This policy describes how we collect and handle your personal information in accordance with our obligations under the Privacy Act 1988 (Cth). You should read this notice alongside any privacy or collection notice / statement that we provide to you.

Overview

Hearts4heart collects, holds, uses and discloses personal information to carry out functions or activities of Hearts4heart, which include helping improve health outcomes for people with cardiovascular disease through community education campaigns, advocacy and patient support.

‘Personal information’ means information or opinion (whether true or not, or recorded in material form or not) about an identified individual, or an individual who is reasonably identifiable.

The collection of personal information

Your personal (including sensitive) information, including any health information, will only be collected as necessary for a particular function or activity, or to enable Hearts4heart to carry out its work and deliver services to the community. You do not have to provide us with your personal information, but if you choose not to, we may not be able to provide you with our support or services.

When you give us personal information such as your name, address, telephone number and email address, we record it on our database and may use it to contact you in the future.

We may use your personal information to send you information on a variety of topics, including heart health, or to let you know about our programs, special events and fundraising programs.

You can also let us know that you do not wish to receive any further communications by contacting the Privacy Officer at any time by emailing [email protected]

How we collect your personal information

We collect your personal information when you provide it to Hearts4heart, including but not limited to:

• interacting with a Hearts4heart website or support or services provided by Hearts4heart
• communicating with us through any means, including completing a paper-based form and returning it to Hearts4heart
• by participating in one of Hearts4heart many community fundraising and information events
• when you respond to our fundraising campaigns.

We may also collect your personal information from third parties, for example through the purchase of mailing or other commercial lists, from data brokers and other data service providers, from other not-for-profit organisations and from publicly available sources such as the telephone directory.

You may be photographed when you attend Hearts4heart events. Wherever reasonably practical we will seek to obtain your consent prior to using any image.

Hearts4heart also collects data when you visit our site. This includes the name of your internet service provider, the website from which you visited us from, the parts of our site you visit, the date and duration of your visit, and information from the device (device type, operating system, screen resolution, language, country you are located in, and web browser type) you used during your visit, including any data you provided to us during your visit, in order to present the most relevant content to you.

Data profiling and analysis

Hearts4heart may analyse the personal information you provide and collect further information about you (including by creating or generating new information, or from third party sources, including commercial lists or data brokers or publicly available sources). We may use this information to create a profile of your interests, preferences, and your ability to support us, including the amount or level of potential donation or legacy you may be able to give.

This profiling and analysis enable us to contact you in the way that is most appropriate to you and provide you with relevant, personalised information. This approach enables us to interact with you in a more meaningful way, and to operate more cost effectively.

The personal information used to complete any profiling is compiled from third party sources such as public registers, data brokers, commercial mailing lists, LinkedIn profiles and social media posts.

How we keep your personal information secure

We take reasonable steps to ensure that information you provide to us is stored securely in our databases and only accessed by staff or contractors authorised by Hearts4heart. Hearts4heart uses a range of hardware and software security measures to protect its information and to ensure that only authorised staff and contractors are granted access, as required. We aim to only keep your personal information for as long as we need it, or we are lawfully required to keep it. When we no longer need information, we take reasonable steps to destroy or
de-identify it.

Using and disclosing your personal information

We use and disclose personal information we hold for a range of purposes including:

• to process donations and communicate with our donors about those donations
• to provide personalised Hearts4heart health marketing, events, education, activity and support programs to our community.

We may use and disclose your personal information for other purposes required or authorised by or under law (including purposes for which you have provided your consent).

Hearts4heart is very thankful to people who are willing to share their personal stories of heart disease. We will only use and disclose your personal information for publicity purposes or as stories in newsletters with your express written permission.

Transfer of information overseas normally only occurs for data processing purposes, for example third party payment facilitators may process their data offshore. Hearts4heart payment gateway currently processes data in Australia. Hearts4heart will not transfer your personal information overseas or into the “cloud” unless we have taken reasonable steps to ensure that the information which is being transferred will not be held, used or disclosed by the recipient of the information in a manner which is inconsistent with the Australian Privacy Principles.

Hearts4heart will sometimes use third party service providers to conduct surveys, facilitate information collection and event registration and otherwise assist with our fundraising activities (such as mailing houses and data management providers). Some of these service providers conduct all or part of their business overseas and so your personal information may be transferred overseas as a result.

