Add to collection(s) Add to saved
  1. Social Science
  2. Law

SmartyGrants Privacy Policy (Grantmakers)

advertisement 
SmartyGrants Privacy Policy
(Grantmakers)
This Privacy Policy explains how Our Community, which operates the grant management system
SmartyGrants, handles your personal information and data. It is based on the Australian Privacy
Commissioner's National Principles for the Fair Handling of Personal Information.
Our Community is committed to protecting your privacy, and establishing a trusting relationship
with our users is central to our work practices. These values permeate all of our enterprises,
including SmartyGrants.
SmartyGrants is used by Grantmakers (people and organisations who manage grant programs
and build forms for applicants to submit online) and grantseekers, referred to here as applicants
(people who fill in the forms created by grantmakers). This policy describes our privacy provision
as they relate to Grantmakers.
If you have comments or questions regarding this privacy statement, please contact:
service@smartygrants.com.au or send us a letter via: PO Box 354 North Melbourne Victoria,
Australia 3051.
Last updated: 26 September 2013
Table of contents
Key privacy points: The stuff you really care about ......................................................................... 1
Summary table: what we share with whom ..................................................................................... 2
What data is collected? ................................................................................................................... 3
Who controls the data and how do I access it or correct it?............................................................. 4
How does Our Community store my data? ...................................................................................... 5
How do we treat your data .............................................................................................................. 5
How we use your information: ......................................................................................................... 5
Information disclosed to people outside of Australia........................................................................ 6
How to contact us or make a complaint about a breach of your privacy .......................................... 9
What you are agreeing to by using SmartyGrants ........................................................................... 9
SmartyGrants Privacy Policy (Grantmaker)
1
Key privacy points: The stuff you really care about

Customer Data is stored on servers located in Australia. We collect different types of
date (we explain the difference types below), but to be clear your Customer Data, which is
the data you enter into the system and includes the submissions you receive from
applicants, is stored on servers located in Australia and we do not transfer this data
offshore for processing.

We don’t sell data your data to third parties. Our Community treats all information
collected as if it were private. We don't sell the information to anyone and we don't use the
responses grantmakers receive or that applicants fill out for our own purposes, except in a
limited set of circumstances outlined in this privacy policy (for example: if we are compelled
to by a law or if you've made parts of your submission public).

We do share some data with trusted service providers. In order to manage and improve
SmartyGrants we use a number of third party service providers; for example, we may use
Google to manage our email. See the summary table below for details about what we share
with whom and for what purposes. Please note that a number of these service providers
are located outside of Australia and that the data we pass to them will therefore be
processed outside of Australia.

SmartyGrants forms are administered by grantmakers. Grantmakers may create any
forms they require to administer their grants programs. SmartyGrants hosts these forms on
our websites and collects the responses applicants submit to grantmakers. Applicants will
contact grantmakers directly if they have any questions about forms they are completing, as
Our Community is not responsible for the form’s content, nor applicants’ responses to it. Of
course, if you have a privacy policy of your own, you will want to ensure your use and
control of applicants’ information complies with it.

The applicant owns the data until they submit it; and grantmakers must be clear on
this. It is vital grantmakers are clear that until an applicant submits a response to a form,
the contents of the form belong to the applicant. Grantmakers have no right to view the
contents of an unsubmitted response unless applicants explicitly give them access. Once
forms are submitted, they then become subject to your own privacy policy.

Anonymity and pseudonymity: You are free to browse SmartyGrants and to preview
forms anonymously. However, to login into the SmartyGrants service you or an
organisation you work with must register an account using your actual name and email
address.
Summary table: what we share with whom
Data Collected
Usage Data, Device Data,
Referral Data, Metadata
Parties Involved
Data Controller: Our
Community
(For example: Cookies and IP
address)
Shared with:



SmartyGrants Privacy Policy (Grantmaker)
Use of data
Purpose: Website performance,
availability and traffic analysis.
Google
New Relic
Preact.io
2

Registration Information
(For example: First Name, Last
Name, Email Address,
Organisation Name)
Data Controller: Our
Community
(For example: Any text,
attachments or other input)
Campaign Monitor
Preact.io
Data Controller: Applicant
/ Grantmaker
Purpose: The operation of
SmartyGrants.
Shared with:
Grants applicants retain full
control of any response they
have not formally submitted to a
grantmaker. However once a
response is submitted, it falls
under the control of you, the
grantmaker.



