This policy sets out how Mwembe (we) will handle (collect, use, store and disclose) personal information (in accordance with the National Privacy Principles under the Australian Privacy Act 1988 (Privacy law) in the light of who we are and who we aspire to be as an organisation.
Collecting your personal information
We collect personal information about supporters, donors, volunteers, contractors and visitors to office and partner charities, and others. We collect this information when it is necessary for our business purposes.
Most often, we collect personal information about our supporters. Typically, we would ask for your: name, address, telephone number(s), email address(es), payment card information and date of birth.
On occasion, we might also collect images of you or stories about you, for example, if you have visited our charity partners or attended one of our events.
We collect most personal information directly from you, for example:
in forms filled out either online or in hard copy
face to face
via online surveys
via social media messages or conversations
during telephone conversations
Where we collect your personal information from someone else, we will take reasonable steps to let you know how we obtained this information.
If you choose not to provide us with certain personal information, we may not be able to meet your expectations. For example, we can’t issue a receipt or send you information about your sponsored child if we don’t have your name and address.
We will only collect and store your payment card information in compliance with the Payment Card Industry Data Security Standard.
Using your personal information
We might use your information for the following purposes:
for the immediate reason for which you have given it: for example, to enable us to process your request (eg. gift, payment, registration, subscription, change of details) including issuing you with a receipt
to maintain contact with you about our work: report back to you about our work in the field, encourage you to learn about and act on poverty and justice issues, or let you know about other opportunities to give financially or what our partner organisations are doing (unless you have specifically asked us not to)
any other purpose related to our work
Where we tell you about opportunities with partner organisations, we do not disclose your personal information to them. If you respond to that organisation directly and give them your details, they may contact you.
You can elect not to receive further information from us by contacting us. Please allow 28 days for your request to be processed.
If we have contacted you by email, you can use the unsubscribe function in that email to notify us that you do not want to receive further information in that way.
If we use personal information in ways other than as stated in this policy, we will ensure we comply with the requirements of Privacy Law.
Disclosing your personal information
We don’t disclose your personal information to other organisations except for our core business purposes; importantly, we don’t rent, sell or exchange our supporter information.
You can expect that information about you might be given to:
• providers of services to us, for example: banking, payment card data processing, mail delivery and sorting (including electronic), telecommunications, information technology, information storage, market analysis or research, website usage analysis, legal, audit or accounting
• our charity partners where you may have donated, sponsored, visited or other.
We take reasonable steps to make sure that our agreements with service providers include appropriate privacy and confidentiality obligations.
Securing your information
We will take all reasonable steps to keep information we hold about you secure (whether electronic or in hard copy) and to keep this information accurate and up to date. This includes complying with the Payment Card Industry Data Security Standard, which covers security of payment card information. Our employees and service providers are also required to keep personal and payment card information confidential and secure.
It is our policy to:
permanently de-identify personal information where reasonable and possible
destroy personal information once there is no longer a legal or business need
for us to retain it.
Accessing your information
You can access your information by asking us. Occasionally we may need to say no, for example, where granting you access would infringe someone else’s privacy.
When you request access, we will ask you to provide some form of identification (such as a driver’s licence or passport) so we can make sure that you are the person to whom the information relates.
If at any time you want to know what personal information we hold about you, please contact us.
Correcting your information or raising concerns
If you believe that information we hold about you is incorrect or out of date, or if you have concerns about how we are handling your personal information, please contact us and we will try to resolve those concerns.
If you wish to have your personal information deleted, please contact us and we will take reasonable steps to delete it unless we need to keep it for legal, auditing or internal risk management reasons).
We may make changes to this policy from time to time without notice. Any changes will be reflected on this page.
This policy was last updated on 19 November 2021.