The Australian Privacy Principles (the APPs) and the Privacy Act 1988 (Cth) (the Privacy Act) contain requirements that apply to Australian Government agencies (including Commonwealth companies) in relation to handling personal information.
The purposes for which the ASF collects, holds, uses and discloses personal information
The ASF is a deductible gift recipient (DGR) created to support the development of sport in Australia. Established by the Australian Government, the ASF delivers key sport granting programs in line with the Australian Government’s sport policy objectives, providing opportunities for sport and community organisations, government and educational bodies to fundraise for defined sports projects in a tax effective manner. Funds raised by eligible organisations in partnership with the ASF complement other funding sources within the Australian sports sector. Eligible organisations include all non-profit organisations in Australia that raise funds in partnership with the ASF, such as national and state sporting organisations and local sports clubs.
The ASF’s activities and services, and the purposes for which it collects personal information, include:
- Enabling and managing philanthropic support for Australian sport through the receipt and processing of tax deductible donations from individuals and distributions from ancillary funds. The ASF collects personal information from individuals and ancillary funds to:
- enable donations from individuals and distributions from ancillary funds to be processed, receipted and acknowledged
- facilitate ongoing communication with donors and ancillary funds on service level matters or provide them with information on new sporting projects they may wish to support, including via mailing lists. If you do not wish to receive further contact from the ASF, use the unsubscribe feature on electronic marketing communications, or notify the ASF by email using the details set out below
- Delivering grant programs to enable the achievement of defined Australian sport objectives. The ASF collects personal information from project partners and potential project partners in order to:
- maintain effective communication during the life of each of the projects
- provide the ASF with information regarding the beneficiaries of its grants
- enable the correct acquittal of grant funds
- General business purposes. The ASF collects personal information in order to:
- operate and administer our business
- communicate with individuals, project partners, ancillary funds, service providers and others
- assist with individuals’ queries and queries from financial institutions relating to individual transactions. If you send us an email we will record your contact details (in accordance with government record keeping standards) and will only use your personal information for the purpose for which you have provided it
- determine whether to engage potential employees and contractors
- complete audit processes and comply with taxation law, the Corporations Act 2001 (Cth), the Public Governance, Performance and Accountability Act 2013 (Cth) and other laws and regulations.
How the ASF uses personal information
The ASF generally uses personal information for the purposes of collection listed above, to provide our services and operate our business (as described above), or otherwise as required or authorised by law.
The kinds of personal information that the ASF collects and holds
In undertaking its activities the ASF collects personal information. Personal information may be provided in hard copy form or electronically. It may also be provided verbally or over the phone.The personal information that the ASF holds will depend on the nature of the activity or service. It may include (but is not limited to) a person’s name, contact details, date of birth, occupation, family background, financial records and details, employment and travel information.
The ASF will only collect personal information to the extent that it is relevant for the relationship it has with each person.
The ASF also collects and holds sensitive information, for example about a nominated project contact, donor or a beneficiary of an ASF grant. This may include information about health, disability and racial or ethnic origin.
The Privacy Act places restrictions on collecting sensitive information about individuals. Generally, the ASF will not collect this sort of information. However, it may collect sensitive information when it is required to:
- provide specific services (for example in approving, recording and managing sport projects)
- process, record and receipt donations
- assess the acquittal of grants made by the ASF
- maintain the ASF/project partner relationship
- meet legal obligations as a DGR, as a Commonwealth company and under the Corporations Act 2001 (Cth)
If the ASF conducts online collaboration, social media or market research, it may also ask for public opinions about its services or staff. The ASF will treat these opinions as personal information in accordance with the APPs if they contain personally identifiable information.
How the ASF collects and holds personal information
If it is reasonable and practical to do so, the ASF will collect personal information directly from the individuals concerned with their consent. This may be through application forms, donation forms, athlete acquittal forms, legal agreements, over the telephone, the internet, or in person.
