Menu Menu Open

Privacy Policy

Last updated: 23 August 2021

WAAC (“us”, “we”, or “our”) operates (the “Site”). This page informs you of our policies regarding the collection, use and disclosure of Personal Information we receive from users of the Site.

We use your Personal Information only for providing and improving the Site. By using the Site, you agree to the collection and use of information in accordance with this policy.

Information Collection

While using our Site, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. Personally identifiable information may include, but is not limited to your name (“Personal Information”).

When WAAC collects Personal Information it will, where appropriate and where possible, explain why it is collecting the information and how it plans to use it.

WAAC will collect Personal Information for the primary purpose of providing services, providing information to clients and marketing.

WAAC may also use Personal Information for secondary purposes closely related to the primary purpose, in circumstances where there is a reasonable expectation for such use or disclosure.

Use of Information

WAAC collects Personal Information for a variety of purposes and on different legal grounds. Most of the time, the organisation will collect Personal Information in order to provide the services and any products sought and to enter into contract and perform its obligations.

WAAC processes Personal Information on the basis that it is:

  • necessary for the performance of a contract;
  • where WAAC has a contract with an individual, it will process the Personal Information to fulfil that contract (i.e. to provide the person with services) and to verify identity in WAAC’s legitimate interests;
  • for example, responding to any feedback, queries, and complaints in order to continuously improve its services and products in a third parties’ legitimate interest;
  • for example, provision of services that the organisation is contractually obliged by a third party, such as an organisation which provides access or referral to the WA AIDS Council’s services where consent is given;

WAAC only asks for consent in relation to specific uses of Personal Information where there is a need to and, if so, the organisation will collect it separately and make it clear that it is asking for consent for compliance with a legal, audit, reporting, record-keeping, and investigation requirements and for operational and regulatory compliance purposes, for example, to respond to a court order or a regulator.

Information Disclosure

WAAC may disclose Personal Information:

in the event of an emergency or other serious incident, to government departments/officials and agencies, support organisations and persons involved in the incident response and to the person’s family member(s) who may contact the organisation seeking information;

to the account holder or card holder of the credit card used to pay for products and services; and

to third parties providing digital or other technology services, where the person have authorised the third party to receive information about them.

Should WAAC need to handle Personal Information for any other purpose, it will only do so with the affected person’s consent or where there is a reasonable expectation to do so.

Sensitive information

Sensitive information is personal information that includes information or an opinion about a person’s racial or ethnic origin, political opinions, membership of a political, trade or professional association or a trade union, religious or philosophical beliefs or affiliations, sexual preferences or practices, criminal record or health information (including biometric and genetic information).

WAAC may collect Sensitive Information about a person. Sensitive Information will be used by WAAC only:

  • for the primary purpose for which it was obtained;
  • for a secondary purpose that is directly related to the primary purpose;
  • with the person’s consent; or
  • where required or authorised by law.

WAAC will not use a person’s health or other Sensitive Information for marketing purposes.

Where possible, WAAC will allow anonymous interaction or the use of a pseudonym. For example, to use the NSEP service, the service user is not required to provide their name. However, for most of the functions and activities at WAAC, it will usually need a name and contact information.

Third parties
WAAC may also collect Personal Information about a person from other people and third parties. This may include, but is not limited to:

  • the person(s) arranging to access WAAC ’s services;
  • an organisation which provides access or referral to WAAC ’s services;
  • partners, contractors and service providers who work with WAAC;
  • related entities, such as M Clinic and Freedom Centre; and
  • recruitment agencies and previous employers, if a person have applied for a position at the organisation and with their consent.

In these circumstances, WAAC will take reasonable steps to ensure that the person to whom the Personal Information relates to is made aware of the information provided to WAAC by the third party.

Log Data

Like many site operators, we collect information that your browser sends whenever you visit our Site (“Log Data”).

This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our Site that you visit, the time and date of your visit, the time spent on those pages and other statistics.

