Privacy

The QNMU places great emphasis on maintaining and enhancing the privacy and security of your personal information. In order to provide a service to our members, the QNMU collects and uses personal information. This information may be in electronic or paper form. Personal information held by the union includes the information provided to us on our membership application form (that then forms part of our membership database) and individual member files that are created when members have an industrial, professional, legal, health and safety or WorkCover matter that the union is handling on their behalf.

Members wishing to access their personal information should first contact their nearest QNMU office.

The QNMU does not disclose information of a personal nature unless the individual concerned has given consent for us to do so or if disclosure is required under law. The QNMU stores such information in a secure place and access to such information is limited to those employees who require access to carry out their work duties. Limited personal information (such as name and workplace of members) may be provided to QNMU Branch officials and union representatives to facilitate the performance of their roles as established under the QNMU rules.

In very limited circumstances some information of a personal nature (such as the names, phone numbers and addresses of members) may be provided to an external organisation in order for the union to conduct our business. (An example of such an arrangement is when we need to disclose the name and address of all members to the mailing house that distributes our journal.) In these circumstances, we ensure that a strict confidentiality agreement is in place prior to handing over such information. Under no circumstances would the QNMU “sell on” our membership listing to any outside organisation. We make every effort to ensure that the integrity of our membership database is maintained.

If you believe the QNMU has inappropriately collected or handled your personal information you can:

  • Contact the union and ask for your complaint to be investigated: or
  • If you are dissatisfied with the investigation, you can complain to the Federal Privacy Commissioner who is independent of the QNMU. The Federal Privacy Commissioner has the power to investigate complaints about possible breaches of the Privacy Act 1988, order compensation to be paid and order agencies to change the way they handle personal information where it is not being done according to law.

While it is possible for the first contact to be with the Federal Privacy Commissioner, the Commissioner’s office will usually always ask the organisation to conduct its own inquiry first and to let the Privacy Commissioner have the findings. It is therefore quicker for you to contact the QNMU as the first step should you hold privacy concerns about the information we hold on you.

Privacy provisions in the Privacy Act 1988 (Commonwealth) affecting nongovernment organisation’s came into effect from 21 December 2001. Under the amended legislation organisation’s (including the QNMU) are required to comply with Australian Privacy Principles (APPs). The following is a summary of the APPs.
Summary of Australian Privacy Principles (APP)

APP 1 – Open and transparent management of personal information

This principle requires an organisation to have ongoing practices and policies in place to ensure that it manages personal information in an open and transparent way.

APP 2 – Anonymity and pseudonymity

This allows individuals to interact with an organisation by not identifying themselves (i.e. allowing individuals to remain anonymous) and permits the individual to use a pseudonym. Under this principle, exceptions apply, such as where it is impracticable for the organisation to deal with an unidentified individual.

APP 3 – Collection of personal and sensitive information

This principle outlines an organisation’s obligation in regards to the collecting of personal and sensitive information which must be ‘reasonably necessary’ for one or more of an organisation’s functions or activities.

APP 4 – Dealing with unsolicited personal information

This principle outlines obligations that an organisation must adhere to in regards to receiving and keeping information which is not solicited by the organisation.

APP 5 – Notification of collection

This principle outlines an organisation’s responsibility in regards to informing an individual when the organisation collects their personal information. This includes the purpose of the collection, consequences of non-collection and complaint handling processes.

APP 6 – Use or disclosure

This principle deals with use and disclosure of personal information and specifically, when an organisation is permitted to disclose personal information that it holds about an individual.

APP 7 – Direct marketing

This principle prohibits the use or disclosure of personal information for direct marketing purposes, except in specified circumstances.

APP 8 – Cross border disclosure

This principle introduces an accountability approach for cross-border disclosure including the reasonable steps that an organisation is required to take to ensure overseas recipients do not breach APPs.

APP 9 – Adoption, use or disclosure of government related indentifiers

This principle prohibits an organisation from adopting, using or disclosing a government related identifier unless an exception applies.

APP 10 – Quality

This principle requires an organisation to take reasonable steps to ensure personal information that it collects, uses or discloses (where lawful) is accurate, up-to-date and complete.

APP 11- Security

This principle requires an organisation to take reasonable steps to protect the personal information it holds from interference, in addition to misuse and loss, and unauthorised access, modification and disclosure.

APP 12- Access

This principle outlines an organisation’s obligation when an individual requests access to personal information held about them by an organisation.

APP 13- Correction

This principle outlines an organisation’s obligation in relation to correcting personal information, including the requirement to take ‘reasonable steps’ to correct personal information to ensure that it is accurate, up-to-date, complete, relevant and not misleading.

