GENERAL PRIVACY POLICY
1. INTRODUCTION
This document sets out the privacy policy of FIN Agency Pty Ltd ABN 48 964 013 727 (referred to in this privacy policy as ‘we’, ‘us’, or ‘our’).
The Privacy Act 1988 (Cth) (Privacy Act) requires entities bound by the Australian Privacy Principles to have a privacy policy. We take our privacy obligations seriously and are committed to safeguarding privacy of personal information. Providing personal information is an act of trust which we take seriously and we’ve created this privacy policy to explain how we handle personal information.
By providing personal information (including sensitive information) to us, you consent to our collection, storage, maintenance, use and disclosing of personal information in accordance with this privacy policy.
We may change this privacy policy from time to time by posting an updated copy on our website and we encourage you to check our website regularly to ensure that you are aware of our most current privacy policy
2. APPLICATION OF THIS PRIVACY POLICY
To avoid confusion on how we handle the personal information of the different individuals we engage with, we have created separate privacy policies depending on the relationship between us and the individual.
(Service providers) For the personal information of third parties who provide us goods and services, whether directly to us or as a contractor or employee of an agency we have engaged to provide us goods and services, we have a separate privacy policy which can be found at https://thefinagency.com.au/.
(Everyone else) For all other personal information we handle, this privacy policy applies. If you have any questions regarding which privacy policy applies to you, please contact us via the details set out at the end of this policy.
3. WHAT IS PERSONAL INFORMATION?
Throughout this policy, we refer to your ‘personal information’, which means, information or an opinion about an identified individual, or an individual who is reasonably identifiable:
(a) whether the information or opinion is true or not; and
(b) whether the information or opinion is recorded in a material form or not.
Most of this policy applies to all personal information we collect, however, some of our privacy practices differ slightly for certain types of information we collect (including sensitive information and confidential information). Where this is the case, we have outlined that particular practice in its own section within this policy and, to the extent of any inconsistency, that section supersedes the general practices outlined in the rest of this policy.
4. TYPES OF PERSONAL INFORMATION WE COLLECT
The personal information we collect may include the following:
(a) name;
(b) age and date of birth;
(c) gender;
(d) mailing or home address;
(e) social media information;
(f) telephone number, email address and other contact details;
(g) information regarding your personal interests and circumstances;
(h) information about your preferences, interests, and experiences with our services;
(i) credit card or other payment information;
(j) sensitive information as set out below;
(k) information about your business circumstances;
(l) information in connection with client surveys, questionnaires and promotions;
(m) your device identity and type, IP address, geo-location information, page view statistics,
advertising data and standard web log information;
(n) information about third parties; and
(o) any other information provided by you to us via our website or our online presence, or
otherwise required by us or provided by you.
5. HOW WE COLLECT PERSONAL INFORMATION
We will collect your personal information in a lawful and fair way. We will only collect your personal information where you have consented, or otherwise in accordance with the law. We ordinarily collect personal information directly from you or where it is provided to us with your authority, however, from time to time, we may also be required to collect personal information about you from a third party.
5.2 COLLECTION FROM YOU
We may collect personal information from you where you:
(a) contact us through our website;
(b) receive goods or services from us;
(c) submit any of our online sign-up forms;
(d) make a complaint or report a matter to us;
(e) communicate with us via email, telephone, SMS, social applications (such as LinkedIn,
Facebook or Twitter) or otherwise;
(f) interact with our website, social applications, services, content and advertising; or
(g) invest in our business or enquire as to a potential purchase in our business.
5.3 COLLECTION FROM THIRD PARTIES
Whenever possible, we collect your personal information directly from you. However, there may be occasions when we collect personal information about you from someone else. For example, where you:
(a) have donated to, or have shown an interest in donating to, a not-for-profit who has
engaged us to provide them services in relation to such donation;
(b) provide personal information to a third party service provider we have engaged to assist
us in delivering our services;
(c) have made a complaint or reported misconduct to us and we require further information
to investigate; or
(d) have made an application of employment or engagement by us
5.4 DIGITAL COLLECTION
We may also collect your personal information when you use or access our website or our social media pages. This may be done through use of web analytics tools, ‘cookies’, web beacons, customised links or other similar tracking technologies that allow us to track and analyse your digital interactions with us such as website usage and interactions with emails we send. Cookies are small files that store information on your computer, mobile phone or other device and enable
and allow the creator of the cookie to identify when you visit different websites.
