FIA PRIVACY POLICY – MARCH 10, 2019

  1. Introduction:
    1. This Privacy Policy explains how Fundraising Institute of Australia (FIA) safeguards the privacy of the Personal Information it collects and manages in the course of its normal business operations.
    1. FIA’s mission is to lead and empower fundraisers, advocating ethical practices and equipping members to achieve fundraising excellence through professional development and credentialing, influencing public policy, engaging with sector leaders, and mentoring. For this reason, FIA holds Personal Information of individuals (APP 1.4 c)
    1. This Privacy Policy gives important privacy rights to any individual whose Personal Information is collected and used by FIA to carry out its business operations. It also explains how FIA uses Personal Information to achieve its objectives in an efficient and privacy-compliant way.
    1. FIA has adopted the Australian Privacy Principles (APP) as contained in the Privacy Act  1998 (Privacy Act) as amended from time to time. References have been made to the APP throughout this policy where relevant. A link has also been provided to a copy of the APP at the end of this document.
    1. The remaining sections of this Privacy Policy detail how FIA collects, uses, discloses and manages personal information in a privacy compliant way (APP 1.3).
    1. FIA may make changes to its Privacy Policy at any time. Any such changes will be published through FIA’s regular channels of communication (APP 1.5).
  2. Collection of Information:
    1. FIA will not gather personal information from individuals who wish to deal with FIA anonymously, unless it is impractical to do (APP 2).
    1. If an individual wishes to subscribe to one of FIA’s services, whether that service is paid-for or free, or wishes to receive communications from FIA, we will collect information which identifies those individuals so that those services can be provided effectively. Individuals may be FIA members or non-members.
    1. FIA will not gather information about individuals unless it has a lawful purpose for doing so, as detailed in section 3 “Use of Information” below (APP 3.2)
    1. FIA will not collect ‘sensitive information’ as defined by Australian privacy legislation, from an individual except with the express consent from the individual and only where it is necessary for FIA to collect such information for an activity or function. (APP 3.3)
    1. FIA collects information only by lawful means.
    1. Personal Information generally collected by FIA comprises the following information relevant to FIA membership, suppliers, sponsorship agreements and industrial relations and legislative compliance purposes:
      1. name of person;
      1. name of organisation (if applicable);
      1. name of business (if applicable);
      1. address for organisation or business;
      1. phone number for organisation or business;
      1. fax number for organisation or business;
      1. home address of person;
      1. home phone number of person;
      1. business and/ or personal email address of person; and/or
      1. amount spent on products purchased from FIA and FIA suppliers. FIA products include (without limitation) professional development events, training programs, membership services and information services
    1. The information in paragraph 2.6 may be gathered directly from individuals via
      1. Communications via phone, email, postal mail or facsimile
      1. Forms (both paper and online electronic forms)
      1. Data collection points on our social media accounts
      1. Interaction with our websites
      1. Face-to-face meetings
      1. Data collection activities during FIA events
  • FIA may also gather Personal Information about individuals indirectly via:
    • Information published in the public domain (such as contact details found on a website)
    • Lists supplied by a reputable list-broker for marketing purposes
    • Other lists provided by FIA partners
  • In situations where FIA gathers Personal Information indirectly as listed in 2.8, FIA will ensure that there are no restrictions placed on data-gathering from a public domain source. Or, when that data is supplied by a third party, such as a list broker or FIA partner, FIA will ensure that the individuals have consented for their information to be passed on to FIA for FIA’s intended purpose.
    • FIA will notify individuals of the matters listed below in accordance with the Australian Privacy Principles. This notification will take place at the point of collection or as soon as practicable afterwards (APP 5.1):
      • The main reason we are collecting this information (this reason will be the primary purpose)
      • Other related Uses or Disclosures that we may make of the Personal Information (Secondary purposes)
      • Our Identity and how individuals can contact us, if this is not obvious
      • That individuals can access the Personal Information that FIA holds about them
      • That individuals should contact FIA if they wish to access or correct Personal Information collected by us or have any concerns in relation to Personal Information.
      • The organisations or types of organisations to whom we may Disclose the Personal Information
      • Where applicable, any law which requires the Personal Information to be collected
      • The consequences (if any) for the individual if all or part of the Personal Information is not provided to FIA
    • When it is reasonable and practical to do so, FIA will collect Personal Information about a person only from that person (APP 3.6).
    • If it is necessary for FIA to obtain Personal Information about an individual from another person, FIA will take reasonable steps to ensure that the individual about whom information is being obtained is made aware of the information being obtained (APP 1.4).
    • FIA uses Cookie-tracking on its websites for two distinct purposes:
      • “First-party” cookies are cookies (tracking code) which are dropped onto a website user’s device (e.g. computer or mobile) to provide FIA with information for analysis on the number of visitors and traffic patterns on FIA’s website. This data is anonymous and does not allow FIA to identify users.
      • “Third-party” cookies are cookies from advertising networks such as Google and Facebook, dropped onto a website user’s device to allow FIA to target advertising to those users across those advertising networks. Again, this data is anonymous. Those users are not identifiable, although the advertising networks can recognise the device as the same device used to visit the FIA website.
      • Most web browsers are set to accept cookies. If a person does not wish to receive any cookies, the person may set their browser to refuse them. In some instances this may mean that the person will not be able to take full advantage of FIA web services.
  • Use of personal information:
    • FIA collects certain Personal Information where the information is necessary for FIA to perform one or more of its functions or activities. FIA will not use an individual’s personal information for a purpose which is not:
      • Related to its offering of products and services or
      • For a purpose for which the person could reasonably expect FIA to use the information (APP 3.2).
