Privacy Policy


This Privacy Policy sets out Northern Rivers Community Foundation (NRCF or we, us or our) policies in relation to management of personal information.  It is based on the Australian Privacy Commissioner’s National Principles for the Fair Handling of Personal Information.

The Board of the NRCF is committed to protecting the privacy of personal information the organisation collects, holds and administers.  NRCF will only collect information that is necessary to undertake our functions and activities as defined within our Constitution.  The NRCF respects the privacy of our supporters, business contacts and our employees.

What kinds of personal information do we collect and hold?

Personal information is information which directly or indirectly identifies a person.  The type of information that we collect includes personal information concerning donors, potential donors, grant applicants, grant recipients, as well as suppliers, consultants, employees, directors, associate directors and applicants for those positions.
We do not collect sensitive information or health information.

We may ask you to provide your personal information including:

  • your name, address, email address and contact telephone number;
  • your business contact details and how we can contact you at home; and
  • if applying for a position within the organisation such as employee, director, or associate director you will also be asked for your work history and qualifications and other matters relevant to the position applied for.

How do we collect your personal information?

We collect and hold personal information you provide to us in the process of:

  • receiving funds by way of a grant or the flow through direction of funds;
  • receiving donations through our website or manually;
  • receiving applications for, administering and promoting grants;
  • communications with you via telephone, letter and emails;
  • subscribing to our newsletter;
  • attending fundraising or grant giving events;
  • becoming an ambassador or supporter;
  • receiving applications for positions within the organisation; and
  • receiving bequests.

How do we secure your personal information?

We may store Personal Information in locations outside our direct control (for instance, on servers or databases co-located with hosting providers).

This website uses Security Sockets Layer (SSL) encryption technology from GeoTrust to encrypt sensitive personal information (such as your payment information and geolocation) before it travels over the internet. Credit card numbers are never stored on our database or servers.

The transmission of information via the internet is not completely secure. We cannot guarantee the security of your data transmitted to our online services; any transmission is at your own risk. Once we have received your information, we will take reasonable steps to use procedures and security features to try to prevent unauthorised access, modification or disclosure. These steps include:

  • password protection of electronic files;
  • paper files stored in locked filing cabinets;
  • physical access to files restricted; and
  • employees, directors and associate directors are subject to confidentiality obligations.

Collection of further information from our website

When you use our website we collect additional information from you which may or may not identify you.  This information includes; which pages you visited on the website, your internet browser, operating system, address of the referring site, internet protocol address and clickstream information.

How do we use the personal information we collect?

We use your personal information:

  • for our primary functions relating to fundraising, receiving donations and distributing grants;
  • any directly related purpose to fundraising, receiving donations and distributing grants;
  • to communicate with you;
  • to provide you with products, services or other information you have requested; and
  • for another purpose with your written consent.

Disclosure of your personal information

We may disclose your information:

  • for the primary purpose for which it is collected or a directly related purpose;
  • to third parties including agents or subcontractors, who assist us in providing information, services or direct mail or digital marketing to you;
  • where compelled to by law for example, taxation  and the management of our incorporated entities; and
  • to government, statutory authorities, financial institutions where necessary for our operations and to meet compliance obligations.

For any other purposes of disclosure we will obtain your written consent.

We don’t sell your data to third parties, we treat all information collected as private.

Disclosure Overseas

Personal information approved by you for inclusion on our website or Facebook will be published on the internet and will be available overseas.

We store some data with third party data storage providers which may have offices or operations outside of Australia.  The data is stored in their systems and is subject to their security and privacy standards. We have been careful about selecting our service providers and believe they take data privacy and security seriously.

Our data storage providers may change from time to time, to find out details of these providers please contact

Your right to access and correct personal information

You have the right to access your personal information.  You also have the right to have it corrected if it is inaccurate.  To access your personal information or seek a correction of personal information please write to: The Chairman of the Board, Northern Rivers Community Foundation PO Box 304,  Clunes NSW 2480, or email