Hello Sunday Morning (ABN 82 145 512 125) (HSM) is a non-profit organisation which aims to assist individuals to change their relationship with alcohol. HSM owns Daybreak which is accessible via a mobile app or as an online application via the website https://www.daybreakprogram.org/ (DAYBREAK).
Important definitions which apply to this policy:
“Personal Information” is information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information is true or not and whether the information is recorded in a material form or not.
“Health information” is (a) Personal Information or an opinion about: (i) the health or a disability (at any time) of an individual; or (ii) an individual’s expressed wishes about the future provision of health services to him or her; or any other Personal Information about you when a Health Service Provider collects it.
“A Health Service Provider” is an organisation that provides a health service and holds Health Information is covered by the Privacy Act 1988 (Privacy Act), even if they’re a small business or providing a health service is not their primary activity.
“Sensitive Information” is any Health or genetic information, information or opinion about an identified Member’s racial or ethnic origin; political opinions; membership of a political association, religious beliefs or affiliations, philosophical beliefs, trade union, professional or trade association membership; sexual preferences or practices or criminal record.
HSM respects MEMBERS’ right to privacy and is committed to safeguarding MEMBERS’ privacy when engaging with DAYBREAK.
HSM’S PRIVACY OFFICER may be contacted by emailing firstname.lastname@example.org
When a MEMBER registers a profile with HSM through DAYBREAK, they will be required to provide HSM with their email address for administrative/registration purposes. However, MEMBERS are encouraged to use a nickname, not their real name (MEMBER NAME) for their profile and participation in the COMMUNITY FEED and to not disclose this name to others in order to retain anonymity. Retention of anonymity means that certain information provided by a MEMBER does not become identifiable, so it is important that MEMBERS adhere to this rule.
DAYBREAK is a web and mobile app developed by HSM to provide a platform whereby MEMBERS can anonymously engage with each other online via written posts to discuss changing their relationship with alcohol. All MEMBERS can view the posts. Posts are moderated by HSM’s MODERATORS as set out in COMMUNITY RULES.
In addition, to providing a discussion feed for MEMBERS (COMMUNITY FEED), DAYBREAK includes features whereby Members can choose to undertake behavioural experiments (EXPERIMENTS) or engage in seeking individual help from health coaches to assist in changing their relationship with alcohol (HEALTH COACHES).
In order to become a MEMBER, individuals must be at least 18 years old.
DAYBREAK is NOT a crisis service and is NOT monitored in real time, 24 hours/ 7 days per week. In a crisis situation, MEMBERS should not rely on posting their concerns in DAYBREAK or reaching out to HEALTH COACHES but should immediately contact emergency services in their country as every minute counts.
a. Anonymous Community Feed
DAYBREAK has a COMMUNITY FEED for MEMBERS to exchange information with each other anonymously. Anonymity facilitates MEMBERS to openly share their concerns and to support each other without being identified and enables HSM to minimise the amount of identifiable information collected about MEMBERS.
MEMBERS are therefore encouraged to use a nickname or pseudonym in their interactions in DAYBREAK (MEMBER NAME) in the COMMUNITY FEED and to respect other MEMBERS right to stay anonymous by not using the COMMUNITY FEED to break anonymity (see the COMMUNITY GUIDELINES for further information).
MEMBERS are not able to identify MEMBERS’ registered identity and other Personal Information from the MEMBER NAME. However, HSM does retain the link between the MEMBER NAME and MEMBERS’ registered identity in the event that the MODERATOR or HEALTH COACHES reasonably determines that they should contact the MEMBER to provide emergency assistance or apply COMMUNITY GUIDELINES. This information may also be made available to HSM’s technical and customer support and the Privacy Officer in order to respond to MEMBER enquiries.
HSM does not require MEMBERS to provide identifiable HEALTH or other SENSITIVE INFORMATION in DAYBREAK. Any such PERSONAL, HEALTH or SENSITIVE INFORMATION posted by MEMBERS in the COMMUNITY FEED or COACHING MESSAGES is done voluntarily and at MEMBERS’ own risk of exposure of their identity.
To ensure that we comply with Australian Privacy laws and Australian laws regarding the retention of HEALTH INFORMATION, we categorise MEMBERS information as follows:
b. Registration Information
Registration information collected by HSM from MEMBERS includes:
The following mandatory registration information:
The following optional registration information:
From time to time, HSM will post requests for further information from MEMBERS for research and quality assurance purposes. See RESEARCH section.
Cookies, our website and your privacy
So, we can understand your usage and browsing history of DAYBREAK, third party providers to HSM collect this information via cookies. We use this information to assess the effectiveness of DAYBREAK and to improve its quality assurance, functionality and appeal. DAYBREAK also collects technical data such as country from which contact is being made. Cookies do not reveal Personal Information, such as your name, address, phone number or address. Members can adjust their browser to disable cookies, but this may restrict the Members access to, and ability to use all aspects of DAYBREAK.
