National Congress of Australia’s First Peoples Ltd, ABN 47 143 207 587 (including its agents or related entities, at the Congress) recognises the importance of dealing with the collection, security, quality, use and disclosure of personal information in accordance with the Australian Privacy Principles (APPs) and the Privacy Act 1988 (Cth). This policy describes how the Congress will use and otherwise handle any personal information collected from you.


What kinds of personal information does the Congress collect and hold?

The Congress only collects personal information that is reasonably necessary in order for it to carry out its functions and activities. We do not collect personal information about you without your knowledge. The Congress may collect personal information about you if you:

  1. wish to apply to be a Member, Delegate and/or Chair of the Congress;
  2. submit or are asked to provide information about yourself for consideration for potential inclusion in one of our publications, programs or events;
  3. wish to participate in Congress events or activities;
  4. request to be added to the list to receive email news and updates relating to the Congress; or
  5. wish to conduct other transactions or activities on the Congress Website.

The personal information the Congress collects and holds, may include:

  1. personal and contact details – such as your name, email address, mailing address, telephone number; and
  2. demographic information and age, gender, identity as Aboriginal and/or Torres Strait Islander for example.

We may also request your personal financial information, such as your credit card details or other financial information if you make a donation to the Congress or purchase one of our products. However, generally, we do not retain or store this kind of information.

You are not required to provide the Congress with this information but, if you choose not to, you may not be able to participate in some of the activities of the Congress or receive services or goods from the Congress.


How does the Congress collect and hold personal information?

In general, we collect personal information directly from the individual concerned by, for example, receiving completed membership applications, donation forms. or surveys. We also collect personal information from the sale of National Congress products. If we collect personal information indirectly from a third party, we will take reasonable steps to ensure the individual concerned is made aware of our collection of their information.

Certain non-personal information may also be recorded by our systems through the use of website cookies. Cookies are used by many websites and are small text files placed on your computer hard drive. Cookies do not personally identify you and the Congress does not use cookies to obtain such information. Cookies determine if you have previously visited the Website and identify what pages you have accessed from the Website.

You can disable cookies through your internet browser but if you do this, you might not be able to visit or participate in some parts of the Website.

The Congress may use the information obtained from the cookies for statistics, internal Congress purposes and to improve the services the Congress provides to you.

We store personal information for varying periods of time depending on the purpose for which it is collected. In accordance with the APPs, personal information will be stored in a secure manner and made available only to those employees and management who need access to the information in order to perform their roles. Once we determine that we no longer require the personal information we collect, it will be destroyed or irretrievably de-identified in a secure manner. The Congress takes the security of personal financial information very seriously. Generally, we do not store credit card information. Such information is collected, processed, and stored in the United States of America, by our payments system service provider, Blackbaud. Information about Blackbaud’s privacy handling practices can be found here: Blackbaud undertakes to handle all personal information stored in the United States in accordance with the terms of its Privacy Policy. The payment system we use to process credit card payments is fully compliant with the Payment Card Industry Data Security Standard – the most highly recognised industry standard.

In certain circumstances, we may temporarily store credit card information if we process your payment manually. We will take reasonable steps to protect this information from misuse and loss and only hold your payment details as long as is necessary to process your payment, following which the information will be securely destroyed.


For what purposes does the Congress collect, hold, use and disclose personal information?

The Congress collects, holds, uses and discloses personal information:

  1. for any purpose notified to you at the time of collection;
  2. to provide you with any product or service you may have requested;
  3. to ascertain your suitability to participate as a Member, Delegate or Chair of the Congress;
  4. to provide you with information regarding the Congress  or Congress publications, events or campaigns.

By providing your personal information to the Congress, you are agreeing that it be collected, held, used and disclosed for these purposes set out above.

Where you provide information as part of an application under paragraph (c) above, you are also agreeing that the Congress may disclose your personal information to third parties to the extent necessary to verify or confirm the information, provided that the Congress uses its best endeavours to ensure that any such recipient respects the privacy of your personal information, takes steps to ensure the security of your personal information, and undertakes to comply with the APPs and the terms of this policy.

The Congress may also make any disclosure that is permitted by the APPs or the Privacy Act, or which it may be required to make by law.


Does the Congress send your personal information outside Australia?

Our payment systems service provider, Blackbaud, processes and stores credit card information in the United States of America. For information on Blackbaud’s privacy handling practices, please see its Privacy Policy:



The Congress will not send unsolicited emails or other such communications to you. You will generally be offered the option to opt out of receiving such communications at the time of the collection of your personal information. In each email you receive from the Congress, you are given the opportunity to unsubscribe. If you choose to unsubscribe, the Congress will remove your e-mail address permanently from that mailing list.

Alternatively, please contact the Congress if you no longer wish to participate in the Congress activities or if you have erroneously received an email or other such communication from the Congress.


How can you access and correct your personal information?

Subject to some exceptions you have the right to request access to any personal information held by the Congress, which relates to you, in accordance with the APPs.

Sometimes it may be impractical to provide you access to this information without cost. The Congress will determine and charge appropriate fees from time to time as it sees fit for providing access in those circumstances.

In order for you to access information you must provide us with sufficient information to enable us to properly identify you. Any requests for access must be made in writing to the Congress Privacy Officer at the address below.

If personal information held by the Organisation is inaccurate, incomplete, irrelevant or out of date you have the right to request it to be updated or corrected. If there is a dispute as to whether the information we hold is correct or out of date the Privacy Officer will endeavour to resolve this with you.


How can you complain about the handling of your personal information?

If you wish to complain about the Congress’s handling of your personal information, please send a written compliant to our Privacy Officer using the email address below. We will make every effort to investigate and respond to your complaint in a timely way (generally within 30 days of our receipt of the written complaint).

If you are dissatisfied with the outcome of our investigation, you may take your privacy complaint to the Office of the Australian Information Commissioner (OAIC). For information on making a complaint to the OAIC, please visit the OAIC’s website privacy-complaint, or phone 1300 363 992.


Disclosure of this Privacy Policy

We will make hard copies of this privacy policy available upon written request or you can download the policy here. Due to the changing nature of the personal information we may collect and our business, we reserve the right to change this Policy from time to time as our needs dictate. If you have questions about how we deal with personal information these should be forwarded in writing to