Effective date: May 2026, Last updated: May 2026

ASCA Privacy Policy

1. Who we are

ASCA Ltd (“ASCA”, “we”, “us”, “our”) is a not-for-profit organisation based in Australia.

ASCA respects your privacy and is committed to protecting the personal information we collect and handle. This Privacy Policy explains how we collect, hold, use and disclose personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy  Principles (APPs).

2. Scope of this policy

This policy applies to personal information we collect and handle:

  • through our website and online services;
  • when you communicate with us by email, phone or post;
  • when you apply for membership, become a supplier, register for events or
    communications, or otherwise engage with ASCA;
  • when you interact with ASCA through schools, partners or authorised representatives.

This policy does not apply to third-party websites linked from our website. Those sites are
governed by their own privacy policies.

3. Our privacy obligations

ASCA complies with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and any other applicable privacy laws governing the handling of personal information.

4. What personal information we collect

The types of personal information ASCA may collect include:

  • Identity and contact information: name, role or title, organisation or school, postal address, email address and phone number;
  • Membership and supplier information: membership status, supplier details, registrations and related correspondence;
  • Event and service information: event registrations, participation details, communications preferences, invoices or receipts;
  • Website and technical information: IP address, browser type, device information, pages visited, and date and time of access;
  • Preferences and feedback: survey responses, feedback and communications choices;
  • Payment information: limited payment details necessary to process transactions (note: ASCA does not store full credit card details where payments are processed by third-party
    payment providers).

ASCA generally does not seek to collect sensitive information (as defined under the Privacy Act). If sensitive information is required, it will only be collected with consent or where otherwise
permitted by law.

5. How we collect personal information

ASCA collects personal information:

  • directly from you when you provide it to us;
  • when you register for membership, services, events or communications;
  • when you communicate with us by phone, email or through our website;
  • automatically through the use of our website (for example, cookies and analytics tools);
  • from third parties where reasonable and lawful (for example, authorised representatives, service providers or event partners).

6. How we use personal information

ASCA uses personal information to:

  • administer membership and supplier relationships;
  • deliver services, programs, resources and benefits;
  • communicate with members, schools, suppliers and partners;
  • manage events, publications, training and communications;
  • support operational, governance and reporting requirements;
  • improve our website, services and user experience;
  • meet legal, regulatory and accountability obligations.

We may also send relevant updates, newsletters or service announcements. You may opt out of non-essential marketing communications at any time by using the unsubscribe option provided or by contacting us.

7. Cookies, analytics and website tracking

ASCA uses cookies and similar technologies to:

  • support website functionality, including members-only areas;
  • understand how visitors use our website;
  • improve website content, performance and user experience.

You can manage cookies through your browser settings. Disabling cookies may affect the functionality of parts of the website.

ASCA may use reputable analytics tools to understand website usage trends. These tools may collect technical information such as IP address and browsing activity. Where required, consent options will be provided for non-essential cookies.

8. Disclosure of personal information

ASCA may disclose personal information to:

  • employees, contractors and volunteers who require the information to perform their duties;
  • service providers that support our operations (such as IT support, website hosting, email platforms, CRM systems, payment processing and event platforms);
  • professional advisers, including legal, accounting and audit services;
  • government authorities or regulators where required or authorised by law.

ASCA does not sell personal information.

We take reasonable steps to ensure that service providers handle personal information securely and only for authorised purposes.

9. Overseas disclosure

Some service providers engaged by ASCA may store or process personal information outside Australia.

Where overseas disclosure occurs, ASCA takes reasonable steps to ensure personal information receives appropriate protections consistent with Australian privacy law.

10. Data security and retention

ASCA takes reasonable steps to protect personal information from misuse, interference, loss, unauthorised access, modification or disclosure. These measures may include access controls, security monitoring, secure systems, and staff training.

Personal information is retained only for as long as necessary to fulfil lawful, operational and accountability requirements.

No system is completely secure; however, ASCA regularly reviews and improves its safeguards.

11. Notifiable Data Breaches

If ASCA becomes aware of a data breach that is likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) in accordance with the Notifiable Data Breaches scheme.

12. Access and correction

You may request access to personal information held by ASCA and request correction if the information is inaccurate, out-of-date, incomplete, irrelevant or misleading.

Requests can be made by contacting ASCA using the details below. We may need to verify your identity before responding.

13. Privacy complaints

If you have a complaint about how ASCA handles personal information, please contact our Privacy Officer. We will acknowledge and respond to complaints within a reasonable timeframe.

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at: https://www.oaic.gov.au/

14. Contact us

Privacy Officer
ASCA Ltd
Email: membership@asca.com.au
Website: www.asca.com.au

15. Changes to this policy

ASCA may update this Privacy Policy from time to time. The most current version will be published on our website with the updated date.