Your web browser can choose whether to accept cookies. Most web browser software is initially set up to accept them. If you do not want your browser to use cookies, you can manage and control their use through your browser settings.
6. HOW WE HOLD PERSONAL INFORMATION
We respect the privacy of your personal information and we will take such reasonable steps to ensure your personal information is secure and protected from misuse or unauthorised access.
Generally, we store all personal information on secure servers managed by third party cloud storage providers. In some instances, we hold personal information on our personnel’s devices (such as emails from you) or, where necessary, in hard copy (such as printed invoices).
Our information technology systems are password protected, and we use a range of administrative and technical measures to protect these systems. We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
In selecting information technology service providers, we take care to engage reputable businesses who we believe will maintain an acceptable standard of security and protection of your personal information.
Whilst we take reasonable measures, no data storage or transmission systems can be guaranteed as fully secure and accordingly, we cannot guarantee or warrant the security of any personal information we handle.
7. PURPOSES FOR WHICH WE HANDLE YOUR PERSONAL INFORMATION
We collect, use, hold and disclose personal information for the following purposes:
(a) to provide services or information to you;
(b) to procure donations for the not-for-profits who engage us to provide them services;
(c) any purpose which is included in a privacy collection notice we provide to you;
(d) for record keeping and administrative purposes;
(e) to provide information about you to our contractors, employees, consultants, agents or
other third parties for the purpose of providing our services to you;
(f) where you are a donor, to facilitate your donation to a not-for-profit we provide our
services to;
(g) in obtaining the services of our professional advisers such as insurance providers,
accountants, lawyers and auditors;
(h) to comply with our regulatory requirements such as those by the Public Fundraising
Regulatory Association;
(i) to improve and optimise our service offering, customer experience and digital tools such
as our website and social media;
(j) to comply with our legal obligations, resolve disputes or enforce our agreements with third
parties;
(k) to respond to and investigate customer complaints and reports;
(l) to manage any competitions or promotions we run;
(m) in engaging with a prospective purchaser of all or part of our business;
(n) to send you marketing and promotional messages and other information that may be of
interest to you, including related to our services, to the not-for-profits who engage us, any
service providers we engage and other promotional partners;
(o) to comply with our legal obligations, resolve disputes or enforce our agreements with your
or third parties;
(p) to send you administrative messages, reminders, notices, updates, security alerts, and
other information requested by you; or
(q) to consider an application of employment from you.
We may also handle your personal information for:
(a) any purpose for which we receive consent from you for;
(b) secondary purposes closely related to the primary purpose, in circumstances where you
would reasonably expect such use;
(c) as needed in an emergency or in investigating suspected criminal activity;
(d) as required under a subpoena, court order or other mandatory reporting requirements;
(e) it is reasonably necessary for the establishment, exercise or defence of a legal claim;
(f) such purposes where we reasonably believe that use of your information is necessary to
lessen or prevent a serious threat to the life, health or safety of any individual, or to public
health or safety, and it is unreasonable or impracticable to obtain your consent; or
(g) any other purpose which is permitted or required under applicable privacy laws.
8. OVERSEASE DISCLOSURE
The personal information we collect is stored on servers managed by third party service providers who may be located in Australia and overseas. Additionally, the service providers may operate overseas disaster recovery sites or have personnel overseas who may access the personal information we hold to assist us in managing our servers.
We also may use Google Analytics (or other web traffic monitoring services) to track web traffic information which is operated by Google which stores information across multiple countries.
When you communicate with us through a social media service such as Facebook or Twitter, the social media provider and its partners may collect and hold your personal information overseas.
We also engage some third party service providers who may be given access to your personal information and are located in countries outside Australia such as Ireland and Singapore. We will only make such disclosure to overseas as necessary for them to provide their services to us and in accordance with this privacy policy.
9. SENSITIVE INFORMATION
(Collection of sensitive information) We may collect your sensitive information in the course of providing our services. We will only solicit this sensitive information where you consent to our collection of the sensitive information and directly provide us with this information.
