This Policy has been compiled in accordance with the Australian Privacy Principles (specifically APP 1.3 and 1.4) and the Australian Government Agencies Privacy Code. It describes how the Australia Sports Commission (ASC) protects the personal information it holds and complies with the Privacy Act 1988 (Cth).
The Australian Sports Commission (ASC), referred to in this Policy comprises both the Australian Institute of Sport (AIS) and Sport Australia.
The ASC is Australia’s primary national sports administration and advisory agency, and the cornerstone of a wide-ranging sports system. On behalf of the Australian Government, the ASC delivers key programs in line with the Australian Government’s sport policy objectives; providing financial support and other assistance to people and sporting organisations to deliver participation and high performance results; and building collaboration and capacity within the Australian sport sector.
Its activities and services include:
In undertaking its activities the ASC collects personal information. The personal information that the ASC holds will depend on the nature of the activity or service. It may include (but is not limited to) a person’s name, contact details, date of birth, occupation, family background and financial records.
The ASC will only collect personal information to the extent relevant for the relationship it has with each person.
The ASC also holds sensitive personal information, for example about an employee or an athlete. This may include information about health, disability, racial or ethnic origin, criminal convictions, personnel files, employment histories and tax file numbers.
The Privacy Act places restrictions on collecting sensitive personal information about persons. The ASC may collect sensitive information when:
If the ASC conducts online collaboration, social media or market research, it may also ask for public opinions about its services or staff. The ASC will treat these opinions as personal information in accordance with the APPs if they contain personally identifiable information.
If it is reasonable and practical to do so, the ASC will collect personal information directly from the persons concerned and with their consent. This may be through application forms, over the telephone, the Internet, or in person.
The ASC may also need to collect personal information from other people or organisations. This information is collected with the person’s consent, except for in circumstances allowed for by legislation. Sometimes this may happen without direct involvement. Some examples of the people or organisations from which the ASC may collect personal information about persons are:
So that the ASC can better tailor information and services to individual needs, when it sends email messages, it may use technology to identify persons to know when email is opened or links used within an email.
If persons log into the ASC intranet/extranet services, information will be collected from them to confirm their identity.
The ASC will hold the information it collects on electronic systems, and where appropriate in paper format. The ASC has an electronic documents and records management system that complies with government and archival standards and legislation.
The ASC holds its information on a cloud based system. Individual services may also use third party cloud services. Where third party cloud services are used the service will have been subject to an ASC risk assessment and be compliant with the privacy and security standards required by the ASC in protecting personal information.
Depending on the nature of a person’s relationship with the ASC, they may not need to personally identify themselves.
Persons generally have a right to pseudonymity or anonymity when dealing with the ASC, unless:
The ASC seeks to maintain the quality of its information holdings by taking reasonable administrative and technical steps to make sure that the information collected, used and disclosed is accurate, complete and up-to-date. For example, the ASC employs audit and access control functions within its ICT systems to ensure information is not lost or damaged and conducts ongoing reviews of its holdings to ensure information currency.
The ASC commissions and utilises up-to-date techniques and processes, which meet current Australian government requirements to protect personal information from misuse, loss and unauthorised access, modification or disclosure.
Paper documents are protected from unauthorised access or use through the various physical security systems that we have over our premises. We also maintain or procure up-to-date computer and network security systems with appropriate firewalls, access controls and passwords to protect personal information held digitally.
The only people who have access to personal information are employees of the ASC, those staff accredited by partner sport organisations, and those who perform services for the ASC who need personal information to do their jobs. All employees of the ASC are made aware of good privacy practices and are bound by the ASC Code of Conduct to not misuse personal information. Those who perform services on the ASC’s behalf are also bound by contractual agreements that include privacy clauses.
If we no longer require an individual’s personal information, we will take reasonable steps to destroy it in a secure manner or remove identifying features from it. This is subject to any legal obligation (such as the Archives Act 1983) that requires the ASC to keep information for a certain period of time.
