Privacy and Confidentiality Statement
The purpose of this Statement is to provide guidance around privacy and confidentiality at Sydney Early Educations Centres (the Service).
Personal information will be managed in a way that protects an individuals’ privacy and respects their rights under Australian privacy laws.
We only collect personal information if this is needed to carry out Service operations or to comply with our legal obligations. We will take reasonable steps to make sure you know we have your personal information, how we got it and how we’ll handle it.
We collect most personal information directly from a parent or guardian. We may also collect information through our website, social media page, Family Law court orders or agreements, special needs agencies and training courses. We may occasionally request information from other organisations as reasonably necessary for us to educate and care for a child.
By enrolling your child in our Service, parents consent to the collection of personal information in accordance with this Privacy and Confidentiality Statement.
The personal information we may collect includes but is not limited to name, address, date of birth, gender, family contact details, emergency contact details, authorised nominee details, parents’ occupations, cultural background, home language, religious beliefs, payment details, child care benefit information, Medicare number, immunisation records, medical information and medical management plans, photos of children and information about children’s strengths, interests, preferences and needs, including special needs.
If we are unable to collect necessary personal information, we may be unable to enrol a child at our Service.
Use and Disclosure
Your personal information is considered confidential and will not be used for any purpose other than for the proper operation of the Service or as required by law, such as in circumstances of emergency. Accordingly, personal information may be accessed by and exchanged between Service staff in the course of their work, and third parties who provide supportive or associated services to the Service. However, it will not be disclosed without your written consent to do so or as required by law.
The Privacy Officer from each of our Service locations will be responsible for management of personal information, including its secure storage systems and associated procedures. This person or people must take reasonable steps to ensure the personal information collected by the Service is accurate and complete to enable provision of a high quality service while ensuring the health and safety of children and all workplace participants, particulary in the event of an emergency.
Only the Privacy Officer is allowed to access personal information. The Privacy Officer may require verification of identity, confirmation of original documentation or any other reasonable steps to be taken to ensure that personal information is protected from misuse, interference, loss, unauthorised access, modification or unauthorised disclosure.
To ensure compliance by the Service, all Service staff must sign a Confidentiality Statement acknowledging their pricacy and confidentiality obligations at commencement with the Service.
You have the right to access yours or your child’s personal information and may request the correction of any errors or an update where the information has changed. There are some circumstances under Australian privacy laws where we may not be able to give you access. We will tell you if this is the case. There is generally no cost for accessing your information. We will tell you if there is a charge before providing access.
Breach of Privacy
Employees must notify the Privacy Officer about a breach or suspected breach of confidentiality or in relation to personal information as soon as they suspect the breach or become aware a breach has occurred. In addition, the Privacy Officer must implement the Service’s Data Breach Response Plan and relevant individuals and applicable authorities, such as the Australian Information Commissioner (the Commissioner), must be notified as soon as possible.
The Privacy Officer must undertake a preliminary risk assessment of any breach or suspected beach, make detailed records of the same, and take any steps deemed reasomnably necessary in the circumstances.
The Commissioner will only be notified of a breach where deemed appropriate due to the nature of the breach or associated risk.
Our Privacy Officer for privacy matters, including complaints, may be contacted by email firstname.lastname@example.org or by mail PO Box 390 Beecroft NSW 2119.
We will notify of any updates to our Privacy and Confidentiality Policy through our Service Noticeboards and our Newsletter.