Privacy

1. ACA's Commitment

The Australian Chiropractors Association Limited (ACA) is a company limited by guarantee that represents its members, who are either registered chiropractors or students of chiropractic, in matters pertaining to chiropractic and the chiropractic profession in Australia.

ACA values the relationship it has with members and members of the public and recognises the importance of maintaining the confidentiality of the personal information of its members, members of the public and others who provide ACA with personal information. ACA acts consistently with the requirements of the Privacy Act 1988 (Cth) and the Australian Privacy Principles contained within that Act.

ACA recognises that the protection of privacy is in the public interest and is important for the dignity and well-being of individuals. ACA is committed to upholding these principles in all its privacy practices.

2. Purpose

The purpose of this policy is to assist you in understanding how ACA manages your personal information. The policy outlines the purpose of how we collect, hold, use, store and disclose your personal information.

By providing personal information to us, you consent to our collection, use and disclosure of this information in accordance with this Privacy Policy.

3. What type of Personal Information does ACA collect?

The majority of the personal information collected by ACA is personal information of its members.

In the course of servicing its members, ACA also collects personal information of its employees, third-party service providers, suppliers and others. In addition, in connection with programmes and other initiatives run by ACA, ACA may collect personal information from members of the public. In relation to members, the personal information which ACA collects includes Ahpra registration number, year of birth, gender, current address, clinic addresses, telephone, mobile numbers, email address, website address, educational qualifications, name of institution where the member graduated, diagnostic imaging facilities and techniques administered, details of professional indemnity insurance, years of membership, and Aboriginal & Torres Strait Islander origin. It may also include bank account and credit card details where necessary for billing of payment purposes.

In relation to non-members, the personal information that ACA collects will depend upon the relationship between ACA and the relevant individual. However, the information may include the relevant individual’s name, contact details (name, address, phone number and email), year of birth, and gender.

ACA may also collect information from visitors to this website but that information will be de-identified information. ACA does not collect personal information from casual visitors to this website. As part of the normal operation of this site, a visitor’s internet browser will be sent a “cookie” (a temporary Internet file). This cookie enhances this website’s functionality with features such as membership logon and electronic ordering. By itself, this cookie can only identify the visitor’s computer to the ACA server; it is not used to identify the visitor personally.

ACA does not collect sensitive information about any person unless it is necessary and ACA has your consent, it is required by law or in accordance with the Privacy Act 1988 (Cth), or you voluntarily provide the sensitive information in accordance with the Privacy Act 1988 (Cth).

3.1 Anonymity and pseudonymity – Where lawful and practicable, individuals may interact with the Association anonymously or by using a pseudonym.

This may not be possible where the Association is required to identify an individual, including for membership administration, provision of services, responding to enquiries that require identification, or where identification is required or authorised by law.

3.2 Notification of collection – ACA will take reasonable steps to notify individuals, at or before the time personal information is collected (or as soon as practicable thereafter), of the matters required under the Australian Privacy Principles.

4. How does ACA collect Personal Information?

In relation to members, ACA collects personal information from members in the course of applications, registration and administration processes. For the most part this personal information is collected directly from the member concerned but it may also be collected from the organization where the member works.

ACA uses the personal information collected from non-members, to assist ACA in providing services to its members, and to provide other services as relevant, including:

  • ACA programs and initiatives;
  • recording and managing enquiries, and otherwise communicating with individuals and the public generally;
  • performing ACA’s obligations under any agreement between ACA and that of an individual or group; and
  • storing and processing information.

4.1 Unsolicited personal information – If the Association receives personal information that it did not request, the Association will determine whether the information could have been collected under the Australian Privacy Principles. If the information could not lawfully have been collected, and the information is not contained in a Commonwealth record, the Association will take reasonable steps to destroy or de-identify the information as soon as practicable.

ACA does not currently use automated decision-making processes that produce legal or similarly significant effects on individuals. If this changes, we will update this privacy policy to reflect our automated decision-making practices and provide appropriate transparency and safeguards.

5. How does ACA use Personal Information?

ACA’s primary purpose in collecting personal information of its members is to enable ACA to fulfil ACA’s

service commitments by providing membership, education and training and management services.

