PRIVACY POLICY
Ocean Impact Organisation Ltd
Overview
Ocean Impact Organisation Ltd (ACN 637 333 076) (OIO, we, our or us) respects your right to privacy, and is committed to safeguarding the privacy of all individuals who provide personal information to us. This privacy policy applies to all personal information provided to use, whether via OIO’s website, social media, or by any other means. By accessing or continuing to access any of our websites, social media pages, or similar channels, or by submitting personal information via any other means, you accept the terms of this privacy policy.
1. Applicable laws
1.1 We adhere to the Australian Privacy Principles contained in the Privacy Act 1988 (Cth) and, to the extent applicable, the EU General Data Protection Regulation (GDPR).
1.2 The following terms used in this privacy policy have the meanings given below:
(a) Aggregated Data, Controller, Processor, Special Categories of Personal Data, and Usage Data each have the respective meanings given to those terms in the GDPR.
(b) Personal information is information we hold which is identifiable as being about you or which is capable of identifying you. This includes information such as your name, age, gender, postcode, email address, identification number, or any other type of information that can reasonably identify an individual, either directly or indirectly.
1.3 For further information about this privacy policy, or if you have questions about any of your personal information which is held by us, you may contact us in writing at info@ocean-impact.org.
2. What personal information is collected
2.1 OIO delivers a range of programs and services which align with its core mission of creating an abundant and sustainable ocean through inspiration, innovation, leadership and good business. We will collect personal information that is reasonably necessary for us to perform one of our functions or activities, and in particular so that we can provide programs or services to you.
2.2 We will, from time to time, receive and store personal information you submit to our website, provided to us directly or given to us in other forms (including through any application that you submit in connection with one of our programs).
2.3 The type of personal information that we collect and hold will depend upon the nature of your engagement with us (such as whether you are submitting an application to be a participant in one of our programs, or whether you are visiting our website). This may include collecting basic information such as your name, phone number, address and email address to enable us to send you information, provide updates and process any application or submission you make to us.
2.4 We may collect additional information at other times, including but not limited to: any feedback you provide; any information you provide about your personal or business affairs, content changes or email preferences; any responses you submit to surveys and/or promotions; any financial or credit card information you provide to us; or any communications between you and any member of OIO’s engagement team.
2.5 We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal information, but is not considered personal information or personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal information so that it can directly or indirectly identify you, we will treat the combined data as personal information which will be used in accordance with this privacy policy.
2.6 We may collect some categories of Special Categories of Personal Data however this will only be processed as far as is necessary to facilitate our programs and services, and will only be done with your permission.
2.7 Where we need to collect personal information by law, or under the terms of a contract we have with you, and you fail to provide that personal information when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with services in connection with one of our programs). In this case, we may have to cancel a program or service you have with us, but we will notify you if this is the case at the time.
3. How we collect your personal information
3.1 OIO collects personal information from you in a variety of ways, including when you interact with us electronically or in person, when you access our website and when we engage in business activities with you. In some cases, we may receive personal information about you from third parties and publicly available sources. If we do, this personal information will only be collected by lawful means, and will be protected as set out in this privacy policy.
4. How we use your personal information
4.1 OIO may use personal information collected from you to provide you with information about our services or programs. We may also use your personal information make you aware of new and additional products, services and opportunities available to you.
4.2 OIO may use your personal information to improve our programs and services, to better understand your needs, and to personalise your experience.
4.3 We may disclose your personal information to comply with a legal requirement, such as a law, regulation, court order, subpoena, warrant, legal proceedings or in response to a law enforcement agency request.
4.4 OIO may contact you via a range of measures, including (but not limited to) telephone, email, SMS or mail.
4.5 OIO send you direct marketing communications and information about our services. This may take the form of emails, SMS, mail or other forms of communication, in accordance with the Spam Act and the Privacy Act. You may opt-out of receiving marketing materials from us by contacting us using the contact details in paragraph 1.3 of this privacy policy or by using the opt-out facilities provided in each communication from us (e.g. an unsubscribe link.)
4.6 If there is a change of control in our business or a sale or transfer of business assets, we reserve the right to transfer (to the extent permissible at law) our user databases, together with any personal information and non-personal information contained in those databases.
5. Disclosure of your personal information
5.1 OIO may disclose your personal information to any of our employees, officers, insurers, professional advisers, agents, program partners, suppliers or subcontractors insofar as reasonably necessary for the purposes set out in this privacy policy. This may include disclosing your personal information to third parties who work with OIO as program mentors, investors (including prospective investors), program collaborators and sponsors.
5.2 If we do disclose your personal information to a third party, we will protect it in accordance with this privacy policy.
6. General Data Protection Regulation (GDPR) for the European Union (EU)
6.1 OIO will comply with the principles of data protection set out in the GDPR for the purpose of fairness, transparency and lawful data collection and use.
6.2 We process your personal information as a Processor and/or to the extent that we are a Controller as defined in the GDPR.
6.3 We must establish a lawful basis for processing your personal information. The legal basis for which we collect your personal information depends on the data that we collect and how we use it.
