1 April 2016

About this policy

This privacy policy (Policy) sets out the information handling practices of the Australian Institute of Company Directors (AICD). It does not cover personal information about our employees.

We strive to manage personal information in a best practice way while enabling us to better serve our membership and the community.

Personal information means information or an opinion, true or false and whether recorded in a material form or not, about an identified or reasonably identifiable individual. Sensitive information is a sub-category of personal information and includes details about race, ethnicity, political affiliations and membership of professional trades and associations. We handle personal and sensitive information in accordance with the Privacy Act 1988 (Cth) including the Australian Privacy Principles (Privacy Act) and this Policy.

Overview of this policy

Our primary goals are to promote world leading:

  • Governance laws and practices; and
  • Performance in director and board governance.

The functions and activities we carry out to achieve these goals, and for which we collect and hold personal information, include:

  • Managing the membership of the AICD and member participation including the Director Professional Development (DPD) program required for as part of membership renewal;
  • Conducting educational and training courses;
  • Holding events such as conferences and briefings on current issues;
  • Providing products and services including:
    • Helping individuals to find directorship positions (Director Opportunities);
    • Providing mentoring and scholarship schemes;
    • Providing confidential peer-to-peer forums (Director Nexus);
    • Providing business centres and member lounges;
    • Enabling members to assess their current director capability (Director Self-Assessment Tool);
    • Providing tools for boards to evaluate their governance (Governance Analysis Tool); and
    • Conducting, and making available the results of, benchmarking research;
  • Providing and exchanging information through various channels such as newsletters, other publications such as Company Director Magazine, social media sites, our websites and mobile applications (apps);
  • Lobbying and making submissions to government and others about improving governance laws and practices;
  • Promotion of ethical directorship and sound corporate governance;
  • Carrying out a range of research, data collection and analytical activities to:
    • Identify member and prospective members’ needs and ensure our products and services meet those needs;
    • Identify prospective members and provide marketing approaches designed to recruit new members; and
    • Provide up-to-date information to support lobbying activity and make submissions on issues and proposed laws;
  • Entering into relationships with sponsors and other partners to financially support the AICD’s activities;
  • Providing information and services digitally and online through our websites and apps as well as via email, online advertisements and social media. In some cases we rely on third party service providers (service providers) to supply these kinds of services. Service providers may use cookies (see Cookie Policy about our handling of cookie data) and other technologies to conduct activities which allow us to supply the information and online services to you; and
  • Undertaking activities, either directly or through our service providers, such as surveys, online behavioural advertising, website analytics and email campaign management.

If you do not provide your personal information we may be unable to provide particular information, services or products, make offers to you or tailor the content of our websites or apps for your benefit. You may also find that you do not experience the full extent of our information, products and services, including our websites and apps.

Collection of personal information

We collect personal information for the purposes stated in this Policy from our members, non-members, participants in our courses, third parties, service providers, suppliers, contractors, consultants, sponsors and individuals who interact with the AICD.

Direct collection

Membership

We collect and hold information from members or prospective members through membership related applications. This information includes name and contact details, gender and career history. We also collect date of birth to enable us to uniquely identify members and to assess what products and services may be most suitable and of interest for members. We protect date of birth information by strictly limiting the AICD’s staff access to this information.

We keep information that prospective members have entered when they start, but do not complete, an online membership application form to enable us to contact them about becoming a member.

For ongoing membership management, we collect personal information from members about the reasons for reducing the level of membership such as proof of ill health, parenthood, study or travel. For upgrading and renewal of membership we collect (with consent), criminal history, director status, evidence of bankruptcy and referee comments.

Education and training

We collect and hold enrolment information from members and non-members and keep a record of the courses completed. We also collect assessment answers, course results and feedback sheets but we have special protections around this information including separate storage, and technical and policy restrictions on who can access the information.

Events

We collect and hold information which members and non-members provide through applications to attend events such as conferences and briefings. This includes, if applicable:

  • Sensitive information such as dietary or mobility requirements;
  • Travel bookings; and
  • Image (video or photographs) or sound recordings (but only if you have not opted-out from this). We keep a record of the events and workshops a member or non-member has attended.

Surveys

From time to time, we or our service providers may collect your personal information via surveys. We will only use the personal information collected for analytical purposes, updating our records or to assist with improvement or development of our products and services. By completing these surveys, you accept that your personal information may be transferred outside Australia.

Indirect collection

Membership

We collect information indirectly about members, but only in circumstances where a member would reasonably expect it, or where the member has consented. Examples include referee comments and criminal history checks for some membership related applications.

No-members

To expand our membership we collect information indirectly about prospective members through methods which include word of mouth referral, publicly available sources such as the Australian Stock Exchange Register, and through commercial list brokers.

Research

We commission market research about members and non-members, such as Brand Tracker, and other research for example, to compile a director sentiment index. However, we only collect and hold the information gained from the research in aggregate form and do not connect it with any records we hold about individual members or non-members.

