SEVENTH-DAY ADVENTIST CHURCH (SPD) LTD – PRIVACY POLICY

Seventh-day Adventist Church (SPD) Ltd ABN 59 093 117 689 (we, us or our), understands that protecting your personal information is important. This Privacy Policy sets out our commitment to protecting the privacy of personal information provided to us, or otherwise collected by us when providing our Information Technology services and related functions to the Seventh-Day Adventist Church (including conference, mission, institution or church owned entities), charities, and Adventist education institutions (Services) or when otherwise interacting with you.

The information we collect

Personal information: is information or an opinion, whether true or not and whether recorded in a material form or not, about an individual who is identified or reasonably identifiable.

The types of personal information we may collect about you include:

• your name;

• where you are using one of our applications, your username and password;

• your contact details, including email address, street address and/or telephone number;

• your date of birth;

• where you are giving tithes, offerings or donations through our Services, your chosen church;

• your credit card or other payment details (through our third-party payment processor);

• your preferences and/or opinions;

• information you provide to us, including through feedback, customer surveys or otherwise;

• your sensitive information as set out below;

• your browser session and geo-location data, device and network information, statistics on page views and sessions, acquisition sources, search queries and/or browsing behaviour;

• details of products and services we have provided to you and/or that you have enquired about, and our response to you;

• support requests submitted to us and our response to you;

• your browser session and geo-location data, device and network information, statistics on page views and sessions, acquisition sources, search queries and/or browsing behaviour;

• information about your access and use of our Services, including through the use of Internet cookies, your communications with our online Services, the type of browser you are using, the type of operating system you are using and the domain name of your Internet service provider;

• additional personal information that you provide to us, directly or indirectly, through your use of our Services, associated applications, associated social media platforms and/or accounts from which you permit us to collect information; and

• any other personal information requested by us and/or provided by you or a third party.

  Sensitive information: is a sub-set of personal information that is given a higher level of protection. Sensitive information means information relating to your racial or ethnic origin, political opinions, religion, trade union or other professional associations or memberships, philosophical beliefs, sexual orientation or practices, criminal records, health information or biometric information.

Sensitive information: The types of sensitive information we may collect about you include:

• where we run events:

  • health information such as your dietary requirements for catering purposes; and

  • where we run event, health information such as your Medicare number and medical history for the purposes of running the event.

• where you use our Services, including our e-Giving application, we may see sensitive information about you that may infer your religious beliefs or affiliations; and

• any other sensitive information you provide to us.

Unless otherwise permitted by law, we will not collect sensitive information about you without first obtaining your consent.

How we collect personal information

We collect personal information in a variety of ways, including:

• Directly: We collect personal information which you directly provide to us, including when you register for an account in relation to any of our Services, when you access and use any of our Services and associated mobile or website applications, including to return your tithes and give offerings or donations, through the “contact us” form on our website or associated applications or when you request our assistance via email or over the telephone.

• Indirectly: We may collect personal information which you indirectly provide to us while interacting with us, such as when you use our website, in emails, over the telephone and in your online enquiries.

• From third parties: We collect personal information from third parties, such as details of your use of our website from our analytics and cookie providers and marketing providers. See the “Cookies” section below for more detail on the use of cookies.

Why we collect, hold, use and disclose personal information

Personal information: We may collect, hold, use and disclose personal information for the following purposes:

• to enable you to access and use our Services, including to provide you with a login;

• to provide our Services to you, including to issue receipts, notify you of errors, register your attendance at our events and accept your tithes, offerings and donations;

• if you are based in New Zealand, to issue Tax Exemption Certificates to you;

• to enable you to access and use our website and associated applications;

• to contact and communicate with you about our Services, including in response to any support requests you lodge with us or other enquiries you make with us;

• for internal record keeping, administrative, invoicing and billing purposes;

• for analytics, market research and business development, including to operate and improve our Services, associated applications;

• for advertising and marketing, including to send you promotional information about our products and services and other information that we consider may be of interest to you;

• to comply with our legal obligations and resolve any disputes that we may have;

• if you have applied for employment with us; to consider your employment application; and

• if otherwise required or authorised by law.

