Skip to content

Privacy policy

Our privacy obligations

The Everyone Project is governed by the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth) and other relevant laws. The APPs regulate how personal information is handled by The Everyone Project.

‘Personal information’ means information or an opinion about an identified individual, or an individual who is reasonably identifiable. The Everyone Project’s Privacy Policy applies to personal information collected and/or held by The Everyone Project.

This is our general privacy policy. Representations and undertakings that provide individuals with additional privacy protections may be made in respect of particular services or functionality within them (for an example, request a link to The Everyone Project Survey)

‘We’ in the policy refers to The Everyone Project and the people who work for it, including its employees and contractors.

We will review this policy regularly, and we may update it from time to time.

Data Security

The Platform is hosted on a cloud service with the highest level of certification provided by the Australian Signals Directorate, currently Microsoft’s Azure service. All data is managed in accordance with our Data Security Measures and Access Policy. This is the organisation’s policy and process for securing, controlling and recording access to data, including personal information, held by the organisation. This aims to provide the highest practical level of data security for the platform and information provided to it

The types of personal information we collect and hold

We collect personal information about our subscribers, users and contributors, as part of our routine activities.

We also collect personal information about our staff, contractors and suppliers, as well as the contact details of individuals who work for current, past and prospective customers, suppliers, and other types of professional associates and personal contacts.

How we collect personal information

We collect personal information directly from you wherever practical to do so. This includes information provided on your behalf by your parent/guardian where appropriate.

Information that you specifically give us

We may ask you to provide us with certain types of personal information if you wish to obtain a particular service or product from us. This might happen over the telephone, through our website, by filling in a paper form, or meeting with us face-to-face. We will give you notice at the time, to explain how we will use the personal information we are asking for. This notice is called a Collection Notice. The notice may be written or verbal.

You might also provide your personal information to us, without us directly asking for it, for example if you engage with us on social media.

Information that we collect from others

We may collect limited personal information about you from third parties for the purposes of contacting you and encouraging you to engage with our services. We will take reasonable steps to ensure any third party supplying personal information to us has your consent to do so and/or is otherwise complying with relevant laws in providing such information.

If you apply for a job or contract with us, we may collect personal information about you from your referees. We may also check some details about our suppliers from publicly available sources, such as the Australian Business Register and ASIC databases and issuers of any particular qualifications you represent as holding.

We will also collect information from the public domain, such as through google searches or public information made available on social media services.

Information that we generate ourselves

We maintain some records of the interactions we have with individuals, including the services we have provided to you and responses to any enquiries you have made. We may categorise you on the basis of information we have learnt about you through your activities, interactions, or online behaviour.

We may collect limited information about users of our websites, for diagnostic and analytic purposes. We may use cookies and gather IP addresses to do so, but we do not trace these back to individual users. If we ever need to do this we will seek your consent first.

Unsolicited information

We do not intentionally collect unsolicited personal information. Notwithstanding this there may be times when such information is received, such as when an individual informally contacts us seeking support and includes this information in their support request. This information is reviewed as soon as practical and deleted unless we believe we have a legal obligation to retain the information, or it is required for a permitted use under this policy and it is impractical to destroy and then solicit this information again through our established collection channels (and if it is sensitive information, it has been provided directly by the individual it relates to or their parent/guardian where appropriate). Where such information is not initially deleted it is then destroyed or de-identified in as soon as it is no longer needed.

The types of personal information we collect

The types of personal information we collect includes:

Links to other sites

On our website, we may provide links to third party websites. These linked sites are not under our control, and we do not accept responsibility for the conduct of companies linked to or from our website. Before providing your personal information via any other website, we advise you to examine the terms and conditions of using that website and its privacy policy

How we use personal information

We may use your personal information for the following purposes:

We will keep personal information about you, to use for the above purposes, for as long as we deem reasonably necessary to fulfil these purposes. After this we will delete this information from our systems.

3rd parties and the disclosure of personal information

We won’t disclose the personal demographic information provided to us to any third party.

Our third party service providers

Our services are hosted ‘in the cloud’ on our behalf in Australia on servers maintained by an Australian Signals Directorate Certified Cloud Service; Microsoft Azure. This information is encrypted and subject to the highest practical security measures.

Other personal information of subscribers, users and contributors, staff, suppliers and other contacts may be held on our behalf inside or outside Australia, including ‘in the cloud’, by our third party service providers whilst we are using those services. Our third party service providers are bound by contract to only use your personal information on our behalf, under our instructions.

Our third party service providers include Office 365 and OneDrive, Mailgun, Mailchimp, Xero, Dropbox, G-suite, including Gmail. We will update this Privacy Policy periodically to note any similar services we are using.

Other disclosures and transfers

We may also disclose your personal information to third parties for the following purposes:

Accessing or correcting your personal information

You have the right to request access to the personal information The Everyone Project holds about you. Unless an exception applies, we must allow you to see the personal information we hold about you, within a reasonable time period and without unreasonable expense. Currently we do not charge anything for this.

You also have the right to request the correction of the personal information we hold about you. We will take reasonable steps to make appropriate corrections to personal information so that it is accurate, complete and up-to-date. Unless an exception applies, we must update, correct, amend or delete the personal information we hold about you within a reasonable time period. We do not charge for making corrections.

To seek access to, or correction of, your personal information, please contact our Privacy Officer.

To contact our Privacy Officer

If you have an enquiry or a complaint about the way we handle your personal information, or to seek to exercise your privacy rights in relation to the personal information we hold about you, you may contact our Privacy Officer as follows:

Our Privacy Officer is:

While we endeavour to resolve complaints quickly and informally, if you wish to proceed to a formal privacy complaint, we request that you make your complaint in writing to our Privacy Officer, by email as above. We will acknowledge your formal complaint as soon as practical and at least within 10 working days. We will endeavour to respond to your complaint within this same timeframe.

If we do not resolve your privacy complaint to your satisfaction, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) by calling them on 1300 363 992, making a complaint online at www.oaic.gov.au, or writing to them at OAIC, GPO Box 5218, Sydney NSW 2001.

Please contact us with any queries or feedback: privacyofficer@theveryoneproject.org