Our Privacy Policy

We understand the importance of protecting an individual’s personal and sensitive information. This policy sets out how the Self-Determination Fund Limited in its capacity as Trustee of the Self Determination Fund (‘Trustee’) aims to protect your personal information, your rights in relation to your personal information held by the Trustee, and how the Trustee collects, holds, uses, discloses, and otherwise manages your personal information.

As a First Peoples led organisation, we respect and recognise Indigenous Data, Indigenous Data Sovereignty and Indigenous Data Governance. Over time, the Trustee will develop and integrate the self-determination and empowerment of First Peoples of Victoria via these principles and approaches into its operations as the Trustee’s work develops.

1. Principles of the Self-Determination Fund

The Self-Determination Fund was established as part of the Treaty process for the First Peoples of Victoria and aims to shift decision-making power into the hands of First Peoples through enabling economic self-determination.

In its role as a financial resource, the Trustee will make investments in accordance with its policies and distribute funding to selected recipients alongside provision of support and advice.

2. Respect for and Recognition of Indigenous Data, Indigenous Data Sovereignty and Indigenous Data Governance

The Trustee recognises that self-determination and empowerment of First Peoples of Victoria will require navigation of previously imposed ways of managing Indigenous Data, Indigenous Data Sovereignty and Data Governance that has, in the past, not been constructive and has led to injustice and harmful practices.¹

As a First Peoples’ owned and controlled resource, designed by and for First Peoples of Victoria, the Trustee must uphold the sovereignty of First Peoples over their knowledge, stories, information and data and respect Indigenous Data, Indigenous Data Governance, and Indigenous Data Sovereignty (defined by the Directions to Trustee – see below). The Trustee will do this while complying with applicable laws.

  • Indigenous Data as endorsed by delegates at the 2018 Indigenous Data Sovereignty Summit, refers to information or knowledge, in any format or medium, which is about and may affect First Peoples both collectively and individually.

  • Indigenous Data Governance as endorsed by delegates at the 2018 Indigenous Data Sovereignty Summit, refers to the right of First Peoples to autonomously decide what, how, and why Indigenous Data is collected, accessed, disclosed and used. It ensures that data on or about First Peoples reflects First Peoples’ priorities, values, cultures, worldviews, and diversity.

  • Indigenous Data Sovereignty as endorsed by delegates at the 2018 Indigenous Data Sovereignty Summit, refers to the right of First Peoples to exercise ownership over Indigenous Data. Ownership of Indigenous Data can be expressed through the creation, collection, access, analysis, interpretation, management, dissemination and reuse of Indigenous Data.

The purpose of this policy is to set the Trustee’s standards in ensuring Indigenous Data, Indigenous Data Governance, and Indigenous Data Sovereignty is respected and recognised while delivering on the Self-Determination Fund’s two purposes: 

  1. to support First Peoples to have equal standing with the State in Treaty negotiations; and 

  2. to provide a financial resource, independent from the State, that empowers First Peoples to build capacity, wealth, and prosperity. 

The Trustee is committed to the Maiam Nayri Wingara Indigenous Data Sovereignty Collective in Australia and Global Indigenous Data Alliance. 

The Maiam Nayri Wingara Indigenous Data Sovereignty Principles state that “Indigenous peoples have the right to: 

  • Exercise control of the data ecosystem including creation, development, stewardship, analysis, dissemination and infrastructure. 

  • Data that are contextual and disaggregated (available and accessible at individual, community and First Nations levels). 

  • Data that are relevant and empowers sustainable self-determination and effective self-governance. 

  • Data structures that are accountable to Indigenous peoples and First Nations. 

  • Data that are protective and respects First Nations’ individual and collective interests.”  

3. General Privacy Statements

The Trustee may be required to collect your personal information in conducting its operations, or as a result of our other interactions or dealings with you. 

This privacy policy applies to the handling of personal information by the Trustee. 

In collecting, holding, using, disclosing and otherwise managing your personal information, the Trustee will comply with the Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principles in the Privacy Act.  

The Trustee will regularly review its policies and procedures regarding personal information and may update and reserves the right to amend this privacy policy from time to time.  Any updated privacy policy will be made available on the Trustee’s website, www.selfdeterminationfund.org.au, or can otherwise be obtained by contacting us by email trustee@selfdeterminationfund.org.au or phone 1800 371 103 and requesting a copy. 