Direct marketing

Hearts4heart will, from time to time:

• include selected messages from Hearts4heart event sponsors, collaborators or third parties in our communications
• use remarketing services to advertise Hearts4heart. Remarketing services will display ads to you based on what parts of the Hearts4heart website you have viewed, by placing a cookie on your web browser which can be used to recognise you across devices and browsing sessions. Remarketing services allow us to tailor our marketing to better suit your needs and only display ads that are relevant to you.
• use and disclose personal information we hold about you so we can contact you with information about our services, events and fundraising activities.
• contact you by mail, email, through social media (including targeted online advertising), SMS or telephone contact.
• disclose your personal information to third parties, who may provide you with direct marketing about their own products and services. These third parties may be located overseas. You can let us know at any time if you do not want us to provide your personal information to third parties for these purposes by contacting us (using the contact details below). If we have already disclosed your personal information to a third party for these purposes, you may need to separately opt-out from receiving further communications from the relevant third party.

If you do not wish to see ads from Hearts4heart you can opt-out of Google Analytics for Display Advertising and customize Google Display Network ads using the Ads Settings.

Further information regarding behavioural advertising, including ways to manage your online privacy, is available at youronlinechoices.com.au

You can let us know at any time if you no longer wish to receive these communications by contacting us (using the contact details below) or using the opt-out/unsubscribe facility in the relevant communication (if applicable).

Opting out, modifying or deleting your information

If you want to:

• change any information that you have previously given us
• opt out of future communications; or
• request we delete your data,

Hearts4heart Privacy Officer can be contacted by:

Phoning: 1300 343 278

Writing to: The Privacy Officer Hearts4heart PO Box 6117, East Perth WA 6892

Emailing: [email protected]

Please note that we may not be able to action your request to be removed from our systems, as in some cases Hearts4heart is required to maintain certain records for regulatory purposes.

Visiting our websites and analytics

All Hearts4heart websites and pages use cookies to improve your experience and display targeted content relevant to you. Cookies are also used to display items added while using online shopping or donation facilities. You may refuse all cookies or disable cookies and JavaScript from Hearts4heart websites however some functions may be unavailable. Our online credit card processing company may also use cookies for identification and anti-fraud purposes.

Cookies do not personally identify you; they recognise your browser. Unless you choose to identify yourself to Hearts4heart, either by responding to a promotional offer, making a donation, or filling out a web form (such as signing up for our newsletter), you remain anonymous to Hearts4heart. You have the ability to manage the use of cookies on your computer using controls in your browser.

Hearts4heart websites use statistical information collection tools (such as Google Analytics) to track site visits, navigation and performance within Hearts4heart sites which may include the use of anonymised IP addresses and other signals to understand interactions. This is for the purpose of monitoring and improving our sites, enhancing functionality and user experience. If you are concerned about the use of these tools, you can configure your browser to send a “Do Not Track” request with your browsing traffic or use Google’s opt-out tools to assist at tools.google.com/dlpage/gaoptout.

Hearts4heart websites use third party cookies, Google Analytics Advertising Features including: Remarketing with Google Analytics, and Google Analytics Demographics and Interest Reporting.

Visitors can opt-out of Google Analytics for Display Advertising and customise Google Display Network ads using the Ads Settings. Further information regarding behavioural advertising, including ways to manage your online privacy, is available at youronlinechoices.com.au

Our website security

Hearts4heart websites use secured payment gateways that use industry-standard SSL/TLS technology to encrypt data between your browser and the website gateway. If you are entering any payment or credit card information on the internet, you should confirm that the page is secured (padlock symbol in your browser) before entering any information. We make every effort possible to make your donations and transactions within our site as secure and safe as possible for you.

Hearts4heart may contact donors directly to update or confirm their personal or credit card details. We will only disclose to you the last four digits of your credit card number – any contact you receive requesting a full credit card number and CVV number should be considered a hoax and you should disregard it and report the contact to www.scamwatch.gov.au or contact the Hearts4heart team on 1300 343 278.

Changes to our Privacy Policy

Hearts4heart may update its Privacy Policy periodically.. We encourage you to check our website periodically to ensure that you are aware of our current Privacy Policy.

How to access, correct or update your personal information

If you have any complaints, questions or concerns about the information Hearts4heart holds or about the accuracy of that information, please contact the Hearts4heart Privacy Officer by phoning 1300 343 278 or emailing [email protected]

If you would like to access the information that we hold or make a complaint about a potential breach of the Australian Privacy Principles, you can write to the Privacy Officer at the address provided above. We will respond to your complaint or endeavour to give you access to the information requested within a 30-day timeframe.

If the information that we hold about you is incorrect or not up to date, we will update it as soon as possible after you have confirmed required changes.

In the unlikely event that we are unable to provide you with access to your personal information for legal reasons as specified in the Privacy Act, we will provide you with reasons for denying access.

If you are not satisfied with the Hearts4heart response to your complaint, question or concern, you may wish to lodge a complaint with the Office of the Australian Information Commissioner. Further information can be found on the Commissioner’s website at www.oaic.gov.au or by calling 1300 363 992.

Website accessibility

We are committed to providing an accessible experience for users of our website. If you encounter any difficulties with the Hearts4heart websites, please direct your enquiry to [email protected]