The ASF may also need to collect personal information from other people or organisations. This information is collected with the person’s consent, except in circumstances permitted by legislation. Sometimes this may happen without direct involvement. Some examples of the people or organisations from which the ASF may collect personal information about individuals are:
- ancillary funds
- project partners and potential project partners: sporting, community and educational organisations including trusts and foundations
- publicly available sources of information (such as telephone directories and the internet)
- an individual’s representative (such as a parent, coach, project contact, legal adviser, financial advisor, business manager)
- an individual’s employer
- other government bodies and agencies
- financial institutions
So that the ASF can better tailor information and services to individual needs, when it sends email messages, it may use technology to identify persons to know when email is opened or links used within an email.
If individuals log into ASF intranet/extranet services, information will be collected from them to confirm their identity.
The ASF will hold the information it collects on electronic systems managed and maintained by itself, the Australian Sports Commission (the ASC) and/or a third-party cloud storage service provider (the Cloud Service Provider), and where appropriate in paper format. The ASF and ASC have an electronic documents and records management system that is fully compliant with government and archival standards and legislation.
The ASF may also hold or receive some information on cloud-based systems. Where this occurs the relevant service will have been subject to an ASF risk assessment and be compliant with the privacy and security standards required by the ASF in protecting personal information.
When the ASF will not need to collect personal information
Depending on the nature of a person’s relationship with the ASF, they may not need to personally identify themselves.
Individuals generally have a right to pseudonymity or anonymity when dealing with the ASF, unless:
- the ASF is required or authorised by or under an Australian law, or a court/tribunal order to deal with individuals who have identified themselves
- it is impracticable to deal with the individual if they do not identify themselves
- the individual is receiving a service or financial benefit from the ASF, which necessitates assurance that the service or benefit is being directed to an identified person for a defined purpose.
How the ASF keeps personal information accurate and up-to-date
The ASF seeks to maintain the quality of its information holdings by taking reasonable administrative and technical steps to make sure that the information collected, used and disclosed is accurate, complete and up-to-date. If you wish to correct the personal information the ASF holds about you, please contact us using the details set out below.
How the ASF keeps information and data secure
The ASF utilises up-to-date techniques and processes, which meet current government requirements to protect personal information from misuse, loss and unauthorised access, modification or disclosure.
Paper documents are protected from unauthorised access or use through the various security systems that we have over our physical premises. The ASF, the ASC and/or the Cloud Service Provider maintain up-to-date computer and network security systems with appropriate firewalls, access controls and passwords to protect electronic copies of personal information. Please note, however, that the internet is not a secure environment and although all care is taken, the ASF cannot guarantee the security of information provided to it via electronic means.
The only people who are allowed to handle or have access to personal information are those engaged to undertake the work of the ASF and those who perform services for the ASF who need personal information to do their jobs. All ASF staff are bound by a Code of Conduct to not misuse personal information. Those who perform services on the ASF’s behalf, including project partners, are also bound by agreements that include privacy clauses.
If the ASF no longer requires an individual’s personal information, it will take reasonable steps to destroy it in a secure manner or remove identifying features from it. This is subject to any legal obligation (including without limitation the Archives Act 1983 (Cth), the Income Tax Assessment Act 1997 (Cth) and the Corporations Act 2001 (Cth)) that requires the ASF to keep information for a certain period of time.
The ASF website
The ASF is committed to protecting online privacy in accordance with Guidelines for Federal and ACT Government World Wide Websites issued by the Office of the Australian Information Commissioner.
The ASF records visits to this website and logs the following information for statistical purposes:
- user’s server or proxy address
- date/time/length of the visit
- files requested
- user’s cookies
- user’s searches
The information is used to analyse our server traffic. No attempt will be made to identify users or their browsing activities except where authorised by law. For example, in the event of an investigation, a law enforcement agency may exercise their legal authority to inspect the internet service provider’s logs.
As a user, you need to be aware of inherent risks associated with the transmission of information via the internet. If you have concerns in this regard, the ASF has other ways of obtaining and providing information. Normal mail, telephone and fax facilities are available.