Emails, Customer Support
Queries and other data you
intentionally share
Purpose: The operation of
SmartyGrants.
Shared with:


Customer Data
Segment.io
Australian
Business Register
(ABN numbers
only)
Our Community
Grantmaker (only
with your
approval)
Data Controller: Our
Community
Any privacy or information
policies you have in place will
also come into play once you
take control of applicants’
information. SmartyGrants will
direct any applicants with
questions about grantmakers’
privacy policies to you for further
information.
Primary Purpose: To provide
support for the use of
SmartyGrants
Shared with:
(For example: Emails to
service@smartygrants.com.au)



Google
Highrise
Desk.com
Secondary Purpose: To maintain
appropriate business records
What data is collected?
Information we collect directly from you

Registration information:
o
You need to have a registered account to log into a SmartyGrants account before
you use or view any information in SmartyGrants.
o
When you or someone in your organisations register you, for an account we collect
your name, email address, organisation name and password. We use cookies to
store session information in order to enable login-based features.
SmartyGrants Privacy Policy (Grantmaker)
3
o

Customer Data:
o

You can block or delete cookies and still use SmartyGrants, although if you do you
will then be asked for your email address and password every time you access
SmartyGrants.
We safely store data submitted through SmartyGrants – including forms, responses,
reports, grant information.
Customer support queries and other data you intentionally share.
o
We may collect your personal information or data if you submit it to us in other
contexts; for example, if you email a query to us.
Information we collect about you from other sources


Usage data.
o
We collect usage data about you whenever you interact with our services. This may
include data on which SmartyGrants webpages you visit, what you click on, when
you performed those actions, and so on.
o
Additionally, like most websites today, our web servers keep log files that record
data each time a device accesses those servers. The log files contain data about
the nature of each access, including the IP address from which the contact
originated.
o
Some data will contain identification numbers, which might include the ID number of
your user account or application. This information in and of itself does not identify
you; however, when combined with data we hold within SmartyGrants would allow
us to identify the actions taken by individuals.
Device data.
o

Referral data.
o

We collect data from the device and application you use to access our services,
such as your IP address and browser type. We may also infer your geographic
location based on your IP address.
If you arrive at an Our Community website from an external source (such as via a
link on another website or an email), we record information about the source that
referred you to us.
Metadata.
o
We use the term 'metadata' to describe the context rather than the content of the
data we collect. This might include, for example, the time and date and location of
the creation of the data, the size of the data (for example: word count), and the time
it took to the create the data. Metadata, when taken as a whole, may help us to
improve our services, as well as the way you as grantmakers provide your services
to those who use SmartyGrants to apply for funding.
Who controls the data and how do I access it or correct
it?
SmartyGrants Privacy Policy (Grantmaker)
4
When we talk about a data controller, we are referring to the legal entity or person with the right to
make decisions regarding the purposes, and the methods, of processing collected data. This
includes the security measures concerning the operation and use of the data.
Where Our Community is the Data Controller you can request access to the personal information
we hold about you, or to request that we change that personal information. We will allow access or
make the changes unless we consider that there is a sound reason under any relevant law to
withhold the information, or not make the changes.
If we do not agree to make your requested changes to personal information, you may make a
statement about the requested changes and we will attach this to the record.
You can obtain further information about how to request access or changes to the information we
hold about you by contacting us (see contact details below).
How does Our Community store my data?
We do all we can to protect your privacy and provide a secure environment for your data. We take
all reasonable steps to ensure the security of the personal data we hold is protected from such
risks as loss or unauthorised access, destruction, use, modification or disclosure of data.
All registration information, as well as Customer Data used as part of SmartyGrants, are passwordprotected to provide additional security. We ask that you do not reveal or share your password with
anyone. Our Community will never ever ask for your password, either verbally or through phone or
email contact (whether initiated by you or us).
Where we share data with service providers, the data is stored in their systems and is subject to
their security and privacy standards. We have been careful about selecting our service providers
and believe they all take data privacy and security seriously. For your information we have also
provided links to all of our service provider’s privacy policies below.
How do we treat your data
We know that, in many cases, you will wish to keep private any applications and other data you
have stored in SmartyGrants. We do not use your data for our own purposes, except in the limited
circumstances described in this privacy policy or unless we have your express consent. We also
make it very clear in our agreement with Grantmakers that we cannot sell Customer Data to third
parties.
Generally, we use the information we collect from you only in connection with providing our
services to you and through that, to those seeking and applying for grants from you. However,
there are some other limited uses, as listed below.
How we use your information:
To provide you with our services:

To provide you with support if you need technical assistance.

Certain features of our services may result in different use of your data; for example, some
Grantmakers may use the ABN look-up functionality, which involves SmartyGrants passing
SmartyGrants Privacy Policy (Grantmaker)
5
ABN numbers to the Australian Business Register in order to retrieve your organisation's
registration details.
To manage our services:
We may use your information, including certain Customer Data, for the following limited purposes:

To monitor and improve our services and features. We perform statistical and other
analysis on information we collect (including usage data, device data, referral data and
metadata) to study and measure user behaviour and trends, to understand how people use
our services, and to monitor, troubleshoot and improve our services.

To assist the enforcement of our Agreement with grantmakers.

To prevent potentially illegal activities.

