Data Breach Policy

We take the privacy and security of your information seriously. Although we work hard to keep your data safe, incidents can still happen. This Data Breach Policy explains how we respond if a data breach occurs.

What is a Data Breach?

A data breach is any situation where personal information is accessed, disclosed, lost, or used without authorisation. This may include accidental loss, cyber incidents, or unauthorised access by a third party.

How We Respond to a Data Breach

If we suspect or become aware of a data breach, we will:

1. Act quickly to contain the incident and prevent further unauthorised access.

2. Assess the impact to understand what information may have been affected and the potential risks to individuals.

3. Take steps to reduce harm, such as resetting access credentials, isolating affected systems, and securing data.

4. Notify affected individuals as soon as practicable if the breach is likely to cause serious harm.

5. Notify the Office of the Australian Information Commissioner (OAIC) when required under the Notifiable Data Breaches Scheme.

6. Review and improve our systems to prevent similar incidents in the future.

How We Notify You

If we need to inform you about a breach, we will contact you directly—usually by email—providing:

• a description of the breach

• what information was involved

• steps we are taking to respond

• recommendations on what you can do to protect yourself

Your Privacy Matters

We are committed to protecting your information and maintaining your trust. If you have questions or concerns about how we handle your data, or if you would like more information about this policy, please contact us at info@clearerdays.org