In addition, we may use third party services such as Google Analytics that collect, monitor and analyse this. This information is used for our own purposes and will not be shared.


We may use your Personal Information to contact you with newsletters, marketing or promotional materials and other information.

WAAC deliver marketing and event communications to people across various platforms such as email, telephone, text messaging, direct mail and online. Where required by law, WAAC will ask the person to explicitly opt in to receive marketing materials.

When the organisation sends out marketing communications it will include instructions on how to opt out of receiving these communications in the future. All persons have a right to opt out of receiving direct marketing and targeted online advertising.


Cookies are files with small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a web site and stored on your computer’s hard drive.

Like many sites, we use “cookies” to collect information. The cookies and web-tracking tools allow WAAC website to interact more efficiently with the device the user is using and to improve the content and functioning of the website.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Site.

Data Security and Quality

WAAC will take reasonable steps to protect the information it collects from misuse, interference, and loss, and from unauthorised access, modification or disclosure, and that any personal information collected, used or disclosed about you is as appropriate, accurate and as current as possible.

The security of your Personal Information is important to us, but remember that no method of transmission over the Internet, or method of electronic storage, is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security.

Rights and Access to Information

All persons have a right to request access to or correction of Personal Information held by WAAC. A request for information is usually free. However, repeated requests or request for information that has already been provided will incur a cost.

If a person wishes to access or correct any Personal Information that WAAC holds about them, they must fill out the Release of Information Request Form and send it to WAAC.

Management will review the request and will need to verify the applicant and/or client’s identity before it can process their request. Management will also need to review the Personal Information being sought to assess if there are any reasons to deny access or correction.

There may be reasons why Management cannot give a person access to information that is being requested or may refuse to correct Personal Information including, but is not limited to:

  • giving access or correction would pose a serious threat to the life, health or safety of any individual, or to public health or public safety;
  • giving access or correction would have an unreasonable impact on the privacy or confidentiality of other individuals;
  • the request for access or correction is frivolous or vexatious;
  • the information relates to existing or anticipated legal proceedings between WAAC and the requesting person, and would not be accessible by the process of discovery in those proceedings;
  • giving access or correction would be unlawful; or
  • denying access or correction is required or authorised by or under an Australian law or a court/tribunal order.

If Management grants access or accepts to correct Personal Information, the applicant and/or client should retrieve the information or make the correction in person. Otherwise, Management will deliver a copy of the information in a reasonable manner to the applicant.

If Management denies access and/or refuses to make corrections to Personal Information, they will let the person know the reasons in writing.

If WAAC refuse access or correction of Personal Information, any affected person may make a complaint about this, by following the complaint procedure outlined below.

If WAAC refuse to correct Personal Information that it holds, the person can ask the organisation to associate with that information a statement that the information is inaccurate, out-of-date, irrelevant or misleading.


If a person wishes to complain about how WAAC have handled their Personal Information, they can do so by contacting the organisation using the details below.
Once WAAC has received the complaint, it will investigate and respond to the complainant within a reasonable period of time.

WAAC  take any privacy complaint seriously and deal with your complaint fairly and promptly. However, if the complainant is not satisfied with the response or how it has handled the complaint, the complainant may direct their complaint to the Office of the Australian Information Commissioner at:

Office of the Australian Information Commissioner
GPO Box 5218
Sydney NSW 2001
Phone: 1300 363 992
TTY: 1800 620 241
Email: [email protected]

Changes To This Privacy Policy

This Privacy Policy is effective as of 4 October 2017 and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on this page.

We reserve the right to update or change our Privacy Policy at any time and you should check this Privacy Policy periodically. Your continued use of the Service after we post any modifications to the Privacy Policy on this page will constitute your acknowledgment of the modifications and your consent to abide and be bound by the modified Privacy Policy.

If we make any material changes to this Privacy Policy, we will notify you either through the email address you have provided us, or by placing a prominent notice on our website.

Contact Us

If you have any questions about this Privacy Policy, please contact us.