This policy refers to all Citipointe Committee of Management members (hereafter referred to as COM) employees, contractors, volunteers, students/interns, church members, potential church members and visitors. This policy also applies to all Citipointe Church Australian Locations, our online store, and Citipointe Worship.
- To provide a policy which complies with the Information Privacy Act 2009 (Qld) hereafter referred to as “the Act”.
- To provide a policy which serves the members and potential members or any persons having any dealings with Citipointe.
- To provide guidelines regarding the personal data collection of members and potential members or any persons having any dealings with Citipointe.
- To Identify the scope of information collected.
- To provide a framework for data security and confidentiality.
- To provide members and potential members or any persons having any dealings with Citipointe with an avenue to review personal information held by Citipointe about them.
- To provide adequate privacy protection as a necessary condition for Citipointe to participate in e-communications and e-transactions.
Personal information provided by you will always be used according to the Australian Privacy Principles as amended from time to time. These principles include:
- how we collect your personal information;
- how we use or disclose it;
- how we maintain it;
- our transparency with it;
- how you can access and correct your data;
- your right to anonymity; and
- transborder data flows (if applicable – e.g. if you were a member of a Citipointe missions team travelling to Cambodia where some of your personal information might be required to be shared).
Why we collect information
We collect your Personal Information so that we can provide you with the product, service or assistance requested by you. We may need your information to maintain contact with you, to keep you informed of our services, to notify you of our conferences, events or activities, for administrative purposes, to process any complaint made by you or against you or for any other related purpose.
What information we collect
The personal information we collect depends on the context of your interaction with us, the method of interaction, the choices you make and the products and features you use.
The personal information we collect from you may include:
- your title, name, gender, occupation, email address, home address or phone number and special dates such as birthdays and anniversaries;
- blue card information;
- your spouse or family details if you have registered together for an event and/or your children for any reason;
- information you provide us with if you are applying to volunteer or work for Citipointe Church or register for one of our courses or events;
- other types of personal information including which small group in the church you belong to, church or small group attendance, details of pastoral contacts, significant events such as dates of salvation, water baptism and course completions;
- notes or personal data (for church and pastoral care purposes); or
- financial information such as donation history and your bank details.
We only collect relevant information we need for church purposes and to pastorally care for you.
Users can visit the Citipointe website without revealing who they are or other personal information unless they place an order, donate or provide us with information in some way. Please be aware of our cookies policy below. Citipointe will not collect any personal information about visitors to the website except when they knowingly provide it.
If you become a regular donor, or are a sponsor, or a volunteer making a payment to Citipointe, or purchase something from our online stores, we partner with third party service providers to manage these initial and/or ongoing payments. If you are a regular donor, you may at any time stop or amend these payments by contacting us at the details below and/or stop or amend these payments by contacting the third party website.
If you have given us your personal information that is of a sensitive nature then we will only lawfully keep and store this information about you if you are a church member or potential member and this information is needed for church purposes and pastoral caring for you. Some examples of sensitive information include: if you provide us with a prayer request, if you have a criminal record, your racial or ethnic origin, information about your health, your philosophical or religious beliefs, your financial circumstances and pastoral care matters.
Exempt Personal Information
In very limited circumstances, the Privacy Act allows us to deal with your Personal Information other than in accordance with this policy. This is allowed when your Personal Information relates to our functions or activities and the information relates solely to you as a Citipointe church member or if you are an individual who is in regular contact with us in relation to our functions or activities or we reasonably believes the Personal Information is necessary or reasonably necessary to protect the life, health and safety of an individual or to protect public safety.
Information from other sources
We may from time to time hear about you from other public sources such as public databases or social media platforms (such as Facebook) as well as from other third parties. For example we may find out more about you from your social media profile; information that you have chosen to make public. This information may be kept and stored if it relates to church purposes and pastorally caring for you.
Video Recording / Photographs
Images of individuals in photographs or film are treated as personal information under the Privacy Act where the person’s identity is clear or can reasonably be worked out from that image. Images of people attending and participating in our services and/or conferences, or other recordings, may be used or shown in part for promotional purposes, resource material and commercial activities. Both video and still photography are an active part of the church life, activities and services. Citipointe uses video and still photography for church related purposes or promotions. In accordance with the privacy act an individual’s consent will be sought if the photograph or video records sensitive information about the individual. Where practically possible Citipointe will seek the consent of individuals in other cases. If you would like to have a video or still image removed from any material, please contact us using the contact details set out below.