Sensitive information: We only collect, hold, use and disclose sensitive information for the following purposes:

• any purposes you consent to;

• the primary purpose for which it is collected including:

  • where we are catering events we run, to cater to any dietary requirements you have;

  • to allow you to donate to your chosen church and otherwise provide you with our Services;

• secondary purposes that are directly related to the primary purpose for which it was collected, including disclosure to the below listed third parties as reasonably necessary to provide our Services to you;

• to contact emergency services, or to speak with your family, partner or support person where we reasonably believe there is a serious risk to the life, health or safety of you or another person and it is impracticable for us to obtain your consent; and

• if otherwise required or authorised by law.

Our disclosures of personal information to third parties

We may disclose personal information to:

• third party service providers for the purpose of enabling them to provide their services, to us, including (without limitation) IT service providers, data storage, web-hosting, cloud computing and server providers such as Amazon Web Services and Microsoft Azure, email marketing providers, maintenance or problem-solving providers, marketing or advertising providers, professional advisors and payment systems operators such as Westpac;

• our employees, contractors and/or related entities;

• our existing or potential agents or business partners;

• anyone to whom our business or assets (or any part of them) are, or may (in good faith) be, transferred;

• courts, tribunals and regulatory authorities, in the event you fail to pay for goods or services we have provided to you;

• courts, tribunals, regulatory authorities and law enforcement officers, as required or authorised by law, in connection with any actual or prospective legal proceedings, or in order to establish, exercise or defend our legal rights;

• third parties to collect and process data, such as Google Analytics (To find out how Google uses data when you use third party websites or applications, please see www.google.com/policies/privacy/partners/ or any other URL Google may use from time to time), Facebook Pixel or other relevant analytics businesses; and

• any other third parties as required or permitted by law, such as where we receive a subpoena.

  Google Analytics: We have enabled Google Analytics Advertising Features including Demographics and Interest Reports, Store Visits, Google Display Network Impression reporting etc. We and third-party vendors use first-party cookies (such as the Google Analytics cookie) or other first-party identifiers, and third-party cookies (such as Google advertising cookies) or other third-party identifiers together.

  You can opt-out of Google Analytics Advertising Features including using a Google Analytics Opt-out Browser add-on found here. To opt-out of personalised ad delivery on the Google content network, please visit Google’s Ads Preferences Manager here or if you wish to opt-out permanently even when all cookies are deleted from your browser you can install their plugin here.  To opt out of interest-based ads on mobile devices, please follow these instructions for your mobile device: On android open the Google Settings app on your device and select “ads” to control the settings. On iOS devices with iOS 6 and above use Apple’s advertising identifier. To learn more about limiting ad tracking using this identifier, visit the settings menu on your device.

Overseas disclosure

For users in Australia:

While we store personal information in Australia, where we disclose your personal information to the third parties listed above, these third parties may store, transfer or access personal information outside of Australia, including but not limited to, New Zealand.

Unless we seek and receive your consent to an overseas disclosure of your personal information, we will only disclose your personal information to countries with laws which protect your personal information in a way which is substantially similar to the Australian Privacy Principles and/or we will take such steps as are reasonable in the circumstances to require that overseas recipients protect your personal information in accordance with the Australian Privacy Principles.

For users in New Zealand:

Where we disclose your personal information to third parties listed above, these third parties may store, transfer or access personal information outside of New Zealand, including but not limited to, Australia, which may not have an equivalent level of data protection laws as those in New Zealand. Before disclosing any personal information to an overseas recipient, we will comply with Information Privacy Principle 12 in the Privacy Act 2020 (New Zealand Act) and only disclose the information if:

• you have authorised the disclosure after we expressly informed you that the overseas recipient may not be required to protect the personal information in a way that, overall, provides comparable safeguards to those in the New Zealand Act;

• we believe the overseas recipient is subject to the New Zealand Act;

• we believe that the overseas recipient is subject to privacy laws that, overall, provide comparable safeguards to those in the New Zealand Act;

• we believe that the overseas recipient is a participant in a prescribed binding scheme;

• we believe that the overseas recipient is subject to privacy laws in a prescribed country; or

• we otherwise believe that the overseas recipient is required to protect your personal information in a way that, overall, provides comparable safeguards to those in the New Zealand Act (for example pursuant to a data transfer agreement entered into between us and the overseas recipient).