To screen for undesirable or abusive activity. For example: We have an automated
virus scan that checks all file attachments.
To create new services, features or content (public data and metadata only):
We may use Usage Data, Device Data, Referral Data and any other Metadata to create and
provide new services, features or content. For example, we may look at statistics like response
rates, question-and-answer word counts, and the average number of questions in a form in order
to publish observations and findings for informational or marketing purposes. When we do this,
neither individual grantmakers nor applicants will be identified or identifiable unless we have
obtained their permission.
To contact you about your service or account:
We may occasionally send you communications of a transactional nature (for example: servicerelated announcements, changes to our services or policies, a password reminder email). You
can't opt out of these communications since they are required in order for us to provide our
services to you.
To respond to legal requests and prevent harm:
If we receive a subpoena or other legal request, we may need to inspect the data we hold to
determine how to respond.
Information disclosed to people outside of Australia
While SmartyGrants is an Australian product, our services are used by organisations all around the
world to manage their grant programs. If you, or the grantmaker you are working with, are located
outside Australia, then data will be transmitted outside of Australia. However, all Customer
Data stored within SmartyGrants is kept on our servers, which are physically located in Sydney,
Australia.
Our Community also uses a number of service providers to handle data that is not
Customer Data.
Some of these service providers are located outside Australia. Their details are listed below,
including the jurisdiction in which the data will be processed. By using SmartyGrants you consent
to the following types
Data Disclosed
Service Provider
SmartyGrants Privacy Policy (Grantmaker)
6
Usage Data,
Device Data,
Referral Data,
Metadata
►Google
Service provided: Google Analytics is a web analysis service supplied by
Google which uses "cookies" to collect your Navigation Data. This
information is forwarded to, and deposited on, Google's servers in the
United States.
Address: 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA
More information: http://www.google.com/intl/en/policies/privacy/
Data processing location: United States of America
►New Relic
Service provided: New Relic is an all-in-one web application performance
tool that lets companies see their site’s performances from the end-user's
perspective through servers and down to the line of application code.
Address: 101 Second Street, 15th Floor, San Francisco, CA 94105
More information: http://newrelic.com/privacy
Data processing location: Various countries, including the United States
of America.
►Segment.io
Service provided: Segment.io is a simple analytics API that transforms
business analytics data and routes it to other analytics services, such as
Google Analytics, Mixpanel, KissMetrics, Olark, Salesforce, etc.
Address: 101 Second Street, 15th Floor, San Francisco, CA 94105
More information: https://segment.io/privacy
Data processing location: Various countries, including the United States
of America.
►Preact.io
Service provided: Preact.io makes the context of user actions available to
members of the SmartyGrants support team as many problems can be
solved in a single response rather than complex troubleshooting.
Address: 13488 W. Maxella Ave., Suite 530 Marina del Rey, CA
90292
More information: http://www.preact.io/privacy
Data processing location: The United States of America
SmartyGrants Privacy Policy (Grantmaker)
7
Registration
Information
►Campaign Monitor Pty Ltd
Service provided: hosted email newsletter service.
Address: Suite 404 3/5 Stapleton Avenue, Sutherland NSW 2232, Sydney,
Australia
More information: http://www.campaignmonitor.com/privacy/
Data processing location: The United States of America.
►Preact.io
See details above.
Emails, customer
support queries
and other data you
intentionally share
with us
►Google
Service provided: hosted email service.
Address: 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA
More information: http://www.google.com/intl/en/policies/privacy/
Data processing location: United States of America
►Highrise
Service provided: Highrise is a "shared contact management" web
application.
Address: 37signals, 30 North Racine Avenue #200, Chicago, IL 60607
USA.
More information: http://37signals.com/privacy
Data processing location: Various countries, including the United States
of America.
►Desk.com
Service provided: Desk.com is an online customer service and support tool
that is powered by Salesforce.com
Address: 501 2nd Street – Suite 350, San Francisco, CA 94107
More information: http://www.desk.com/privacy
Data processing location: Various countries, including the United States
of America.
SmartyGrants Privacy Policy (Grantmaker)
8
How to contact us or make a complaint about a breach
of your privacy
If you believe that Our Community has not protected your personal information as set out in this
Privacy Policy you may make a complaint with us by:

Calling (+61) 03 9320 6800

Emailing service@ourcommunity.com.au

Sending a letter to us at:
Attn: Privacy Officer
Our Community (SmartyGrants)
PO Box 354
North Melbourne VIC 3051
Australia
We will respond to your complaint within 30 days of receiving it, and treat seriously any claims of
privacy breaches.
What you are agreeing to by using SmartyGrants

You consent to the collection, use, disclosure and processing of your personal data in the
manner described in this Privacy Policy.

You consent to us sharing your personal data with relevant persons working for service
providers who assist us to provide our services.

If you have enabled cookies on your web browser, you consent to our use of cookies as
described in this Privacy Policy.

You consent to our use of metadata for the purposes described in this Privacy Policy.
SmartyGrants Privacy Policy (Grantmaker)
9
Related documents
“Contrasting the early 19th versus early 21st Centuries”
“Contrasting the early 19th versus early 21st Centuries”
Central Missouri Cardiovascular Associates P
Central Missouri Cardiovascular Associates P
Privacy Confidentiality Minor
Privacy Confidentiality Minor
IAPP presentation - International Association of Privacy Professionals
IAPP presentation - International Association of Privacy Professionals
Maintaining Privacy and Dignity in Care (Fiona Throp)
Maintaining Privacy and Dignity in Care (Fiona Throp)
Download
advertisement