Privacy Policy

Riverview Church | Thursday 13 January 2020

Riverview Church Inc Riverview Community Services Inc

Riverview Media Inc Regent College Inc

(Collectively referred to as Riverview, we, our, us)

Riverview recognises the importance of protecting the privacy and the rights of individuals in relation to their personal information. This document is our privacy policy and it tells you how we collect and manage your personal information. We respect your rights to privacy under the Privacy Act 1988 (Cth) (Act) and we comply with all of the Act’s requirements in respect of the collection, management and disclosure of your personal information.

What is your personal information?

When used in this privacy policy, the term "personal information" has the meaning given to it in the Act. In general terms, it is any information that can be used to personally identify you. This may include your name, address, telephone number, email address and profession or occupation. If the information we collect personally identifies you, or you are reasonably identifiable from it, the information will be considered personal information.

What personal information do we collect and hold?

We may collect the following types of personal information:

  • Contact information;
  • Date and place of birth;
  • Regular attenders details;
  • Employment details, including tax file numbers;
  • Health information;
  • Volunteer roles with us;
  • Expertise and interests;
  • Family circumstances;
  • Financial information that you provide to us including your credit card and debit card details;
  • Sensitive information (such as your health, family and personal circumstances, criminal records check) that you provide to us, including but not limited to information shared during pastoral visits, prayer and when completing our forms;
  • Income levels of yourself and your family, your Centrelink card number and other information that we require should you visit our community services area;
  • Details of events or camps that you previously attended, together with any additional information necessary to run the event or camp;
  • Any additional information relating to you that you provide to us directly through our websites or indirectly through use of our websites or online presence; and
  • Any other information you provide to us.

We may collect health and sensitive information from you if we are providing you with pastoral care or community services. We will only collect the sensitive information that is necessary for us to provide you with the relevant care and services.

We may also collect some information that is not personal information because it does not identify you or anyone else. For example, we may collect anonymous answers to surveys or aggregated information (for example, when we carried out the online survey with our congregation for them to inform us of their preferred weekend celebration time).

How do we collect your personal information?

We collect your personal information directly from you unless it is unreasonable or impracticable to do so. When collecting personal information from you, we may collect in ways including:

  • When you complete paper and electronic forms, including but not limited to event registration forms and courses forms;
  • When you complete the giving envelopes during weekend celebrations or events or when you give through various methods, including but not limited to our website, telephone and post;
  • When you sign up and use Elvanto;
  • When you subscribe to us on Mailchimp;
  • When you subscribe to us on Nova Creatura;
  • When you communicate to us via SMS;
  • When you access and use our website to register, give online or to enquire;
  • When you post comments on our social media, including but not limited to Twitter, Instagram, Vimeo and Facebook;
  • When you access our services, events and programs;
  • When you email or telephone us;
  • When you visit our website;
  • When you voluntarily provide us with your details for us to add you to our mailing lists;
  • During conversations or prayer sessions, in person or on the telephone, between you and our staff members and volunteers;
  • During interviews, meetings and discussions, formal and informal, with our staff members and volunteers; and
  • When you attend our weekend celebrations, events, camps, courses and our other programmes, or

We may also collect your personal information from third parties including:

  • From the Australian Federal Police regarding police checks that are required for you to volunteer or work with us in particular areas;
  • From the Department of Child Protection regarding Working With Children Checks that are required for you to volunteer or work with us in particular areas; and
  • From any other agencies and other government entities as and when required.

If it is unclear whether you consented to the disclosure of your personal information to us, we will take reasonable steps to contact you and ensure that you are aware of the collection and the purposes for which we collected your personal information.

We may also collect personal information from you about someone else however you must ensure that you are authorised to disclose that information to us. You must take reasonable steps to ensure that the individual concerned is aware of and / or consents to the matters detailed in this privacy policy, including the fact that their personal information is being collected, the purposes for which that information is being collected, the intended recipients of that information, the individual’s right to obtain access to that information, our identity and how to contact us. Where requested to do so by us, you must also assist us with any requests by the individual to access or update the personal information you have collected from them.

In some cases we may also collect your personal information through the use of cookies. When you access our website, we may send a “cookie” (which is a small summary file containing a unique ID number) to your computer. This enables us to recognise your computer and greet you each time you visit our website without bothering you with a request to register. We also use cookies to measure traffic patterns, to determine which areas of our website have been visited and to measure transaction patterns in the aggregate. We use this to research our users’ habits so that we can improve our online services. Our cookies do not collect personal information. If you do not wish to receive cookies, you can set your browser so that your computer does not accept them. We may log IP addresses (that is, the electronic addresses of computers connected to the internet) to analyse trends, administer the website, track users movements, and gather broad demographic information.

