The National Parks Conservation Trust (NPCT) is a registered charity with the Register of Environmental Organisations (REO), the Australian Charities and Not-for-profit Commission (ACNC) and the Australian Tax Office (ATO). Donations over $2 are tax deductible and donors are issued with a receipt.
The Trust is bound by the Privacy Act 1988 (Cth) [the Act], the Australian Privacy Principles [APP] in the Act, and the Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Cth). The Principles regulate how we collect, use, disclose and store personal information, including sensitive information, and how individuals may access and correct records containing their personal information.
Categories and Definitions
To gain a greater understanding of how personal information is handled at the NPCT and how it relates to you, please refer below for a description of the categories of individuals referred to throughout this Policy and descriptions:
- “Committee” means the Management Committee of the National Parks Conservation Trust as defined in the National Parks Conservation Trust Deed of Trust.
- “Donor” is a person or organisation who has made, or pledged to make, a donation of funds or property to the NPCT, NPCT campaigns or projects. Donations must comply with regulations under the Income Tax Assessment Act 1936.
- “DNP” being the Director of National Parks ABN 13 051 694 963, a corporation sole continuing in existence under section 514A of the EPBC Act.
- “EPBC Act” being the Environment Protection and Biodiversity Conservation Act 1999.
- “NPCT” being the National Parks Conservation Trust ABN 56 192 820 884.
- “Parks or Gardens visitor” is a person who visits, or intends to visit, one of Parks Australia’s parks or gardens.
- “Partner” is any donor, organisation or commercial enterprise supporting the NPCT or NPCT projects through donations, gifts or commercial contributions.
- “Trust” being the National Parks Conservation Trust.
- “Trustees” being the members of the Committee of Management of the National Parks Conservation Trust.
- “Trust Representatives” being the DNP personnel members appointed to administer the Trust and raise funds for Trust projects.
- “Website visitor” is a person who visits the NPCT website.
The information we collect
In the course of our functions and activities, the Trust collects personal information from partners, parks and gardens visitors, website visitors and other people requesting information or interacting with the Trust.
Any information we collect will only be used by the NPCT to provide its services and programs, or to enable the NPCT to carry out its business functions.
We will not share your details with a third party unless required by law or with your explicit permission.
The information we collect generally includes;
- Your title, name, birthdate, email address, postal address and other contact details.
- Information relevant to your relationship with us may also be collected, such as transaction details, project preferences, events and communications including but not limited to emails, letters and records of phone conversations between Trust Representatives, Trustees and you.
- Records of donations or commercial transactions made with the Trust.
- From time to time we may seek and record your opinions on our projects and your interests through customer feedback surveys and other interactions.
We also collect banking or credit card details if you make payments of any kind.
The NPCT does not ordinarily collect sensitive information, which includes information about a person’s racial or ethnic origin, political or religious beliefs, sexual orientation, professional memberships or health information.
The NPCT may collect sensitive information when it is required to, including with respect to the legal requirement that donors do not receive a tax deductible receipt if they donate in preference to projects for which their relatives or associates (ie family members) will receive a material benefit in the form of grant money. The NPCT will only use this information for the purpose for which it is collected, and collects and holds such information in accordance with the Australian Privacy Principles. In the event that sensitive information is collected this will only be undertaken with consent from you.
How personal information is collected and stored
We collect personal information directly from you, or from a person acting on your behalf. This may be through donation activity, bequest notification, commercial partnership activity, acquittals, grant agreements, legal agreements, over the telephone, the internet or in person. We may also need to collect personal information from publicly available sources of information.
So that we can better tailor information and services to your individual needs, when we send email messages we may use technology to identify when an email is opened or links used within an email.
We hold the information we collect on information technology systems and platforms managed and maintained by either NPCT or our cloud storage service provider. Where a cloud storage service provider is used, the service is compliant with the privacy and security standards required by us in protecting personal information.
How we use personal information
The NPCT uses the information we collect to distribute information about our projects and campaigns, including project outcomes, special events and to manage any support which you are giving to the Trust and its activities.
In addition, unless you ask us not to, we may use this information to:
- Update you about the NPCT generally and bring you relevant environmental or conservation news
- Inform you about upcoming projects
- Request support for the NPCT, it’s projects or campaigns
We include opt-out options on all electronic communications. You can also contact us directly on email@example.com and advise that you wish to receive no further contact.
How we store data and information
We make every reasonable endeavour to protect your personal information from misuse, unauthorised access or disclosure. We employ appropriate technical, physical and administrative processes to aid these endeavours.
Hard copy documents are protected from unauthorised access or use through a number of appropriate security measures we have in place at our physical premises.
The NPCT and the cloud service providers we engage maintain up to date network security systems with appropriate firewalls, access controls to computer files, and protection of electronic personal information.
If we no longer need your personal information, unless we are required under Australian law or a court or tribunal order to retain it, we will take reasonable steps to destroy or de-identify your personal information.
The NPCT website
The NPCT operates one website: parkstrust.org.au
The NPCT’s internet server may send cookies to automatically record details about any computer used to access NPCT’s web site including:
- users’ server or proxy address
- date/time/length of the visit
- files requested
- users’ cookies
- users’ searches
The information is used to analyse our server traffic, for statistical purposes, and to improve the functionality of our web site. We do not identify you from your cookie data or link your cookie data to other information that we may have about you.
Although the NPCT’s web site may link directly to web sites operated by others, users of our web site acknowledge that such linked sites are not operated by NPCT and we are therefore not responsible for their content nor their privacy policies regarding the collection and use of personal information.
Disclosure to government agencies, and related third party contractors and service providers
We may rely on third party contractors to provide services or perform functions on our behalf. Generally, these are entities that assist us to deliver programs and services or are entities that benefit from our programs and services.
This may involve a disclosure of personal information by us to that third party. They may include:
- organisations that provide communication services on our behalf;
- legal advisors;
- information technology service providers;
- accountants, auditors, and lawyers; and
- cloud service providers
We only disclose information to third parties for the primary purpose for which the information has been collected, or with your consent. We may also disclose information if we are required to by law.
Under Funding Agreements with Trusts, Foundations or government agencies, we may be required to disclose personal information to the agency or related third parties.
We take all reasonable steps to ensure that these third parties are bound by privacy obligations in relation to the protection of your information.
Disclosure of information to overseas recipients
Keeping personal information accurate and updated, accessing and correcting personal information
The NPCT takes all reasonable precautions to safeguard your personal information from loss, misuse, unauthorised access, interference, modification or disclosure. If you request access to personal information we hold about you, we will respond to your request within a reasonable time period.
Please note that under some circumstances under the Privacy Act (1988) or other relevant legislation, we may not be able to provide you with the access you have requested.
You may also ask us to correct personal information about you that you believe is inaccurate, incomplete or out of date. If you wish to do this, please contact us:
GPO Box 1777
Canberra ACT 2601
Please include details of how we can contact you as we will need to verify your identity, and in case we need to discuss your request. We will respond to requests for access and changes to personal information as quickly as possible.
Questions or complaints
GPO Box 1777
Canberra ACT 2601
If you wish to make a complaint about the way we have handled your personal information, you may do so by contacting us using the details set out above.
If you make a complaint, please include contact details such as your name, address, telephone number and email address, and clearly describe your complaint.
Variations and updates
The NPCT may vary this policy from time to time in accordance with privacy legislation. Notifications of such variations will be made by the posting of an updated version of this policy on our website. Users will be deemed to have consented to variations by continued use of our web sites after such variations have been made.
This policy was implemented on 12 September 2019 and will be reviewed annually or as required.