NZIODA is committed to the Privacy Act 1993 that stipulates the privacy obligations in relation to its members, sponsors, suppliers and other stakeholders
Some key elements of the Privacy Act 1993 are:
- The organisation will collect personal information that is necessary for the organisation to meet or fulfill its activities and functions and is also required by law. The information may include the name, street, telephone number(s), date of birth, email address, occupation etc relating to membership applications and other information collected as the result of accessing the facilities and services provided by the organisation
- The organisation will use lawful and fair means, that are not intrusive, to collect personal information. Where lawful and practical, the organisation will provide members with a choice of interacting anonymously with the organisation.
- The organisation will use personal information in ways that are consistent with the Privacy Act 1993 including where practicable seeking the consent of the members and patron about whom the information relates before using the personal information.
- The organisation will provide opportunities to members to access the information held about them by the organisation to the extent provided by the Privacy Act 1993 and will ascertain and correct the information if advised in writing that the information is not accurate, complete or up-to-date.
- The organisation has procedures in place to facilitate privacy complaints and encourages the member (complainant) to first contact the organisation (respondent) before approaching the Privacy Commissioner. If this facilitation is not to the satisfaction of the member, the organisation will advise the member to refer the complaint to the Privacy Commissioner.
NZIODA is committed to the Privacy Act 1993 and will adopt best privacy practices when dealing with privacy issues of members.
The best privacy principles include:
- only collect information that is necessary for the organisation to fulfill its activities and functions or that is required by law.
- tell members why the organisation is collecting the information, how the organisation will use and disclose the information (for example, those organizations likely to receive the information) and how they can access the collected information as well as other details required under the Privacy Act 1993.
- use and disclose personal information for a secondary purpose or for direct marketing in accordance with the Privacy Act 1993
- give members an option of interacting anonymously with the organisation, where lawful and practicable.
- use fair and lawful means to collect information.
- ensure that the information held by the organisation is accurate, complete and up-to-date.
- ascertain and correct any information that is not accurate, complete and up-to-date upon member’s request.
- take reasonable steps to protect members’ information held by the organisation.
- permanently destroy or de-identify all information that the organisation will not need in the future.
- prevent unauthorized access, modification, misuse or loss of information
- designate a committee member to facilitate privacy issues at the organisation.
- not transfer information overseas unless specific conditions outlined in the Privacy Act 1993 are met.