Beyond Blue is committed to protecting your privacy and complying with the Privacy Act 1988 (Cth) (Privacy Act) and other relevant state laws in relation to the management of personal information.
What is personal information?
When used in this Policy, "personal information" has the meaning given in the Privacy Act. Generally, it means any information or an opinion that could be used to identify you.
How do we collect personal information?
We may collect your personal information if you:
- deal with us directly over the phone or via our Support Service.
- have contact with us in person.
- participate in public or closed surveys, questionnaires or conference events.
- register for face-to-face or digital events (such as webinars).
- interact with us online, including through our websites, email, webchats, mobile applications (such as BeyondNow) and social media channels (such as Facebook, Twitter, YouTube, Instagram or LinkedIn – these social media channels will also handle your personal information for their own purposes and have their own privacy policies).
- donated to another organisation and have consented to receiving information from like-minded organisations such as Beyond Blue.
- apply for a position with us (either as an employee, or as a volunteer or as a contractor).
This collection may be required to allow you to:
- join our websites as a registered user
- make a donation
- receive information from us including alerts via email or SMS communications
- apply to hold a fundraising event
- register to use forums
- register as a blueVoices member
- register as a volunteer
- register as a Beyond Blue Ambassador or Speaker
- download or order resources
- access services for your educational institution or organisation
- participate in professional learning modules
- receive information about or become involved in our programs, campaigns or other initiatives
- use our mobile applications
- work with us.
Collecting personal information through our websites
Our websites use Google Analytics, a service which transmits website traffic data to Google servers in the United States. Our websites and mobile applications also use the following Google Analytics Advertising Features:
- Remarketing and Impression Reporting
- Demographics and Interest Reporting
- Government (Commonwealth, State, Territory and Department) reporting.
Google Analytics does not identify individual users or associate your device’s IP address with any other data held by Google. We use reports provided by Google Analytics to help us understand website traffic and webpage usage in order to improve our services, programs, content and resources.
We also use Site Improve to identify audience habits and behaviours so that content and User Experience-related issues can be resolved, enhancing the overall website experience for users.
Our website uses marketing automation tools that send communications (such as email or SMS) using several different services. Each service uses tracking technologies primarily to understand what subjects are interesting to you by monitoring whether your emails are opened, and links are followed. This information is then used to improve the messages that are sent to you and to improve the services, programs, content and resources that are offered to you.
We also collect your device’s last known IP address and, if you are a registered user, store it against your website profile.
What personal information do we collect?
We collect the personal information which you provide to us. This may include your name, address, age or date of birth, telephone number, organisation, service or educational institution details, email address, communication preferences, professional learning, or the amount you have donated. In some cases, with your consent (for example, if you apply to register as a Blue Voices member or volunteer), we may also collect health information about you, such as your medical history.
If you order certain resources, or make a donation to us, you may also provide credit card details and other information which will allow us to process your request and make the transaction.
We may also request:
- your preferences for receiving further information about our programs, events, campaigns or activities;
- additional types of personal information such as job title or role, department name, educational institution information; and
- demographic information and unique identifiers in order to provide you with a more personalised experience or to verify your password.
The choice of how much information you provide to us is yours, but if you want to register as a member of, or have a user account on our websites, order printed or download digital resources, make a donation, or otherwise participate in our professional learning modules, programs and events, we require certain information from you in order to provide those services.
Where possible, you have the option of interacting with us anonymously (for example, as a visitor of the website) or using a pseudonym if you feel more comfortable dealing with us that way. For example, if you contact us by telephone with a general question, we will not ask for your full name unless we need it to answer your question.
Wherever possible, we will try to collect personal information from you directly, rather than from another person or source, unless it is unreasonable or impractical to do so.
How does Beyond Blue use your personal information?