Union Website (www.qnmu.org.au)

The QNMU website collect two types of information. The first type is anonymous information. The web server makes a record of your visit and logs the following information for statistical purposes:

  • the user's server address;
  • the user's top level domain name (e.g. com, .gov, .net, .au, etc.);
  • the date and time of the visit to the site;
  • the pages accessed and documents downloaded;
  • the previous site visited; and
  • the type of browser used

No attempt will be made to identify users or their browsing activities except, in the unlikely event of an investigation, where a law enforcement agency may exercise a warrant to inspect the internet service provider's logs.

Another way information may be collected is through the use of "cookies". A cookie is a small text file that the website may place on your computer. Cookies may be used, among other things, to track the pages you have visited, to remember your preferences and to store personal information about you.

You can adjust your Internet browser to disable cookies or to warn you when cookies are being used. However, if you disable cookies, you may not be able to access certain areas of the Website or take advantage of the improved web site experience that cookies offer.

Our websites may contain links to other websites and social media pages including Facebook, Twitter and Linked ln. We are not responsible for the privacy policies of the entities responsible for those websites and we recommend that you review the privacy policies applicable to any other websites you visit.

Security

  1. The QNMU will take all reasonable steps to ensure that the personal information it collects and stores is accurate, complete and current.
  2. Personal information is kept in secured locations on the premises and is only accessed by authorised personnel.
  3. Personal information kept electronically is handled with care and secured by user identifiers, and passwords accessed only by authorised personnel.
  4. Archived personal information is maintained in a secure offsite facility and is only accessed by authorised personnel.
  5. Security arrangements are monitored and reviewed regularly and all staff made aware of organisational systems for the processing, storing and transmitting of personal information and the protective security policies associated with this.

The kinds of information the Union may collect

From time to time you may voluntarily supply your personal information to the Union. The Union will record your e-mail address and other contact details if you send us a message, subscribe to an email newsletter, or complete a form if this information is requested.

When you provide your personal information, it allows us, for example, to assist you with industrial relations and employment queries, inform you about industrial, social and political campaigns, and accept your application for membership. You may supply personal information to the Union by, for example, responding to a survey, filling in a meeting attendance sheet, taking part in a competition, completing a membership form, discussing your issues with a delegate, or signing up to a campaign. The Union only collects personal information that is necessary for the Union to perform its functions and/or activities.

Depending upon the circumstances you may provide to the Union and the Union may collect, information such as, but not limited to:

  • your name;
  • your contact details;
  • your social media details (e.g. blogs, twitter, Facebook, Linked In);
  • your gender;
  • your marital status;
  • your employment details;
  • your educational qualifications; and
  • your inquiry or complaint details.

Some personal information is considered sensitive information and includes:

  • your political opinions;
  • your political party membership (if any);
  • your union membership (if any);
  • your racial or ethnic origin;
  • your sexual orientation;
  • any disabilities, illnesses or injuries you may have; and/or
  • any other health information.

The Privacy Act allows the Union to collect sensitive information which relates solely to Union members or people who have regular contact with the Union if the sensitive information relates to the Union's activities. We will only collect sensitive information where we have received your consent to your personal information being collected, used, disclosed and stored by the Union in accordance with this Policy.

Where you provide information to the Union in relation to a job application the personal information you provide will only be collected, held, used and disclosed for the purposes of considering your potential employment with the Union. Where you provide the details of referees, you confirm that you have informed the referees that you are providing their contact information to the Union and they have consented to the Union contacting them and discussing the personal information you have provided in relation to the job application.

We will collect personal information directly from you unless:

  • you have consented to the Union's collection of your personal information from third parties - for example, from the ACTU, or your representatives; or
  • it is unreasonable or impractical to do so

Where we have collected personal information about you either directly or by other means as set out above, we will notify you at the time, or as soon as practicable, to ensure that you are aware of such collection and its purpose.

You can choose to interact with us anonymously or by using a pseudonym where it is lawful and practicable. For example, you may wish to participate in a blog or enquire about a particular campaign anonymously or under a pseudonym. Your decision to interact anonymously or by using a pseudonym may affect the level of services we can offer you. For example, we may not be able to assist you with a specific industrial enquiry or investigate a privacy complaint on an anonymous or pseudonymous basis. We will inform you if this is the case and let you know the options available to you.

If we receive unsolicited personal information about or relating to you and we determine that such information could have been collected in the same manner if we had solicited the information, then we will treat it in the same way as solicited personal information and in accordance with the APPs. Otherwise if we determine that such information could not have been collected in the same manner as solicited personal information, and that information is not contained in a Commonwealth record, we will, if it is lawful and reasonable to do so, destroy the information or de-identify the information.