HSM only collects, holds and handles information about MEMBERS that is necessary for it to:
HSM may from time to time distribute surveys through DAYBREAK or to MEMBERS’ email addresses seeking feedback to improve MEMBERS’ experience of DAYBREAK or for marketing purposes to promote DAYBREAK. In addition, HSM may engage in health research and seek the participation of MEMBERS.
MEMBERS invited to being involved in such marketing and/or research can provide consent (opt in) or deny consent (opt out) at the time such invitations to arise. Opting out of marketing or research will not impact on MEMBERS ability to continue to participate in use of DAYBREAK.
For any enquiries about marketing, please contact email@example.com.
For any enquiries about research, please contact firstname.lastname@example.org.
We do not sell your Personal Information to third parties.
To the extent practicable HSM will only disclose de-identified information about MEMBERS outside its organisation on the following bases:
All conversations in the COMMUNITY FEED and COACHING MESSAGES are electronically stored at the time of posting.
HSM will use all reasonable endeavours and appropriate technical and organisational safeguards to maintain the security of Personal Information (including Health Information) it collects against unauthorised access, modification or disclosure and to make DAYBREAK as secure as possible against unauthorised access of MEMBERS’ personal information. Data transmissions over the Internet cannot be guaranteed to be fully and absolutely secure. DAYBREAK has security measures in place designed to protect against the loss, misuse and alteration of the information under our control.
Security measures include the encryption of COMMUNITY FEED posts, COACHING MESSAGES and other self-reported data during transmission and at rest. HSM uses standard Secure Socket Layer encryption that encodes these posts and transcripts during transmission. All posts and transcripts are maintained on secure services for a period of time, as defined by relevant laws.
Access to stored data is protected by multi-layer security controls including firewalls, role-based access controls and passwords. MEMBERS accept that all conversations in the COMMUNITY FEED or in blogs are electronically stored at the time of posting/sharing in the COMMUNITY FEED, and that these records are retained and may contain PERSONAL or, HEALTH INFORMATION which has been voluntarily provided by MEMBERS.
HSM cannot ensure or warrant that MEMBERS’ PERSONAL or HEALTH INFORMATION will always be secure during transmission or protected from unauthorised access during storage therefore MEMBERS provide such information on DAYBREAK at their own risk.
MEMBERS should contact the Privacy Officer immediately at email@example.com if they become aware or have reason to believe there has been unauthorised use of their Personal information in connection with DAYBREAK.
If HSM becomes aware of a breach of data which is likely to result in serious harm to the MEMBER whose PERSONAL INFORMATION is involved in the breach, HSM will quickly investigate it and then as soon as practicable notify the affected individual(s) and the Australian Information Commissioner of:
If a MEMBER has a reasonable belief to suspect there has been a breach of their PERSONAL INFORMATION, they should immediately contact HSM’s Privacy Officer at firstname.lastname@example.org.
HSM stores MEMBERS’ information on its servers located inside Australia. Please be aware the information HSM collects (including for example, device data) may be transferred, processed and/or stored in a country outside of a MEMBER’s country of residence. As such MEMBERS’ PERSONAL INFORMATION may be transferred, processed and stored in a country or region in which the data protection and privacy laws, including MEMBERS’ rights, may not give a MEMBER the same level of protection as they have in the country or /region where they live or are a citizen.
In order to use DAYBREAK requires MEMBERS to give express consent to the transfer, processing and storage of their data (including de-identified and identified) in Australia. If a MEMBER chooses not to consent to the transfer of data they will not be able to access the services provided in DAYBREAK and will not be able to complete registration.
MEMBERS may seek correction of their PERSONAL INFORMATION by writing to Customer Support at email@example.com. MEMBERS may obtain access to or deletion of their PERSONAL INFORMATION by writing to our Privacy Officer at firstname.lastname@example.org.
To assist HSM in the process, it would be helpful if a MEMBER seeking access provides HSM with their email address and nickname and a telephone number so they can be contacted if HSM has any queries about the request. HSM will reasonably endeavour to respond to any MEMBER’s request within SEVEN (7) Australian business days.
It is MEMBERS responsibility to ensure that their Personal Information which was required for registration is accurate and kept up to date. MEMBERS are responsible for advising HSM of any changes to such Personal Information.
When a MEMBER’S account is DELETED:
If a MEMBER is not satisfied with HSM’s response, they may lodge a complaint with the Office of the Australian Information Commissioner (‘OAIC’) by writing to OAIC at GPO Box 5218, Sydney NSW 2001. For further information about the OAIC, please visit www.oaic.gov.au