Your privacy is important to Bravery Trust and this policy outlines our ongoing obligations to you in respect of how we manage your Personal Information.
1. Introduction The Australian Defence Force Assistance Trustee Company Proprietary Ltd (ADFAT Co Pty Ltd) is the trustee of the Australian Defence Force Assistance Trust (The Trust).
1.1. Purpose ADFAT Co Pty Ltd (The Company) complies with the Australian Privacy Principles (APP) in the Privacy Act 1998 (Cth) which sets out standards, rights and obligations in relation to handling, holding, accessing and correcting personal information.
1.2. Definitions “Personal information” for the purposes of the Privacy Act and this Policy means any information or an opinion about an identified individual, or an individual who is reasonably identifiable:
- whether the information or opinion is true or not, and
- whether the information or opinion is recorded in a material form or not.
“Sensitive information” for the purposes of the Privacy Act and this Policy includes: (a) information or an opinion about an individual’s: (i) racial or ethnic origin; or (ii) political opinions; or (iii) membership of a political association; or (iv) religious beliefs or affiliations; or (v) philosophical beliefs; or (vi) membership of a professional or trade association; or (vii) membership of a trade union; or (viii) sexual orientation or practices; or (ix) criminal record; that is also personal information; or (b) health information about an individual; or (c) genetic information about an individual that is not otherwise health information; or (d) biometric information that is to be used for the purpose of automated biometric verification or biometric identification; or (e) biometric templates.
1.3. Authority The Board has approved this Statement of Policy in accordance with its powers and duties as per Clause 11 of the Constitution of the Australian Defence Force Assistance Trustee Company Pty Ltd (ADFAT).
1.4. Review and Update This Statement of Policy is to be reviewed and updated at least annually. Subject to the significance of changes in the Corporations Law 2001, the Australian Charities and Not-for-Profits Commission Act 2012, the Trust Deed, Constitution of ADFAT and other relevant statutory and contractual requirements, more regular revision and update may be warranted.
2. Relationship to the Group’s Governance Charter This Statement of Policy for Privacy is one element of the Group’s approved Governance Charter. That Charter is the instrument that sets out the overarching philosophy, content and structure of the Governance, Risk and Compliance framework for the Group.
3.2. Kinds of personal information that the Company collects and holds, and the purpose of collection The Company collects and holds personal information (and in some cases sensitive information) relating to:
- applicants seeking financial assistance from the Trust,
- Company employees and contractors,
- donors and sponsors,
- Company directors,
- enquiries received by the Company, and
- the Company’s contractors and suppliers, including for Company events.
Applicants Broadly, the Company collects personal information from applicants where it is relevant to discharging its obligations as trustee of the Trust. This personal information includes the names, addresses, contact details, date of birth, gender, occupations, employment histories, family backgrounds, referees and personal references, awards and achievements and financial records of individuals who have made application to the Company for financial support from the Trust. The information which the Company collects and holds may include some types of sensitive information, as required in order for the applicant to explain their personal history, background or financial situation. Company employees and contractors The Company collects and holds personal information about staff, who are employed by it to work in the administration and in support of the Company and the Trust, for the purposes of staff recruitment, performance management and professional and personal development, as well as general staff administrative functions such as payroll operations. This personal information may include an employee’s name, address, contact details, date of birth, gender, qualifications, occupation, employment history, next of kin, tax file number and banking details, performance agreements and appraisals, performance records, salary and allowances, superannuation details, leave details, references and character checks and security clearances. Similarly, the Company collects and holds personal information about the contractors and suppliers who are engaged by it to provide goods and services under a contract. The information relates to individual contractor and supplier businesses, and the employees of those businesses. The purpose of the information is to enable the Company to select contractors and suppliers that are assessed as offering the best value for money to it, and to effectively manage its contracts with contractors and suppliers. This personal information may include the contractor/supplier name, address, contact details, ABN, previous projects undertaken, financial background, references, contract details, payment details, security checks and performance assessments.
3.3. How the Company collects personal information The Company collects only the information needed for the particular function or activity related to the administration of the Company or the work of the Trust. Where it is reasonably practicable to do so, the Company collects this information directly from the applicant, employee or individual concerned, or an authorised person acting on their behalf. Applicants to the Trust provide the Company with personal information to enable assessment of their application and to take appropriate action in accordance with the terms of the Trust. Personal information may also be collected indirectly or from other sources, such as the Department of Defence, the Department of Veterans Affairs, Ex-Service Organisations or representatives or from public records for this purpose. If this occurs, we will notify you accordingly. The Company requests prospective employees to provide certain personal information to it as part of its recruitment process. New employees provide further personal information on joining the Company, which is added to during the normal course of their employment. Contractors and suppliers provide personal information to the Company as part of procurement processes. They provide further personal information in giving effect to their contract. The Company may also collect information about an individual from a third party such as a contracting company or from a third party service provider such as its recruitment management service provider. The Company may also receive third party personal information through its employees and contractors including details of family members and next of kin. The Company also collects personal information from donors when they make a donation (including online through the Company’s website) and when individuals contact the Company to make an enquiry (including online through the Company’s website).