The purpose for which personal information is collected, held, used and disclosed

The Union collects, holds, uses and discloses your personal information to:

  • assist you with industrial relations and employment queries;
  • inform you about industrial, social and political campaigns;
  • inform you about your rights at work;
  • inform you about changes to legislation;
  • refer you to a legal practitioner, accountant or other professional;
  • improve our service delivery;
  • manage our relationship with you;
  • conduct surveys and research;
  • provide educational services and professional development;
  • conduct Union elections

Using your information for direct marketing

You consent to our use and disclosure of your personal information for the purposes of direct marketing which may include providing you with information about events, products or services which may be of interest to you.

If you do not want us to use your personal information for direct marketing purposes, you may elect not to receive direct marketing at the time of providing your personal information.

Unsubscribing and opting out

If you no longer wish to receive direct marketing or other communications, you may request at any time to cancel your consent to such communications as follows:

  • If subscribing to an email newsletter you may "unsubscribe" at any time from the newsletter mailing list;
  • The Union may, from time to time, send you text messages about issues of importance such as events or campaigns. You may "opt out" by texting STOP in reply to a text message from the Union; or You may contact us at any time by mail or email directed to our Membership section

Disclosure of your personal information

The Union may disclose your personal information, in connection with or to further the purposes outlined above, to:

  • the ACTU;
  • other Australian trade unions;
  • affiliated trades halls or labour councils;
  • government bodies or agencies (including the Fair Work Commission, the Fair Work Ombudsman, the Australian Tax Office, an anti-discrimination body, a work/occupational health and safety regulator);
  • organisations to whom we outsource functions (including information technology providers, print service providers, mail houses);
  • otherwise as you have consented; and/or
  • otherwise as required by law

If any of these organisations are located outside Australia, you expressly consent to us disclosing your personal information to those organisations.

We take reasonable steps to ensure that each organisation that we disclose your personal information to is committed to protecting your privacy and complies with the APPs, or is subject to a law or scheme that is at least substantially similar to the way in which the APPs protect information.

By providing your personal information to the Union, you consent to us transferring your personal information to such other organisations.

How the Union holds personal information

Wherever reasonably practicable the Union holds electronic personal information on data servers that are owned and controlled by the Union in Australia. The data servers are password protected and login secured. However, by providing personal information to the Union you consent to your information being stored and processed on a data server or data servers (e.g. cloud services) owned by a third party or third parties that may be located outside of Australia. The Union will take reasonable steps to ensure that any third party providers comply with the APPs. If personal information is only routed through servers located outside of Australia- this is not regarded as a disclosure.

Wherever reasonably practicable the Union holds physical personal information in access controlled premises.

When the Union no longer requires your personal information for a specific purpose and we are not required to keep it to comply with any laws, we will take such steps as are reasonable in the circumstances to destroy your personal information or to ensure that the information is deidentified.

Government Identifiers

We will not adopt as our own identifier a government related identifier of an individual, such as a tax file number or Medicare card number and will only use or disclose a government related identifier where the use or disclosure:

  • is reasonably necessary for the Union to verify your identity for the purposes of our activities or functions
  • is reasonably necessary for the Union to fulfill its obligations to an agency or a State or Territory authority;
  • is required or authorised by or under an Australian law; or
  • is reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body.

How you may seek access and/or correction to personal information held by the Union.

You have the right to request access to your personal information and request that it be updated or corrected. In most cases you can gain access to your personal information that the Union holds (please refer to Member Requests for Personal Information Policy). To request access to, correction of, or updating of any personal information held about you, please write to the QNMU at the following address:

Queensland Nurses and Midwives’ Union
GPO Box 1289
Brisbane 4001

The Union requires that you provide proof of identity in order to seek access to your personal information. The Union may charge a reasonable fee where access is provided. The Union may refuse to provide access if permitted to do so by law or under the APPs. The Union will seek to provide you with access to your personal information within 30 days of receipt of a valid request and may charge you a reasonable fee for doing so.

You should contact the Union when your personal information details change. It is important that we keep our membership details up to date. Please contact the Membership department to update any personal information. The Union may also take steps to update your personal information by reference to publicly available sources such as telephone directories or electoral rolls.

How you may complain about a breach of the APPs

To make a complaint about an alleged breach of the APPs please write to the QNMU at the following address:

Queensland Nurses and Midwives’ Union
GPO Box 1289
Brisbane 4001

All complaints must be in writing. Please provide all details about your complaint as well as any supporting documentation to the QNMU.

How the Union will deal with complaints

The Union will seek to deal with privacy complaints as follows:

  • complaints will be treated seriously;
  • complaints will be dealt with promptly;
  • complaints will be dealt with confidentially;
  • complaints will be investigated by the QNMU

The outcome of an investigation will be provided to the complainant where the complainant has provided proof of identity. The Union will seek to respond within 30 days of receipt of a valid complaint.

Variations to the Policy

This Policy may be varied from time to time and an updated version will be posted on the Union's websites. Please check our websites regularly to ensure that you have the most recent version of the Policy.

Date of creation: January 2011  
Date of last update: March 2014
Organisational name change: April 2017