How we Protect Your Privacy
1) Only collect information we need
We tell you what information we are collecting and why.
We ensure :
Each piece of information is necessary for our functions and is not collected otherwise
We do not collect information” just in case” we need it later.
We allow you to do as much as possible on our site without gathering personal information.
Currently, we only collect your name and contact information ,if you elect for us to contact you to answer a query or deliver a product or service or to receive news or updates. If you agree to join a mailing list, you will have the option to opt out at any time. We will never collect sensitive information such as racial/ethnic origin, religious or political views and sexual orientation. We will collect medical information only if required to safely deliver a service e.g allergy and diet requirements if organising catering, special access needs for a venue. We will never ask for credit card information other than through PayPal. If you have a communication claiming to be from us asking for any of these, please let us know as it is a scam! Emails will be handled in a timely fashion and personal information deleted or securely filed if it required as a business record.
We will always let you know why you need to collect the information, how you plan to use it, who you are going to give it to. We will make it clear what our contact details are and how you can get access to their personal information. You may call us, write to us or phone us. Requests to view or change details must be in writing for security reasons, apart from opting out of lists.
3) Before disclosing personal information or using it for any purpose other than that for which we collected it , we will ask your permission. If we are sending information overseas for storage or processing you will be told by means of updates to this document. Currently we do not have overseas partners who we authorise to access your data. We use the following overseas based services to store data or run our web site
– Google , to integrate email services and store files not containing personal information
– Dropbox , to store non sensitive files and password protected business records such as invoices and receipts issued by us.
– Mailchimp, to manage mailing lists for purposes such as event notification
– PayPal , for all web payments
– JustHost, our web hosting provider
All of these are governed by US and EU privacy standards which conform to the APP.
4) If you ask, we will give you access to the personal information we hold about you.
For security, to make sure we don’t accidently give your data to a person falsely claiming to be you, we ask that the request must be in writing signed by you. We will only deny access to information if doing so is consistent with the Privacy Act and will tell you why. Wherever possible , we will give you access in the form you request. If this is not possible, we will work with you to determine a suitable alternative.
5) Keep personal information secure
We will keep personal information safe and secure from unauthorised access, modification or disclosure and also against misuse and loss.
Regularly reviewing the adequacy of existing security measures and procedures, including whether any relevant standards are met
Training staff in privacy procedures
Ensuring adequate IT security, such as installing firewalls, cookie removers and anti-virus scanners on any computer used to handle personal information
Making sure that pass ode protecting is set up on any mobile device used to access information
Making sure information is backed up securely to protect against data loss
Checking that all personal information has been removed from electronic devices before we sell or destroy them
Keeping hard copy files in properly secured cabinets
Allowing staff to access personal information on a ‘need to know’ basis only
Informing you if a security breach is discovered
Password protecting personal information stored in the cloud
Ensuring that information which has served it’s intended purpose is securely destroyed. Retaining business records containing personal information for no longer than 7 years unless required
Regularly monitoring our information handling practices to ensure they are secure.