6.4 We will only collect your personal information with your express consent for a specific purpose and any data collected will be to the extent necessary and not excessive for its purpose. We will keep your data safe and secure.
6.5 We will also process your personal information if it is necessary for our legitimate interests, or to fulfil a contractual or legal obligation.
6.6 We process your personal information if it is necessary to protect your life or in a medical situation, it is necessary to carry out a public function, a task of public interest or if the function has a clear basis in law.
6.7 We do not collect or process any personal information from you that is considered "Sensitive Personal Information" under the GDPR, such as personal information relating to your sexual orientation or ethnic origin unless we have obtained your express consent, or if it is being collected subject to and in accordance with the GDPR.
6.8 You must not provide us with your personal information if you are under the age of 16 without the consent of your parent or someone who has parental authority for you. We do not knowingly collect or process the personal information of children.
7. Your rights under the GDPR
7.1 If you are an individual residing in the EU, you have certain rights as to how your personal information is obtained and used. OIO complies with your rights under the GDPR as to how your personal information is used and controlled if you are an individual residing in the EU.
7.2 Except as otherwise provided in the GDPR, you have the following rights:
(a) to be informed how your personal information is being used;
(b) access your personal information (we will provide you with a free copy of it);
(c) to correct your personal information if it is inaccurate or incomplete;
(d) to delete your personal information (also known as "the right to be forgotten");
(e) to restrict processing of your personal information;
(f) to retain and reuse your personal information for your own purposes;
(g) to object to your personal information being used; and
(h) to object against automated decision making and profiling.
7.3 Please contact us at any time to exercise your rights under the GDPR at the contact details in this privacy policy.
7.4 We may ask you to verify your identity before acting on any of your requests.
8. Hosting and International Data Transfers
8.1 Information that we collect may from time to time be stored, processed in or transferred between parties, sites and hosting facilities located in countries outside of Australia. Transfers to each of these countries will be protected by appropriate safeguards, including one or more of the following: the use of standard data protection clauses adopted or approved by the European Commission (which you can obtain from the European Commission Website) or which otherwise comply with the GDPR, and/or the use of binding corporate rules, a copy of which you can obtain from OIO’s Data Protection Officer.
8.2 You acknowledge that:
(a) any personal information that you submit for publication through our website or services may be available, via the internet, around the world; and
(b) we cannot prevent the use (or misuse) of such personal data by others.
9. Security of your personal information
9.1 OIO is committed to ensuring that the information you provide to us is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.
9.2 Where we employ data processors to process personal information on our behalf, we only do so on the basis that such data processors comply with the requirements under the GDPR and that have adequate technical measures in place to protect personal information against unauthorised use, loss and theft.
9.3 The transmission and exchange of information is carried out at your own risk. We cannot guarantee the security of any information that you transmit to us, or receive from us. Although we take measures to safeguard against unauthorised disclosures of information, we cannot assure you that personal information that we collect will not be disclosed in a manner that is inconsistent with this privacy policy.
10. Access to your personal information
10.1 You may request details of personal information that we hold about you in accordance with the provisions of the Privacy Act 1988 (Cth), and to the extent applicable the EU GDPR. If you would like a copy of the information which we hold about you or believe that any information we hold on you is inaccurate, out of date, incomplete, irrelevant or misleading, please email us at the address in paragraph 1.3.
10.2 We reserve the right to refuse to provide you with information that we hold about you, in certain circumstances set out in the Privacy Act or any other applicable law.
11. Complaints about privacy
11.1 If you have any complaint or concern about our privacy practices, please send details of your complaint or concern to the address in paragraph 1.3. We take complaints and concerns very seriously and will respond shortly after receiving written notice of your complaint or concern.
12. Changes to Privacy Policy
12.1 Please be aware that we may change this privacy policy in the future. We may modify this Policy at any time, in our sole discretion and all modifications will be effective immediately upon our posting of the modifications on our website or notice board. Please check back from time to time to review our privacy policy.
13. Website
13.1 When you visit our website: When you come to our website, www.ocean-impact.org, we may collect certain information such as browser type, operating system, website visited immediately before coming to our site, etc. This information is used in an aggregated manner to analyse how people use our site, such that we can improve our service.
13.2 Cookies: We may from time to time use cookies on our website. Cookies are very small files which a website uses to identify you when you come back to the site and to store details about your use of the site. Cookies are not malicious programs that access or damage your computer. Most web browsers automatically accept cookies but you can choose to reject cookies by changing your browser settings. However, this may prevent you from taking full advantage of our website. Our website may from time to time use cookies to analyses website traffic and help us provide a better website visitor experience. In addition, cookies may be used to serve relevant ads to website visitors through third party services such as Google AdWords. These ads may appear on this website or other websites you visit.
13.3 Third party sites: Our site may from time to time have links to other websites not owned or controlled by us. These links are meant for your convenience only. Links to third party websites do not constitute sponsorship or endorsement or approval of these websites. Please be aware that OIO is not responsible for the privacy practices of other such websites. We encourage our users to be aware, when they leave our website, to read the privacy statements of each and every website that collects personal identifiable information.
Last updated: 24 August 2020