Individuals in Europe
In addition to the Privacy Act, for individuals located in the European Union (EU) (including the European Economic Area (EEA)), the collection and processing of your personal information by the Adara Group, will be subject to the General Data Protection Regulation (2016/679) (GDPR) from 25 May 2018. The GDPR has harmonised the data privacy laws of each individual EU country, giving more rights to individuals located in the EU, imposing more obligations to organisations collecting and processing their personal information.
What we collect
We generally collect and hold only the personal information necessary for the Adara Group to pursue its business activities and charitable work and to fulfil associated administrative and other functions. Personal information is information or an opinion about a person that identifies an individual or from which the individual’s identity can reasonably be ascertained.
Most of the Adara Group’s website can be viewed without providing any personal information that could be used to identify you. However, if you wish to donate to Adara Development or submit an enquiry via our online contact form, we may ask you to provide personal information such as your name, email, postal address and/or phone number. Some of the individuals who donate to Adara Development are located in the EU. Please note that we only collect identifiable personal information from donors when it is voluntarily submitted. Where it is lawful and practicable, we will also allow individuals to deal with us on an anonymous basis or by using a pseudonym. For example, we can accept gifts and other forms of support anonymously. However, in some jurisdictions (e.g. the USA) provisions contained in taxation legislation require the Adara Group to collect the name of the donor if the donor requires a tax deductible receipt.
How we store personal information
We regard the security of your personal information as a priority and implement a number of physical and electronic measures to protect it. We remind you, however, that the internet is not a secure environment and although all care is taken, we cannot guarantee the security of information you provide to us via electronic means.
We may store your personal information in paper-based form or electronically in our systems or in a database maintained by a cloud hosting service provider or other third party database storage or server provider. Backups of electronic information are written to drives which are stored offsite. Hard copy information is generally stored in our offices, which are secured to prevent unauthorised entry.
We aim to keep your personal information for only as long as we need it, or until you advise you would like it removed, unless we de-identify it or destroy it earlier in accordance with the APPs.
We may also transfer personal information to our overseas operations. Those recipients are generally located in Nepal, Uganda, the United States and Bermuda. Any such transfer, however, does not change any of our commitments to protect your personal information under this policy.
How we use your personal information
Where we use your personal information to keep you informed about the activities of the Adara Group, about the projects and research funded by the Adara Group, and to ask for your support, by post, email or telephone, we will provide you with an opportunity to opt-out of receiving such information. By electing not to opt-out, we will assume we have your implied consent to receive similar information and communications in the future. We will always ensure that our opt-out notices are clear, conspicuous and easy to take up.
If you do not wish to receive these types of communications from us, please contact us at the Adara Group, PO Box 887, Rozelle, NSW, 2039, Tel: + 61 2 9395 2800 or email: firstname.lastname@example.org.
Any third party service providers to whom we disclose or permit access to your personal information in the course of providing services on our behalf will be subject to strict contractual restrictions to ensure that they protect personal information and keep it confidential, consistent with relevant privacy and data protection laws.
Access and complaints
In most circumstances, you can access any personal information which we collect and hold about you and have it corrected if it is wrong. Please contact our Communications Officer to ask for access to your personal information. We may deny your request for access to personal information in some circumstances or we may decline to correct personal information we hold. If we do this, we will tell you why.
If you would like to make a complaint relating to the manner in which we handle your personal information, please contact our Chief Operating Officer, on + 61 2 9395 2800 or email email@example.com. We will respond to complaints and queries within a reasonable period from their receipt. If you are dissatisfied with our response, you may refer the matter to the Office of the Australian Information Commissioner (see www.oaic.gov.au).
Individuals in the EU
You also have in certain circumstances: the right to request that the personal information that is collected from you is erased; the right to restrict further processing of your personal information; the right to object to further processing of your personal information; and the right to data portability. You can also ask that personal information provided by you to us is transmitted to another party. You may also withdraw your consent where it has been provided as a condition of our processing your personal information or object to the further processing of your personal information in certain circumstances.
If we refuse any request you make in relation to these rights, we will write to you to explain why and how you can make a complaint about our decision. To make a request in respect of these rights please contact our Communications Officer at firstname.lastname@example.org. To make a complaint please contact the Adara Group at email@example.com.
You also have the right to lodge a complaint with a relevant data protection supervisory authority (for example in the place you reside or where you believe we breached your rights). The UK data protection authority is the Information Commissioner’s Officer (ico.org.uk). For other European jurisdictions please refer to the European Commission (http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm).
For the purposes of the GDPR, Adara Group is a data controller for our website and services provided through our website.
We can be contacted at:
Adara Group, PO Box 887, Rozelle NSW 2039 Australia.
If you would like more information about our approach to privacy please email us at firstname.lastname@example.org or call + 61 2 9395 2800.