ACA only uses personal information to provide members with services associated with being a member of ACA. In the case of members, personal information may be used to:

  • administer and manage your membership of ACA, including charging and billing and the collection of debts;
  • verify your identity and that you are a member of ACA;
  • respond to specific requests for member information;
  • provide you with special offers you may find of interest;
  • provide you with information about events and publications that may be of interest;
  • provide you with information on new products or services to be offered by ACA or ACA’s partners;
  • improve services;
  • research and develop ACA’s services to you, the member;
  • address information technology requirements, systems maintenance and development issues;
  • keep you informed about matters related to ACA’s and the chiropractic profession’s activities;
  • provide information about chiropractic to the general community;
  • assist members of the public to find a chiropractor in their local area; and
  • measure consumer interest in ACA services.

In the case of individuals who are not members, ACA uses their personal information to assist ACA in providing the services described.

In the case of a member of the public, ACA uses their information in the course of providing services to that individual. This includes:

  • allowing the individual to participate in ACA programs and initiatives;
  • recording and managing the individual’s enquiries and otherwise communicating with that individual;
  • performing ACA’s obligations under any agreement between ACA and that individual; and
  • storing and processing the individual’s information.

Individuals may opt out of receiving direct marketing communications from the Association at any time by using the unsubscribe function provided in the communication or by contacting the Association using the details set out in this policy.

ACA will not use or disclose personal information for direct marketing if you have opted out, except as permitted by law. ACA distinguishes between communications sent to members and non-members and will comply with the direct marketing requirements under the Australian Privacy Principles.

6. Disclosure of Personal Information

ACA does not sell or licence personal information. ACA will disclose personal information to a third party:

  • where it is necessary to provide the services mentioned above or to provide you with information requested by you. These third parties include persons and organisations which assist ACA with services like printing activities, database management, mailing systems, billing & debt recovery functions and information & technology functions;
  • to meet the disclosed purpose for which it was collected;
  • to the extent necessary to carry out the improvement of services provided;
  • as required by law; or
  • with the consent of the individual providing the personal information.
  • where the third party offers products or services to members – for example, insurance.

Where personal information is disclosed to third parties, ACA seeks to ensure that they comply with the requirements of the Privacy Act. ACA takes reasonable steps to ensure that third-party service providers implement practices, procedures, and systems to comply with the APPs in relation to personal information they hold on our behalf

While the Association takes reasonable steps to select service providers that handle personal information appropriately, the Association cannot control how third parties manage personal information once disclosed to them.

When you become a member, your professional practice information may be listed in our public ‘Locate a Chiropractor’ directory to help members of the public find chiropractic services. You can request to opt out of this public listing.

A website may require password access to view a member’s full information. This information is only disseminated for the express use of members and subject to compliance with this Privacy Policy.

7. Security and Storage of Personal Information

ACA takes reasonable steps to protect your personal information from misuse, loss and from unauthorised access, modification or disclosure. These reasonable steps include both technical and organisational measures, such as:

  • Encryption of data
  • Access controls and authentication systems
  • Regular security assessments and updates
  • Staff training on privacy and data security
  • Incident response procedures
  • Secure disposal protocols

ACA imposes strict rules on its employees who have access to the databases that store personal information and/or to the servers that host ACA’s services.

While ACA uses all reasonable endeavours to ensure that you provide personal information in a secure environment, no data transmission over the internet can be guaranteed as totally secure. If you suspect any misuse, loss or unauthorised access, modification, or disclosure of your personal information, please contact the Privacy Officer immediately.

7.1 Retention and disposal – Where personal information is no longer needed for any purpose for which it may be used or disclosed under the Australian Privacy Principles, and the Association is not required or authorised by law to retain it, the Association will take reasonable steps to destroy or de-identify the information.

7.2 Data Breaches – If the Association experiences a data breach involving personal information, it will assess the incident to determine whether notification is required under the Notifiable Data Breaches scheme in Part IIIC of the Privacy Act 1988 (Cth), where applicable.

Where notification is required, the Association will notify affected individuals and the Office of the Australian Information Commissioner in accordance with the Privacy Act.

8. Access to Personal Information

An individual has the right to access and, if necessary, to correct personal information provided to and held by ACA. For security reasons, a written request for access to ACA’s Privacy Officer (contact details below) may be required.

