The Celtic Piping Club Inc. (herein simply called the 'Celtic Piping Club', 'Club' or 'CPC') is an incorporated association run by a volunteer committee in accordance with the Rules of the Celtic Piping Club Inc.
The Club provides a network for people who play or are interested in the various types of Celtic pipes. The aims and key activities of the Club are listed on the Club website www.celticpipingclub.com.
The Club owns and operates a website and other social media channels, including Facebook, Twitter, Instagram and YouTube.
2. Our Commitment to Your Privacy
The Celtic Piping Club is committed to protecting the privacy and security of personal information held about its members. The Celtic Piping Club takes your privacy seriously, and strictly adheres to the Australian Privacy Principles contained in the Privacy Act 1988 (Cth) (referred to as the 'Privacy Act'). We will only collect personal information that is necessary for us to provide the functions that we offer, which includes providing you with the ability to pay for membership fees and events via third parties.
3. Information Collection and Use
In the Privacy Act, personal information is defined as any 'information or an opinion about an identified individual, or an individual who is reasonable identifiable'.
The type of personal information that we generally collect from your may include:
- Contact details - such as name, address, phone number, email address. This is used for identification purposes and to allow us to contact you.
- Date of birth - we need to ask your age to check your eligibility to be an Associate member (no voting rights) or to validate your concession if you are applying for a Concession membership.
- Your piping interests (optional) - we ask you to provide information about your piping interests when you apply for membership, including the type of bagpipes you play and whether you are available to teach or perform. We regularly receive enquiries relating to tuition and performances and are more than happy to refer these to you. This information also helps us plan our events.
The Celtic Piping Club does not collect sensitive information about an individual. In the Privacy Act, sensitive information is defined as 'information or an opinion about an individual’s racial or ethnic origin, political opinions, religious or philosophical beliefs, sexual orientation, criminal record, health information and some aspects of genetic and biometric information'.
When you visit our website, we may collect non-personal information. This anonymous data does not individually identify you and includes browser type, version and language, operating system, pages viewed while browsing the website, page access times and referring website address. This anonymous data is used solely for the purpose of gauging visitor traffic, trends and delivering relevant content.
Our website has links to other websites not owned or controlled by us. We are not responsible for these sites or the consequences of you visiting these sites.
Information collected is for Club business and not for any other purpose.
The Celtic Piping Club will need to collect your personal information for a number of different reasons, dependent on the kind of dealings you may have with the Club. For example, the Club may need information about your when you subscribe to the email newsletter or apply to become a member of the Club.
In general, we will only use or share personal information for the primary purpose that it was collected or for a purpose related to the primary purpose that you would reasonably expect it to be used. For example, we may use your information to contact you about a change in the time of an event.
The Celtic Piping Club collects personal information from you in a number of different ways depending on the type of dealings that you may have with the Celtic Piping Club, e.g. membership application or event ticket sales.
4. Sharing and Disclosing Your Information
Disclosure to Third Parties
The Celtic Piping Club will not sell, rent, trade or otherwise supply to third parties any personal information obtained from you unless you consent. However, the Celtic Piping Club may disclose (share) personal information about you in some circumstances including where third parties help us operate our organisation or provide a service. These third parties may include banks and payment services.
Disclosure to Overseas Parties
The Celtic Piping Club will only transfer personal data overseas in circumstances where:
- the Club reasonably believes that the recipient of the information is subject to legal obligations that are substantially similar to Australian Privacy Principles; or
- the individual who is the subject of the information has consented; or
- the Club has taken reasonable steps to ensure that the information it transfers will not be held, used or disclosed by the recipient inconsistently with the Australian Privacy Principles.
5. Online Purchasing
The Celtic Piping Club uses two e-commerce providers: PayPal for membership and some event sales, and TryBooking for some event sales. Both ensure security and privacy of personal information.
6. How we Store and Manage Your Information
We will act to protect your personal information in accordance with the Australian Privacy Principles. We are committed to keeping the personal information you provide to us secure. We will take all reasonable precautions to protect the personal and sensitive information we hold about you from misuse and loss and from unauthorised access, modification or disclosure.
While we take all due care in ensuring the privacy and security of your personal information, the possibility exists that this information could be unlawfully intercepted while sent over the internet or while stored on our systems or on our website. We disclaim all liability to you should this occur.
Any personal information that is no longer used or required by the Celtic Piping Club will be destroyed.
Electronic Data Management and Security
- Cloud Storage – Electronic data will generally be stored on a secure third party server approved by the Committee.
- Access – While stored on a third party server, the CPC committee is responsible for managing access to this information, i.e. ensuring only the committee has access using secure (password protected) account login.
- Access Tracking – Any third party server or cloud storage used to store CPC information should track access to this information where possible.
- Local Storage – CPC data may also be transferred or synchronised from the cloud storage to users with access to these accounts, i.e. the CPC committee. Users must ensure security of their computer or other devices is reasonably secure so to prevent unauthorised access to CPC information, e.g. by using password protected login.
- Passwords – Anyone with authorised access to CPC information (i.e. the committee), should ensure their passwords are strong. Strong passwords should:
- have a minimum of 12 characters;
- include numbers, symbols, capital letters and lower-case letters;
- not be a dictionary word or combination of dictionary words; and
- do not rely on obvious substitution, i.e. replacing letters with numbers.
- Backups – A secure offline back of CPC electronic information will be maintained in case of cloud storage failure or security breach.
- Member Register – The Club Member Register will be password protected. Access to this register will be permitted on a need to know basis.
- Viruses, Malware & Hacking – Anyone with access to CPC electronic data (i.e. the committee) should take reasonable steps to ensure their computer or device accessing this information is protected against malware, i.e. viruses, worms, spyware and anything designed to gain unauthorised access to this data. It is also recommended that anyone with access to CPC data installs the latest versions of their operating system, including patches and security updates. This also applies to software used to access this data, e.g. web browsers.
- Data Breach – Should the computer or device of any committee member be subject to malware, hacking or other data breach, the committee will be notified and will take action as required.
7. How You may Access and Correct Your Information
You have the right to access your personal information, subject to exceptions allowed by law. If you would like to do so, please contact the secretary using the details below. You may be required to put your request in writing for security reasons.
If you wish to change personal information that is inaccurate or out-of-date, you may contact us. Different ways to contact us are found at the bottom of this Policy.
We may refuse to provide you access to your personal information which we hold, where permitted by the Privacy Act, the Australian Privacy Principles or any other law.
If you no longer wish to receive our email newsletter, you can unsubscribe at any time by using the link at the bottom of the newsletter, or informing us and we will do it for you.
8. Complaints about Privacy
If you have any complaints about our privacy practices, please send details of your complaint to the Club president or secretary using the details below.
If we are unable to resolve your complaint, further privacy information and resolution may be sought from the Office of the Australian Information Commissioner at www.oaic.gov.au.
10. Contacting us