3.4. Visiting the Company’s website When an individual looks at the Company’s website, the server makes a record of their visit and logs the following information:
- the server address;
- the top level domain name (for example.com, .gov, .au, .uk);
- the date and time of the visit to the site;
- the pages accessed and documents downloaded;
- the previous site they visited; and
- the type of browser used.
3.5. How the Company holds personal information The Company uses a range of physical and electronic security measures to protect personal information from misuse, interference and loss, and from unauthorised access, modification or disclosure. These measures include restricted physical access to the Company’s offices, security containers, firewalls, secure databases, computer user identifiers and passwords. Please note however that the internet is not a secure environment and although care is taken, the Company cannot guarantee the security of information provided to it via electronic means.
3.6. How the Company uses and discloses personal information The Company uses and discloses personal information for the primary purpose for which it was collected and held, namely to enable it to discharge its obligations under the Trust and relevant law. Such disclosure occurs to facilitate internal decision making and, when required in accordance with the law, the Company may also share personal information with other agencies, bodies or persons including government agencies or regulatory bodies. Subject to any restrictions imposed by any relevant legislation, the Company may also disclose your personal information to:
The Company’s suppliers, service providers, professional advisers and agents including the following service providers: – professional advisors such as lawyers, accountants and auditors; – providers of systems for recruitment management; – data storage providers; – delivery supply contractors;
- to anyone to whom the Company’s assets or business (or any part of it) is transferred or to whom a security interest in the Company’s assets or business is provided;
- to any new trustee appointed to the Trust;
- where necessary to protect the rights or safety of any of its employees or a third party;
- where an individual to whom the personal information relates has consented to the disclosure; or
- where otherwise required or permitted by law.
The Company may also use and disclose personal information for reasonably expected secondary purposes directly related (for sensitive information) or related (for other personal information) to the primary purpose of collection, or for other purposes permitted under the Privacy Act. The Company will not use or disclose personal information for a secondary purpose (i.e. a purpose other than the primary purpose for which the information was collected and held) unless permitted in accordance with exceptions under the Privacy Act. The Company will not disclose personal information to a person located overseas, unless in the unlikely circumstances it is required, for example, in order for the Company to discharge an obligation in administering the Trust. If such circumstances arise the Company will comply with APP 8 (cross-border disclosure of personal information).
3.9. Correction of personal information held by the Company The Company endeavours to ensure that personal information that is collected and held is accurate, up-to-date, complete, relevant and not misleading. However, if an individual is able to establish that information held by the Company about them is not correct, reasonable steps will be taken to amend it. In the event that the Company is unable to substantiate a proposed correction, reasons for refusal to amend the information will be provided, and a record of our reasons and the individual’s contrary view will be placed on Company files.
3.10. Retention of personal information The Company retains personal information for 7 years.
3.11. Complaints about a breach of privacy If an individual wishes to complain about the way the Company handles their personal information, including if the individual believes the Company has breached the Privacy Act, they are encouraged in the first instance to submit their complaint in writing to the Privacy Contact Officer (see below). If a complaint is made please include your name and contact details, such as an email address and telephone number and clearly describe the complaint. The Company will endeavour to respond within 30 calendar days of receiving the complaint. Under the Privacy Act, the Australian Information Commissioner has the power to investigate complaints, or acts or practices that may be a breach of privacy even if there is no complaint. If an individual has made a complaint to the Company about a Company practice which they think amounts to an arbitrary or unreasonable interference with their privacy, and they do not believe that the matter has been resolved satisfactorily, they should write to the Office of the Australian Information Commissioner (OAIC), preferably using the online Privacy Complaint form. Further information about making a privacy complaint to the OAIC is at: https://oaic.gov.au/privacy/making-a-privacy-complaint. Individuals are able to make a complaint directly to the OAIC rather than to the Company. In most cases, however, it is likely that the OAIC would refer the individual to the Company, in the first instance, to see if the complaint can be resolved without requiring the involvement of the OAIC.
For Further information To find out more about how the Company manages personal information, contact – Privacy Contact Officer Australian Defence Force Assistance Trust.
Social Media Acceptable Use Policy
The following user policy is in addition to any user policy or terms and conditions imposed by the social media host (e.g. Facebook, Twitter, LinkedIn, Instagram)
At Bravery Trust we welcome and encourage your comments and engagement with us through our social media channels. That may include expressing your views, comments, ideas, insights, and feedback about our service. It may also include helping us raise awareness of services available to veterans.