The personal information you provide to us may be used by us for the following purposes:
- to allow you to obtain access to the interactive elements of our mobile applications and websites (including the online forums, our campaign websites and all professional learning)
- to provide you with the information, resources or merchandise you have requested
- to involve you in programs, campaigns, research, activities or other initiatives undertaken by Beyond Blue
- to show your name and the amount of any donation or sponsorship you may make on our website (unless you choose a private or anonymous donation)
- for the marketing and research purposes of Beyond Blue, its contractors or service providers
- for internal administrative purposes
- to respond to ‘Contact Us’ form enquiries such as the Beyond Blue Support Services or educational programs, general website feedback or assistance, or media enquiries
- to update our records and keep your contact details up to date
- for research, advice and information, including for benchmarking purposes
- to send you emails about our programs, campaigns or activities if you have agreed to receive our emails (you will be provided with an opportunity in each email to decline to receive any further emails from us by unsubscribing – if you are a registered member of our websites, you can also edit your communication preferences via your member account)
- in the case of marketing automation, to improve the emails that are sent to you and to improve the personalisation, services, programs, content and resources that are offered to you
- to understand how you interact with us by recording information about you in a Customer Relationship Management system (for example, that you are a volunteer and a donor if that is the case);
- to enable like-minded organisations to contact you with information that may be of interest to you (if you have consented to this)
- to assess any application from you to work with us
- if you lodge a complaint or query with us, to process and respond to your complaint or query.
If you access the interactive elements of our mobile applications and websites (including online forums and Be You professional learning), only your display name will be shown online. We recommend that you do not post information online that may identify you or anyone else such as your address, email address or phone number. If you do post personal information online, your personal information may be identified, recovered and displayed by internet search engines.
Regardless of where in the world you reside, Beyond Blue may transfer your data to Australia and process and store it there.
Other than for the purposes described above, we will not use your personal information without your prior consent.
Security of your personal information
We take reasonable steps to ensure the security of all information we collect, including that the information is protected from misuse and loss and from unauthorised access, modification or disclosure. For example, your personal information is maintained in a secure environment, which can be accessed only by authorised personnel. However, no data transmission over the internet or information stored on servers accessible through the internet can be guaranteed to be fully secure.
In addition, we take reasonable steps to destroy or de-identify your personal information once we no longer need it or have been directly instructed by you to permanently remove or supress your personal information.
Disclosure of personal information
Personal information will only be disclosed to third parties in accordance with this Policy. Information may be provided to third parties where services relating to the purpose for which the personal information is collected are outsourced or you would reasonably expect us to disclose it to a third party for a particular purpose. For example, we may disclose your personal information to:
- our service providers that host our website servers
- our delivery partners
- marketing service providers
- professional advisors (such as accountants, auditors and lawyers)
- in the case of Be You professional learning, the funder of Be You, the Australian Government Department of Health.
We may also disclose your personal information if:
- you have consented to the disclosure
- where disclosure is necessary to prevent injury to life or health
- it is required or authorised by or under an Australian law or a court/tribunal order.
We only disclose your health information for the purposes for which you gave it to us or for a directly related purpose you would reasonably expect or if you agree.
We do not directly disclose personal information to recipients located overseas.
Accessing and correcting personal information
You may request access to your personal information collected by us and ask we correct that personal information. You can ask for access or correction by contacting us and we will usually respond within 30 days. If we refuse to give you access to, or correct, your personal information, we will notify you in writing setting out the reasons.
Notifiable Data Breaches Scheme
In the event of any unauthorised access or unauthorised disclosure or loss of your personal information that is likely to result in serious harm to you, we will investigate and notify you and the Office of the Australian Information Commissioner in accordance with the Privacy Act.
Complaints about your privacy
If you believe your privacy has been breached or you have a complaint about how we have handled your personal information, please contact us in writing. We will respond within a reasonable period (usually within 30 days from lodgement).
If you are not satisfied with our response, then you may lodge a formal complaint with the Office of the Australian Information Commissioner (for more information, please see www.oaic.gov.au).
Changes to this Policy
This Policy may change from time to time. Any updated versions of this Policy will be posted on our websites and will be effective from the date of posting.
This Policy was last reviewed and updated in December 2020.
References to “Beyond Blue”, "we", "us" and "our" are references to Beyond Blue Limited ACN 093 865 840.
How to contact us
Attention: The Privacy Officer, Beyond Blue
Suite 501, 278 Flinders Lane Melbourne, Victoria 3000