Circumstances in which the ASF provides personal information to others
Sometimes the ASF may provide personal information to external organisations. Generally, these are organisations that help the ASF conduct its programs and activities. These organisations may include:
- project partners (organisations with whom we have agreements to provide funding or services or to source funding): the ASF may provide personal information to project partners in order to validate donation processing details already provided to us, for receipting purposes, to validate acquittal and expenditure of grants received, or to confirm the identity of donors or beneficiaries. If you are a donor, please note that the beneficiary of your gift may use your personal information to make contact with you
- authorised representatives of the ASF
- payment systems operators (for example, our online shop to receive credit card payments)
- for the purposes of storing personal information, the ASC and/or the Cloud Service Provider, which may be located in Japan and/or such other locations in Australia or overseas as agreed by ASF and the Cloud Service Provider, subject to an appropriate risk assessment conducted by the ASF
- our accountants, auditors or lawyers
- the individual’s representatives (for example a parent, coach, project contact, legal adviser, financial advisor or business manager)
The ASF strives to limit the personal information it provides to outside organisations to what they need to provide their services to the ASF, and aims to disclose only the personal information necessary to provide services to donors, project partners and the relevant regulatory authorities. The ASF ensures that any organisation that it contracts with:
- meets the privacy standards required by the ASF in protecting personal information and complies with the Privacy Act
- uses the personal information provided only for the purposes of the specific service being provided to the ASF, and for no other purpose
The ASF may also need to provide personal information to others outside the ASF where:
- the ASF is required to by law or has a public duty to do so. For example, a Court, a regulator (such as the Australian Taxation Office) or the police can compel the ASF to disclose personal information to them
- individuals have expressly consented to their personal information being supplied to others for particular purposes
Disclosure of ASF held personal information to overseas recipients
Where possible, the ASF seeks to limit the disclosure of personal information to overseas recipients.
The ASF provides its services to benefit Australian sport and this may include Australian project partners throughout the world. At times this may require personal information, including sensitive information, to be disclosed overseas.
The ASF may also need to disclose personal information to overseas recipients where an individual has expressly consented to their personal information being supplied to overseas recipients (for example, to a parent company that matches gifts made by its Australian-based employees).
The ASF may contract overseas commercial organisations to provide products or services to the ASF or its donors or project partners. These agreements are entered into where:
- the ASF has conducted a risk assessment
- the organisation meets the privacy and security standards required by the ASF in protecting personal information
- the organisation uses personal information only for the specific service the ASF asks them to provide, and for no other purpose
Access and correction of personal information
Any person who believes that the ASF holds personal information about them may contact the ASF to seek access to that information in accordance with APP 12.
If a person, after accessing information held by the ASF about them, considers that it is inaccurate, out-of-date, incomplete, irrelevant or misleading for the purposes for which it is held, they may request the ASF to amend it in accordance with APP 13.
In the first instance a person can request access to their personal information by contacting the ASF using the details set out below:
Chief Executive Officer
Australian Sports Foundation Ltd
PO Box 176 Belconnen ACT 2616
Phone: 02 6214 7868
The ASF will respond to any such request within a reasonable period of time. However, we may not always be able to provide access to all the personal information we hold about a person or correct your personal information in the manner you have requested. For example, it may not be able to provide access to information that would reveal personal information about another person. Where we are unable to provide you with access to your personal information or correct your personal information as requested, we will notify you and give you the reasons why (except to the extent it would be unreasonable for us to do so).
If you wish to make a complaint about the way we have handled your personal information (including if you think we have breached the Privacy Act), you may do so by contacting us using the details set out above. If you make a complaint, please include contact details such as your name, address, telephone number and email address and clearly describe your complaint.
Any privacy complaints received by the ASF must be in writing and will be initially investigated by the Cheif Executive Officer of the ASF. The ASF will endeavour to be as efficient as possible when investigating and responding to any privacy complaints. We will respond to all complaints within a reasonable time period appropriate to the specific complaint.
The ASF complies with the Guidelines published by the Office of the Australian Information Commissioner in relation to complaints management.
Any person may also complain to the Australian Information Commissioner, who may investigate the ASF’s actions. The Commonwealth Ombudsman may also investigate complaints relating to the ASF. However, the Commonwealth Ombudsman and the Privacy Commissioner will consult to avoid the same matter being investigated twice.