(Types of sensitive information) The sensitive information we collect may include your racial or ethnic origin, political opinions, religion, trade union or other professional associations or memberships, philosophical beliefs, sexual orientation or practices, criminal records, health information or biometric information.
(Handling of sensitive information) Your sensitive information will only be collected, held, used or disclosed for the purpose of:
(a) responding to or investigating any complaints, reports of misconduct or workplace
incidents;
(a) any purpose for which we receive consent from you for;
(b) complying with our legal obligations or resolving disputes; or
(c) any other purpose which is permitted or required under applicable privacy laws.
(Withdrawing consent) If you wish to withdraw your consent to our collection, use or disclosure of your sensitive information, please contact us using the contact details set out below. We will deal with all such requests within a reasonable timeframe.
10. MARKETING
We may at times send you marketing communications which will be done in accordance with the Spam Act 2003 (Cth).
In this regard, we may use email, SMS, social media, phone or mail to send you direct marketing communications.
Where consent is needed, we will ask you for your consent before sending you marketing communications, except where you:
(a) have explicitly opted-in to receiving email marketing from us in the past; or
(b) were given the option to opt-out of email marketing when you initially signed up for our
goods or services and you did not do so.
You can, at any time, opt out of receiving marketing materials from us by using the opt-out facility provided (e.g. an unsubscribe link on emails we send you) or by contacting us via the details provided at the end of this privacy policy. We will implement such a request as soon as possible, however, cannot guarantee that such a response will be immediate.
11. REQUESTING ACCESS OR CORRECTING YOUR PERSONAL INFORMATION
If you wish to request access to the personal information we hold about you or you think that any personal information we hold about you is inaccurate, please contact us using the contact details set out below including your name and contact details.
We may need to verify your identity before providing you with your personal information. In some cases, we may be unable to provide you with access to or correction of your personal information and where this occurs, we will explain why. We will deal with all requests for access or correction to
personal information within a reasonable timeframe.
12. DEIDENTIFICATION OF PERSONAL INFORMATION
The data we collect may have analytical value to us, our customers, our business partners and our related entities. Where we have de-identified the data we have collected, we reserve the right to process and distribute the data we collect through our goods and services.
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Where we no longer require your personal information, we will securely de-identify or destroy your personal information in accordance with applicable laws and regulations.
13. ANONYMITY AND PSEUDONYMITY
We will generally need to know who you are in order to provide you with our services or facilitate donations.
Despite this, in some circumstances you are entitled to deal with us anonymously, or by using a pseudonym (alias), for example when making general enquiries about the services we offer.
In some circumstances, you may receive better service or response if we know who you are. For example, we can keep you up-to-date and better understand a complaint you might have if we know who you are and the circumstances of your complaint.
You must tell us when you are using a pseudonym when applying for our services. If we need to identify you, we will tell you whether your real name is required.
14. LINKS
Our website may contain links to other websites. Those links are provided for convenience and may not remain current or be maintained. We are not responsible for the privacy practices of those linked websites and we suggest you review the privacy policies of those websites before using them.
15. COMPLAINTS
If you wish to complain about how we, our personnel or our third party service providers handle your personal information, please contact us using the details set out below including your name and contact details. We will investigate your complaint promptly and respond to you within a reasonable timeframe.
If you are unsatisfied with how we handle your complaint, you may contact the Office of the Australian Information Commissioner at:
Address: GPO Box 5218, Sydney NSW 2001
Phone: 1300 363 992
Email: enquiries@oaic.gov.au
Website: www.oaic.gov.au
16. CONTACT US
For further information about our privacy policy or practices, or to access or correct your personal information, or make a complaint, please contact us using the details set out below:
Name: The Privacy Officer
Address: 1/580 Church St Richmond Victoria 3121
Phone: 0414 983 574
Email: admin@thefinagency.com.au
SERVICE PROVIDER PRIVACY POLICY
1. INTRODUCTION
This document sets out the privacy policy of FIN Agency Pty Ltd ABN 48 964 013 727 (referred to in this privacy policy as ‘we’, ‘us’, or ‘our’).
