We take our privacy obligations seriously and comply with Australian Privacy Law.
Sir David Martin Foundation (the Foundation) raises money to fund programs that help young people in crisis. These programs are delivered by Mission Australia which is the Trustee of the Sir David Martin Foundation.
Personal information is collected and held about supporters to enable funds to be raised. Respecting and maintaining an individual’s right to privacy in accordance with Australian Privacy Principles is a fundamental element of the relationship with supporters. In dealing with your personal information, we will comply with the Privacy Act 1988 (Cth), including the Australian Privacy Principles (APPs) (Privacy Laws).
The objective of this Policy is to confirm how your personal information will be collected, managed and used in compliance with Privacy Laws.
This Policy applies to personal information for individuals that are external to the Foundation such as our donors, fundraisers, partners, suppliers, volunteers, governors, supporters, participants in Triple Care Farm activities and programs run by Mission Australia and others who interact with us. It does not apply to personal information for individuals within the Foundation such as staff members, or labour hire contractors. By providing your personal information to us, you consent to the use, storage and disclosure of that information as described in this Policy.
4 How we Manage your Personal Information
The Foundation will:
- Take all reasonable steps to ensure that personal information about individuals is managed in an open and transparent way;
- Maintain adequate security of personal information about individuals to protect it from misuse, interference and loss from unauthorised access, modification or disclosure;
- Establish reporting channels to receive privacy enquiries from individuals, and for reports of privacy breaches to be received and acted upon;
- Conduct privacy impact assessments for all new projects where personal information about individuals will be handled or where a change is proposed to information handling practices;
- Provide an option for you to use a pseudonym or otherwise be anonymous unless it is impractical or inhibits the adequacy or quality of service provided to the individual;
- Ensure the Chief Privacy Officer of the Trustee provides oversight of privacy governance processes and ensures compliance with Australian Privacy Principles;
- Provide relevant work training and privacy awareness on how the Australian Privacy Principles apply to the Foundation and how they are reflected in privacy practices, procedures and systems; and
- Periodically review the adequacy of this policy as well as the privacy practices, procedures and systems across the organisation.
5 Personal Information we Collect and Held
5.1 Kinds of Personal Information
The kind of personal information about individuals that may be collected and held by the Foundation includes:
- Names, addresses, contact, bank details and credit card details for supporters, donors, volunteers and suppliers;
- Images, video and sound recordings of individuals we interact with;
- Information associated with our donors, such as details relating to their donations
- Information collected about individuals through visiting our website, via email, text messages, phone calls or other interactions with individuals;
- Other information relevant to the purpose of providing our services, information related to our fund-raising activities and events or relating to the Foundation or Triple Care Farm;
- Survey and questionnaire responses
5.2 Sensitive Personal Information
We may from time to time collect sensitive personal information about individuals. That may include your gender, age, date of birth, health, disability, mental health, racial or ethnic origin, criminal convictions, religious affiliation, tax file numbers, and other particulars required as part of our funding obligations and/or that are relevant for the proper provision of the services that we provide. However, if we do so, we will comply with the Privacy Laws in handling that information and will not disclose it to any third party or use it for any purpose without your consent.
We will not collect sensitive information about you unless you have consented; it is required by law; or in other special specified circumstances, for example relating to health services provision and individual or public health or safety.
5.3 How Personal Information is Collected and Held
Where possible, personal information is collected directly from you with your consent at the time of your interaction with us. Sometimes it may be collected from a third party in relation to an activity we are undertaking and which you participate in. For example, if you participate in our Abseil for Youth Event, personal information you provide when you register for the event may be provided to the Foundation by our fund-raising partner for that event.
We may store personal information that we collect in Australia or overseas. If we store your personal information overseas, or need to disclose it to overseas entities, we will require them to comply with the Australia Privacy Laws or equivalent local laws which adequately protect personal information. You acknowledge this and consent to the transfer, storing or processing of your personal information outside of Australia accordingly. Personal information captured electronically may be stored on electronic storage by third parties, some of which may be overseas.
6 Purposes for which Personal Information is Collected, Held, Used and Disclosed
6.1 Purposes for Collecting and Holding Personal Information
We collect, hold and use personal information for the primary purposes for which it was collected, as set out in this Policy. Our primary purposes for collecting personal information include:
- to provide services and information, including information about what we do, events and other activities our donors may be interested in;
- to handle enquiries, complaints and feedback;
- to satisfy legal obligations and comply with laws;
- to enable proper governance processes such as internal and external audits;
- to comply with requirements of funding bodies as part of funding agreements with us;
- to operate fundraising and charitable activities which support of our objectives
Other purposes include:
- to contact donors, supporters or potential supporters and other individuals who may have an interest in the work that we do;
- to provide receipts for donations, seek feedback, send invitations to events and let our donors, supporters and prospective supporters know about the work we are doing or activities and developments at Triple Care Farm, so that they can understand what we do, hear about the outcomes of their support and participate in events;
- to let you know about matters relating to the Foundation;
- to operate fundraising and charitable activity in support of our objectives;
- to gather feedback from you and other individuals about the quality of services that we provide so that the services we provide can be continuously improved, including by using data to provide us with statistics and insights which assist us in our analysis, fundraising and other activities;
- to undertake marketing, fundraising and promotional activities, including activities to better identify donor sources, events and conferences organised and held by us;
- to satisfy legal obligations, comply with applicable laws and meet the meet the requirements of bodies which regulate the services we provide;
- to understand, through aggregated information, trends and patterns which we use for research and advocacy;
- for other purposes which you have consented to.
