On this page:
If you work in a not-for-profit (NFP) organisation, you or your staff will often use personal and sensitive information as you go about your day to day work delivering services or soliciting new memberships.
Understanding your privacy responsibilities and letting know about how their information is handled is a big part of ensuring that you have the trust and confidence of your customers.
NFP organisations subject to the Privacy Act 1988 (Privacy Act) must comply with the various requirements under that Act. Many of these requirements are set to change in March 2014. Check out the privacy law reform webpage for more information.
We recommend that you don't consider clients as fundraising targets unless they have explicitly opted in to receive such communications. Equally, donors who support fundraising campaigns should be offered a choice with regard to receiving information on non-fundraising activities or new campaigns.
Quick privacy tips for NFPs:
- When collecting personal information from donors, volunteers and clients, provide notice on how their personal information will be handled and used.
- If your organisation has information about people and wishes to use it for a new purpose, give them the option of deciding whether or not they wish their information to be used for that purpose.
- If you share your donor lists with other organisations, make sure that you provide people with information about who their information will be passed to from the start.
- Don’t disclose personal information about an individual for a purpose other than the primary purpose that it was collected for.
- Don’t consider clients as fundraising targets unless they have explicitly opted in to receive such communications.
- Always offer donors who support fundraising campaigns a choice about receiving information on non-fundraising activities or new campaigns.
- It’s a good idea to only allow staff access to client information on a ‘need to know’ basis. For example, ensure that those involved in soliciting donor memberships do not have routine access to personal information that may be kept on client databases, and have checks and balances in place to protect the privacy of client’s personal information.