Our policy does not apply to services offered by other companies, organisations or individuals. 

4. Consent to use and disclose your personal information 

This Policy sets out the types of personal information being collected by the Trustee, how it will be used by the Trustee and the purposes for which it will be used, acknowledging that the Trustee will likely collect sensitive information (under the Privacy Act) regarding First Peoples.  

Consent to use and disclose your personal and/or sensitive information must be informed, voluntary, current, specific and you must have capacity to give consent. You may also withdraw your previously given consent at any time, however there are possible consequences if you do withdraw your consent. In the context of the Self-Determination Fund, it may affect access to funding.  

The Trustee is guided by the principles of self-determination and empowerment for First Peoples in Victoria. The Trustee will work with those who wish to access the Self-Determination Fund under the Funding Guidelines to ensure support for, and management of, your personal and sensitive information.    

5. Types of personal information collected  

Personal information is information or an opinion about an identified, or reasonably identifiable, individual.   

The kinds of personal information that the Trustee collects will vary depending on our particular interaction or dealing with you. However, generally speaking, the kinds of personal information the Trustee collects may include:  

  • your contact information such as your name, address, telephone number and email address; 

  • information regarding the type of support you wish to provide as a donor or potential donor; 

  • information regarding any application for funding, including purposes to which the funding will be applied;  

  • where you are acting on behalf of an entity (whether as an employee, director or other representative), details of that entity and your relationship with it; 

  • socio-demographic information, such as whether you identify as Aboriginal and Torres Strait Islander, age, occupation and gender. Where sensitive information is collected, we will only do so with your consent or where we are required to do so by law; 

  • monitoring and/or recording phone calls with you; 

  • camera surveillance, such as CCTV, at our premises; and 

  • other information necessary to provide you with information regarding funding, our services or to undertake any dealings with you.  

The Trustee also collects internet and technology related information from visitors to our site or users of our other online services, including the referring URL, IP addresses, browser used in visiting our site, location information of the visitor, the pages of our site that were viewed during visits and any search terms entered on our site. 

The Trustee may hold other kinds of personal information as permitted or required by law or other kinds of personal information that we notify you of at or about the time of collection. 

6. How we collect personal information  

Generally, the Trustee collects your personal information directly from you.  For example, the Trustee may collect your personal information: 

  • where we have an interaction or exchange with you in person, or by way of interaction through our website, telephone, video conference, facsimile, email or post; 

  • when you request information or other services from us, or otherwise provide us with your details;  

  • where you submit an application for funding on your behalf, or on behalf of an organisation or enterprise;  

  • where you provide us with proposed donation on your behalf, or on behalf of an organisation or enterprise;  

  • where you provide us with further details to enable us to process and consider any application for funding; 

  • where you provide us with your details as part of any process relating to investments by us; 

  • where you use our websites or other online services or otherwise interact with us, including interactions with Trustee staff to support with your funding application or donation or over the phone; 

  • if you attend an event conducted by or associated with us, including any training or educational sessions or programs; 

  • if you post information to our website or any of our social media sites or interact with us on social media. 

There may be occasions when the Trustee collects your personal information from someone other than you, for example: 

  • from other organisations that help us provide support, advice and funding to eligible recipients (for example, the First Peoples’ Assembly of Victoria Limited); 

  • from third parties you authorise to disclose your information to us, including any educational institution, training or education provider, community groups or organisations, or employer; or 

  • from a publicly maintained record or other publicly available sources of information including social media and similar websites.  

Generally, the Trustee will only collect your personal information from sources other than you if it is unreasonable or impracticable to collect that personal information from you.   

7. Purposes for which personal information is used 

Generally speaking, the Trustee collects, holds, uses or discloses personal information so that we can conduct our activities to deliver on the Self-Determination Fund’s two purposes: 

  1. to support First Peoples to have equal standing with the State in Treaty negotiations; and 

  2. to provide a financial resource, independent from the State, that empowers First Peoples to build capacity, wealth, and prosperity. 