The ASC may provide personal information to external organisations. Generally, these are organisations that help the ASC conduct its programs and activities. These organisations may include:
The ASC seeks to work collaboratively with a range of sport organisations (including sporting organisations, Australian State and Territory Institutes and Academies of Sport and state and territory government departments) to deliver its programs. This collaboration includes using shared information holding systems and sharing information which was collected for the primary purpose of delivering sport services. Where the ASC shares personal information it will do so where the system and the organisation meets the privacy expectations of the ASC.
The ASC strives to limit the information it provides to other external organisations to what they need to provide their services to us - or to provide services to ASC clients. The ASC ensures that any organisation that it contracts with:
The ASC may also need to provide personal information to external parties where:
The ASC seeks to limit where possible the disclosure of personal information to overseas recipients.
The ASC provides its services to Australian sport and Australian athletes throughout the world, which at times requires personal and/or sensitive personal information to be disclosed overseas. The ASC maintains a permanent overseas facility in Italy and other overseas locations on a temporary basis (for example during Olympic and Paralympic Games).
The ASC may also need to provide personal information to overseas recipients, where:
The ASC contracts overseas commercial organisations to provide products or services to the ASC or its clients. These agreements are entered into where:
Any person who believes that the ASC holds personal information about them may contact the agency to seek access to that information in accordance with APP 12.
Please view the ASC Procedures for accessing and correcting personal information for more information.
If after accessing information held about any person, they consider that it is inaccurate, out-of-date, incomplete, irrelevant or misleading for the purposes for which it is held, then they may request the ASC to amend it in accordance with APP 13.
In the first instance a person can request access to their personal information by contacting the ASC.
Australian Sports Commission
PO Box 176 Belconnen ACT 2616
By email: firstname.lastname@example.org
The ASC may not always be able to provide access to all the personal information it holds about a person. For example, it may not be able to provide access to information that would reveal personal information about another person. Any person may also obtain access to their personal information held by the ASC through the Privacy Act 1988 and the Freedom of Information Act 1982.
The ASC will be efficient and fair when investigating and responding to any privacy complaints.
The ASC complies with the Guidelines published by the Office of the Australian Information Commissioner in relation to complaints management.
Any privacy complaints received by the ASC must be in writing and will be initially investigated by the ASC Privacy Officer, and will be escalated as required. The ASC will respond to all complaints within a reasonable time period appropriate to the specific complaint.
Any person may also complain to the Australian Privacy Commissioner who may investigate the ASC’s actions. The Commonwealth Ombudsman may also investigate complaints about ASC actions. However, the Commonwealth Ombudsman and the Privacy Commissioner will consult to avoid the same matter being investigated twice.
The ASC is committed to protecting online privacy in accordance with Guidelines for Federal and ACT Government World Wide Websites issued by the Privacy Commissioner.
The ASC records visits to this website and logs the following information for statistical purposes:
The information is used to analyse our server traffic. No attempt will be made to identify users or their browsing activities except where authorised by law. For example in the event of an investigation, a law enforcement agency may exercise their legal authority to inspect the internet service provider's logs.
If you send us an email message we will record your contact details (in accordance with government record keeping standards). This information will only be used for the purpose for which you have provided it. We will not use your email for any other purpose and will not disclose it without your consent except where such use or disclosure is permitted under an exception provided in the Privacy Act.
When users choose to join a mailing list their details are added to that specific mailing list and used for the stated purpose of that list only. You will not be added to any mailing list without your consent.
As a user, you need to be aware of inherent risks associated with the transmission of information via the Internet. If you have concerns in this regard, the ASC has other ways of obtaining and providing information. Normal mail, telephone and fax facilities are available.
The ASC is not responsible for the privacy practices or the content of the linked web sites or of other content hosted by the ASC on behalf of third party agencies or organisations.