At the same time, you should show courtesy and respect to others and must not use our page or profile to abuse others, expose others to offensive or inappropriate content, or for any unlawful purpose.
When using Bravery Trust’s social media, please ensure that you:
- protect your personal privacy and that of others by not including personal information of either yourself or of others in your posts to the page or profile
- represent your own views and not impersonate or falsely represent any other person
- do not be abusive, harass or threaten others
- do not make defamatory or libellous comments
- do not use insulting, provocative or hateful language
- do not use obscene or offensive language
- do not post material to the page or profile that infringes the intellectual property rights of others
- do not post multiple versions of the same view to the page or profile or make excessive postings on a particular issue
- do not promote commercial interests in your posts to the page or profile
- do not include internet addresses or links to websites, or any email addresses in your post to the page or profile
- do not make unproven or unsupported accusations against individuals or organisations
- do not encourage conduct that may or would constitute a criminal offence or give rise to civil liability, or that otherwise violates any local, provincial, national or international law or regulation anywhere in the world
- do not incite hatred on the basis of any personal characteristic, including on the basis of race, gender, marital or domestic status, disability, sexuality or age
- do not identify matters that are currently the subject of legal proceedings or would break a court’s non-publication order
- contact us directly through direct messaging or firstname.lastname@example.org if you have any questions or concerns that are personal in nature
In addition to these requirements, Bravery Trust’s social media is governed by the user policy or terms and conditions imposed by the social media host, including:
Bravery Trust reserves the right to enforce this Acceptable Use Policy at its discretion. Bravery Trust may remove any posted messages it considers to be in breach of this policy. Users who persist in breaching this Acceptable Use Policy may be banned, blocked, or reported to the social media host.
Please be aware that Bravery Trust may update or change this policy at any time.
If you have any questions about this policy, please email email@example.com
Moderation of posted content
Bravery Trust has a moderation process to ensure that comments made on its social media are relevant, responsible, ethical, and lawful. Bravery Trust may refuse publication, or delete any comments that Bravery Trust considers:
- Is abusive, obscene, discriminatory, or threatening
- Identifies individuals, including staff, without their consent, or is personal in nature
- Is inappropriate, inaccurate, or in any way in unlawful
In addition, Bravery Trust publication of posted content does not imply any endorsement, agreement or acceptance by us of the views expressed in that content. We recommend users exercise their own skill and care with respect to evaluating such content and carefully evaluate the accuracy, currency, completeness and relevance of the content for their purposes.
Bravery Trust also does not guarantee any posted content will be published and a user submitting content should not infer that the non-publication of content suggests the content is inappropriate.
As such, Bravery Trust accepts no legal liability whatsoever arising from, or connected to:
- the publication of any content
- the failure to moderate any content (whether due to technical error or otherwise), or
- the use of, or reliance on, any content by a user
Release and indemnity
Bravery Trust does not accept responsibility for any loss or damage, however caused (including through negligence), which you may directly or indirectly suffer in connection with your use of Bravery Trust’s social media or any linked site or facility, nor do we accept any responsibility for any loss arising out of your use of, or reliance on, information accessed using Bravery Trust’s social media.
To the extent permitted by law, any condition or warranty which would otherwise be implied into these Terms is hereby excluded.
When posting or otherwise communicating content using the Bravery Trust’s social media, you agree to indemnify us and our employees and agents against any claim by a third party arising out of any breach of these Terms by you.
These Terms do not attempt or purport to exclude liability arising under statute if, and to the extent, such liability cannot be lawfully excluded.
Bravery Trust records any information posted to our social media and uses that information for the purpose of administering its social media and considering and/or addressing any comments made.
No attempt will be made to identify individuals except where required or authorised by law, including the Privacy Act 1988. Bravery Trust is not responsible for the privacy practices or content of Facebook, Twitter, LinkedIn and Instagram, or any linked websites.
Some material on Bravery Trust’s social media has been submitted by others or contains links to articles or material prepared by others. Bravery Trust accepts no responsibility whether express or implied for the accuracy, currency and completeness of any information posted on Bravery Trust’s social media or its relevance and suitability for any purpose. Information posted on Bravery Trust’s social media is for general use only.
Bravery Trust does not endorse or otherwise support any view and opinion posted by a user or contributor on Bravery Trust’s social media. For further information about Bravery Trust please visit the Bravery Trust website.
Bravery Trust welcomes and values your feedback as it assists us in improving the standards and quality of the service. If you have feedback about Bravery Trust’s social media content or policy email firstname.lastname@example.org