Your privacy is important to us. As such, it is CISP's policy to respect the confidentiality of information and the privacy of individuals. The CISP Privacy Policy outlines how we manage the personal information we hold about our members.

Commonwealth Government privacy legislation, which came into effect on 21 December 2001, extended the operation of the Privacy Act 1988 to cover the operation of private sector not-for-profit organisations. Small Businesses (those with an annual turnover of $3 million or less in the previous financial year) are exempt from the legislation.

As a result, CISP is currently exempt from the legislation. However, CISP intends, as far as possible, to comply with the legislation.

1. This Privacy Policy applies to all information obtained by or disclosed to CISP ISP (“CISP”).

2. CISP has adopted the National Privacy Principles as contained in the Privacy Act 1988 ("Privacy Act") as amended from time to time.

3. This Privacy Policy details the nature of the information collected by CISP, why it is collected and how it is used.

4. One of the missions of CISP is to link not-for-profit organisations and their supporters through a database which designates which not-for-profit organisation receives the rebate/donation as designated by the Member. This mission and the related activities and functions of CISP necessitate the holding of personal information on individuals.

5. CISP regards its obligations under the Privacy Act as extremely important and its actions are directed to complying with the Privacy Act.

6. The personal information collected by CISP generally comprises:

a.name;

b.address;

c.telephone number;

d.email address (where available); and

f.individuals and institutions who are members or are a part of not-for-profit organisations or associations in Australia;

g.other not-for-profit organisations (collectively referred to as "Clients"). However this list is not exhaustive.

7. The information referred to in paragraph 6 is obtained from:

a.the public domain;

b. not-for-profit organisations licensed to hold and share such information; and

c. such Clients who volunteer to receive communications from CISP.

8. Where information is obtained from a third party, reasonable steps will be taken to ensure the subject Client is made aware of the information being obtained.

9. The personal information collected is necessary to enable CISP to fulfil its mission of offering services to the Clients. USE AND DISCLOSURE OF PERSONAL INFORMATION

11. CISP uses the personal information it collects to enable it to make regular contact with its Clients to inform them of new or revised product offerings or services or as may be required from time to time.

12. CISP only allows access to and use of personal information upon obtaining permission from the requisite entity, which can differ from case to case. The personal information is only disclosed for the purpose of CISP fulfilling its mission.

13. Personal information will not be released to third parties unless:

a. the Client has consented to the disclosure of the information;

b. CISP is required by statute or law to disclose, reproduce, use or disseminate the personal information; or

c. the personal information is in or enters the public domain, otherwise than as a result of a breach by CISP of its duties hereunder or as a result of disclosure by any person receiving the personal information from CISP.

14. If personal information is sent overseas it will be on the basis that it will be subject to the same systems of access and storage as apply in Australia.

15.This Privacy Policy is premised on ensuring the information held by CISP is accurate, complete and up-to-date.

16. If any of the information provided has changed or is considered incorrect, the individual concerned should contact CISP.

17. All personal information is held by CISP in secure databases, soft-copy lists, and in web hosted environments that are fire-walled. CISP creates hard copies from time to time for the purposes of sales and marketing.

18. The purpose of such security is to protect all personal information from misuse, loss, unauthorised access, modification or disclosure.

19. A request to access information should be made in writing to CISP.

20. If a request is declined, the person making the request will be told why.

21. Personal information will be retained for an appropriate period as determined by the CISP and thereafter will be destroyed by a secure means.

22. CISP may make changes to this Privacy Policy at any time. Any such changes will be publicised to Clients.