ACCSR Privacy Policy Statement

Updated:  February 2017

This statement is our privacy policy which sets out how we manage personal information and other information. This privacy policy covers ACCSR Consulting Pty Ltd, Synergy Communications Pty Ltd and CSRConnected Ltd.

Conducting research that involves personal information is part of our business, and ACCSR does conduct independent research on behalf of our clients. ACCSR collects personal or sensitive information in order to deliver client services. These include stakeholder engagement and mapping research, our annual survey of businesses and individuals working in CSR known as the Annual Review of the State of CSR, and in the course of collecting information for sustainability reports.

Though ACCSR is not required to comply with the Privacy Act 1988 due to its small business status, this information is collected in keeping with the Australian Privacy Principles in the Privacy Act 1988 (Cth). The Principles sets out rules about the way in which personally identified information on individuals is to be collected, stored, transferred, and used.

Regardless of whether the data we collect is covered by the Privacy Act, we treat all information on respondents as though it is anonymous, and unlike the Privacy Act, we guarantee that respondents will not be identified or contacted for any non-research purpose after they have taken part in one of our projects. Participation in stakeholder research is always voluntary.

ACCSR also holds limited personal information about people it employs including information necessary to pay them and conduct ongoing or annual performance reviews.

The kinds of information we collect and hold

ACCSR collects personally identified information on individuals participating in research studies in a number of ways:

During face to face or telephone interviews;

  • By asking questions following a question list (questionnaire) which might be answered in person, over the telephone or we may ask you to complete it online or in hard copy.

This information falls into three categories:

  • Details on how to contact people (for example name, address or phone number);
  • Answers to research questions;
  • Information on whether or not people have participated in a research study.

It is very rare that these three pieces of information are kept together and when they are together it is for very short periods of time.

We generally remove contact information as soon as possible from the answers to research questions and give the answers to other organisations (our clients) in a form that does not allow each individual to be identified. There are rare occasions where we do transfer personally identified research answers to our clients, for example where our clients are acting as researchers themselves, however respondents are always told that this will happen and asked for their permission first.

In the majority of cases, ACCSR adds all the information together to make an overall report on the information we have gathered. While we might support the data with quotes from individuals, those individuals are never identified, nor do we use quotations that would enable to reader to identify the respondent by something they have said. In the case of stakeholder mapping research where the purpose of the study is to assess connections between specific organisations, we will ask your permission before commencing the survey.

Most of our work requires us to contact people from list of stakeholders given to us by our clients for this purpose. At the end of a research project, if requested by the client, we will return these lists showing only whether someone took part or not so that our clients can make sure that they do not contact people too often. These files never have research answers attached to them.

Finally, for the purposes of running the business, we also collect information about our clients and potential clients, their business and their preferences, in the interests of client management. Like all businesses with employees, we keep employee records – all of which are available only to selected personnel on a confidential basis.

The Annual Review of the State of CSR survey

Participants in our Annual Review of the State of CSR survey are not individually identified in our report nor are the organisational names, unless they are listed in the CSR Top 10 List. You will have received the survey if your details were provided by your organisation or you have signed up to our mailing list via our website.

Participating in this research will not automatically add you to our mailing list. The invitation email you received advises how to unsubscribe from this research in future.

Commonly asked questions from people invited to take part in research surveys

The answers commonly asked questions are below:

How did you choose me to take part?

In order to contact you at home or at a place of work we need a telephone number or e-mail address.

  • Telephone number (fixed line and mobile) – If we ask for you by name, we usually have a listing provided by our client that contains just the details we need to invite you to take part in research. It is common practice for you to be approached first by our client before we speak to you.
  • Email – ACCSR will never send an unsolicited e-mail to an unknown address.

Stakeholder research is always voluntary and an invitation to participate can always be declined. You can decline to take part at the time we contact you. If you agree to participate, you can also request an appointment for a more convenient time during our survey period.

What do you want the information for?

If we’re contacting you to take part in a stakeholder research project ACCSR will always tell you what the study is about. In all cases of stakeholder research, you will have received an invitation email or letter from our client asking you to take part in the research.

In addition to asking you questions on the study topic, we will always make sure that you:

  • Know that it’s ACCSR that’s contacting you and give a description of who we are
  • Know who our client is
  • Know if we’re collecting sensitive information (and give you the opportunity to refuse to

answer any or all questions on those topics)

  • Are able to ask how long the data will be identifiable and what will happen to it.

People sometimes tell us things about other people or themselves that identify them and that we don’t want to know or don’t need to know. This is known as unsolicited information. We try to destroy this information, but where it’s impossible, we treat this additional data in the same way as other personally identifiable information.

How we hold information

Information collected for client projects is stored electronically on our secure server, which is password protected, located in the ACCSR head office and accessible only to the ACCSR office manager and contracted IT personnel. The server is backed up to up to three different locations daily. Any hard copies containing personal or sensitive information are stored in locked filing cabinets within the ACCSR office, and it is our practice to shred or return to the client hard copies containing personal or sensitive information when those copies are no longer needed or when the project has been completed.

In the event that we have provided research results to you via data visualisation programs, we will remove all data files at the completion of the project at your request. For online and telephone interviews with for stakeholder engagement research we currently use a web-based survey provider based in the United States – see the privacy statement here.

All of our operations are in Australia and most of them are within Melbourne. We take security very seriously and do not transfer any information that might be personally identifiable through publicly accessible channels. While the data is on our premises, we take reasonable steps to maintain the security of your information and to protect it from unauthorised access or disclosure.

Information collected for marketing/information-provision

ACCSR has a range of marketing, informational, and educational materials which may be distributed using personal information which has been provided voluntarily to ACCSR. Such information may be provided by emailing ACCSR, contacting us through our website, by phone or by post. Individuals may register online to download reports or receive information about ACCSR events. Any individual receiving marketing or informational material from ACCSR receives a link allowing them to unsubscribe from the list.

Privacy on ACCSR’s website

ACCSR’s website privacy policy appears as a link in the footer on all pages of our website:

Our internet service provider makes a record of all visits to the ACCSR website and logs the following information for statistical purposes:

  • The visitor’s server address
  • The visitor’s top-level domain name (for example .com, .gov, .au, etc)
  • The date and time of the visit to the site
  • The pages accessed and documents downloaded
  • The previous site visited prior to the ACCSR website
  • The type of internet browser used by the visitor.

This information does not identify visitors personally, so they remain anonymous. We use this information for website and system administration, including monitoring to prevent security breaches; and to improve our website and visitors’ experiences of it.

No attempt will be made to identify website visitors or their browsing activities except in the unlikely event of an investigation of abuse or a security incident. The data will not be disclosed to any external agencies unless required by law.

The ACCSR website is cookie-free, so visitors can access and browse it without disclosing any personal information. The ACCSR website does not automatically log personal data/information, nor do we link information automatically logged by other means with personal data about specific individuals.

The ACCSR website contains links to other sites. We cannot be responsible for the privacy practices of other sites. We encourage visitors to our website to be aware when they leave our site and to read the privacy statements of websites that collect personally identifiable information.

How to access or correct personal information or make a privacy complaint

If you wish to access any of your personal information that we hold or would like to correct any errors in that information, please contact us using the contact details set out in the “how to contact us” section of this Statement, so that we can consider and respond to your request.

How to contact us

You can contact ACCSR during business hours on (03) 9049 9500 or send an e-mail via the “contact us” section of our website.