Notice where you give us information about third parties

If you give us personal information about any other individuals (e.g. guests attending a conference or other event) we ask that you tell the individual that you have done so and make them aware of this Policy, for example, by giving them the link to it.

Use of personal information

We use personal information we collect and hold through membership, educational and training course and event applications or attendance to:

  • Administer and meet member requirements for the particular service, course event or program;
  • Help us improve the particular service, event or program;
  • Record Director Professional Development units for as part of the member's director professional development program;
  • Identify and analyse member and non-member activities and interests in order to better meet member needs and attract new members;
  • Enable us to target marketing communications to members and non-members; and
  • Enable the AICD to further its mission of influencing world leading organisation governance and practice.

We will not use your personal information for any purpose which you would not reasonably expect unless it is consistent with the Privacy Act. If we think a member may not expect a particular use of information we hold about them, we ask for consent before we use it for that purpose. For example, we ask for your specific consent to allow us to use aggregated data from a self-assessment tool you complete to enable us to assess the overall level of directorship skills among our membership.

Sound and image recordings of events

We use sound and image recordings of our events to enable us to improve our events, and for promotional purposes. We will give you a chance at the time you apply to participate in an event to indicate if you do not want us to use your voice or image. You can also contact the AICD if you want to express your preference.

Marketing communications

Our advertising and marketing material, content, information and communications (marketing material) is sent to members and non-members about whom we hold records to provide information about the AICD’s products and services which may be of personal and/or professional benefit. These products or services may extend beyond those provided by the AICD and include offers from third parties.

We may send any of these marketing materials by mail, telephone, email, SMS or other electronic methods, such as through social media or targeted advertising. If you indicate a preference for a method of communication, we will try to use that method where it is practical for us to do so.

When you access our websites, we may display customised marketing material to you based on data stored in your cookies – you accept that your opt-out options may be different for this kind of marketing material (see Cookie Policy about our handling of cookie data). Service providers we use, including remarketers, may also display our marketing material on other parties’ websites that you visit. The display of that marketing material may be based on your prior visits to our websites and other internet activity. We may also use data supplied by service providers to improve our marketing material and advertising campaigns.

We give you the chance to opt-out of receiving marketing material in our communications with you, such as forms, letters or emails, or you can opt out by contacting us using the details below or log-in to our websites.

Unless you have opted out, we will provide marketing material to members and non-members until 12 months after cessation of membership, or, in the case of non-members, 12 months after your last interaction with us.

Disclosure (sharing) of personal information

Sensitive information

We only disclose sensitive information such as health information or criminal history for the purposes for which you gave it to us or for directly related purposes you would reasonably expect.

Events

We disclose the name, title and post nominal of event participants to speakers, organisers, hosts or facilitators under strict conditions to enable them to carry out their role in relation to an event, for example, to organise table lists, or facilitate introductions. We also disclose this information to sponsors and potential sponsors to enable them to assess whether or not to sponsor an event and disclose this to providers of special member offers from time to time under strict conditions.

Publications

We disclose information about members to other members via the AICD publications – for example, about new members or the completion of a course in Company Director Magazine.

Contractors and partners

We disclose personal information to contracted service providers who assist us with a number of our functions and services including service providers of technology, data processing, contact centre, legal, accounting, business consulting, auditing, archival, delivery, banking, payments, market research, content production and mailing but only for the purpose of fulfilling those services.

We disclose information to partners in some of our programs, for example, about applicants for scholarships to assist us with scholarship candidate assessment.

Disclosure with consent

With your consent we disclose personal information in a number of circumstances including:

  • To employers of those who have completed an educational course and recruitment companies; and
  • To Australian and overseas regulatory authorities or other organisations to assist them with business licensing or due diligence purposes. This could include the fact that you are a member of the AICD, the nature of your membership, the AICD courses you have completed and your grades.

Where authorised or required by law

As authorised by the Privacy Act we disclose personal information in connection with law enforcement activities by enforcement bodies, for example, Australian Securities and Investments Commission investigations or other investigations into suspected fraud or unlawful activity.

We are required by the Corporations Act 2001 (Cth) to allow an individual to inspect the AICD’s member register and view current and past members’ names and addresses. However, the Corporations Act prohibits the individual from using the information gained to contact or send material to members, and from using it for other prescribed purposes.

Overseas disclosure

From time to time, we may send your personal information overseas. Some of our service providers are located in other countries including the US, UK and Singapore. Where we use a service provider that hosts personal information in other countries, we take steps that are reasonable in the circumstances to ensure that the host does not breach the Australian Privacy Principles. The steps we take include:

  • Adding provisions in our contract with the service provider that require them to protect the personal information they hold; and
  • When choosing a service provider, including in our considerations the privacy law or scheme (if any) that applies in the country in which the service provider operates.

