Donor Privacy Policy

Introduction

Vision Australia is committed to using donor information responsibly and is bound by the Privacy Act 1988 (Privacy Act) and the Australian Privacy Principles (APP’s). For the purpose of this Donor Privacy Policy, ‘Vision Australia’, ‘we’, ‘our’ and ‘us’ means Vision Australia Limited (ABN 67 108 391 831) including the associated operations of Seeing Eye Dogs Australia PTY LTD (ABN 28 004 758 641).

About this Policy

In accordance with the Australian Privacy Principles (APP’s) and any relevant state and territory legislation, this Policy outlines why and how we collect and use donors’ personal information and the processes we undertake in the event of questions, concerns or complaints about the collection and or use of their information.

By providing personal information donors consent to collection, use and disclosure of that information in accordance with this Privacy Policy. This policy should be made available to any donors who would like to understand how their information may be used by Vision Australia, in their chosen form.

This Donor Privacy Policy applies to the collection and use of personal information when people make a donation only. For details of how Vision Australia collects and uses personal information of other people or in other contexts, please see our overarching Privacy Policy here. Where donations are provided via our Vision Australia Website at https://www.visionaustralia.org/ please also see our Website Privacy Policy.

This Donor Privacy Policy is regularly reviewed. We reserve the right (at our discretion) to modify, amend or replace this policy from time to time. A new version of this policy will be posted to our website when this policy is modified, amended or replaced. We recommend that you regularly review our privacy policy.

To whom does the policy apply

All Vision Australia staff, volunteers and third-party suppliers involved in collecting, storing and using donor information have a responsibility to understand this Policy and actively observe the guiding principles.

Policy

Collecting Donor Details

We collect information to process donations and to ensure a complete and accurate record of a donor’s history and engagement with Vision Australia.

Payment details

Donations can be made in several ways, including online, over the telephone, in person, via direct debit, via BPAY, or by submitting a donation form.

To make a donation with a credit card you must provide Vision Australia details of your credit card, including:

  • credit card type;
  • name on credit card;
  • credit card number;
  • expiry date; and
  • CCV number (where available).

Vision Australia will not retain your credit card details for single payment donations. When you authorise Vision Australia to process regular (such as monthly) donations, your credit card details for payment processing will be stored in a PCI-DSS Level 1 compliant vault and only tokenized details will be stored in our in-house CRM.

If you make a donation via our website, you will be directed to a secure third-party payment gateway, using a VeriSign Trust Network Secure Socket Layer (SSL) Certificate with 128 bit high grade encryption. Payments made through such payment gateways are subject to the terms and conditions and privacy policy of the relevant third-party providers.

Other details

Vision Australia will also collect and retain other information about donors in order to communicate with them and ensure a complete and accurate record of a donor’s history and engagement with Vision Australia. For example, we require a donor’s name, email address and postal address to provide a tax receipt or send information about the impact of a donation. We may also collect the following types of personal information:

  • Personal information including name, pronouns and date of birth;
  • Contact details including postal address, telephone number and email address;
  • Transaction details including authorisations and dates and amounts of transactions;
  • Sensitive information about your health including details of your eye condition if you choose to provide this to us
  • Interests and opinions;
  • Activity with our digital services;
  • Records of your communication and interaction with us;
  • Your support for our work, like signing a petition, hosting an event or participating in an event;
  • Other areas of our work you might be interested in supporting; and
  • Details and history of your communication preferences

Typically, we collect this information from donors directly; however, from time-to-time we also collect information in the following ways:

  • automatically, for example when a donor clicks on a link of an email, visits a website which displays a Vision Australia advertisement, or engages with us online via social media platforms like Facebook;
  • from a Vision Australia supply partner that we engage to assist us in our activities, for example via a telemarketing agency that we engage to make phone calls to donors on our behalf; and
  • from an external source, for example via Australia Post to update existing donors mailing addresses, from public directories, or obtaining details for prospective donors from like-minded organisation’s or third-party suppliers.

As noted above, from time-to-time Vision Australia may obtain details for prospective donors from like-minded organisation’s or third-party suppliers. Prior to acquiring a list of prospective donors’ contact details, Vision Australia enters into an agreement with like-minded organisation’s or third-party suppliers to confirm that:

  • the information on the list was obtained in accordance with the Australian Privacy Principles and/or that the list owner is held responsible if their disclosure of the data to Vision Australia or Vision Australia’s use of the data to contact prospective donors does not comply with the Australian Privacy Principles; and
  • the supplier has provided the donors with the opportunity to have their details removed from the list.

Using and Sharing Donor Information

Vision Australia uses donor information to help meet expectations and deliver relevant information. This includes using information for the following purposes:

  • To process donation payments;
  • To provide refunds;
  • To verify identity;
  • To respond to enquiries;
  • For research purposes to assist us to better understand our donors; and
  • To keep donors up to date with information that may be of interest to them including via direct mail, email, SMS, Facebook, and other social media platforms.

Sometimes we require external suppliers to assist us in our activities, and may provide donor information to them in order to achieve these activities. For example, printing letters to send to donors, processing donation forms, sending electronic communication on our behalf or making phone calls to prospective and current donors.

From time to time, we may also provide donors’ details to like-minded organisation’s that you may be interested in supporting. You can opt-out of this at any time. If you would prefer that we do not consider you for these kinds of communications, please get in touch with Vision Australia by emailing us at [email protected] or by phoning our National Contact Centre on 1300 84 74 66.

We may monitor and record communications with our donors (including email and telephone) for security, dispute resolution and training purposes. We will always let you know when a telephone conversation is being recorded.