The Privacy Act 1988 (Cth) (Privacy Act) requires entities bound by the Australian Privacy Principles to have a privacy policy. We take our privacy obligations seriously and are committed to safeguarding privacy of personal information. Providing personal information is an act of trust which we take seriously and we’ve created this privacy policy to explain how we handle personal information.
By providing personal information (including sensitive information) to us, you consent to our collection, storage, maintenance, use and disclosing of personal information in accordance with this privacy policy.
We may change this privacy policy from time to time by posting an updated copy on our website and we encourage you to check our website regularly to ensure that you are aware of our most current privacy policy.
2. APPLICATION OF THIS PRIVACY POLICY
To avoid confusion on how we handle the personal information of the different individuals we engage with, we have created separate privacy policies depending on the relationship between us and the individual.
(Service providers) For the personal information of third parties who provide us goods and services, whether directly to us or as a contractor or employee of an agency we have engaged to provide us goods and services, this privacy policy applies
(Everyone else) For all other personal information we handle, we have a separate privacy policy which can be found at https://thefinagency.com.au/.
If you have any questions regarding which privacy policy applies to you, please contact us via the details set out at the end of this policy.
3. WHAT IS PERSONAL INFORMATION?
Throughout this policy, we refer to your ‘personal information’, which means, information or an opinion about an identified individual, or an individual who is reasonably identifiable:
(a) whether the information or opinion is true or not; and
(b) whether the information or opinion is recorded in a material form or not.
Most of this policy applies to all personal information we collect, however, some of our privacy practices differ slightly for certain types of information we collect (including sensitive information and confidential information). Where this is the case, we have outlined that particular practice in its own section within this policy and, to the extent of any inconsistency, that section supersedes the general practices outlined in the rest of this policy.
4. TYPES OF PERSONAL INFORMATION WE COLLECT AND HOLD
The personal information we collect may include the following:
(a) name;
(b) age and date of birth;
(c) gender;
(d) mailing or home address;
(e) social media information;
(f) telephone number, email address and other contact details;
(g) information regarding your personal interests and circumstances;
(h) information about your preferences, interests, and experiences with our services or your
services to us;
(i) credit card or other payment information;
(j) sensitive information, as set out below;
(k) information about your business or personal circumstances;
(l) information related to your occupation, workplace, professional history and professional
interests;
(m) Australian visa and working entitlements;
(n) criminal history checks;
(o) registration status with regulatory authorities;
(p) fit to work confirmations;
(q) workplace incident information;
(r) solvency statements;
(s) the contact details of third parties, such as your emergency contacts;
(t) information in connection with client surveys, questionnaires and promotions;
(u) your device identity and type, IP address, geo-location information, page view statistics,
advertising data and standard web log information;
(v) information about third parties; and
(w) any other information provided by you to us via our website or our online presence, or
otherwise required by us or provided by you.
5. HOW WE COLLECT PERSONAL INFORMATION
We will collect your personal information in a lawful and fair way. We will only collect your personal information where you have consented, or otherwise in accordance with the law. We ordinarily collect personal information directly from you or where it is provided to us with your authority, however, from time to time, we may also be required to collect personal information about you from a third party
5.2 COLLECTION FROM YOU
We may collect personal information from you where you:
(a) call or email us;
(b) submit any of our online sign-up forms;
(c) ask for access to information we hold about you;
(d) make a complaint or report a matter to us;
(e) participate in any offers, promotions, competitions, rewards or incentive activities;
(f) communicate with us via email, telephone, SMS, social applications (such as LinkedIn,
Facebook or Twitter) or otherwise;
(g) interact with our website, social applications, services, content and advertising.
5.3 COLLECTION FROM THIRD PARTIES
Whenever possible, we collect your personal information directly from you. However, there may be occasions when we collect personal information about you from someone else. For example, where:
(a) you are engaged or employed by a third party who provides us goods or services;
(b) you are involved in a complaint or matter requiring investigation;
(c) a matter arises which impacts your eligibility to continue to be engaged by us (such as a
regulatory body removing your working entitlements or licence); or
(d) from references where we are considering your application for employment by us.
