Mosaic Baptist Church

Connect > Grow > Share

You are here: Home / Legal / Privacy Policy

 

Privacy Policy 

 Adopted by Mosaic Baptist Church Board on 16 April 2024 

 The Church is committed to the privacy and security of the personal and sensitive information which we collect and hold. 

This Privacy Policy describes how the Church collects, uses, holds and discloses personal information and sensitive information as defined in the Privacy Act 1988 (Commonwealth) (the Privacy Act). We may update this Privacy Policy and, if we do, we will consider how to distribute to relevant stakeholders as appropriate (for example, via our church website or noticeboard). 

Application of the Privacy Act to the Church 

The Privacy Act does not currently apply to the Church due to the Church falling into the ‘small business exemption’1. Notwithstanding this, the Church has adopted this policy to be transparent about the way it collects, uses, holds and discloses personal information and sensitive information. 

Types of information we may collect and hold 

Personal and sensitive information 

The Church collects personal information during its programs, services and activities, and for the purposes of communicating with those that attend the Church or have expressed interest in the Church. The types of personal and sensitive information we may collect may include a person’s name, gender, occupation, contact details, date of birth, financial information, medical and health information, criminal history, and associations with other organisations as relevant. 

Personal information may be kept in various places including: a church directory or database; volunteers register; attendance records; pastoral care planning; written and email correspondence; and financial statements. We will normally collect this personal information directly from the person. We do not generally collect sensitive information unless it is relevant. 

Web information 

We also collect metadata relating to website usage, including by using cookies, for statistical and administrative purposes. The types of information collected include a person’s server address, domain name or IP address, the date, time and duration of the visit, the pages accessed, and documents downloaded, and other information. 

If a person does not wish to receive any cookies, they may set their browser to refuse cookies. However, this may impact on website functionality and the services provided to them. 

Use and disclosure of information 

The Church will not use or disclose personal information or sensitive information unless the following applies: 

  • it is necessary to fulfil the purpose for which it was collected; 
  • the church engages consultants or auditors for advice or assistance; 
  • the person would reasonably expect the use or disclosure; 
  • the Church is required by law, or has an obligation, to use or disclose the information or there is another permitted purpose; or 
  • the person consents to the use or disclosure. 

For example, we may collect personal information in relation to an enquiry you have made about a mission partner of the Church. We might use and disclose this information to the mission partner so that we can respond to your enquiry. 

We may use or disclose this information for the purposes of delivering our programs and services and in the ordinary course of our business, including for the purpose of planning, praying or co-ordinating care. 

Storage and security of information 

The Church will take reasonable steps to ensure that all personal information or sensitive information we collect is held in a secure format and protected from loss and misuse, as well as unauthorised access, modification, disclosure, alteration, or destruction. The information may be held either in hard copy or electronically. 

We will hold the information we collect on systems managed and maintained by us and/or our third-party IT and database service providers who may create a backup of our data and store that backup in overseas jurisdictions.  Generally, the Church will prefer that any data backups will be in Australia or secure overseas jurisdictions. 

Retention and destruction of personal and sensitive information 

Where possible the Church will destroy or de-identify personal and sensitive information as soon as practicable once it is no longer needed for the purpose for which it was collected.  We will take reasonable steps and use appropriate techniques and processes when destroying information. 

In accordance with the Church’s Safe Church Policy the Church will securely retain any records related to staff and volunteers, children’s and youth ministry programs, child protection concerns, and insurance policies, for a period of at least 45 years (preferably 100 years). 

Access 

Requests for access to personal information or sensitive information held by the Church may be made by contacting the address below. If the request is deemed appropriate by the Church, we will endeavour to provide the information in a suitable timeframe, if it is reasonable accessible. We may charge a fee to cover our administrative costs in providing the information. 

Questions and feedback 

Questions or feedback about this policy, including any concerns about how the Church manages personal and sensitive information, should be directed to: 

Operations Manager
(02) 6254 6565
office@mosaicbaptist.org.au 

DOWNLOADABLE VERSION

Share this post:

Share on SMS Share on WhatsApp Share on LinkedIn
Mosaic Baptist Church