We may receive unsolicited personal information where we did not request for the information. Unsolicited personal information includes misdirected mail received, correspondence sent to us by the public, employment and volunteer applications sent on an individual’s own initiative and not in response to our advertised vacancy, promotional flyers containing personal information and comments on our social media. We reserve the right to assess all unsolicited personal information received and to de-identify or destroy it within a reasonable time period in accordance to Australian Privacy Principle 4.

What happens if we can’t collect your personal information?

If you do not provide us with the personal information described above, some or all of the following may happen:

  • We may not be able to provide the requested services to you, either to the same standard or at all;
  • We may not be able to provide you with information about services that you may want or events that you may want to attend, including information about weekend celebrations, guest speakers, upcoming events and other gatherings; and
  • We may be unable to tailor the content of our websites to your preferences and your experience of our websites may not be as enjoyable or useful.

There may be times when you have the right not to identify yourself or to use a pseudonym when you contact us. For example, if you would like to request prayer for yourself or someone you know. The right to anonymity or to use a pseudonym will be decided on a case by case basis pursuant to Australian Privacy Principle 2.

For what purposes do we collect, hold, use and disclose your personal information?

We collect personal information about you so that we can invite you to attend our weekend celebrations and our events to do life and faith together in a community.

We collect personal information about you so that we can assist you within our community services area to provide you with the support that you require through our various programs. We also collect personal information about you so that we can communicate to you the various impact and field trips that we organise to developing countries as part of our children’s foundation area.

We collect, hold, use and disclose your personal information for the following purposes:

  • To provide services to you and to send communications requested by you;
  • To answer enquiries, provide information or advice about existing and new services, events and programs and also to communicate with you about your giving and / or other donations;
  • To enable you to assist us with volunteering, community fundraising and other programs;
  • To process your first and second giving, donations, event registrations and other payments and to provide you with the relevant receipts;
  • To communicate with you about how your giving and donations are used;
  • To provide you with access to Elvanto;
  • To provide you with access to our website;
  • To assess the performance of the website and to improve the operation of the website;
  • To provide you with the opportunity to inform us about your opinions on our surveys relating to our weekend celebrations;
  • For the administrative, planning and guest service improvements, of Riverview, its contractors or service providers;
  • To update our records and keep your contact details up to date;
  • To report to the government and other funding providers about how the funds are used;
  • To process and respond to any complaint made by you; and
  • To comply with any law, rule, regulation, lawful and binding determination, decision or direction of a regulator, or in co-operation with any governmental authority of any country (or political sub-division of a country).

Your personal information may also be used for other specific purposes for which it was requested and which was advised to you prior to collection. Your personal information will not be shared, sold, rented or disclosed other than as described in this Privacy Policy.

We may access, aggregate and use non-personally identifiable data that we collected from you. This data will in no way identify you or any other person. We may use this aggregated non-personally identifiable data to:

  • Assist us to better understand the response of our congregation to our weekend celebrations including number of attendees); Assist us to better understand how our clients are using the programs of our community services;
  • Provide you with further information and updates on our weekend celebrations, events and programs; and
  • Otherwise to improve our weekend celebrations, events and programs.

To whom may we disclose your information?

We may disclose your personal information to:

  • Our employees, our volunteers (to an extent) and service providers for the purposes of the operation of our website, fulfilling requests by you, and to otherwise provide services to you, including, without limitation, web hosting providers, IT systems administrators, couriers, payment processors, electronic network administrators, debt collectors, and professional advisors such as accountants, solicitors and consultants;
  • Suppliers and other third parties with whom we have commercial relationships, for example our local bank; and
  • Any organisation for any authorised purpose with your express consent.

Direct marketing materials

We may send you information about our weekend celebrations and events that we consider may be of interest to you. The information may be sent in various forms, including mail, SMS and email, in accordance with applicable marketing laws, such as the Spam Act 2003 (Cth). If you indicate a preference for a method of communication, we will endeavour to use that method whenever practical to do so. In addition, at any time you may opt-out of receiving information from us by contacting us (see the details below) or by using opt-out facilities provided in the method of communication used and we will then ensure that your name is removed from our mailing list. We do not provide your personal information to other organisations for the purposes of marketing.

How can you access and correct your personal information?

You may request access to any personal information we hold about you at any time by updating your details on Elvanto . Elvanto refers to our web-based church management software. It is your responsibility to keep your password to Elvanto safe. You should notify us as soon as possible if you become aware of any misuse of your password, and immediately change your password within Elvanto or via the Forgot username or password process on Elvanto. Alternatively, you may also request access to any personal information we hold about you at any time by contacting us directly (by telephone, at our Information Desk at our weekend celebrations, at our Church reception during the week) or to the contact details nominated below. Where we hold information that you are entitled to access, we will try to provide you with suitable means of accessing it (for example, by mailing or emailing it to you). We will not charge you any fees in providing the information to you or for making any corrections to your personal information.