5.4 DIGITAL COLLECTION
We may also collect your personal information when you use or access our website or our social media pages. This may be done through use of web analytics tools, ‘cookies’, web beacons, customised links or other similar tracking technologies that allow us to track and analyse your digital interactions with us such as website usage and interactions with emails we send. Cookies are small files that store information on your computer, mobile phone or other device and enable and allow the creator of the cookie to identify when you visit different websites.
Your web browser can choose whether to accept cookies. Most web browser software is initially set up to accept them. If you do not want your browser to use cookies, you can manage and control their use through your browser settings.
6. HOW WE HOLD PERSONAL INFORMATION
We respect the privacy of your personal information and we will take such reasonable steps to ensure your personal information is secure and protected from misuse or unauthorised access.
Generally, we store all personal information on secure servers managed by third party cloud storage providers. In some instances, we hold personal information on our personnel’s devices (such as emails from you) or, where necessary, in hard copy (such as printed invoices).
Our information technology systems are password protected, and we use a range of administrative and technical measures to protect these systems. We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
In selecting information technology service providers, we take care to engage reputable businesses who we believe will maintain an acceptable standard of security and protection of your personal information.
Whilst we take reasonable measures, no data storage or transmission systems can be guaranteed as fully secure and accordingly, we cannot guarantee or warrant the security of any personal information we handle.
7. PURPOSES FOR WHICH WE HANDLE YOUR PERSONAL INFORMATION
We collect, use, hold and disclose personal information for the following purposes:
(a) to facilitate you providing us goods and services;
(b) to comply with our regulatory requirements such as those by the Public Fundraising
Regulatory Association;
(c) to ensure you are eligible to provide us goods and services;
(d) for record keeping and administrative purposes;
(e) to respond to and investigate any workplace incidents related to your engagement by us
or one of our service providers;
(f) to provide information about you to our contractors, employees, consultants, agents or
other third parties for the purpose of facilitating you providing us goods and services;
(g) in obtaining the services of our professional advisers such as insurance providers,
accountants, lawyers and auditors;
(h) to respond to and investigate customer complaints and reports;
(i) to manage any competitions or promotions we run;
(j) in engaging with a prospective purchaser of all or part of our business;
(k) to provide information about you to our contractors, employees, consultants, agents or
other third parties for the purpose of providing our services to you;
(l) to improve and optimise our service offering, customer experience and digital tools such
as our website and social media;
(m) to comply with our legal obligations, resolve disputes or enforce our agreements with your
or third parties;
(n) to send you marketing and promotional messages and other information that may be of
interest to you, including related to our services, to the not-for-profits who engage us, any
service providers we engage and other promotional partners; or
(o) to send you administrative messages, reminders, notices, updates, security alerts, and
other information requested by you.
We may also handle your personal information for:
(a) any purpose for which we receive consent from you for;
(b) secondary purposes closely related to the primary purpose, in circumstances where you
would reasonably expect such use;
(c) as needed in an emergency or in investigating suspected criminal activity;
(d) as required under a subpoena, court order or other mandatory reporting requirements;
(e) it is reasonably necessary for the establishment, exercise or defence of a legal claim;
(f) such purposes where we reasonably believe that use of your information is necessary to lessen or prevent a serious threat to the life, health or safety of any individual, or to public health or safety, and it is unreasonable or impracticable to obtain your consent; or
(g) any other purpose which is permitted or required under applicable privacy laws.
8. OVERSEASE DISCLOSURE
The personal information we collect is stored on servers managed by third party service providers who may be located in Australia and overseas. Additionally, the service providers may operate overseas disaster recovery sites or have personnel overseas who may access the personal information we hold to assist us in managing our servers.
We also may use Google Analytics (or other web traffic monitoring services) to track web traffic information which is operated by Google which stores information across multiple countries.
When you communicate with us through a social media service such as Facebook or Twitter, the social media provider and its partners may collect and hold your personal information overseas.
We also engage some third party service providers who may be given access to your personal information and are located in countries outside Australia such as Ireland and Singapore. We will only make such disclosure to overseas as necessary for them to provide their services to us and in accordance with this privacy policy.
9. SENSITIVE INFORMATION
(Collection of sensitive information) We may collect sensitive information about you during the course of providing you our services or engaging you, either directly or via a third party, to provide us services. We will only collect this sensitive information where you consent to such collection and directly provide us with this information.
