Privacy Policy

1 This Privacy Policy outlines the principles and processes by which SHINE Inspire Achieve Belong Incorporated (SHINE) seeks to recognise and protect the privacy interests of all the parties from whom personal and/or sensitive information may be collected in the conduct of its operations and activities. This policy has been developed to adhere to the Privacy Act 1988 (Cth) and the application of the Australian Privacy Principles.

2 This Privacy Policy describes the collection, use, storage and disclosure of your personal and/or sensitive information by SHINE. It also sets out the method by which you can access the personal and/or sensitive information collected about you by SHINE, and enquire about the way it is handled.

What type of personal information does SHINE collect?

3 The type of personal information that SHINE may need to collect from you, or concerning you, is determined by the way in which it interacts with you. SHINE is likely to interact with volunteers, participants in its charitable programmes, sponsors, staff, consultants and other third parties. The types of personal information it may collect about you will include, but is not be limited to:

4 Should you choose not to provide the personal information sought by or on behalf of SHINE, it may mean that SHINE cannot provide its services to you, and conversely you may not be able to provide any services to SHINE.

Why does SHINE collect your personal information?

5 SHINE collects your personal information in order to:

How does SHINE collect personal information from you?

6 Some of the personal information will be collected through SHINE’s website, SHINE’s email account, the email accounts of SHINE’s board members and other volunteers, and other information will be directly collected from you in person.

7 When you visit SHINE’s website, or download information from it, the following information may be recorded:

8 When information is collected from you (whether in person or through some other medium), SHINE may require you to sign a form by which you will expressly consent to the collection of information.

What type of sensitive information does SHINE collect about you?

9 If SHINE provides charitable services to you, or you participate in its charitable programmes and activities, it may be required to collect personal information from you which is of a sensitive nature. The sensitive information which SHINE may collect includes but is not limited to:

Why does SHINE collect sensitive information?

10 The participants in SHINE’s programmes may be minors dealing with problems relating to health (including mental health), their ethnicity, and domestic issues which could adversely impact on their health. SHINE may be required to collect sensitive information in order to provide tailored charitable services to participants in its programmes.

How does SHINE collect sensitive information from you?

11 Before collecting information from anyone which may be of a sensitive nature, SHINE will obtain the individual’s express consent to that collection. Save for volunteer consent forms which may be collected electronically, sensitive information will only be collected in person.

How does SHINE store and hold personal and sensitive information?

12 SHINE may hold information about you in the following formats:

13 Some of the information which SHINE collects about individuals and volunteers will be stored on cloud-based storage systems.

To whom may SHINE disclose my personal information?

14 In the provision of our services to you, SHINE may be required to disclose personal information to external entities, including but not limited to the following:

15 SHINE, and the entities to which it discloses your personal information, may from time to time utilise cloud-based computing services. In such cases, personal information may be disclosed to hosting entities overseas. As a result, SHINE will not disclose personal information to entities without a Privacy Policy meeting or exceeding the standard of stringency contained in this Privacy Policy.

To whom may SHINE disclose my sensitive information?

16 SHINE may be required to disclose sensitive information collected from people under 18 years of age to:

17 SHINE will obtain express consent to disclosure to the entities named above at the same time that it obtains consent to the collection of the sensitive information.

Can I access my information and have it corrected?

18 In the normal course of SHINE’s interaction with you, you can contact the SHINE Coordinator by email, in writing, over the phone or in person to check, update or correct information SHINE may already have collected for the purpose of providing our services to you. You will be required to answer questions to prove your identity to us prior to, and in order to have such information amended or confirmed to you.

19 You can request access to your personal and sensitive information at any time, or ask us to correct this information where you believe it is incorrect or out of date. No fee will be charged for a request to access the information.

20 To access your personal information, please contact the SHINE Coordinator in writing at:

21 Subject to the situations where further express consent will be required from you (as set out at [6], [8] and [9] above), you will be deemed to have consented to the terms set out in this Privacy Policy by:

How can I register a complaint about the handling of my personal information by SHINE?

22 If you feel that SHINE has not adhered to this policy (or any other disclaimer or consent form) in the course of its provision of services, you may lodge a complaint to us in writing, and outlining the alleged breach: including details of the information so affected, the circumstances of the information so handled, and the timing of the breach, and addressed to:

SHINE Privacy Officer at:

Post: PO Box 2891 Geraldton WA 6531


23 Upon receipt of such a complaint SHINE will endeavour to respond, in writing, to you about your complaint within 30 days.

24 If you are not satisfied with SHINE’s response to you, or if a response is not forthcoming after the expiry of 30 days, the Office of the Australian Information Commissioner can investigate privacy complaints from individuals about Australian and Norfolk Island Government agencies, and private sector organisations covered by the Privacy Act 1988 (Cth).