ACA takes all reasonable steps to ensure that the personal information it collects, uses or discloses is accurate, complete and current. However, the accuracy of the information ACA holds depends to a large extent on the information members provide. Individuals who have provided personal information can assist ACA in meeting this criterion by notifying ACA of changes to their personal details.ACA will take reasonable steps to correct personal information and, where appropriate, notify third parties of the correction.

ACA is not obliged to allow access by you to your personal information if:

  • ACA reasonably believes that giving access would pose a serious threat to the life, health, or safety of an individual or the public’
  • giving access would have an unreasonable impact on the privacy of other individuals;
  • the request for access if frivolous or vexatious;
  • the information relates to existing or anticipated legal proceedings between you and ACA;
  • giving access would be unlawful;
  • denying access is required or authorised under an Australian law, or a court or tribunal order;
  • we have reason to suspect that unlawful activity or misconduct of a serious nature relating to ACA’s functions or activities has been, is being, or may be engaged in, and giving access would be likely to prejudice the taking of appropriate action in relation to the matter;

  • giving access would be likely to prejudice one or more enforcement related activities conducted by, or on behalf of, an enforcement body; or

  • giving access would reveal evaluative information in connection with a commercially sensitive decision-making process.

Where access is refused, ACA will provide written reasons and information on how to make a complaint.

9. Children's Privacy

ACA’s membership services are designed for adults (persons 18 years and over). We do not knowingly collect personal information from children under 18 through our membership processes.

Our ‘Locate a Chiropractor’ public directory service may be accessed by members of the public, including parents or guardians seeking chiropractic services for children. When members of the public use this service, we collect limited technical information (such as IP addresses and cookies) but do not require registration or collection of personal information from users.

If you are a parent or guardian and believe your child has provided us with personal information, please contact our Privacy Officer.

10. Overseas Disclosure

ACA may disclose personal information to external service providers located overseas so that those service providers are able to provide ACA with services in connection with ACA’s operations, such as marketing services, business support services (including the facilitation of correspondence), and data storage. Where it is possible to do so, ACA will also require its agents, consultants, and contractors that may process personal information on ACA’s behalf to ensure a substantially similar level of privacy protection consistent with this privacy policy and the standards that we are required to provide under the applicable privacy laws.

Where personal information is disclosed to overseas recipients, ACA takes reasonable steps to ensure that the recipient does not breach the Australian Privacy Principles, unless an exception under APP 8 applies.

11. Complaints Resolution

ACA is committed to providing consumers with a fair and responsive system for handling and resolving complaints. You have a right to complain and to have your complaint handled efficiently. ACA believes that in receiving your complaint, ACA is provided with a valuable opportunity to improve the services ACA delivers to you and maintain your confidence in ACA and ACA’s services.

If at any time you wish to lodge a complaint in respect of the handling, use or disclosure of your personal information by ACA you may notify ACA of your complaint by completing the ACA Complaints Form and submitting it to the Privacy Officer, Australian Chiropractors Association, PO Box 255, Parramatta, NSW 2124, or by emailing privacy@chiropractors.org.au. ACA will endeavour to investigate and advise you of the outcome of a complaint within 21 days of receipt of the complaint.

If a complainant is not satisfied with ACA’s response, they may lodge a complaint with the Office of the Australian Information Commissioner (OAIC).

12. Contacts

Individuals wishing to access their own personal information or seek further information about ACA’s privacy practices can contact:

The Privacy Officer
Australian Chiropractors Association Limited
PO Box 255
Parramatta NSW 2124
Ph: (02) 8844 0400
Fax: (02) 8844 0499
Email: privacy@chiropractors.org.au

If an individual is not satisfied with the outcome of a privacy complaint handled by the Australian Chiropractors Association, they may lodge a complaint with the Office of the Australian Information Commissioner (OAIC).

Office of the Australian Information Commissioner
GPO Box 5288
Sydney NSW 2001

Phone: 1300 363 992
Website: www.oaic.gov.au

13. Updates to this Privacy Policy

This Privacy Policy will be reviewed periodically to ensure ongoing compliance with Australian privacy law. We will publish updated versions on our website. For material changes that may affect how we handle your personal information, we will notify current members by email or through our member communications.

Further Information on Privacy

Further information may be obtained on privacy issues in Australia by visiting the Australian Federal Privacy Commissioner’s website at https://www.oaic.gov.au/privacy