Need to report misconduct or abuse? Report to Kooyora online ->, by calling 1800 135 246, or by mailing enquiries@kooyoora.org.au.

Privacy

In the course of ministry and practice the church collects personally identifiable and sensitive information about individuals. This information must be handled securely, privately and only according to its primary purpose of collection.

Privacy

The range of activities in which our churches and organisations engage means that there are a number of uses for personal and/or sensitive information within the Presbyterian Church of Victoria (PCV). The collection and use of this information is bound by the Privacy Act 1988 and the Australian Privacy Principles (APPs), as described in the PCV Privacy Policy.

Anyone who deals with the collection, management and transfer of personally identifiable data on behalf of the church will need to understand and comply with the terms of the churchโ€™s privacy policy. This policy applies broadly to denominational and congregational activities of the church, but may not apply to specific initiatives e.g. schools or aged care facilities. This policy does not apply to personal collection or use of information by individuals.

Church sessions, boards, presbyteries, committees and employees should familiarise themselves with the policy and minute their adoption of it. Privacy Policy Training is recommended for anyone in these roles.

MR CAMERON GARRETT: CLERK OF ASSEMBLY

๐Ÿ“ž Phone: 03 9650 9311
๐Ÿ“ง Email: cam.garrett@pcv.org.au

Guidelines

The following guidelines are adapted from the PCV Privacy Policy Guidelines as adopted by the General Assembly of Victoria, available for download above.

Personal information includes a broad range of facts or opinions that could identify an individual. This includes their name, their address, their contact details, government identification, digital footprints, financial details, marital status, age, and other distinct characteristics or identifiers.

Sensitive information is a subset of personal information that specifically includes information about an individual's racial or ethnic origin, political opinions or associations, religious or philosophical beliefs, memberships or associations, sexual orientation or practices, criminal record, health or genetic information, or biometrics.

Personal information may only be used or disclosed for the purposes allowed in the privacy policy. Personal information should be held securely and not used in any way without obtaining permission from the person whose information has been collected.

The Privacy Compliance Checklist may be used as a self-assessment aide for sessions implementing the church's privacy policy.

Collection of Personal Information

APP 3 outlines an entity's obligation to notify individuals of the collection and intended use of their personal information. Information may only be collected with consent and where necessary for one or more of the church's functions or activities. People must know how and why data is collected, and how it will be used. A collection notice referencing the privacy policy must be included on any form soliciting personal information.

This includes e.g. lists and records identifying congregation members, attendees of church activities, baptismal and wedding registrations, and oral information provided during church services.

โ•
E.g. "Personal and sensitive information collected by [insert name] will be used in conformity with the privacy policy of the Presbyterian Church of Victoria. If you do not want your information to be used by us please do not provide it to us. A copy of the privacy policy can be found at pcv.org.au or mailed to you on request."

Disclosure of Personal Information

APP 6 outlines when an entity may use or disclose personal information. Where personal information is being used as consented to and expected by the individual whom it concerns, the church or organisation disclosing or publishing this information must take reasonable steps to ensure it is accurate (APP 10) and can be corrected by the individual if it is not (APP 13). This applies to both physical and digital publishing.

This includes e.g. contact directories maintained and shared across churches or presbyteries. The Personal Contact Info and Media Release Form has been provided for individuals to consent to the use and disclosure of their personal information for this purpose.

โ•
E.g. "The information in this document has been collected and published in conformity with the privacy policy of the Presbyterian Church of Victoria. If you would like to update any information in this document please contact us at [insert contact]. A copy of the privacy policy can be found at pcv.org.au or mailed to you on request."

Photos, videos and audio recordings of individuals are a form of personal information, and require explicit consent to be published. If photos, videos or audio recordings are going to be taken at an event participants must be informed, e.g.:

  • With a printed sign displayed at the entrance.
  • With a verbal announcement during the event.
  • On the registration form before the event.

The photographer(s) and/or videographer(s) must be instructed to give people opportunity to move out of any photo/video.

โ•
E.g. "[insert name] will be taking photos and videos today which may be published in print or online on the church website, in publications or on social media. If you donโ€™t want your image used, please make sure you are not in any photos or videos by moving out of the photo/video. The photographer will wait for you to move out before taking it. If you are in a photo or video we will understand this as your consent for your image to be published."