How we collect your information
Directly from you
You may give us information either in writing or verbally:
- to indicate your interest in some activity of church life where you consent to be contacted by Citipointe;
- when you attend a group or church service;
- when you contact us by means such as email, text, letter or phone;
- when you engage in informal or formal meetings with staff and volunteers;
- when you book or attend an event or program;
- when you volunteer or work for us; or
- when you purchase goods or services through our website or directly from a Citipointe Location and you provide credit or debit card and/or other details.
Through cookies when you visit our site
In using the Citipointe website, you will be asked to give consent for us to set cookies on your computer. If you do not wish to accept cookies from us, you can opt out of the statement that will appear when you landed on our site. You can also, at any time, change your browser setting to prevent cookies being set.
If you choose to change your settings, you may find that certain functions and features will not work as intended on the Services. If you want to learn more about the general uses of cookies, please visit www.allaboutcookies.org
How we use your information
We will use your personal information for the following reasons:
- to provide adequate pastoral care as a member or potential member of Citipointe;
- to establish and maintain your involvement with Citipointe, including communication from time to time, via methods such as email and phone and by providing you with invitations to special events;
- to provide the products or services you asked us about;
- to answer your inquiry;
- to register you for events, conferences or promotions;
- to assist us to make Citipointe’s sites, services and products more valuable to our community;
- to manage our employees, volunteers, interns and students;
- to fundraise for various related entities of Citipointe;
- to process donations and related legal rights and obligations;
- to record and acknowledge any donation;
- for direct marketing of products or services and to keep you informed of our ongoing activities, updates, news, campaigns and appeals;
- to work with third parties who assist us to operate Citipointe and provide the products or services you have requested, such as religious education instructors, catering and event coordinators, promotions companies, transport providers, health care providers, website hosts and IT consultants, and our professional advisers such as consultants, lawyers and accountants. In some circumstances we may need to disclose sensitive information about you to third parties as part of the services you have requested in order to complete your request.
- For the different parts of Citipointe to enable the development and promotion of other products and services and to improve our general ability to assist Church attendees and the wider community.
We may need to contact you if we suspect that unlawful activity or misconduct of a serious nature that relates to our functions or activities has been, is being or may have happened. We will get in contact with you within 72 hours of knowing something has occurred.
Removing yourself from promotional email and/or SMS communication
In a culture where people receive significant amounts of email or SMS communication, provision must be made for people to opt out of such communication. Citipointe, when communicating via a general marketing or newsletter emails or SMSs will always provide an opt out facility. If you do not wish to receive general marketing or newsletter emails or SMSs, you can tell us when you provide us with your data. If we contact you in this way without obtaining your prior consent, we will provide you with the opportunity to decline any further promotional communications. Citipointe may however email or SMS you regarding individual information which is relevant to you. Removing yourself from receiving promotional material from Citipointe, does not necessarily remove the personal information you have provided to us. If you desire to be removed from all Citipointe active databases please see the section immediately below.
Removing yourself from Citipointe membership and/or the active databases
People select or need to move on from churches for a variety of reasons. At Citipointe we value and respect your decisions. Should you need or desire not to be associated with Citipointe any further, you may request to have your personal information removed from the active databases. Such requests are usually made through the Demographic Pastors but can be made through other authorised staff such as those in charge of Serve Teams or other staff in general or via email@example.com. Once a request is made your personal information will be archived in a secure area in accordance with the section below titled, “How long do we keep your information”.
What we will not do with your information
The information we collect is used only for the purpose we have indicated. We do not and will not:
- sell, trade or rent personal information about you to any other party outside of Citipointe;
- record credit card information you may supply us with for the purposes of making a one off purchase or transaction. All sensitive information such as credit card numbers will be responsibly destroyed after the transaction has been completed;
- pass on your personal information to anyone unless we are legally bound to do so under any federal or state laws;
- process your personal data for other purposes that are not in line with why we collected it in the first place; nor
- disclose Personal Information to anyone otherwise than in accordance with this policy. However, we may share de-identified information for research, training or promotional purposes.
