Aboriginal Hostels Limited (AHL) adopts best privacy practice. AHL adheres to the ‘Guidelines for Federal and ACT Government Websites’, issued by the Office of the Australian Information Commissioner (OAIC). AHL seeks to comply with the Australian Privacy Principles (APP’s) under the Privacy Act 1988.
This Statement explains the type of information that is collected by AHL, for what purpose and how such information is used, if that information is disclosed and to whom, and addresses any other relevant policies.
All privacy concerns should be made in writing and directed to:
FOI Contact Officer
Aboriginal Hostels Limited
PO Box 30
Woden ACT 2606
Or email: email@example.com
Information AHL Collects
Your email address
AHL will only record your email address if you provide it to us. It will only be used for the purpose for which you have provided it and will not be added to a mailing list. We will not use your email address for any other purpose, and will not disclose it, without your consent.
AHL online resident survey
Once a year, AHL conducts an online survey of its residents to determine the level of service being received and what can be done to improve our services. Only nominated AHL staff view these surveys for the purpose of collating the information and reporting the statistical data. The information provided in the survey remains private and confidential and is not viewed by Hostel Managers, Hostel Staff, Houseparents or Residential Youth Workers. Survey material is used to report statistical data to the Australian Minister for Indigenous Affairs and other government departments to improve services provided to Indigenous Australians.
AHL periodically collects photos of residents to be used on the AHL website or for AHL publications such as the Annual Report or Hostel News. When staff take these photos, a consent form is provided that is signed by the person photographed to allow AHL to include the photos in publications or on our website.
Resident information collected and stored in AHL’s Reservation Management System (RMS)
AHL’s Reservation Management System, RMS, collects and stores information for all its residents who stay at hostels, and organisations who refer residents to AHL. The data collected is used for the purpose of identifying residents and organisations. It is entered into the RMS database by authorised AHL staff. The primary information collected includes:
- Resident Name - Organisation Name
- Resident Address - Organisation ABN
- Resident Date of Birth - Organisation Address
- Resident Contact Details - Organisation Contact Person
- Resident Next of Kin - Organisation Contact Details
- The last 4 digits of some form of acceptable ID
The information collected is housed in a data centre that hosts RMS’s client data which has been assessed by the Australian Signals Directorate (ASD) as meeting Australian Government Standards. The RMS systems and facilities have been assessed as meeting Australian Privacy Principles (APP).
Vendor information collected and stored in AHL’s Financial Management Information System
AHL’s Financial Management Information System, Great Plains (GP), collects and stores information for all its vendor and debtor accounts as these form part of the invoicing issuance and payment process. The primary information collected includes:
- Vendor/Debtor Name - Vendor/Debtor Category
- ABN - Vendor/Debtor Type
- Address - Vendor/Debtor Email
- Contact number
- BSB and Account # (vendors only)
This information is collected from AHL vendors and debtors, and only authorised AHL staff in the Finance Division have access to the data in GP. The data is stored on a secure data centre which meets PSPF/ISM compliance. The collected information is used as follows:
- Invoice issuance for debt recovery purposes. The invoice will include the name and address of the debtor. This stored information is automatically merged into an account receivable tax invoice.
- Invoice payment process and vendor account setup.
How we collect information
The Internet, including the AHL website does not provide secure transmission of data. The Internet is an insecure medium and users should be aware that there are inherent risks transmitting information across the Internet. Information submitted unencrypted via email or web forms may be at risk of being intercepted, read or modified.
If you do not wish to email or send an online form to AHL, you can send mail through the post at the address above.
Information provided to AHL will only be used for the purpose for which you have provided it and not disclosed to any other party unless stated as otherwise.
Industry Development and Financial Viability information provided as part of an Endorsed Supplier Arrangement (ESA) application is provided to the Department of Communications and the Arts, and Dun and Bradstreet respectively for assessment and will not be provided to any other party.
The AHL website contains links to other sites. AHL is not responsible for the privacy practices or the content of these websites.
When you visit the AHL website, our Internet Service provider (ISP) makes a record of your visit and logs the following information for statistical purposes – the user’s server address, the user’s top level domain name (eg .com, .gov, .uk etc), the date and time of the visit to the website, the pages accessed and documents downloaded, the previous site visited, and the type of browser used. No attempt will be made to identify users or their browsing activities except, in the unlikely event of an investigation where a law enforcement agency may exercise a warrant to inspect the ISP’s log of files.
A cookie is a small file sent by AHL’s web server onto the user’s web browser software when the user accesses the AHL website. (A detailed explanation of cookies can generally be found at the site of the Office of the Australian Information Commissioner (OAIC)).
Some parts of the AHL website may use a cookie to maintain contact through a session. The cookie allows AHL to recognise you as an individual as you move from one page of the website to another. The cookie will expire on the close of your browser session, or on the closing down of your computer. Our copy of your information will be automatically deleted within 24 hours after you last access the website. This information is analysed to show broken links in our website, bottlenecks, or any other website problems. We use this information to redesign for efficiency of use. No attempt is made to identify anonymous users or their browsing activities unless legally compelled to do so, such as in the event of an investigation where a law enforcement agency may exercise a warrant to inspect the ISP’s log of files.
Domain name – the code for the country or type of Internet connection a user comes from, such as, .com.au
Information Privacy Principles – 13 principles established under the Privacy Act 1988. Australian and ACT government agencies must comply with these principles in their handling of personal information in their possession.
The principles can be accessed at https://www.legislation.gov.au/Details/C2016C00979
Internet Service Provider (ISP) – a company or organisation that provides access to the Internet for users.
Law enforcement agency – an agency of the Australian, state or territory government such as the Australian Federal Police (AFP), which exercises powers such as executing a warrant to seize documentation or goods, or to search premises etc.
Requests for personal information or amendments thereto
Under the Privacy Act 1988, AHL is obliged to verify the identity of current or former staff when responding the requests for access to or amendments to personal information held by AHL.
To this end, current staff are to make any requests either in writing or by email using either their AHL email address or the email address recorded on the AHL payroll system.
Former staff are to complete this request for information form at Attachment A, noting that a copy of acceptable photo identification (driver’s licence, passport etc.) is to be provided with the form. The photo identification will be destroyed by AHL once the identity of the person has been verified.