It explains how we manage personal information; comply with our obligations under the Australian Privacy Act 1988 (Privacy Act) and deal with inquiries and complaints about our compliance with these obligations. This policy does not deal with our collection or use of personal information which is not covered by the Privacy Act.
Terms which are defined in the Privacy Act have the same meaning in this policy. We, us or our is a reference to Marts & Lundy Pty Ltd (ACN 075 918 802).
PERSONAL INFORMATION WE COLLECT
We collect personal information from clients, employees, contractors and other individuals for our business purposes. We may collect and use the following personal information:
- Details of a person’s IP address, browser type and operating system; and
- A person’s name, gender, contact details including address and email address, age, date of birth, occupation, qualifications, position within organisations he or she is part of, previous institutions and charitable activities he or she has been involved in, wealth capacity ratings, identification document information (for example passport and driver’s licence) and other personal information.
When we collect personal information we will, where appropriate and where possible, explain to the person to whom the personal information relates why we are collecting the information and how we plan to use it.
HOW WE COLLECT PERSONAL INFORMATION
We collect personal information directly from individuals and our clients when we deal with them.
This may be provided in forms they complete, in meetings, correspondence and telephone conversations and by third parties. Information is provided by persons who deal with us when they enquire about our services as a potential client or deal with us in relation to work we carry out for them as a client. Our client may hold personal information about a person from its interactions with the person and may share it with us when we administer surveys or perform analysis as part of our services.
We also collect personal information, including e-mail addresses, names and IP addresses that persons provide when they:
- visit or register with our website;
- subscribe to our website services; and
- use social media.
HOW WE HOLD PERSONAL INFORMATION
We will store all the personal information on our secure servers or in hard copy.
We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of personal information. These include for example, security passes to enter our offices and storing files in lockable cabinets, restriction of access, firewalls, the use of encryption, passwords and digital certificates.
We will not disclose personal information unless we need to as part of providing our services to a client or we are required by law, and then only upon verification of lawful authority.
When personal information is no longer needed for the purpose for which it was obtained, we will take reasonable steps to destroy or permanently de-identify it. However, most of the personal information is or will be stored in client files which will be kept by us for a minimum of 7 years.
THE PURPOSES FOR WHICH WE COLLECT, HOLD, USE AND DISCLOSE PERSONAL INFORMATION
We usually do not disclose personal information to others except as outlined in this policy. We may use personal information to:
- help us to perform our contractual duties to the individual or our client;
- respond to an individual’s request;
- keep in contact with our clients;
- verify a person’s identity;
- market our services to our clients and others;
- administer and improve our website;
- enable access to and use of our website;
- publish information about persons on our website;
- send statements and invoices and collect payments due to us;
- administer surveys, conduct research and analysis on our client data-sets and conduct research on potential donors to our clients, including by application of economic and social factors; and
- recruit new employees.
We may disclose personal information about a person if the person consents, if the law allows, to courts or tribunals, lawyers or consultants in connection with a dispute or legal proceedings, our auditors, and to others who provide services to us.
In the course of conducting our analysis on client data-sets and to inform clients’ fundraising strategy, we may profile individuals according to geographical location, age, previous charitable behaviour or predictive likelihood of donating to a cause. We approach this carefully and ethically and consider this to be in our legitimate interests, or those of our clients, balanced against the rights and freedoms of the individual. We may also share de-identified information for research or promotional purposes.
HOW AN INDIVIDUAL MAY ACCESS OR SEEK THE CORRECTION OF PERSONAL INFORMATION ABOUT THE INDIVIDUAL WE HOLD
A person may access his or her personal information or seek its correction by writing to us by email to Privacy@martsandlundy.com and providing us with verification of his or her identity. In the case of a person seeking correction he or she must also provide to us details of the incorrect personal information and the correct personal information.
We will assess the request and deal with it within 28 days. If the information is incorrect we will correct it.
If we do not give access to, or correct, personal information, we must promptly notify the individual in writing setting out our reasons.
Individuals may elect not to receive marketing information from us by writing to by email to Privacy@martsandlundy.com. We will process each request within 14 days. If we contact a person by email, the person may use an unsubscribe function in the email to notify us that he or she does not want to receive further marketing information from us by email.
HOW AN INDIVIDUAL MAY COMPLAIN ABOUT OUR BREACH OF THE PRIVACY ACT
A person may complain about our breach of the Privacy Act by writing to us by email to Privacy@martsandlundy.com and providing to us details of our breach.
HOW WE WILL DEAL WITH A COMPLAINT
We will determine what action we should take to handle a complaint. If we determine the complaint needs further investigation we will assess it and attempt to satisfactorily resolve it within 28 days. We will seriously deal with any proper concern. If a complaint is not remedied within this time the person may complain to the Australian Information Commissioner (www.oaic.gov.au).
CROSS-BORDER DATA TRANSFERS
Information we collect may be stored and processed in and transferred between any of the countries in which we or Marts & Lundy Inc or its subsidiaries operate. This could include Canada, the United States of America and the United Kingdom
In addition, personal information that an individual submits for publication on our website may be published on the internet and may be available around the world.
We will make this policy freely available and publish it on our website. We will provide it in the form requested by a person.