Vision Australia may need to store or use your information in a country other than Australia where local services are unavailable or cost prohibitive, for example utilising social media channels to communicate with our donors or when services provided by a third party utilise servers that are hosted overseas.

Securing and Sharing Donor Information

Vision Australia takes the security and confidentiality of donor information very seriously. We have systems and procedures in place to protect information.

Vision Australia will take reasonable steps to protect donor information from misuse, interference and loss, unauthorised access, modification or disclosure. Personal information held by Vision Australia is stored electronically in secure databases. Donor information is maintained in a secure environment, which can be accessed only by authorised personnel. Data transmission over the internet or information stored on servers accessible through the internet cannot be guaranteed to be fully secure. Vision Australia takes reasonable steps to destroy or de-identify your personal information once we no longer need it or have been directly instructed by you to permanently remove or suppress your personal information.

When a donor contacts Vision Australia we will ask them to confirm their identity by confirming the details we have on record, such as current address and phone number.

Physical copies of donor information, such as donation forms, are kept securely and destroyed in accordance with legal requirements if not required. Staff and volunteers with access to donor and donor information are required to sign our policies relating to privacy, and all staff and volunteers are required to have regular police checks.

If third party providers are used in connection with the storage of personal information, it is standard practice to require the provider to agree to comply with this Privacy Policy.

Data Breach Notifications

Vision Australia will notify donors in the event that their personal information is involved in a data breach that is likely to result in serious harm. This notification will include recommendations about the steps a donor should take in response to the breach. Each suspected data breach reported to us will be assessed to determine whether it is likely to result in serious harm, and as a result require notification. We will also notify the Office of the Australian Information Commissioner (OAIC) of any data breach that is notifiable under current legislation or we deem likely to result in serious harm.

Updating Donor Information and other inquiries

Donors have a right access personal information we hold about them, and a right to request that their personal information be corrected.

If a donor has a question, would like to request access to their information, would like to update/correct their information or inform us of their preferences including opting out of receiving future communication they can contact us:

If a prospective donor contacts Vision Australia to find out how we obtained their details, staff and volunteers are obliged to disclose this information. In particular, if Vision Australia obtained the prospective donor’s details from a list provided by a like-minded organization or a third party supplier, Vision Australia will let the prospective donor know the name of the list and the supplier. The list supplier will be contacted by Vision Australia and informed of the inquiry. Should the prospective donor not wish to be contacted, a request for the name to be suppressed from future data supply will be submitted by Vision Australia to the list supplier. Vision Australia will also record the prospective donors’ details in a suppression list provided the person consents, to avoid communicating to them in the future. In addition, Vision Australia will provide the donor with the Australian Direct Marketing Association’s (ADMA) Do Not Call Register - contact phone number, which is 1300 792 958.

Complaints

If a donor would like to make a complaint about how we manage their personal information, would like to know more about this Donor Privacy Policy or the personal information held by Vision Australia, they can contact our Privacy Team by:

Complaints and feedback will be handled respectfully, confidentially, promptly, and with no adverse consequences for the complainant. Vision Australia will ensure all complaints are investigated fully as part of our commitment to accountability, continuous improvement and transparency. Vision Australia will endeavor to respond to all complaints received within 30 days of receipt.

Complaints must be raised with Vision Australia first. However, if the donor is not satisfied with how Vision Australia has responded to the complaint, the donor may take the complaint to the Office of the Australian Information Commissioner (OAIC). The OAIC’s contact details are as follows:

Website: oaic.gov.au

Telephone: 1300 363 992

Post: GPO Box 5218, Sydney NSW 2001

Definitions

Australian Privacy Principles: The principles governing privacy and information management for all entities and organisation’s covered by the Privacy Act 1988. 

Data breach: when information held by an organisation is compromised or lost, or is accessed or disclosed without authorisation.

Donors: All persons who participate in or support Vision Australia’s revenue generation activities.

Identifier: A number or code assigned by Vision Australia to an individual to identify uniquely the individual for the purposes of Vision Australia's operations that is not identifiable with any number or code assigned to that individual by the Commonwealth.

Australian Privacy Principles: The principles governing privacy and information management for all entities and organisation’s covered by the Privacy Act 1988.

Personal information is information or an opinion about you where your identity can be reasonably ascertained.

Personnel: All paid and unpaid persons undertaking work for the Vision Australia, including employees, volunteers, individuals on work experience, student placements, secondments and contractors.

Sensitive information is a subset of personal information that generally has a higher level of privacy protection than other personal information, such as health information.

OAIC: Office of the Australian Information Commissioner. The OAIC is responsible for Privacy, Freedom of Information and information policy.

Vision Australia: Vision Australia Limited (ACN 108 391 83) includes the associated entities of Seeing Eye Dogs Australia Pty Ltd (ACN 004 758 641), 6RPH Pty Ltd ACN 608 797 762, 5RPH Pty Ltd ACN 608 798 661, Quantum Technology Pty Ltd ACN 001 381 728) and Vision Australia Foundation (ACN 007 428 284). Vision Australia Foundation is the trustee company for the Vision Australia Trust.

Cross References

Privacy Act 1988 & Australian Privacy Principles Applicable state and territory health and information privacy legislation.

Authorised by

Ron Hooton, Chief Executive Officer

Document Control

Effective Date: May 2022
Prepared by: Vision Australia Compliance and Fundraising Teams
Approved by: Vision Australia Leadership
Group Document Identifier: Vision Australia Donor Privacy Policy
Next Review: May 2024