Some examples of the purposes for which the Trustee collects, holds, uses and discloses your personal information include to: 

  • communicate and manage our relationship with you;  

  • respond to your queries and provide you with information and services that you request from us; 

  • public reporting (for example the Trustee’s Annual Financial Reports) on the amount of funding provided under the Trustee’s Funding Guidelines and which groups received that funding, in accordance with Section 2 above; 

  • to conduct our activities and facilitate investments or the provision of funding to eligible recipients; 

  • help us to manage our investments and funding, including personalising the support and services provided to applicants and eligible recipients;  

  • conduct events and information sessions, or facilitate training or educational programs;  

  • contact you to obtain your feedback regarding our support and services; 

  • conduct research to support proposals in Treaty negotiations;  

  • administer, manage and process any transactions you enter into, or propose to enter into, with us; 

  • monitor our premises, for example using camera surveillance to ensure the safety of our people and visitors, and to investigate health and safety incidents; 

  • for internal governance, security and case management: 

  • to maintain the day-to-day operation, the maintenance and the security of our sites. 

  • to conduct demographic studies or audits. 

  • to contact you for research relating to prospective proposals in Treaty negotiations. 

  • to manage risks, disputes and records; 

  • manage your employment with the Trustee (if an employee) and its obligations to you; 

  • analyse information we collect so that we can administer, support, improve and develop our operations and the services we offer (including by monitoring or recording our interactions with you for training purposes);  

  • comply with the legal and regulatory obligations of the Trustee under any applicable laws.  

In addition to the purposes listed above, the Trustee may use your personal information for purposes related to the above purposes, other purposes which we notify you of when we collect the information and for purposes otherwise permitted or required by law.  

Where personal information is used or disclosed, the Trustee takes steps reasonable in the circumstances to ensure it is relevant to the purpose for which it is to be used or disclosed.  You are under no obligation to provide your personal information to the Trustee.  However, without certain information from you, the Trustee may not be able to provide funding to you as a prospective funding recipient, or provide services or information to you, or may be otherwise limited in how we can interact with you. 

8. Disclosure of personal information  

The Trustee discloses your personal information for the purpose for which the Trustee collects it.  As a result, generally, the Trustee will only disclose your personal information for a purpose set out in paragraph 5 of this privacy policy.  This may include disclosing your personal information to: 

  • associated entities of the Trustee, such as the First Peoples’ Assembly of Victoria Limited; 

  • service providers, contractors and other third parties that provide goods or services to us (including our technology service providers, our consultants, risk, compliance and identification verification companies, or other administration service providers); 

  • professional advisors to the Trustee (including legal and accounting firms, auditors, consultants, insurers and other professional advisers);  

  • First Peoples’ Elders engaged by the Trustee for cultural guidance; and 

  • government authorities where required by law. 

The Trustee may also disclose your personal information for other purposes if we notify you of the disclosure at or about the time of collecting the information, we have otherwise received your consent or the disclosure is required or authorised by law.  

If you post information or other content to public sections of our websites or to our social media sites, you acknowledge that the information or content may be viewed by the public and/or users of the relevant website or social media site.  

9. Overseas disclosures 

Some of the parties that SDF discloses your personal information to may be located outside Australia, including technology service providers located in the United States of America.  

We take reasonable steps to ensure that any such overseas recipients do not hold, use or disclose your personal information in a way that is inconsistent with the obligations imposed under the Privacy Act and the Australian Privacy Principles in the Privacy Act.   

10. Links to other websites  

When you access our websites or other online services, we may provide as a convenience to you links to other websites, including websites operated by funding recipients, investment recipients, our associated entities, or other independent third parties.  Each website has its own privacy practices, as described in that website’s privacy policy.  Those practices may be different than the practices described in this privacy policy, and we encourage you to read each website’s privacy policy carefully before you use or submit information to that website.   

Additionally, to the extent that you follow a link to a website operated by an independent third party, please be aware that we exercise no authority or control over that third party and cannot be and are not responsible for any information that you may submit to that website. 

11. Cookies  

When you visit our websites, we will generally leave a ‘Cookie’ in the memory of your web browser.  The website or other online service may only function properly if Cookies are enabled.  Our websites and online services may use persistent Cookies to authenticate you as a user and display content that is relevant and specific to you.   

