x

Create an Oaktree account

x

Sign in with Facebook or Twitter

or login with email
Reset my password

Privacy

Privacy Policy

Last reviewed June 2016 

  1. Overview

The Oaktree Foundation Australia (‘Oaktree’) considers privacy and data

protection to be important matters. Oaktree will endeavour to handle your personal information in accordance with this Policy and the Australian Privacy Principles (‘APPs’).

This Privacy Policy is designed to help you understand how we collect, use and store personal information, and what to do if you have any questions, concerns or complaints.  We want you to know that the information we collect is yours, and you can choose to change or access it at any time.

We will review our privacy policy from time to time and it will always be publicly available on our websites.

2. Types of Information Collected

2.1. Personal information

Whether you’re a donor, program participant or volunteer, we regularly ask for information that helps keep us engaged with you.

Here are some examples of personal information we commonly collect:

  • Personal details, for example, your name or date of birth

  • Contact details

  • Payment information

  • How you supported or interacted with Oaktree in the past

  • Notes from conversations with Oaktree representatives

2.2. Sensitive information

Oaktree also collects sensitive and health information. For instance, where you disclose a political opinion or affiliation, or where you complete a medical form to participate in an Oaktree event, you are providing Oaktree with more detailed information. We will only collect, hold, use and disclose sensitive and health information with your consent, or where required by law.

3.   Information Collection Process

3.1. Direct collection of information  

In most of these cases, Oaktree will ask you directly for information (for example, requesting you to complete a donation form or a medical form). Often, to enable our operations, we will need a certain amount of information; for instance, we cannot give you a tax receipt without your name or email address.

3.2. Automatic collection of information

Some of the information is collected automatically (for example, when you ‘like’ a post of Oaktree’s on social media), or from another source (like certain confidential payment details that pass through third-party service providers).

There are a number of technological measures that we use to collect information. Oaktree may:  

  1. Use “cookies” provided by third parties to help us better understand how people arrive at and use our website and social media platforms;
  2. Collect IP addresses to better understand where our traffic is coming from, and to provide customised services to supporters;
  3. Use third-party services such as Google Analytics. This helps Oaktree understand traffic patterns, detect problems and improve functionality with our websites; and
  4. Use embedded images in emails to track open rates for its mailings, so that Oaktree can tell which mailings appeal most to its supporters.

URLs contained in emails may contain an ID that enables us to correctly identify the person who takes an action using a web page. We use these URLs to simplify the process of signing petitions and filling out surveys.

4.  Information Use  

4.1. Organisational engagement   

In order to raise awareness, fundraise and engage with the public, we need to collect personal information.  Oaktree will typically use your personal information to:Process donations;

  1. Email Oaktree related information, updates and opportunities we think will interest you;
  2. Respond to any questions, comments, queries or concerns;
  3. Request feedback to improve our services and processes;
  4. Update your history and engage and support of Oaktree; and
  5. Analyse donor activity.
4.2 Disclosure to an external party    

Oaktree will only disclose your personal information to an external party when it is necessary. We will take reasonable steps to ensure that these parties deal with any personal information appropriately. These reasonable steps could include:

  1. Providing external parties with a copy of this privacy policy;
  2. Keeping the information anonymous where possible; or
  3. Reviewing the external party’s policies regarding privacy and confidentiality.

When running joint petitions with other organisations, Oaktree will ensure that anyone contributing to the petition is informed about how and with whom their information will be shared (e.g. other organisations, who the petition is targeted at). Where possible, this information will be limited to name and postcode.

5. Keeping Information Safe    

5.1. Secure collection of information    

Whether it be online or in hard copy, when we collect your information we endeavour to do so through a secure response form. We will take appropriate security measures to protect against unauthorised access to your personal information.

Unfortunately, no data transmission over the Internet can be guaranteed to be 100% secure. While Oaktree strives to protect personal information, it cannot guarantee the security of any information received. As such, provision of such information is done at your own risk. Once your transmission is received, Oaktree will take all reasonable steps to ensure its security and integrity.