    • FIA will not use Personal Information that was provided for a particular purpose for other purposes unless:
      • the person has consented to the use of the information for that other purpose; or
      • the purpose for which the information is used is directly related to the purpose for which the personal information was obtained (APP 6.1).
    • FIA collects Personal Information provided by FIA suppliers for the purposes of auditing and checking that discounts and rebates being granted by FIA suppliers to individuals are correct and for general marketing purposes (APP 6).
    • A person can opt-out of one or all of FIA’s services by contacting FIA by email, postal mail, phone or fax. A separate note in reference to opting out of communications is documented under section 5 “Direct Marketing” below.
    • FIA may use Personal Information to avoid an imminent threat to a person’s life or to public safety. It may also use Personal Information for reasons related to law enforcement, or investigations into unlawful activities.
    • FIA will not use Personal Information without taking reasonable steps to ensure that the information is accurate, complete and up-to-date.
  • Disclosure of personal information:
    • FIA may Disclose Personal Information to unrelated third parties to enable out-sourcing of functions where that Disclosure or Use is for a related Secondary Purpose and has been notified to individuals or where such Disclosure is within the individual’s reasonable expectations.
    • FIA will take reasonable steps to ensure that its contracts with third parties include requirements for third parties to comply with the Use and Disclosure requirements of the Privacy Act.
    • If FIA should need to Disclose Personal Information to another entity for a purpose which is not directly related to the primary purpose for data collection, or for a purpose which the individual would not reasonably expect their data to be used, FIA will obtain consent from an individual for their data to be Disclosed for this purpose
    • . FIA will not sell any individual’s Personal Information to any person or entity outside of FIA for marketing purposes (APP 7.1).
    • FIA may release Personal Information to a third party if it is required or authorised to do so under an Australian law or a court/tribunal order (APP 6.2b), or if Disclosure is reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body (6.2e).
    • If FIA makes a Disclosure of Personal Information under paragraph 4.5, FIA will make a written note in the person’s record (APP 6.5).
    • FIA does not generally Disclose Personal Information to an overseas recipient.
    • If Personal Information must be sent by FIA overseas for sound business reasons, FIA will require the overseas recipient  to provide a binding undertaking that it will handle that information in accordance with the Australian Privacy Principles, preferably as part of the services contract.
  • Direct Marketing:
    • FIA uses Personal Information it collects to enable FIA to make regular contact with persons to inform them of current, new or revised product offerings and pricing (APP 6).
    • FIA may use postal mail, phone, email, SMS or fax for its direct marketing communications, and will comply with the specific regulations which exist for each channel, in particular:
  • The Spam Act 2003 which restricts the use of commercial electronic messaging, i.e. email, SMS (and instant messaging e.g. Skype). FIA will only use these channels for marketing communications if they have the consent of the individuals to do so.
  • The Do-Not-Call Register Act 2006 which restricts the use of the phone (fixed or mobile) for marketing purposes to individuals for whom FIA does not have the necessary consent and whose numbers are registered on the Do-Not-Call register.
    • As required by law FIA will make it possible for all individuals to opt-out of receiving direct marketing communications (APP 7.6).
    • If an individual opts-out of further direct marketing communications from FIA, this will be recorded in FIA’s database and the individual will no longer receive direct marketing from FIA until such time as the individual changes their preferences in this regard. Further marketing communications will be suppressed by FIA as soon as reasonably practicable, or within 5 working days for email (as required by the Spam Act).
  • Integrity and security of data:
    • FIA takes reasonable steps to ensure that the Personal Information it collects about individuals is accurate at the point of collection, and that its processes for processing and recording this information are to a high standard and rigorous (APP 10.1).
    • FIA takes reasonable steps to maintain the Personal Information it holds about individuals to ensure that it remains as accurate and up-to-date as possible (APP 10.2).
    • FIA holds all Personal Information in secure databases, soft-copy lists and in web hosted environments that are fire-walled. FIA creates hard copies from time to time for the purpose of sales and marketing (APP 11). The purpose of these security measures is to protect all Personal Information from misuse, loss, unauthorised access, modification and/or disclosure (APP 11.1).
    • FIA will retain Personal Information for an appropriate period as determined by FIA and/or as required by law and when no longer needed, it will be de-identified or destroyed by a secure means (APP 11.1 and 11.2).
    • FIA requires employees and contractors to perform their duties in a manner that is consistent with FIA’s legal responsibilities in relation to privacy.
    • FIA will take all reasonable steps to ensure that paper and electronic records containing Personal Information are stored in facilities that are only accessible by people within FIA who have a genuine “need to know” as well as “right to know”
    • FIA will review on a regular and on-going basis, its information security practices to ascertain how ongoing responsibilities can be achieved and maintained.
    • FIA has a Data Breach Response plan in place in accordance with the Notifiable Data Breaches Bill 2016. Its purpose is to allow FIA to react appropriately and swiftly to the loss or unauthorised access of Personal Information held by FIA, if that loss may cause serious harm to the individuals concerned. If such a breach occurs FIA will assess the risk to individuals, take steps to rectify the situation as far as possible and notify the individuals affected and the government regulator of the breach.
  • Access and Correction:
    • FIA members have access to their own contact details through a secure member’s login and may update these details at any time.
    • FIA will allow its records containing Personal Information to be accessed by the individual concerned in accordance with the Privacy Act (APP 12.1). FIA will not charge a person for obtaining the information in an electronic format. If a hard copy of information held is requested FIA may charge the person a reasonable fee to cover expenses occurred (APP 12.8)
    • FIA will accept verbal requests for information only from the person who the information concerns. The person making a verbal request must tell FIA:
  • the name of the person making the request, and
  • the organisation of the person making the request.