Who gets to see your information
Because we treat your personal information with the utmost respect, we only allow those who ‘need to know’, see it, that is the staff and authorised volunteers of Citipointe whose task it is to process your data. We regularly check that only the right people have access to your data. Remember, it’s rare, but if we are required by law, we have to share your information with a legal, statutory or regulatory authority. In any other circumstance, we will only share your data if we have your explicit and informed consent.
Any information you give us may be held on computers at Citipointe Australian locations and servers based in Australia or in physical form in file systems at Citipointe offices. Personal information is stored on a secure server or in secure files. We use data hosting facilities and third party service providers to assist us with providing our services. As a result, your personal information may be transferred to, and stored at, a destination outside Australia. While we seek to perform our due diligence with respect to these third parties, we are not able to ensure these data hosting facilities and third party service providers will comply with Australian privacy laws, although they may have their own privacy laws. As our websites and social media platforms are linked to the internet, and the internet is inherently insecure, we cannot provide any assurance regarding the security of transmission of information you communicate to us online. We also cannot guarantee that the information you supply will not be intercepted while being transmitted over the internet. Accordingly, any Personal Information or other information which you transmit to us online is transmitted at your own risk.
How to access or update your information
You have a right to know what personal information Citipointe holds about you. We may take steps to verify your identity before making changes to your information. However, depending on the law of the country in which you are a resident, regarding sharing of your personal information, you can request a copy of any personal data that Citipointe holds about you in a number of ways:
- by emailing firstname.lastname@example.org
- by phoning +61 7 3343 8888
- by writing to Citipointe Church PO Box 2111 Mansfield Q 4122 Australia
We will provide you with access to your personal information, free of charge, unless we are legally authorised to refuse your request and we will tell you why your request has been denied. There may be instances where we cannot grant you access to the Personal Information we hold. For example, we may need to refuse access if granting access would interfere with the privacy of others, would result in a breach of confidentiality, is contrary to natural justice or is prohibited by law. If that happens we will tell you. We are unable to update your details if you don’t tell us they have changed. After you tell us, we will take all reasonable steps to correct any of your information which is inaccurate, incomplete or out of date. You can tell us to delete your personal information at any time and so long as by law we are allowed to, we will. If you wish to have your personal information deleted please let us know and if lawfully and practically possible, we will delete all information about you.
How long do we keep your information
We will keep your personal information for as long as it is required and in accordance with the Law and other legal requirements. If you decide you no longer wish to have your personal information on file with us, your information will be archived in a secure area.
Transferring your data
You may wish us to transfer your data from us to another service provider. Just ask. Our response will be determined by the law of the country in which you reside.
Where required by law, a data protection officer will be designated who is responsible for monitoring compliance with policy legislation of the country in which you reside and making sure that your personal data is safe and secure.
Citipointe will take reasonable steps, using appropriate technical measures, to protect any personal information from unauthorised or unlawful processing, against accidental loss, destruction or damage. We have put in place security measures to protect the personal information that we hold from unauthorised access, improper use, alteration, unlawful or accidental destruction or loss, including password protected access. We make sure that only those staff or authorised volunteers with a valid reason are able to access your data. It is not possible to guarantee the security of information over the internet. Please be aware that Citipointe cannot be liable for any breach of security unless we have been negligent. Personal information may also be processed by other third parties operating outside Australia who work for us or for one of our partners. This includes for example Mailchimp which provides email communication services. Our website may contain links to other sites but it does not mean we have any relationship or affiliation with those sites. We have no control over the privacy practices nor the content, quality, or reliability of these sites. Where you have been given or have chosen log in details enabling you to use any of our online services, including but not limited to our online store, Eventbrite or Elvanto, Citipointe’s database system, you are responsible for keeping these login details secure. Any downloads of files from our website are provided at your own risk.
If you are not satisfied with the response you receive from us, you may contact the Federal Privacy Commissioner in one of the following ways:
– By telephoning 1300 363 992; or by writing to the Director of Complaints, Office of the Federal Privacy Commissioner, GPO Box 5218, Sydney NSW 1042.