Canberra Dance Theatre

book now

Privacy

Canberra Dance Theatre Privacy Policy

Overview

1. This policy outlines how Canberra Dance Theatre (CDT) complies with its privacy obligations to members, staff, teachers, studio hirers, donors and others; in respect of how we manage personal information. CDT is committed to care, transparency and accountability in the way we handle personal information.

2. CDT has voluntarily adopted the Australian Privacy Principles (APP) contained in the Commonwealth Privacy Act 1988 (the Act). As a small charity with a turnover of less than $3 million, CDT is not formally subject to the Act, but chooses to manage information privacy in line with the Act and APP.

3. The APP govern the way in which we collect, use, disclose, store, secure and dispose of personal information.

4. This policy includes a Data Breach Response Plan to be used in the event of a data breach, large or small.

Collection of personal information

5. Personal information is any information that identifies an individual. Examples of personal information that CDT itself directly collects includes names, email addresses, phone numbers, emergency contact details and class attendance history. CDT does not regularly collect more sensitive personal information such as date of birth, health status or disability.

6. CDT only collects personal information when it is necessary for CDT’s functions or activities. These activities include:
(a) providing services to members and other dancers, including dance classes, and managing payments for those services
(b) contacting members or others (directly or via an email subscription service)
(c) maintaining CDT’s register of members, in accordance with section 67 of the Associations Incorporation Act 1991 (ACT)
(d) recording working hours of staff and teachers; and paying staff and teachers
(e) hiring out the studio
(f) receiving donations.

7. CDT uses third party services to collect personal information for our functions and activities (links to these services’ privacy policies are also provided):
(a) Bookeo, the class booking system. When dancers register for dance classes or become a CDT member, personal information including bank and payment details is collected and held on Bookeo. (bookeo.com/privacy)
(b) Xero, our financial management system. When people make a financial transaction with CDT (such as paying for a class online, sending an invoice to CDT or receiving an invoice from CDT); personal information may be collected and held on Xero. (xero.com/au/legal/privacy)  
(c) Square, our credit card payments system. When people make an online credit card payment to CDT, personal information may be collected and held on Square. CDT does not directly store credit card details; and credit card payments are processed securely through Square. (squareup.com/au/en/legal/general/buyer-privacy)
(d) Mailchimp, our mailing list system. When people sign-up to receive email updates, their name and email address is collected and held on Mailchimp. (intuit.com/privacy/statement)

8. CDT uses social media, including Facebook and Instagram, to communicate with people and to promote CDT to the public. Personal information may be collected when people use social media to communicate with us, but CDT only uses it to help us to communicate with dancers, members, staff, teachers and the public. The social media service will also handle personal information for its own purposes.

9. When people visit the CDT website (canberradancetheatre.org), the website may log Internet Protocol (IP) address, the time of the website visit, pages accessed, any documents downloaded, and the type of web browser used; for statistical purposes. Any such statistical analysis does not identify individuals.

Sensitive information

10. In some circumstances CDT may need to collect more sensitive information, which might include information about health, association memberships or criminal history. CDT will only collect sensitive information where it is required by law, only for the purpose for which it was obtained and with the individual’s consent.

Anonymity and pseudonymity

11. Where possible, individuals may choose to use a pseudonym when providing personal information to CDT. For example, dancers may use a pseudonym when registering for a class on Bookeo.

12. CDT members may also ask CDT to restrict access to their personal information recorded in CDT’s register of members, in accordance with section 67B of the Associations Incorporation Act 1991 (ACT).

Images and video

13. CDT occasionally takes images and videos of performances and classes for promotional and historical purposes. CDT will take all reasonable steps to seek individual’s consent, prior to photography and publication. People may request CDT to take down images or videos which have been published online.

Direct marketing

14. CDT will only use personal information (such as name and email address) to directly market to individuals where they have consented to receive such communications. For example, when signing up their email address for the CDT e-news. People can opt-out of such communications at any time using the ‘unsubscribe’ link in those emails.

Disclosure of personal information

15. CDT will only disclose personal information outside of CDT where required or authorised by law; or where people have consented to the disclosure.

Storage and security of personal information

16. CDT primarily stores personal information digitally. CDT has taken security measures such as two-factor authentication for authorised users and strong password security to protect personal information from misuse or loss; or from unauthorised access, modification or disclosure.

17. When personal information is no longer needed for the purposes for which it was obtained, CDT will take reasonable steps to destroy or permanently de-identify that information.

18. Individual’s records will be deleted when:
(a) They are not members; and
(b) They have not attended any classes for a three-year period.

Quality of personal information

19. CDT takes all reasonable steps to ensure that personal information is accurate, complete and up to date. This includes recording information in a consistent format and updating existing records when new or updated information is collected.
Access to personal information

20. People have the right to access the personal information CDT holds about them and to ask CDT to correct that personal information. CDT will ask people to verify their identity before CDT gives them access to that information.

Policy Updates

21. This Privacy Policy will be updated by the CDT Board on a three-year cycle and/or in response to changing circumstances or changes to privacy laws in Australia. The updated Policy will continue to be available publicly on the CDT website. Significant updates will be notified to members through the CDT Newsletter. The Policy was most recently updated in 2025 following amendments to the Privacy Act 1988 in late 2024.

How to contact us or make a complaint

If you have any queries or complaints about the CDT Privacy Policy or about CDT handling of any privacy matters, please contact us at:
• office.canberradancetheatre@gmail.com
• GPO Box 886, Canberra ACT 2601

Download a copy of the policy and read the Data Breach Response Plan