012 (the Act) along with applicable privacy regulations.

Definitions

  • Personal information: Any information or opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not, and whether it is recorded in a material form or not.
  • Consent: Any freely given, specific, informed, and unambiguous indication of the individual’s wishes by which they, by a statement or clear affirmative action, signify agreement to the processing of personal information relating to them.
  • Data breach: Any unauthorised access, disclosure, or loss of personal information that is likely to result in serious harm to the affected individual(s).

Legal Obligations
As an incorporated association under the Act, we are required to manage the personal information of our members in accordance with the Act and the Australian Privacy Principles (APPs) contained in the Privacy Act 1988. The APPs set out the minimum standards for the collection, use, disclosure, and security of personal information, as well as the rights of individuals to access and correct their information.

Responsibilities
The secretary of ALDE is responsible for ensuring compliance with this policy and the Act, as well as responding to any privacy inquiries or complaints. The secretary may delegate some or all of these tasks to other officers or staff members, as appropriate. All officers and staff members who handle personal information must be trained on their privacy responsibilities and follow the procedures outlined in this policy.

Data Collection
We collect personal information necessary for the purposes of our association, such as:

  • Providing membership benefits and services
  • Communicating with our members and other stakeholders
  • Organising events and activities
  • Managing our finances and operations
  • Conducting research and surveys
  • Advocating for our members’ interests
  • Complying with our legal and regulatory obligations

We collect personal information directly from the individuals concerned, or from their authorised representatives, unless it is unreasonable or impracticable to do so. We may also collect personal information from publicly available sources or third parties, such as other associations, government agencies, or service providers, with the consent of the individuals or as permitted by law. We maintain records of all our data collection activities, including the source, date, method, purpose, and legal basis of the collection, as well as the type and amount of information collected.

Consent
We obtain consent from the individuals whose personal information we collect, use, or disclose, unless consent is not required or can be implied by law. We provide clear and transparent information about the purpose and scope of the consent, as well as the consequences of withdrawing or refusing consent. We respect the right of individuals to withdraw or refuse consent at any time, subject to any legal or contractual restrictions.

Access and Correction
We provide our members and other individuals with the right to access and correct their personal information that we hold, subject to any exceptions or limitations prescribed by law. We respond to requests for access or correction within a reasonable time and in the manner requested by the individual, unless it is impracticable or unlawful to do so. We may charge a reasonable fee for providing access, but not for making a correction. We take reasonable steps to ensure that the personal information we hold is accurate, complete, up to date, and relevant.

Data Security
We implement physical, technical, and administrative safeguards to protect the personal information we hold from unauthorised access, disclosure, or loss. We regularly review and update our security measures to address any new or emerging risks. We also ensure that any third parties who handle personal information on our behalf have adequate security measures in place.

Retention and Disposal
We retain personal information for as long as it is needed for the purposes for which it was collected, or as required by law. We dispose of personal information securely and irreversibly, using appropriate methods such as shredding, deletion, or anonymisation.

Third-Party Disclosure
We do not disclose personal information to third parties, unless we have the consent of the individuals concerned, or we are required or authorised by law to do so. We may disclose personal information to third parties who provide services or functions on our behalf, such as event organisers, website hosts, payment processors, or marketing agencies. We ensure that these third parties have a legitimate need to access the personal information, and that they comply with this policy and the law.

Cross-Border Data Transfer
We do not transfer personal information outside Australia, unless we have the consent of the individuals concerned, or we are required or authorised by law to do so. We may transfer personal information outside Australia to third parties who provide services or functions on our behalf, such as cloud storage providers, email service providers, or survey platforms. We ensure that these third parties have adequate data protection measures in place, and that they comply with this policy and the law.

Policy Availability
We make this policy easily accessible on our website and in our premises. We notify our members and other individuals of any updates or changes to this policy and seek their consent if necessary.

Breach Notification
We commit to promptly notifying the affected individuals and the relevant authorities in case of a data breach that is likely to result in serious harm, in line with our legal obligations and our data breach response plan.

Complaints Process
We establish a clear and fair process for handling privacy complaints. We encourage individuals to contact us if they have any concerns or complaints about how we handle their personal information. We aim to resolve complaints within a reasonable time and in a satisfactory manner. We also inform individuals of their right to lodge a complaint with the Office of the Australian Information Commissioner (OAIC) or other relevant bodies.

Regular Review
We regularly review and update this policy to ensure that it remains compliant with the law and effective in practice. We seek feedback from our members and other stakeholders on how we can improve our privacy practices.

Legal Advice
We seek legal advice to ensure full compliance with relevant privacy laws. This policy is not intended to be a substitute for legal advice and should not be relied upon as such.