Your rights and controlling your personal information

Your choice: Please read this Privacy Policy carefully. If you provide personal information to us, you understand we will collect, hold, use and disclose your personal information in accordance with this Privacy Policy. You do not have to provide personal information to us, however, if you do not, it may affect our ability to provide our Services to you and your use of our Services.

Information from third parties: If we receive personal information about you from a third party, we will protect it as set out in this Privacy Policy. If you are a third party providing personal information about somebody else, you represent and warrant that you have such person’s consent to provide the personal information to us.

Anonymity: Where practicable we will give you the option of not identifying yourself or using a pseudonym in your dealings with us.

Restrict and unsubscribe: To object to processing for direct marketing/unsubscribe from our email database or opt-out of communications (including marketing communications), please contact us using the details below or opt-out using the opt-out facilities provided in the communication.

Access: You may request access to the personal information that we hold about you.  An administrative fee may be payable for the provision of such information. Please note, in some situations, we may be legally permitted to withhold access to your personal information. If we cannot provide access to your information, we will advise you as soon as reasonably possible and provide you with the reasons for our refusal and any mechanism available to complain about the refusal. If we can provide access to your information in another form that still meets your needs, then we will take reasonable steps to give you such access.

Correction: If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, please contact us using the details below. We will take reasonable steps to promptly correct any information found to be inaccurate, out of date, incomplete, irrelevant or misleading. Please note, in some situations, we may be legally permitted to not correct your personal information. If we cannot correct your information, we will advise you as soon as reasonably possible and provide you with the reasons for our refusal and any mechanism available to complain about the refusal.

Complaints: If you wish to make a complaint, please contact us using the details below and provide us with full details of the complaint. We will promptly investigate your complaint and respond to you, in writing, setting out the outcome of our investigation and the steps we will take in response to your complaint. If you are not satisfied with our response and you are in Australia, you also have the right to contact the Office of the Australian Information Commissioner, and if you are in New Zealand, you may contact the Office of the New Zealand Privacy Commissioner.

Storage and security

We are committed to ensuring that the personal information we collect is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures, to safeguard and secure personal information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.

While we are committed to security, we cannot guarantee the security of any information that is transmitted to or by us over the Internet. The transmission and exchange of information is carried out at your own risk.

Cookies

We may use cookies on our website from time to time. Cookies are text files placed in your computer's browser to store your preferences. Cookies, by themselves, do not tell us your email address or other personally identifiable information. If and when you choose to provide our online website with personal information, this information may be linked to the data stored in the cookie.

You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our website.

Links to other websites

Our website may contain links to other party’s websites. We do not have any control over those websites and we are not responsible for the protection and privacy of any personal information which you provide whilst visiting those websites. Those websites are not governed by this Privacy Policy.

Use of geo-localisation data

We collect your precise or approximate location via our mobile application for the following purposes:

• to help you find churches in your location area for the purposes of giving tithes, offerings or donations;

• for security and safety;

• to prevent and detect fraud; and

• as permitted by law.

  We collect this information when our mobile application is open (whether on-screen or not). If you do not want us to use your location for the purposes above, you should turn off the location services in your account settings in the mobile application or in your mobile phone settings. If you do not provide location information to us, we may not be able to provide our Services to you.

Amendments

We may, at any time and at our discretion, vary this Privacy Policy by publishing the amended Privacy Policy on our website. We recommend you check our website regularly to ensure you are aware of our current Privacy Policy.

For any questions or notices, please contact our Privacy Officer at:

Seventh-day Adventist Church (SPD) Ltd ABN 59 093 117 689

Address: 148 Fox Valley Road, Wahroonga NSW 2076 Australia

Telephone: (02) 9487 3333

Email: [email protected]

Last update: 21 March 2022