6.2 Disclosure to third parties
We will not disclose your personal information to external organisations except:
- as required by funding agreements;
- as required by law;
- where we have your consent to do so through your acceptance of this Policy and the disclosure relates to the goods or services we provide to you
- for a purpose permitted by this Policy ;
- if you request us to do so;
- to service providers and other organisations to facilitate the Foundation marketing and fundraising activities such as direct mail or electronic communications;
- to Mission Australia, for the purposes of providing administrative and other services to the Foundation, managing projects we support including Triple Care Farm, and provide us with administrative services and assistance in operational aspects including maintaining software, systems and databases for us;
- to government agencies where required to do so, for example if required by our funding agreements;
- to third party service providers who assist us with co-ordinating volunteers, community activities and advocacy, delivery of services, undertaking quality assurance of our services;
- to third parties service providers who assist us with fundraising activities or strategy, identifying donor sources or analysis of our fundraising activities, strategy and patterns (including data collectives) or in analysis of our fundraising activities and strategies;
- to third parties for the electronic storage of information, some of which may be overseas.
While we seek to ensure through our contracts and arrangements with external parties that they comply with Privacy Laws regarding the use of your personal information, we have limited control around how some external parties (for example, government agencies) use your personal information.
6.3 Use of Personal Information for statistical purposes
We may also use personal information to assist us in understanding our donor base and help us understand their needs, or to collate statistical information for reports and analysis which assist us in our activities. Wherever possible when we use personal information for these purposes we ‘de-identify’ the data so that individuals remains anonymous.
We do not sell lists of our donors to third parties.
7 Access and Correction of Personal Information
You are entitled to request access to your personal information held by us. This is provided upon request by you. We may require you to verify your identity and comply with other risk processes or access restrictions imposed or permitted by law before we can provide your information to you.
Where you inform us that information held by us about you is inaccurate, out‐of‐date, incomplete, irrelevant or misleading, we will correct it where we agree with you. Notices by you to us to amend information held about you are made to the same point of contact to whom you provided your personal information.
If, having received and considered an application from you to amend your information, we do not consider that the information should be amended, we will not amend it but we will include a note with the information that you consider that it should be amended, and advise you accordingly.
8 Cookies and Links to Other websites
Our website uses Google Analytics, a service which transmits website traffic data to Google servers in the United States. Google Analytics does not identify individual users or associate your IP address with any other data held by Google. We use reports provided by Google Analytics to help us understand website traffic and webpage usage.
9 Privacy Enquiries and Complaints
If you have an enquiry or a complaint concerning collection, use or management of your personal information, please direct your enquiry to our Privacy Officer. We will aim to respond to you and resolve your enquiry or complaint in a timely and appropriate manner. Their contact details are as follows:
Mission Australia as trustee for Sir David Martin Foundation
GPO Box 3515
SYDNEY, NSW, 2001
Ph: 02 9219 2002
By Email: email@example.com
10 Destruction and De-identification
When personal information about an individual held by the Foundation is no longer required to meet the Foundation’s objectives or to undertake the activities mentioned above, it may still need to be retained for audit and compliance purposes, to comply with applicable laws or requirements of government or other funding bodies and for archiving purposes, but otherwise will endeavour to have it removed from our system when it is no longer required or alternatively to have it de-identified where reasonably practicable to do so.
11 Mandatory Notifiable Data Breaches
We will comply with the notification and other requirements of Privacy Laws where your personal information held by us has been inadvertently lost or disclosed or improperly accessed and that loss, disclosure or access may result in serious harm to you.
If you do not wish to receive marketing or promotional communications from us, you should ‘unsubscribe’ online where a link is provided. Otherwise, you can contact us on the email addresses below or write to us advising that you no longer wish to be on our database and we will cease marketing to you and will take steps to remove your personal information where possible (sometimes because our systems are backed up, prior information may be retained on backups for some time before it is destroyed, but those backups are not generally accessible to our staff or third parties and are kept secure).
For donors firstname.lastname@example.org
For other individuals: email@example.com
You can download a copy of this policy here