Privacy Policy
The Board of the Foundation for Rural & Regional Renewal (FRRR) is committed to protecting the privacy of personal information which the organisation collects, holds and administers. Personal information is information which directly or indirectly identifies a person. For this policy, personal information is distinct from sensitive and health information.
PURPOSE
The purpose of this document is to provide a framework for FRRR in dealing with privacy considerations and to adopt the Australian Privacy Principles (APP) which were enacted in 2012 and became effective March 2014.
POLICY
FRRR collects and administers a range of personal information for the purposes of recording information provided to us when people and organisations either make a donation manually, via our website www.frrr.org.au, or otherwise; apply for a grant; or subscribe to our newsletter. FRRR is committed to protecting the privacy of personal information it collects, holds and administers. FRRR does not collect sensitive or health information or unique identifiers from individuals (TFN, medicare, licence).
FRRR is bound by Australian State and Federal laws which impose specific obligations when it comes to handling information. The organisation has adopted the following principles contained as minimum standards in relation to handling personal information.
FRRR will:
- Publish the Privacy Policy on the website www.frrr.org.au;
- Collect only information voluntarily provided to us in the process of receiving donations (whether directly or through third parties such as fundraising platforms); applying for grants; administering and distributing grants; promoting grants; or subscribing to the FRRR newsletter;
- Use and disclose personal information only for our primary functions relating to receiving donations and distributing grants or a directly related purpose, or for another purpose with the person’s consent;
- Disclose personal information only if required to establish, exercise or defend our legal rights;
- Except for the above policy, FRRR will not supply personal information to any third party unless express consent is provided;
- Handle all website financial transactions securely through our payment services provider, Bendigo Bank, who utilize SSL encrypted files to transfer data. Credit card details will not be retained in any database;
- Store personal information securely in Australia, protecting it from unauthorised access and not store, process or transfer personal information between other countries;
- Not use cookies on the FRRR website to store information about site visitors or donors; and
- Provide access and correction to an individual’s personal information within 30 days of a request by an individual and deal with complaints in a timely manner.
RESPONSIBILITIES
FRRR’s Board is responsible for developing, adopting and reviewing the Privacy Policy. FRRR’s CEO is responsible for the implementation of this policy, for monitoring changes in Privacy legislation, and for advising on the need to review or revise this policy as and when the need arises.
PROCESSES
Transparency
FRRR will:
- Ensure stakeholders are aware of FRRR’s Privacy Policy and its purposes.
- Make this information freely available in relevant publications and on the FRRR website.
Collection
FRRR will:
- Only collect personal information that is necessary for the performance and primary function of FRRR.
- Notify stakeholders about why we collect personal information and how it is administered.
- Address stakeholders’ requests to correct personal information.
- Not request or collect sensitive information.
- Not request or collect health information.
Integrity, Quality and Security
FRRR will:
- Take reasonable steps to ensure personal information the organisation collects is accurate, complete, up to date, and relevant to the functions we perform.
- Safeguard personal information we collect and store in Australia against misuse, loss, unauthorised access and modification. No personal or financial data will be transferred to another country.
- Only destroy records in accordance with the organisation’s Records Management Policy.
- Not utilise credit card data for any use past its initial purpose.
- Use secure banking facilities for online transactions.
- Not use cookies on the FRRR website to store information about site visitors or donors.
Use and Disclosure
FRRR will:
- Only use or disclose personal information for the primary purpose for which it was collected or a directly related.
For other uses, FRRR will obtain express consent from the individual.
Access and Correction
FRRR will:
- Ensure individuals have a right to correct personal information it if it is inaccurate, incomplete, misleading or not up to date.
Anonymity
FRRR will:
- Give stakeholders the option of not identifying themselves when completing evaluation forms or opinion surveys.
Making information available to other organisations
Except where required by law, FRRR can:
- Only release personal information about a person with that person’s express permission. For personal information to be released, the person concerned must sign a release form.
- Only release personal information to third parties where it is requested by the person concerned.
Updated May 2022