Last updated March 2023
Our non-profit organisation, Tough Guy Book Club Ltd. (referred to herein as TGBC), is committed to protecting the privacy and personal information of our members, donors, volunteers, and supporters. This privacy policy outlines our approach to collecting, using, disclosing, and protecting personal information in accordance with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth) (Privacy Act). We take our privacy obligations seriously and are committed to complying with the APPs under the Privacy Act. Questions about the information within this policy, requests for information and any other inquiries related to privacy as they regard TGBC can be directed via email to [email protected]
Open and transparent management of personal information
We are committed to acknowledging how we manage the personal information of our members and volunteers. All personal information collected is voluntarily supplied by attending members and volunteer leadership including but not limited to names, age, emails, phone numbers, addresses, and photographs. Where necessary for event purposes, additional dietary and medical information may be requested and collected. Transaction data as required for the operations of our online store is captured and may include the following: your name, email address, billing address, shipping address, payment method information (such as credit or debit card number, bank account information or payment card image selected by you), merchant and location, purchase amount, date of purchase, and in some cases, some information about what you have purchased and your phone number and past purchases.
Anonymity and pseudonymity
Where possible and if requested, we will provide individuals with the option of remaining anonymous or using a pseudonym when interacting with us where it is lawful and practicable to do so.
Collection of solicited personal information
We will only collect personal information that is necessary for our functions or activities and will do so by lawful and fair means. Individuals are also made aware as a notice of the collection verbally or in writing and to the purposes for which any information is being collected.
Dealing with unsolicited personal information
If we receive unsolicited personal information, we will determine whether it is necessary for our functions or activities. If it is not, we will destroy or de-identify the information as soon as practicable, provided it is lawful and reasonable to do so.
Notification of the collection of personal information
We will notify individuals about the collection of their personal information at or before the time of collection, or as soon as practicable afterwards.
Use or disclosure of personal information
We will only use or disclose personal information for the primary purpose for which it was collected, or for a related secondary purpose that is within the individual's reasonable expectations. Where a request sites beyond these expectations, TGBC will act only with the individual's consent.
Direct marketing
We will only use or disclose personal information for the purpose of direct marketing for TGBC, its events, supporters and promotions. If we have obtained the individual's consent, or if it is impracticable to obtain consent, we will provide an opt-out mechanism. TGBC and its affiliates will never sell, use or distribute personal information to third-parties for unrelated activity, promotions, or organisational profit.
Cross-border disclosure of personal information
If we need to disclose personal information to an overseas recipient, we will take reasonable steps to ensure that the overseas recipient does not breach the APPs.
Adoption, use, or disclosure of government related identifiers
We will not adopt a government related identifier as our own identifier, or use or disclose a government related identifier unless it is required by law or necessary for our functions or activities.
Quality of personal information
We will take reasonable steps to ensure that the personal information we collect, use, or disclose is accurate, up-to-date, and complete.
Security of personal information
We will take reasonable steps to protect personal information from misuse, interference, loss, unauthorized access, modification, or disclosure. Including critical assessments of supporting systems, processes and software deployed as part of the operational requirements of TGBC.
Access to personal information
We will provide individuals with access to their personal information upon request, unless there is a lawful reason not to do so. We will also take reasonable steps to correct personal information that is inaccurate, out-of-date, incomplete, irrelevant, or misleading. Requests for information can be directed to [email protected] and will be responded to within 30 days as required by Australian privacy law.
Correction of personal information
If an individual believes that their personal information is inaccurate, out-of-date, incomplete, irrelevant, or misleading, they may request that we correct the information. We will take reasonable steps to correct the information unless we believe that there is a lawful reason not to do so.