There may be instances where we cannot grant you access to the personal information we hold. For example, we may need to refuse access if granting access would interfere with the privacy of others or if it would result in a breach of confidentiality. If that happens, we will give you written reasons for any refusal. If you believe that personal information we hold about you is incorrect, incomplete or inaccurate, then you may request us to amend it. We will consider if the information requires amendment. If we do not agree that there are grounds for amendment then we will add a note to the personal information stating that you disagree with it.

We will only keep your personal information for as long as we require it to provide you with information and services that you need. However, we may also be required to keep some of your personal information for specified periods of time pursuant to specific laws relating to companies, not-for-profit organisations and financial reporting legislation.

What is the process for complaining about a breach of privacy?

If you believe that your privacy has been breached, please contact us by sending your complaint to [email protected] and provide written details of the incident so that we can investigate it. After we receive all the information we need from you, allow us approximately 28 days to address your complaint.

If you are not satisfied with our response to your complaint, please contact the Australian Information Commissioner (www.oaic.gov.au).

Do we disclose your personal information to anyone outside Australia?

We may disclose personal information to our service providers located overseas for some of the purposes listed above. We take reasonable steps to ensure that the overseas recipients of your personal information do not breach the privacy obligations relating to your personal information. We disclose your personal information to our data hosting service providers located outside of Australia, including America, New Zealand and European Union. We note that our data hosting service providers may store data in several other countries.

Storage and Security

We take reasonable steps to ensure your personal information is protected from misuse and loss and from unauthorised access, modification or disclosure. We may hold your information in either electronic or hard copy form. Your personal information is stored on secure servers that have SSL Certificates issued by leading certificate authorities such as Go Daddy and Let’s Encrypt, and all information transferred between you and us is encrypted. The secure servers are located in countries including but not limited to Australia, America and European Union. We also utilize an email filtering host using third party provider Microsoft which is stored on servers in America and the European Economic Area.

If you choose to give to us online by credit card, your credit card details are not stored by us and cannot be accessed by our staff. Your credit card details are encrypted and securely stored by Stripe Inc to enable us to automatically process your credit card on a recurring basis. You should review Stripe Inc’s Privacy Policy to ensure that you are happy with it. Only authorised staff members are able to access your credit card and debit card details, and they ensure that these details are de-identified upon processing.

Your personal information is collected and stored on our church management system, Elvanto maintained by cloud hosting service providers. Hard copy information is stored in our offices which are secured to prevent entry by unauthorized persons. All personal information that is not active is archived with a third party provider of secure archiving services. We take reasonable steps to ensure that the third party provider maintains the security of the information. Your personal information remains on our church management system, Elvanto, until you advise us that you would like it removed or if we destroy or de-identify it according to privacy law principles.

As our website is linked to the internet, and the internet is inherently insecure, we cannot provide any assurance regarding the security of transmission of information you communicate to us online. We also cannot guarantee that the information you supply will not be intercepted while being transmitted over the internet. Accordingly, any personal information or other information which you transmit to us online is transmitted at your own risk. We will advise you at the first reasonable opportunity upon discovering or being advised of a security breach where your personal information is lost, stolen, accessed, used, disclosed, copied, modified, or disposed of by any unauthorized persons or in any unauthorized manner.

We take particular care when dealing with your health and sensitive personal information, collecting only the necessary information for us to provide you with the services that you require. We take reasonable steps to protect your personal information, including ensuring that access to this information is restricted to specific staff members. We also take reasonable steps to destroy or de-identify your personal information once it is no longer needed for the reason it was collected. Personal information is destroyed or de-identified when no longer needed.

Links

Our website may contain links to other websites operated by third parties. We make no representations or warranties in relation to the privacy practices of any third party website and we are not responsible for the privacy policies or the content of any third party website. Third party websites are responsible for informing you about their own privacy practices.

Contacting us

If you have any questions about this privacy policy, any concerns or complaints regarding the treatment of your privacy or a possible breach of your privacy, please use the contact link on our website or contact our Business Operations Manager using the details set out below. We will treat your requests or complaints confidentially. Our representative will contact you within a reasonable time after receipt of your written complaint and all requested information to discuss your concerns and outline options regarding how they may be resolved. We will aim to ensure that your complaint is resolved in timely and appropriate manner.

For all privacy concerns, please contact our Business Operations Manager at:

Riverview Church Post: PO Box 524 Victoria Park WA 6979 Tel: (08) 9416 0000 Email: [email protected]

Changes to our privacy policy

We may change this privacy policy from time to time. Any updated versions of this privacy policy will be posted on our website. This privacy policy was last updated on 13 January 2020.