(Types of sensitive information) The sensitive information we collect may include the following:
(a) criminal history;
(b) membership of a trade union;
(c) health information;
(d) membership of a professional or trade association;
(e) any other sensitive information provided by you or a third party to us.
(Handling of sensitive information) Your sensitive information will only be collected, held, used
or disclosed for the purpose of:
(a) responding to or investigating any complaints, reports of misconduct or workplace
incidents;
(b) to ensure you are eligible to provide us goods and services;
(c) complying with our regulatory requirements such as those by the Public Fundraising
Regulatory Association;
(d) in obtaining the services of our professional advisers such as insurance providers,
accountants, lawyers and auditors;
(e) complying with our legal obligations, resolving disputes or enforcing our agreements with
you;
(f) any purpose for which we receive consent from you for; or
(g) any other purpose which is permitted or required under applicable privacy laws.
(Withdrawing consent) If you wish to withdraw your consent to our collection, use or disclosure of
your sensitive information, please contact us using the contact details set out below. We will deal
with all such requests within a reasonable timeframe.
10. MARKETING
We may at times send you marketing communications which will be done in accordance with the Spam Act 2003 (Cth).
In this regard, we may use email, SMS, social media, phone or mail to send you direct marketing communications.
Where consent is needed, we will ask you for your consent before sending you marketing communications, except where you:
(a) have explicitly opted-in to receiving email marketing from us in the past; or
(b) were given the option to opt-out of email marketing when you initially signed up for our goods or services and you did not do so.
You can, at any time, opt out of receiving marketing materials from us by using the opt-out facility provided (e.g. an unsubscribe link on emails we send you) or by contacting us via the details provided at the end of this privacy policy. We will implement such a request as soon as possible,
however, cannot guarantee that such a response will be immediate.
11. REQUESTING ACCESS OR CORRECTING YOUR PERSONAL INFORMATION
If you wish to request access to the personal information we hold about you or you think that any personal information we hold about you is inaccurate, please contact us using the contact details set out below including your name and contact details.
We may need to verify your identity before providing you with your personal information. In some cases, we may be unable to provide you with access to or correction of your personal information and where this occurs, we will explain why. We will deal with all requests for access or correction to
personal information within a reasonable timeframe.
Â
12. DEIDENTIFICATION OF PERSONAL INFORMATION
The data we collect may have analytical value to us, our customers, our business partners and our related entities. Where we have de-identified the data we have collected, we reserve the right to process and distribute the data we collect through our goods and services.
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Where we no longer require your personal information, we will securely de-identify or destroy your personal information in accordance with applicable laws and regulations.
13. ANONYMITY AND PSEUDONYMITY
We will generally need to know who you are in order to provide you with our services or facilitate donations.
Despite this, in some circumstances you are entitled to deal with us anonymously, or by using a pseudonym (alias), for example when making general enquiries about the services we offer.
In some circumstances, you may receive better service or response if we know who you are. For example, we can keep you up-to-date and better understand a complaint you might have if we know who you are and the circumstances of your complaint.
You must tell us when you are using a pseudonym when applying for our services. If we need to identify you, we will tell you whether your real name is required.
14. LINKS
Our website may contain links to other websites. Those links are provided for convenience and may not remain current or be maintained. We are not responsible for the privacy practices of those linked websites and we suggest you review the privacy policies of those websites before using
them.
15. COMPLAINTS
If you wish to complain about how we, our personnel or our third party service providers handle your personal information, please contact us using the details set out below including your name and contact details. We will investigate your complaint promptly and respond to you within a reasonable timeframe.
If you are unsatisfied with how we handle your complaint, you may contact the Office of the Australian Information Commissioner at:
Address: GPO Box 5218, Sydney NSW 2001
Phone: 1300 363 992
Email: enquiries@oaic.gov.au
Website: www.oaic.gov.au
16. CONTACT US
For further information about our privacy policy or practices, or to access or correct your personal information, or make a complaint, please contact us using the details set out below:
Name: The Privacy Officer
Address: 1/580 Church St Richmond Victoria 3121
Phone: 0414 983 574
Email: admin@thefinagency.com.au