Cookies cannot access and read the files on your hard drive.  They allow us to provide information that are more meaningful to you without asking you the same questions every time you visit us.  We hope you will want the better service that Cookies allow, but if you prefer, you can set your browser to refuse Cookies. However, by doing that, your access to our website, www.selfdeterminationfund.org.au, may be compromised or limited. This may also affect the provision of information or certain services through our website. 

12. Security of personal information 

The Trustee takes steps reasonable in the circumstances to ensure that the personal information it holds is protected from misuse, interference and loss and from unauthorised access, modification or disclosure.   

The Trustee holds personal information in electronic forms in secure databases on secure premises, accessible only with the appropriate passwords by authorised staff.   

The processes and systems we use to secure your personal information include: 

  • the use of identity and access management technologies to control access to systems on which information is processed and stored; 

  • requiring all staff members to comply with internal information security policies and keep information secure; 

  • requiring all staff members to complete training about information security; and 

  • monitoring and regularly reviewing our practices against our own policies and against best practice. 

Your personal information will be kept on databases held on servers kept in a physically and technologically secured environment, accessed only by authorised personnel or contractors. Where personal information is held in hard copy, it will be held in controlled, access restricted premises which only authorised personnel or contractors will be permitted to access.  

We have in place procedures for training our staff members about their obligations under this privacy policy and disciplining them for failure to follow this privacy policy. We also have in place internal procedures to confirm general organisational compliance with this privacy policy. 

13. Storage of personal information 

The Trustee will only keep your personal information for as long as it is necessary for the purposes set out in this policy, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements).  

The Trustee will destroy or de-identify personal information in circumstances where it is no longer required, unless SDF is otherwise required or authorised by law to retain the information.   

14. Access, correction and deletion 

The Trustee takes steps reasonable in the circumstances to ensure any personal information it holds is accurate, up-to-date, complete, relevant and not misleading.   

In addition, under the Privacy Act, you have a right to seek access to and correction of your personal information that is collected and held by the Trustee.  If at any time you would like to access or correct the personal information that the Trustee holds about you, or you would like more information on the Trustee’s approach to privacy, please contact the Trustee using the details set out in paragraph 13 below.  The Trustee will grant access to the extent required or authorised by the Privacy Act or other legislation and take steps reasonable in the circumstances to correct personal information where necessary and appropriate. 

To obtain access to your personal information: 

  • you must provide proof of identity to assist us in ensuring that personal information is provided only to the correct individuals and that the privacy of others is protected; and 

  • The Trustee requests that you be reasonably specific about the information you require. 

The Trustee will endeavour to respond to your request to access or correct your personal information within 28 calendar days from your request.  If the Trustee refuses your request to access or correct your personal information, the Trustee will provide you with written reasons for the refusal and details of complaint mechanisms.  

If you are dissatisfied with the Trustee’s refusal to grant access to or correct your personal information, you may make a complaint to the Office of the Australian Information Commissioner.  

15. Contacting us 

For further information or enquiries regarding your personal information or to make a privacy complaint, please contact the Trustee using any of the following contact details: 

Email:
trustee@selfdeterminationfund.org.au 

Post:
48 Cambridge Street, Collingwood VIC 3066 
Wurundjeri Woi-wurrung Country  

Phone:
1800 371 103

16. Privacy complaints 

You may direct all privacy complaints to us at complaints@selfdeterminationfund.org.au.  We will consider and act upon any complaint in accordance with 

  • the Trustee’s Dispute Resolution Policy (part of the Directions to the Trustee set by the First Peoples’ Assembly of Victoria),  

  • applicable data protection laws; and  

  • respect for Indigenous Data, Indigenous Data Sovereignty and Indigenous Data Governance.  

At all times, privacy complaints: 

  • will be treated seriously; 

  • will be dealt with promptly; 

  • will be dealt with in a confidential manner; 

  • will be dealt with in a culturally safe manner; and 

  • will not affect your existing obligations or affect any contractual arrangements between you and the Trustee. 

The Trustee investigates all complaints.  Complainants will be informed of the outcome of the complaint following completion of the investigation.   

Complainants that are dissatisfied with the outcome of a complaint may refer the complaint to the Office of the Australian Information Commissioner: 

1. See Yoorook Justice Commission, Indigenous Data and Data Sovereignty