If we have your consent, or the overseas recipient is located in a country whose privacy laws are the same or substantially similar to those of Australia, we comply with the Australian Privacy Principles when disclosing your personal information to that overseas recipient.

If a privacy breach occurs that involves a service provider located outside Australia, we support and work with members or non-members in handling the breach.

Our websites, emails, apps and social media

Our websites

When you visit our websites or download, access or register to use our websites, (which may also include the use of any of our products, services or apps) we may collect your personal information such as your name, address, email address, phone number, date of birth, username, password and other information. We may also collect information automatically, including technical information related to your mobile device, your device’s unique identifier, your mobile network information, the type of mobile browser you use and information about the way you use our products, services or apps.

Depending on the particular product, service or app you use, and only after you have agreed to such collection, we may also collect information stored on your device, including contact information, location information or other digital content.

We or our service providers use web analytics to collect a range of information about your interactions with our websites. Web analytic software collects the information using a number of techniques including cookies (both first and third party) and Java Script. We also use web analytics to collect information from the browsers of those who use our websites or participate in the AICD LinkedIn group.

The information we collect includes IP address, domain name, date and time of visit, the pages visited and time spent on each page, whether you have visited the site before and what site referred the visitor to the web page. We use this information to evaluate the effectiveness of our websites and the level of interest in particular pages or the AICD’s campaigns.

Our websites may contain links to other sites. We are not responsible for the privacy practices or policies of those sites and we suggest that you review the privacy policies of those other sites.

Emails

If you send us an email, that address will be recorded automatically by our e-mail messaging system for the purpose of replying to your e-mail. However for normal communication with you we will use the e-mail address you provide in your membership application/renewal, unless you ask us to use a different e-mail address.

When we send you emails or other electronic messages, we record information about your interactions with the email including when and where you open the message and click on particular links.

This helps us to better understand what information is of interest to you and to improve the content.

Apps

When you access our apps including ‘Company Director’ via your mobile device, a service provider collects username details in order to authenticate access to member-only content. We do not review or use this information for any purpose beyond authentication with our membership database.

Social media

We participate in social media such as our LinkedIn group, or Twitter. If we think it is relevant to the quality of service that the AICD provides or its objectives, we sometimes record the nature of the topic discussed by a particular individual and their name and follow up with further conversation offline about which we take notes.

Social media services also handle your personal information for their own purposes. These sites have their own privacy policies. We are not responsible for the privacy practices or policies of those sites and we suggest that you review their privacy policies.

Cookies

Our server automatically recognises and stores the domain name of visitors to our websites. In addition, our websites use cookies (both first and third party) which may automatically collect information from you such as pages viewed.

A cookie is a packet of information stored on your computer that allows our server to identify and interact more effectively with your computer. We also use cookies for tracking the statistics of our websites which means that we can better understand your needs and interests as well as improve the layout and functionality of our websites.

You can access our policy regarding the use of cookies by the AICD here Cookie Policy

Security of personal information

We regularly assess the risks of misuse, interference, loss, unauthorised access, modification or disclosure of personal information and ensure that we have adequate measures, including policies, procedures and technology, to address those risks. For example, we limit staff access to personal information to that which they need to carry out their role. We conduct regular internal and external audits to assess whether we have adequately complied with or implemented these measures.

Retention of personal information

We hold most information about members and non-members for 7 years. We destroy applications for the mentoring program after 2 years.

Access to and the accuracy of personal information

You have a right to ask for access to the personal information we hold about you. Unless there is a lawful reason not to, we will give you access to it and allow you to correct any incorrect information.

We will ask you to verify your identity to ensure we don’t give information to the wrong person. If we don’t give you access to your personal information or refuse to correct it we will tell why. You may ask us to make a note of your requested correction to be located alongside information we have not agreed to correct.

Our contact details are at the end of this Policy.

Requests for access and complaint resolution mechanism

In the event that you have a question, concern or complaint regarding the way in which we handle your personal information, you should contact our Privacy Officer direct at:

Australian Institute of Company Directors
Level 30
20 Bond Street
Sydney NSW 2000
Tel: 02 8248 6600
Email: privacy@aicd.com.au

We take your privacy concerns seriously. Where you express any concerns that we have interfered with your privacy, or seek access to information about you that we hold, we will respond within 48 hours to let you know who will be handling your matter and when you can expect a further response.

If you are unsatisfied with our response you can complain to the Office of the Information Commissioner Telephone: 1300 363 992. Email: enquiries@oaic.gov.au

Changing this policy

We will amend this Policy from time to time and notify you of any amendments through our publications and by posting an updated version on our website at http://www.companydirectors.com.au.

Any amendments to this Policy will be effective immediately upon being posted to our websites. Your use of our websites, products or services following such amendments represents your acceptance to be bound by the Policy, as amended.

Suggestions about improving this Policy are welcomed. Please contact us at privacy@aicd.com.au should you wish to provide feedback.