CatholicCare Canberra & Goulburn is committed to protecting your privacy and confidentiality in the way information is collected, stored and used. 

CatholicCare holds two types of information, personal and organisational information and the following information details our legal obligations and ethical expectations in relation to privacy and confidentiality.

The privacy of personal information is defined by legislation (Privacy Act 1988).  At all times, CatholicCare acts in accordance with these legal requirements

CatholicCare provides a range of services directly under contract with Australian or State/Territory Government Agencies or medical bodies. In some circumstances we collect your personal information from these government agencies or medical bodies, who also comply with the Privacy Act.

CatholicCare staff are legally and ethically bound to maintain client confidentiality. Staff affiliated with professional bodies are also required to comply with particular codes of conduct and conditions in relation to client confidentiality. In additional, CatholicCare is also required to comply with other Australian and State/Territory Government Legislation relevant in providing services to you and how your personal information is used.

Collection of Information

Personal information collected by CatholicCare is only for purposes which are directly related to the functions or activities of the organisation. These purposes include:

  • Enquiry about programs
  • Referral to programs
  • Providing treatment and support to clients
  • Administrative activities, including human resources management
  • Sector development activities
  • Community development activities
  • Fundraising
  • Complaint handling
  • Fees and Payments

Credit Card InformationCatholicCare’s card transactions are fulfilled by an authorised banking institution. When collecting credit card information for online transactions, CatholicCare offers secured server transactions that encrypt your information in transit to help prevent others from accessing it. Your credit card details are encrypted and then removed from our system once your payment has been processed.

Our staff will provide the following information to you about collecting your health and personal information including:

  • Purpose of collecting information
  • How information will be used
  • Who (if anyone) the information may be transferred to and under what circumstances information will be transferred
  • Limits to privacy of personal information
  • How you can access or amend your information
  • How you can make a complaint about the use of your personal information.


Use and Disclosure – CatholicCare only uses personal information for the purposes for which it was given, or for purposes which are directly related to one of the functions or activities of the organisation. It may be provided to government agencies, other organisations or individuals if:

  • You have consented
  • It is required or authorised by law
  • It will prevent or lessen a serious and imminent threat to somebody’s life or health.

Data Quality – CatholicCare takes steps to ensure that the personal information collected is accurate, up-to-date and complete. These steps include maintaining and updating personal information when we are advised by you that your information has changed (and at other times as necessary), and checking that information provided about an you by another person is correct.

Date Security – CatholicCare takes steps to protect the personal information held against loss, unauthorised access, use, modification or disclosure and against other misuse. These steps include reasonable physical, technical and administrative security safeguards for electronic and hard copy of paper records as identified below.

Reasonable physical safeguards include:

  • Locking filing cabinets and unattended storage areas
  • Physically securing the areas in which the personal information is stored
  • Not storing personal information in public areas
  • Positioning computer terminals so that they cannot be seen or accessed by unauthorised people or members of the public.

Reasonable technical safeguards include:

  • Using passwords to restrict computer access, and requiring regular changes to passwords
  • Establishing different access levels so that not all staff can view all information
  • Ensuring information is transferred securely (for example, not transmitting health information via non-secure email)
  • Using electronic audit trails
  • Installing virus protections and firewalls.

Access and Correction – You may request access to personal information held about you. Access will be provided unless there is a sound reason under the Privacy Act or other relevant law. Other situations in which access to information may be withheld include:

  • There is a threat to the life or health of an individual
  • Access to information creates and unreasonable impact on the privacy of others
  • The request is clearly frivolous or vexatious or access to the information has been granted previously
  • There are existing or anticipated legal dispute resolution proceedings
  • Denial of access is required by legislation or law enforcement agencies.

Amendments may be made to personal information to ensure it is accurate, relevant, up-to-date, complete and not misleading, taking into account the purpose for which the information is collected and used. If the request to amend information does not meet these criteria, CatholicCare may refuse the request.

CatholicCare is required to respond to a request to access or amend information within 30 days of receiving the request.  However, some requests may take longer to process because of the substantial amount of documents held in respect of some matters.

Collection Use and Disclosure of Confidential Information – Other information held by CatholicCare may be regarded as confidential, pertaining either to an individual or an organisation. The most important factor to consider when determining whether information is confidential is whether the information can be accessed by the general public.

Breach of Privacy or Confidentiality – CatholicCare follows the Office of the Australian Information Commissioner’s ‘Data Breach Notification – A guide to handling personal information security breaches’ when handling accidental and unauthorised disclosures of personal information.

If you have concerns that your personal information has been mishandled under the Australian Privacy Principles, CatholicCare asks that you raise your concerns with our privacy contact officer, the Deputy CEO by:

  • Telephone on 62954300
  • In writing to: Deputy CEO (Privacy Officer) PO Box 3167 Manuka ACT 2603

Direct Marketing – CatholicCare may from time to time use your personal information such as your address or contact details to provide you with information about other services we offer.  If at any time you do not wish to receive any information about these services, please feel free to contact us on 02 62954300 and we will not send you any further material.


Complaints – If you are dissatisfied with the conduct of a CatholicCare staff member, unhappy with a service received, or any matter in relation to a payment for service, a complaint should be raised.  Information on making a complaint can be found on our website.

Who we are

Our website address is:

What personal data we collect and why we collect it


When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: After approval of your comment, your profile picture is visible to the public in the context of your comment.


If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact forms


If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.


Who we share your data with

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service.

Your contact information

Additional information

How we protect your data

What data breach procedures we have in place

What third parties we receive data from

What automated decision making and/or profiling we do with user data

Industry regulatory disclosure requirements