The Privacy Act 1988 defines Personal Information as information, or an opinion, that could be used to identify an individual.

Personal information may include:

• an individual’s name, signature, address, phone number or date of birth
• sensitive information
• credit information
• employee record information
• photographs
• internet protocol (IP) addresses
• voice print and facial recognition biometrics (because they collect characteristics that make an individual’s voice or face unique)
• location information from a mobile device (because it can reveal user activity patterns and habits)

Sensitive information is personal information that includes information or an opinion about an individual’s:



• racial or ethnic origin
• political opinions or associations
• religious or philosophical beliefs
• trade union membership or associations
• sexual orientation or practices
• criminal record
• health or genetic information
• some aspects of biometric information.
  

CDF Community Fund collects and holds personal information about you for various reasons. These include:

• to identify you, for the purposes of opening an account, assessing your application or providing a service to you,
• to ensure CDF has accurate and up to date information to contact you,
• for marketing purposes to communicate offers, products and services; or
• as an employee or volunteer, to assess your application.

We will collect your personal information directly from you; however, we may also collect your information from:

• your browser or devices (such as cookies or IP addresses),
• publicly available registers or directories,
• third parties you have authorised to act on your behalf (such as joint account holders, those that hold a valid Power of Attorney, your accountant or lawyer); and
• third parties or vendors that are used to verify your identity or provide a product or service to you.

Where you provide us with unsolicited personal information (that is, personal information we have not requested and is not required), we will destroy or de-indentify this personal information. Where the information was collected in compliance with the Privacy Act, we will protect this personal information as described within this policy. 

We use your personal information for the purpose for which it has been provided, any other purpose you have consented to, and any other purpose permitted under the Privacy Act.

This may include using your personal information for the following purposes:

• Assessing and processing applications you make for products or services,
• Verifying your identity which includes undertaking due diligence or determining your tax residency status as required by relevant laws,
• Managing your existing products and services,
• Communicating with you,
• Managing any complaints you raise against us,
• Working with third parties (such as other organisations, contractors or vendors) for the provision of products or services,
• Data analytics and market research,
• Recruitment purposes to assess, process and manage your application to work with us,
• Where disclosure is required by law to, or
• Any other purpose which you have authorised. 

We may need to share your personal information outside Australia in accordance with the Privacy Act to third parties (other organisations, contractors or vendors) to provide a product or service to you (including where you have instructed us to complete an international funds transfer on your behalf).

By providing us with your personal information, you consent to us disclosing your information, where required, to entities located outside Australia. 

We may use your personal information to communicate offers, products and services or changes to our organisation. By providing your personal information, you consent to us using your information to contact you for this purpose through mail, email, telephone, SMS and social media platforms as required.

If you do not wish to be contacted for marketing purposes, you can opt out or unsubscribe at any time by responding to the communication or contacting us. 

It is important that the personal information we hold about you is accurate, complete, and up to date. We may ask you to confirm that your personal information is accurate anytime we communicate with you or, if your personal information has changed or is inaccurate, you can contact us to update your details or correct any personal information that is held by us and incorrect. 

We will provide you with access to the personal information we hold about you in line with the Privacy Act and in a timely manner.

To access personal information that we hold about you, please contact us. We may charge a reasonable fee for our costs associated to retrieving and supplying the information to you.

There may be situations where we are unable to provide you with access to your personal information in line with the limited exceptions of the Privacy Act. In these circumstances we will issue a written notice, including the reason for refusal. 

There may be situations where we are not required to provide you with access to your personal information.

An explanation will be provided to you if we deny you access to your personal information we hold.

Some organisations must provide you with the option of not identifying yourself (anonymity) or the option of using a pseudonym.

This principle does not apply to CDF Community Fund which operates under the allowed exceptions of the Privacy Act that:

• CDF is required to deal with individuals that have been identified, and
• It is impracticable for CDF to deal with individuals who have not identified themselves or use a pseudonym. 

We will take active measures to protect your personal information from misuse, interference, loss, unauthorised access, modification or disclosure by storing it in a secure environment. 

When your personal information is no longer needed for any purpose for which the personal information may be used or disclosed under the Privacy Act, we will take reasonable steps to destroy or de-identify the personal information we hold about you.

Where your personal information is accessed or released without your authorisation due to a data breach, and the breach is likely to result in serious harm to you, we will promptly notify you. Where we are unable to contact you directly, we will take reasonable steps to communicate the breach through our website, www.catholicdevelopmentfund.org.au.

You may request further information about the way we manage your personal information or, if you believe your privacy has been compromised, lodge a complaint by contacting us.

Where a complaint is received, we will acknowledge the receipt of the complaint, commence our investigation and provide a response within 15 business days. In cases where further information, assessment or investigation is required, we will communicate this with you.

You can contact us by:

Phone (toll free): 1800 134 135 (select Option 1)

Email: csg@melbcdf.org.au

Writing to:

CDF Community Fund

PO Box 174 East Melbourne VIC 8002

If we have not responded to you within a reasonable time or if your concerns are not resolved to your satisfaction, you are entitled, under the Privacy Act, to make a complaint to the Office of the Australian Information Commissioner (OAIC):

Office of the Australian Information Commissioner

Website: www.oaic.gov.au

Phone: 1300 363 992