Types of personal information we collect We may collect the following types of personal information:
How we collect personal information
We collect personal information either directly from you, or from publicly available sources or from a third party (for example a contractor or service provider). Where personal information is not collected directly from you, the GBRF will take reasonable steps to notify you of the collection or otherwise make you aware of it. If you choose not to provide certain personal information to us, we may not be able to provide you with the services or information you require or communicate with you.
We may collect your personal information when you:
Why we collect, use and disclose personal information
We may collect, hold, use and disclose your personal information for the following purposes:
Collecting sensitive information
Some personal information that we collect about you may also be considered sensitive information. Sensitive information includes personal information about a person’s racial or ethnic origin, political opinion, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual orientation or practices and criminal record. Sensitive information also includes genetic information, health information, biometric information that it is used for identification or biometric templates. The GBRF will not collect your sensitive information unless:
Using your personal information for direct marketing
[We and / or our carefully selected business partners may send you direct marketing communications and information about our services. This may take the form of emails, SMS, mail or other forms of communication, in accordance with the Spam Act and the Privacy Act. You may opt-out of receiving marketing materials from us by contacting us using the details set out below or by using the opt-out facilities provided (e.g.an unsubscribe link).]
If there is a need to disclose personal information for any other purpose not detailed in this policy, GBRF will only do so with your consent. GBRF does not sell personal information to third parties, and except as provided for in this policy does not make personal information available to third parties.
Disclosure of personal information outside of Australia
We may disclose your personal information outside of Australia to software vendors and other service providers (for example cloud storage service providers) that are located in Asia Pacific and America. We will, however, take reasonable steps to ensure that any overseas recipient will deal with your personal information in a way that is consistent with the APPs.
We may hold your personal information in either electronic or hard copy form. We take all reasonable steps to protect any personal information we hold from misuse, interference and loss, and from unauthorised access, modification or disclosure. We use a variety of physical and electronic security measures, including restricting physical access to our offices, and firewalls and anti-virus software to seek to protect your personal information. However, as our website and mobile application/s are linked to the internet, and the internet is vulnerable to penetration by nefarious actions, we cannot guarantee the security of the personal information you provide to us online.
We may collect personal information about you when you use and access our website or mobile application.
When you visit the GBRF website or access the mobile application/s, or download information from it, we may keep a record of your visit including your internet address, your domain name (if applicable), and the date and time of your visit to our website. Our ISP also collects information such as the pages our users access, the documents they download, links from other sites they follow to reach our site, and the type of browser they use. This information is anonymised and is used for statistical and website development purposes only.
We may also use ‘cookies’ or other similar tracking technologies on our website, mobile application/s or digital channels that help us track your usage and remember your preferences. Cookies are small files that store information on your computer, TV, mobile phone or other device. They enable the entity that put the cookie on your device to recognise you across different websites, services, devices and/or browsing sessions. You can disable cookies through your internet browser, but our website or mobile application/s may not work as intended for you if you do so.
You have a right to access and seek correction of personal information we hold about you at any time by contacting us in writing (using the contact details below). There are some circumstances where we are permitted to deny access to personal information such as (but not limited to) where the access would have an unreasonable impact on the privacy of others or where granting access is unlawful or denying access is required or authorised by law. If we deny you access, we will provide you with our reasons for refusal. The GBRF is allowed to impose reasonable charges for providing access.If you think any information we hold about you is incomplete, inaccurate or out of date, or if you have any concerns about the handling of your personal information, please contact our Privacy Compliance Officer as per the details below and we will take reasonable steps to correct that information.
If you wish to make a complaint about the manner in which we have collected, handled, used or disclosed your personal information (including if you think we have breached the Privacy Act and the Australian Privacy Principles), please contact our Privacy Compliance Officer in writing as follows:
Privacy Compliance Officer
Great Barrier Reef Foundation
GPO Box 1362
Brisbane QLD 4001
Please include your name, email address and / or telephone number and clearly describe your complaint. We will investigate the complaint and respond to you promptly. If you are not satisfied with our response, you may complain to the Office of the Australian Information Commissioner.
Approved by Managing Director, Anna Marsden.
Endorsed by Audit, Risk and Finance Committee.
Endorsed by Board.