ACN 22 616 236 983


  • In the course of our charitable activities in Australia, there are circumstances where we collect personal information. This privacy policy has been developed to ensure that such information is handled appropriately.

  • As a small not-for-profit organisation in Australia, we are not required to comply with the Privacy Act 1988 (Cth) (Privacy Act) in relation to the personal information we collect. 

  • Whilst we have not agreed to ‘opt-in’ to the application of the Privacy Act, we have adopted policies and procedures in relation to privacy that we feel are ‘best practice’ for an organisation of our size and type.

Who does the privacy policy apply to? 

This policy applies to any person for whom we currently hold, or may in the future collect, personal information, including:

  • our employees and volunteers;

  • our donors and supporters; 

  • social services agencies we engage with;

  • clients of social services agencies that we provided charitable services to;

  • other third parties that engage with us.

What information does the privacy policy apply to?

  • This policy applies to personal information. In broad terms, 'personal information' is information or opinions relating to a particular individual who can be identified.

  • Information is not personal information where the information cannot be linked to an identifiable individual.

How do we manage the personal information we collect?

  1. We manage the personal information we collect in numerous ways, such as by:

    • implementing procedures for identifying and managing privacy risks at each stage of the information lifecycle, including collection, use, disclosure, storage, destruction or de-identification;

    • implementing security systems for protecting personal information from misuse, interference and loss from unauthorised access, modification or disclosure;

    • providing staff and volunteers with training on privacy issues; 

    • appropriately supervising staff and volunteers who regularly handle personal information;

    • implementing mechanisms to ensure any agents or contractors who deal with us comply with our privacy policy;

    • implementing procedures for identifying and reporting privacy breaches and for receiving and responding to complaints;

    • allowing individuals the option of not identifying themselves, or using a pseudonym, when dealing with us in particular circumstances. 

  2. We will take reasonable steps to destroy or permanently de-identify personal information if that information is no longer needed for the purposes for which we are authorised to use it.

What kinds of information do we collect and hold?

We may collect and hold personal information about you, which may include:

  • sensitive information, such as health information, racial or ethnic origin; 

  • contact information; 

  • financial information and bank details;

  • date and place of birth;

  • employment arrangements and history;

  • any other personal information required to provide our charitable services or engage with our donors, supporters, staff, volunteers and other third parties that deal with us.

How and when do we collect personal information? 

  1. Our usual approach to collecting personal information is to collect it directly from you or from service providers that are assisting you by engaging with us, such as social services agencies.

  2. We may also collect personal information in other ways, which may include:

    • through referrals from individuals or other entities;

    • through marketing and business development events;

    • from competitions and fundraising activities;

    • via our website (including via the use of cookies and web analytics) and other online profiles such as social media platforms.

How do we hold personal information?

Our usual approach to holding personal information includes:

    1. physically:

      • at our premises; and

      • off-site, by third party physical storage providers;

    2. electronically:

      • on online servers;

      • on a private cloud;

      • by a third party data storage provider; and

      • on our website.

  1. We secure the personal information we hold in numerous ways, including:

    • using unique usernames, passwords and other protections on systems that can access personal information; 

    • holding certain sensitive documents securely;

    • where appropriate, de-identifying or destroying documents containing personal information.

Why do we collect, hold, use or disclose personal information?

  • We take reasonable steps to use and disclose personal information for the primary purpose for which we collect it. 

  • The primary purpose for which information is collected varies but is generally either to:

    • provide charitable services to you, via support service agencies; or

    • engage with you as a donor, supporter, volunteer, employee or third party service provider.

  • In the case of potential employees and volunteers, the primary purpose the information is collected is to assess the individual’s suitability for the relevant role.

  • Personal information may also be used or disclosed by us for secondary purposes that are within your reasonable expectations and that are related to the primary purpose of collection. For example, we may collect and use your personal information to:

    • ask you to support or donate to us;

    • provide you with updates and alerts that are relevant to our activities;

    • invite you to events.

We may disclose personal information to:

  • Our external auditors;

  • Other service providers to assist our functions or activities (such as businesses that help us with our marketing and promotion, assist us to improve and manage our services and professional advisers we engage);

  • Our third party technology providers such as our data storage providers and email filter providers; and

  • Other third parties as we determine appropriate.

    • We do not sell your personal information to anyone, including other charitable organisations.

Will we disclose personal information outside Australia?

  • We do not directly disclose personal information outside of Australia. However, we may utilise a cloud or other outsourced IT services which may result in personal information being stored overseas.

  • We may also use services from time to time to manage and improve our services and the third party service providers we engaged may be located, or have their IT services, located overseas.

How do you make complaints and access and correct your personal information?

It is important that the information we hold about you is up-to-date. You should contact us if your personal information changes.

Access to information and correcting personal information

  • You may request access to the personal information held by us or ask us for your personal information to be corrected by using the contact details in this section.

  • We will grant you access to your personal information as soon as possible, subject to the request circumstances.

  • In keeping with our commitment to protect the privacy of personal information, we may not disclose personal information to you without proof of identity.

  • We may deny access to personal information if:

    • the request is unreasonable;

    • providing access would have an unreasonable impact on the privacy of another person;

    • providing access would pose a serious and imminent threat to the life or health of any person;

    • providing access would compromise our ethical or other obligations; or

    • there are other legal grounds to deny the request.

  • We may charge a fee for reasonable costs incurred in responding to an access request. The fee (if any) will be disclosed prior to it being levied.

  • If the personal information we hold is not accurate, complete and up-to-date, we will take reasonable steps to correct it so that it is accurate, complete and up-to-date, where it is appropriate to do so. 


If you wish to complain about an interference with your privacy, then you should put your complaint in writing and send it to us using the contact details in this section.  We will have a reasonable time to respond to the complaint.

Who to contact

A person may make a complaint or request to access or correct personal information about them held by us. Such a request must be made in writing to the following address:

Privacy Officer:          Carly Fradgley, Chief Executive Officer 

Postal Address:         10/15 John Duncan Court, Varsity Lakes QLD 4227

Email address:

Changes to the policy

We may update, modify or remove this policy at any time without prior notice. Any changes to the privacy policy will be published on our website.

This policy is effective May 2019. If you have any comments on the policy, please contact the privacy officer with the contact details in section 8 of this policy.