5.2. Secure storage of information     

Most of the information you give to us will be stored in our online supporter database, NationBuilder. There are strict NationBuilder terms of service available here. Oaktree will also ensure protection of information stored on NationBuilder by restricting access to authorised persons only and by creating different levels of access. Information may also be stored on Oaktree’s cloud systems, such as Google Drive and Dropbox. Information on these cloud systems are also protected by the standard security processes outlined below.

Oaktree uses industry standard security technology, as well as industry standard security practices, to protect personal and confidential information that we receive and to prevent that information from being accessed by unauthorised persons. These practices include:

  1. Firewalls;
  2. Secure Sockets Layer (SSL) which encrypts information;
  3. Using storage networks with strict privacy, confidentiality and security practices (For example, see NationBuilder’s Privacy Policy and Terms and Conditions); and
  4. Limiting access to storage networks to Oaktree Representatives whose roles require such access.
5.3. Destroying and de-identifying information      

If you send us your personal information when we don’t ask for it, we will determine whether or not it would have been permissible to collect that information if we had asked for it. If we find that the collection would not have been permissible we will destroy or de-identify that information as soon as practicable. If we find that that the collection would have been permissible, then we will treat the information in accordance with this policy.

Oaktree will also destroy or de-identify information that is no longer needed. Examples of information that is no longer needed include:

  1. Sensitive Information regarding attendees of an event after the event has ended; and
  2. Volunteer information after the volunteer ceases their role with Oaktree;
5.4. Unique categories of information

If you have supplied us with sensitive or health information, Oaktree will not use or disclose it for anything other than what you have consented to. This is subject to any legal requirement of disclosure.

Oaktree takes the transfer of payment information very seriously. In the case of payment or card details, Oaktree will take special care to ensure that third-party service providers are Payment Card Industry Data Security Standard compliant.

Where a donor requests for their donations to be anonymous, the information required to process the donation will still be stored via the processes outlined in this policy. However, the donor’s name will not be publicly listed.

6. Underage Information

Oaktree often needs to collect information from children (anyone under the age of 18) such as where a child engages in Oaktree events and campaigns. Information collected includes personal information, sensitive information and parental consent forms. All underage information will not be disclosed elsewhere by Oaktree without prior parental guardian consent.

Underage personal information will be stored on NationBuilder and secured in the same manner as other personal information.

Oaktree acknowledges that children are a vulnerable segment of the community and that their sensitive information should be treated with care. The following processes should be undertaken regarding underage sensitive information:

  1. It should be stored separately from other sensitive information, for example being stored in a different online folder;
  2. After the event’s conclusion, all underage sensitive information should be destroyed within a reasonable period of time;

7. Cross Border Disclosure       

In the event that Oaktree does disclose personal information about you to an overseas recipient, such as a partner organisation, Oaktree will take such steps as are deemed reasonable in the circumstances to ensure that the overseas recipient does not breach the APPs in relation to the information. Such steps could include:

  1. Providing overseas recipients with a copy of the APPs and this privacy policy;
  2. Investigating the overseas recipient’s privacy practices;
  3. Suggesting implementation processes in line with the APPs; or
  4. Incorporating the privacy policy or APPs in any agreement or Memorandum of Understanding signed.

8. Maintaining Your Information        

We will take all reasonable steps to ensure any personal information we collect, use or disclose is up to date and accurate. Your personal information is only held by Oaktree for as long as the information remains relevant to the purpose for which it was collected.

If you believe that the personal information we hold about you is not up to date or accurate, you may ask us to correct it. You may also ask us to provide you with details of the personal information we hold about you, and copies of that information.

You can manage and update your information by getting in touch with a member of our admin team on (03) 9428 8577 or via email at dol@oaktree.org. We will respond to your request within 7 days of receipt of your request.

9. Complaints  

If you wish to make a complaint about a breach (or alleged breach) by Oaktree of this Policy or of the Australian Privacy Principles, you can call us on (03) 9428 8577‎ or email the Director of Legal at dol@oaktree.org.

In the event that you are not satisfied with the action undertaken by Oaktree, you may contact the Office of the Australian Information Commissioner whose details can be found at www.oaic.gov.au.