Privacy policy

This Privacy Policy explains how Wellways collects, uses, stores, and discloses personal information in accordance with the Privacy Act 1988 (Cth), the Australian Privacy Principles, and the state-based health records Acts that operate where we provide our services.

Wellways Privacy Policy

Overview

Wellways look to our values of honesty, acceptance, fairness, commitment and participation in the application of our privacy and information management processes.

The Wellways Privacy Policy is made publicly available on the Wellways website and is available at all Wellways sites. Information about privacy is also available in Wellways’ Participant Handbook.

A copy of the Wellways Privacy Policy can be requested by participants or members of the public at any time and ask that it be adapted to another format for accessibility. A participant may also request assistance from a Wellways employee or an independent advocate to better understand this policy.

What information we collect and why

We may need your basic contact details so we can respond appropriately to your enquiry (for example, to provide you with information or refer you to another service).

When you register with us to attend an event, the details you provide allow us to manage RSVPs, to facilitate coordination of the event and to communicate with you about the event.

We collect your email address (and other contact details if you provide them) when you subscribe to an email list, such as our e-newsletter. We only use this information for the purpose of sending you publications or information to which you have subscribed, and to administer the lists.

Personal information in our donor files is required to communicate with donors for the purposes of fundraising, and to process and receipt donations. Sometimes we may publish the names of donors (for example, in our Annual Report), but not without seeking and obtaining your consent.

Your information may be shared with third party suppliers with whom we have confidentiality agreements for the purposes of fundraising activity and communications.

Credit card and bank account details are used to process donations and membership payments. Credit card account details are then encrypted or destroyed and are not stored by Wellways.

Details that you provide when you register for a course delivered by Wellways’ Registered Training Organisation (RTO) allow us to be able to deliver the training and communicate with you.

Wellways seeks feedback to help us develop and deliver better services. For complaints, we would usually require personal information from you (including details of your complaint) in order to respond effectively and to communicate with you as part of our complaints process.

The nature and extent of information we collect will vary depending on our professional relationship with you. Please refer to the policy under ‘Type of information we collect, use and hold’ for further information.

Storage and security of your personal information

We take steps to protect the personal information we hold against loss, unauthorised access, use, modification or disclosure and against other misuse. These steps include:

  • information technology (IT) security measures;
  • password protection for accessing our electronic IT systems;
  • password access for electronic files is limited to authorised personnel in relevant roles for undertaking the Wellways function or activity;
  • securing paper files in locked cabinets;
  • physical access restrictions;
  • staff training in file-handling procedures.

When no longer required, Wellways destroys paper records that contain personal information and deletes or digitally archives personal information in electronic files, in a secure manner and in accordance with relevant legislative requirements.

There are inherent risks in transmitting information across the internet and we do not have the ability to control the security of information collected and stored on third party platforms. In relation to our own servers, we take all reasonable steps to manage data stored on our servers to ensure data security.

How to make a complaint

If you wish to complain to us about how we have handled your personal information you should complain in writing. If you need help lodging a complaint, you can contact us.

If we receive a complaint from you about how we have handled your personal information we will determine what (if any) action we should take to resolve the complaint.

If we decide that a complaint should be investigated further, the complaint will usually be handled by a more senior officer than the officer whose actions you are complaining about.

We will contact you to acknowledge that we have received your complaint within three business days. We will then contact you with a response, or a progress report on the actions being undertaken, within 30 days. This may not be possible with anonymous complaints.

If you are not satisfied with the outcome of your complaint, you can take your complaint to the Australian Information Commissioner (OAIC). The OAIC has the power to investigate Australian organisations and agencies that are bound by the Privacy Act, with respect to possible breaches of the Australian Privacy Principles.

How to contact us

Email:

Phone: 1300 111 400

Post: PO Box 359 Clifton Hill, Victoria 3068

Facsimile: 61 03 84 864265

Last updated 11 September 2025