If the membership number cannot be provided, FIA will require the following information:

  • the name of the person making the request;
  • the organisation of the person making the request;
  • contact address for the person making the request; and
  • contact phone for the person making the request.
    • FIA will deal with written requests for information both from the person who the information concerns or another person, provided that the person making the request provides the same information specified in point 7.3 above.
    • If the person making the request is not the person whose information is to be accessed, the person making the request must also provide all of the following:
  • The name of the person whose  information is to be accessed
  • The organisation of the person whose information is to be accessed
  • A contact address for the person whose information is to be accessed; and
  • The contact phone number for the person whose information is to be accessed.
  • A valid reason for making the request.

FIA is the sole decision maker as to whether the reason is valid.

  • FIA will correct its records containing Personal Information as soon as practically possible, at the request of the individual concerned in accordance with the Privacy Act.
    • FIA will endeavour to manage any privacy-related queries efficiently and in a timely manner.
  • Contact information:

Any questions or concerns relation to FIA’s Privacy Policy should be addressed to:

  • In writing:  

FIA’s Privacy Policy

Fundraising Institute Australia

PO Box 642, Chatswood NSW 2057

  • In person:

Fundraising Institute Australia,

Suite 202, Level 2, 12 Help Street,

CHATSWOOD NSW 2067

  • By phone:

+61 (0)2 9411 6644

  • By email:

members@fia.org.au         

AUSTRALIAN PRIVACY PRINCIPLES (APPs) can be accessed on:

http://www.oaic.gov.au/privacy/privacy-resources/privacy-fact-sheets/other/privacy-fact-sheet-17-australian-privacy-principles