Email Newsletters

The responsibilities of entities sending broadcast email (also known as direct marketing), including newsletters, are regulated by APP 7, the Spam Act 2003, and Spam Regulations 2021. In short - broadcast email requires consent from every person you are emailing, and a way to opt-out or unsubscribe.

Churches and organisations may not disclose email addresses they have collected to external entities without the consent and/or reasonable expectation of this disclosure by the individuals concerned. Collection of an email address for one purpose, e.g. a COVID-19 check-in form, does not imply consent to use of that email address for another purpose, e.g. receiving a newsletter.

Confidential Pastoral Duties

APP 11 outlines an entity's obligation to take reasonable steps to protect personal information from misuse and unauthorised access, among other protections. Ministers, elders, and pastoral carers/deacons may from time to time collect personal and sensitive information from individuals in the course of pastoral duties, e.g. counselling.

If this information is recorded, the person whose data is being collected must be advised of the information's collection and use pursuant to the privacy policy, and assured that information collect will not be disclosed to a third party.

If records of personal information are no longer relevant or appropriate to maintain, e.g. the minister has moved to a different parish, they must be securely destroyed or de-identified.

โ•
E.g. "Personal and sensitive information collected will be kept confidential and used only as allowed by the privacy policy of the Presbyterian Church of Victoria. If you do not consent to my retention and use of your information for this purpose, please tell me. A copy of the privacy policy can be found at pcv.org.au or mailed to you on request."

Privacy and Children Under 18

The privacy of children and young people must be protected in the conduction of the church's children's ministries. For an individual to consent to the use of their personal information, they must have capacity to consent. Within the PCV, parent or guardian consent must be given in writing for a child under 18's personal information to be collected, with the purpose and use of the collected information or images clearly outlined. This includes photos, videos and audio recordings.

  • Do not allow photographers to be unsupervised or with individual access to children. Do not allow individuals to take or post photos of children online at church or at a church event without their parental consent.
  • Make sure professional photographers engaged by a church or organisation are aware that photos or videos taken of children will remain the property of the church and cannot be used or sold for other purpose. Communicate this in writing prior to the engagement.
  • Be mindful of accompanying photos with personal information, e.g. the child's name, address, contact details, hobbies, likes or dislikes, or school. Group photos reduce the risk of identifying children. This is both a matter of privacy and of protecting children from grooming.
  • Be mindful of where images are shared and who has access to them. E.g. a parent may consent to sharing of photos privately with other participants, but not to sharing the image publicly on social media.
  • Use images of children sparingly and only as relevant to church activities. Take particular care when using images of children involved in activities with minimal clothing, e.g. swimming.

Access Requests

APP 12 outlines an entity's obligations to provide individuals with access to personal information held about them on request. When seeking access to your own personal information collected and held by the church, proof of identity will be required.

The church requires a 100 point check, an equivalent identity check used across Australia. Documents must be current and contain your full name. You must provide one primary document, one secondary document containing a photograph, and any additional secondary documents to add up to at least 100 points.

Requests for access are considered on a case-by-case basis and may or may not be granted, either in full or in part.

Primary Identification Documents - 70 points
  • Birth Certificate/Birth Extract
  • Australian Citizenship Certificate
  • Australian Passport (current, or expired within the previous two years, but not cancelled)
  • International Passport (current, or expired within the previous two years, but not cancelled)
  • Other document of identity having the same characteristics as a passport e.g. diplomatic/refugee (photo or signature)
Secondary Identification Documents - 40 point initial, 25 points additional
  • Current license or permit (government issued)
  • Foreign/international driver's license
  • Working With Children Check/Teacher's Registration Card
  • ASIC/MSIC Card
  • Public Employee Photo ID Card (government issued)
  • Department of Veteran's Affairs Card
  • Centrelink Pensioner Concession Card or Health Care Card
  • Current Tertiary Education Institution Photo ID
  • Reference from a doctor (must have known the applicant for at least 12 months)
  • Proof of Age card (government issued)
  • Medicare Card
  • Private Health Care Card
  • Council Rates Notice
  • Property Lease/Rental Agreement
  • Property Insurance Papers
  • Tax Declaration
  • Superannuation Statement
  • Seniors Card
  • Electoral Roll Registration
  • Motor Vehicle Registration
  • Insurance Documents
  • Professional or Trade Association Card