In recent months data breaches have become a prominent topic. Here at Cancer Council WA, we take protecting your data very seriously.
Whenever you head to our website or decide to generously donate via our fundraising pages, buy a raffle ticket or communicate with us online, you might wonder what data is gathered, and how that affects you.
We want to make sure that we’re as careful and transparent as possible when we capture data, store it, and most importantly, how we use it.
Why we collect your data
We may require personal data to communicate with you about products, services, campaigns, and events that you might be interested in. We also need these details to update you on organisational operations and activities.
As a community-funded organisation, we may contact those who indicate they might wish to assist us in the future. Your support enables us to continue to provide support for West Australians impacted by a cancer diagnosis.
Any time we use your personal information to send you marketing and promotional information by post, email, or telephone, we will provide you with an opportunity to opt-out of receiving any further communications.
How we collect personal data
In most cases, we collect personal information directly from you. This may be in person, on the telephone or online.
We may also collect personal information through written correspondence, such as emails, mail and SMS.
To provide some of our services, we may collect personal information from third parties including, health and support service providers, fundraisers, event partners, families, and friends.
We will use your personal information to communicate with you ourselves about our own events, services, programs, and initiatives.
Where and how we store your data
We take all reasonable steps to protect the personal data that we hold from misuse, interference, and loss, and from unauthorised access, modification, or disclosure.
Your personal information will be stored in password protected electronic databases. These databases are maintained both on premise at Cancer Council WA and by a cloud hosting service provider or other third-party database storage providers. Backups of electronic information are written to drives, which are stored offsite.
Where personal information is stored with a third-party, we have arrangements which require those third-parties to maintain the security of the information. All donations and raffle ticket purchases are processed through fundraisin.co which is widely used within the not-for-profit sector, due to their highly secure payment portal. It is well respected nationally and internationally. We use Stripe and PayPal for processing donation payments. Both Stripe and PayPal are required to comply with PCI DSS (Payment Card Industry Data Security Standards) which is a set of comprehensive requirements all businesses that handle credit and debit payments must comply with.
Our commitment to data security
We are committed to taking every reasonable precaution to protect your data and privacy. To meet this commitment, we constantly monitor our compliance and improve on any areas we identify as needing additional development.
We take every reasonable step to protect your personal information against a data breach. We also abide by the requirements of the Privacy Act’s Notifiable Data Breach Scheme.