What is personal information?
Personal information is defined in the Privacy Act 1988 (the Privacy Act) as:
information or an opinion about an identified individual, or an individual who is reasonably identifiable: (a) whether the information or opinion is true or not; and (b) whether the information or opinion is recorded in a material form or not.
Why do we collect personal information?
There are few, if any, organisations that can function without personal information. We are no exception. We collect personal information where it is reasonably necessary for our functions or activities. In addition to our core business activity of operating the Melbourne Symphony Orchestra (MSO), our functions and activities include:
- presenting concerts and providing other goods and services to our customers;
- marketing the MSO and the concerts we present;
- undertaking research to improve our business;
- obtaining goods and services from other businesses;
- employing staff; and
- complying with legal and regulatory obligations.
Some common examples of personal information that we may collect include an individual’s name, contact details, and details of products and services that they obtain from us.
The Privacy Act recognises certain types of personal information as sensitive information. Examples of sensitive information about an individual include information about the individual’s:
- racial or ethnic origin;
- political opinions;
- membership of a political association, professional or trade association or trade union;
- religious beliefs or affiliations;
- philosophical beliefs;
- sexual orientation or practices; and
- criminal record.
We do not normally collect sensitive information from our customers. Any sensitive information which we do collect will either be collected with the individual’s consent or as permitted by law.
How do we collect and keep personal information?
We receive personal information in different ways and through a number of different media including:
- via online sources (including email);
- by telephone;
- through face to face communications; and
- by hard copy correspondence and documentation.
We keep different types of records that include personal information. These include records stored electronically on data bases and also hard copy files.
We take reasonable steps to protect personal information we hold from misuse, interference and loss, as well as unauthorised access, modification or disclosure.
When do we use or disclose personal information?
If we collect personal information for a particular purpose, we may use or disclose that personal information for that purpose. For example, if a customer obtains a product or service from us, we may use and/or disclose their personal information for the purpose of providing the product or service to them.
We may also use or disclose personal information for other secondary purposes including the following:
- where the individual has consented to the use or disclosure for the secondary purpose;
- the secondary purpose is related to (or in the case of sensitive information directly related to) the purpose for which the personal information was collected and the individual concerned would reasonably expect us to use or disclose the information – for example providing marketing information to existing customers (unless the customer has requested not to receive marketing information from us);
- the use or disclosure is required or authorised under an Australian law or a court or tribunal order;
- a permitted general or health situation exists as defined in the Privacy Act; or
- we reasonably believe that the use or disclosure of the personal information is reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body.
We may disclose your personal information to third parties, such as our service providers (including IT services, insurers, financial institutes, mailing houses), member organisations and other business partners, our professional advisers (including lawyers, accountants and auditors), and government, regulatory and law enforcement authorities.
We do not store or disclose any personal information outside Australia.
How can you access your personal information that we hold?
You may request access to your personal information held by us by contacting our Privacy Officer (details below). We will provide access where we are required to do so under law. In other cases, we reserve our right not to provide access. We also reserve the right to recover our reasonable costs of providing you with access to your personal information held by us.
What should you do if you believe we hold personal information about you that is wrong or you wish to complain about how we have handled your personal information?
If you believe that we hold personal information about you that is wrong (which includes inaccurate, out of date, incomplete, irrelevant or misleading), or you wish to complain about how we have handled your personal information, you should contact our Privacy Officer.
If you have complained to us about how we have handled your personal information, and you believe that we have not satisfactorily resolved your complaint, you may wish to contact the Office of the Australian Information Commissioner.
How to contact our Privacy Officer
Privacy Officer | Melbourne Symphony Orchestra
120–130 Southbank Boulevard, Southbank VIC 3000
+61 3 9626 1111