Harrison Riedel Foundation Limited Privacy Policy

General Privacy

Revised November 2024

Harrison Riedel Foundation Limited (HRF) is committed to protecting your privacy and the confidentiality of any personal information that you provide to us. This Privacy Policy describes HRF’s practices and procedures in relation to the collection, use, storage and disclosure of your personal information in connection with our services (Services).

By accessing HRF’s Services, website, and applications including YourCrew mobile and web, or providing information to HRF, you indicate acceptance of this Privacy Policy, which may be amended periodically.

1. Collection of Personal Information:

HRF may collect personal information to provide services, process donations, or facilitate your participation in our programs and events. The extent and nature of the information collected depend on your interactions with HRF and may include:

Reasons for Collection:

to receive information about, or to participate in the HRF or other initiatives undertaken by HRF
to receive information about, or become involved in HRF promotions
to receive information about the outcomes of the funds raised by HRF
to purchase HRF/YourCrew products or merchandise
to make a donation or to facilitate a donation made on your behalf. Where donations are made anonymously, we may not be able to provide you with confirmation of your donation, a copy of your receipt, or assist you further regarding your donation.
to provide your motivation or personal story to HRF
to attend a HRF event
to register for use of the YourCrew mobile application.

Types of Personal Information Collected:

Name, photograph, age, date of birth, address, postcode, phone number, email, employer, donation history, or donation amount.
Credit card information may be collected for donation purposes but is not stored by HRF.

Note: Providing personal information is voluntary, but it may impact HRF’s ability to deliver specific services if insufficient information is provided.

Sensitive Information: You may choose to add sensitive information, such as health details, to features within YourCrew, like the digital journal or safety plan. This information is stored securely for your use only and is encrypted both at rest and in transit to ensure your privacy and protection. HRF does not have access to this data and cannot view or use it for any purpose.

2. How does HRF use your personal information?

The personal information you provide to HRF through our websites, applications or services will only be used as permitted by the Privacy Act 1988 (Cth) and the Australian Privacy Principles, including:

Sending updates about HRF and our programs.
Processing and acknowledging donations, including issuing receipts.
Facilitating your involvement in HRF events, promotions, or campaigns.
Delivering merchandise or other requested items.
Marketing HRF’s initiatives, campaigns, and events. Opting out: You can opt out of communications, or delete all personal data by unsubscribing or writing to HRF at info@harrisonriedelfoundation.com
Analysing community statistics to improve our impact.
Addressing legal obligations or safety concerns if required.

3. Phone Data Access:

When you use the YourCrew app and grant permission, we access your phone contacts to enhance your experience.

How YourCrew App Uses Your Phone Contacts:

Identification of Existing YourCrew Users: With your permission, we identify contacts who already have YourCrew accounts to facilitate connections.
New YourCrew Users: With your permission, we identify contacts who don’t have YourCrew accounts so you can send them invitations to join YourCrew.

Storage and Usage of Contact Data:

Limited Use: Contacts are accessed only on the “Add New Contacts” page and not used elsewhere.
Non-Storage on Servers: Contacts are processed in real-time and are not stored or saved after use.

Data Security and Confidentiality:

Encryption: We use industry-standard encryption during data transmission and at rest.
Third-Party Sharing: We do not share your contacts with third parties.

User Control and Consent:

Opt-In Mechanism: We seek explicit consent before accessing your contacts.
Data Deletion: You can revoke access or delete data anytime through your device settings.

4. Google API Services:

The YourCrew App adheres to Google API Services User Data Policy, including Limited Use requirements, ensuring safe and compliant data practices. For full policy details, visit: Google API Services User Data Policy.

5. Use and Disclosure of Personal Information

HRF will use and disclose your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles. This includes:

Disclosure when required by law or
Where we have your consent to use or disclose your personal information.
For the purpose for which it was collected or related purposes that you would reasonably expect HRF to use your personal information.

Data Sharing for Program Evaluation: HRF may engage reputable Australian third-party research firms to collect or evaluate data for programs, YourCrew and YourCrew Classroom. We only work with firms with stringent security practices and high compliance standards. Your consent will always be sought before any data is collected for evaluation purposes.

Overseas Disclosure: HRF does not currently disclose personal information overseas. If this changes, we will update our policy and specify the relevant countries, if practicable.

If you choose to provide your personal details to HRF, you acknowledge and agree that your personal information may be used as set out above.

6. Security & storage of your information:

HRF takes comprehensive steps to ensure the security of all information we collect and to protect information from misuse, loss, unauthorised access, modification or disclosure. Measures include:

Storing data on secure servers located within Australia.
Using firewalls and up-to-date security protocols.
Access is restricted to authorised personnel only, with logs maintained
Regular risk assessments through penetration testing and other vulnerability assessments.
Ongoing updates to incident response plans and security protocols.
Data encryption at rest and in transit.

7. Data Collected and Stored on Third-Party Platforms:

HRF uses platforms like Raisely for CRM, donations, and communications. These platforms adhere to high security standards, including:

Data encryption at rest and in transit.
Compliance with international security standards.
Strict access controls.

For more information about Raisely’s security practices, please refer to their policy here.

8. Data Breach Response:

In the event of a data breach, HRF will activate its response plan in accordance with the Notifiable Data Breaches (NDB) scheme. If your personal information is affected, you will be notified. This notification will include, but is not limited to:

A description of the data breach.
The types of information involved.
Recommendations on steps you should take to protect yourself in response to the breach.

9. Access, Correction and Complaints:

Access: You can request access to your personal information. Email HRF at info@harrisonriedelfoundation.com or write to 6 Borambil Place, Longueville NSW 2066. We will respond within 30 days.
Correction: To correct or update your personal information, email HRF at info@harrisonriedelfoundation.com or write to our address. We will promptly update inaccurate details.
Complaints: For privacy-related complaints, contact us at info@harrisonriedelfoundation.com or our office address. HRF will respond within 30 days, adhering to our obligations under Australian privacy law. You have a right to request access to the personal information HRF holds about you
Opting out: You can opt out of communications or ask us to delete your details by unsubscribing or writing to HRF at info@harrisonriedelfoundation.com or our address.

10. Parental Consent:

HRF requires parental or guardian consent before collecting personal information from children under the age of 13. This reflects our commitment to safeguarding young users.

For users of the YourCrew app and students participating in our school program who are aged 13 and older, HRF, in collaboration with relevant teachers or schools, will assess their capacity to provide informed consent. If the information is sensitive or if there are concerns about the user’s ability to fully understand the implications of their consent, HRF may still seek parental involvement.

11. Anonymisation and De-Identification

Where possible, HRF will anonymise or de-identify personal information used for evaluation of our programs or analytical purposes to safeguard privacy.

12. Links to other websites:

HRF is not responsible for the conduct or privacy practices of any other website or service linked to our website or applications, or for the privacy practices of any third-party social media or other service providers, you may access through our website or applications. We encourage you to read the privacy policies of those websites or service providers prior to using them.

13. Changes to this Privacy Policy:

This policy may be updated to reflect new laws or practices. Changes will be posted on HRF’s website and on YourCrew. We advise regularly reviewing this policy for updates.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.