Privacy Policy


  • All Staff, Committee Members, volunteers, clients, subscribers, donors and members of the public have access to the EDO ACT Privacy Policy.
  • At all times, an up to date copy of the EDO ACT Privacy Policy is to be kept in the EDO ACT office.


  • EDO ACT recognises the importance of, and is committed to protecting and upholding, the privacy and rights of individuals that EDO ACT deals with in relation to their personal information.
  • EDO ACT will ensure that:
  • it meets its legal and ethical obligations as an employer and service provider in relation to protecting the privacy of clients and others
  • clients are provided with information about their rights regarding privacy
  • clients, staff and others are provided with privacy when they are being interviewed or discussing matters of a personal or sensitive nature, and
  • all staff, Management Committee members and volunteers understand what is required in meeting these obligations.
    • This Privacy Policy explains how EDO ACT collects, uses, discloses and otherwise handles personal information. This Policy does not apply to employee records, however still applies to personal information about job applicants, contractors and volunteers or employees of related entities.
    • EDO ACT is subject to the Privacy Act 1988 (Cth) (including the Australian Privacy Principles under the Privacy Act 1988 (Cth)) and the Information Privacy Act 2014 (ACT). The EDO ACT is also required to comply with privacy obligations under one or more funding agreements. EDO ACT will follow the guidelines of the Australian Privacy Principles in its information management practices.


  • Personal information in general terms means any information that can be used to personally identify someone. It includes information or an opinion, whether true or not and whether recorded in a material form or not, about an individual who is identified or reasonably identifiable information.
  • Sensitive information is a subset of personal information and is given a higher level of protection. Sensitive information is defined in the Privacy Act and includes information or an opinion about an individual’s racial or ethnic origin; political opinions; membership of a political association; religious beliefs or affiliations; philosophical beliefs; membership of a professional or trade association; membership of a trade union; sexual preferences or practices; or criminal record.


  • The type of information collected will depend on the nature of a person’s interaction with EDO ACT, however EDO ACT may collect the following types of personal information:
  • identification and contact details, such as name, mailing or street address, email address, telephone number, age or birth date
  • other personal or sensitive information not covered above which be collected as a result of providing a client with legal advice
  • details of the services a client has requested or enquired about, or services provided, together with any additional information necessary to respond or deliver those services
  • any additional information relating to a client that a client provides in-person, by telephone, in writing or via email
  • when you seek legal assistance, we may collect your name, contact details, details of your guardian (if applicable), financial details and information about the matter you are seeking assistance with EDO ACT
  • when we provide legal assistance to our clients, we may collect your name, organisation and contact details
  • when you register for a subscription to a EDO ACT publication, we may collect your name, organisation and contact details and details about the information you access in our publications
  • when you make a donation to EDO ACT, we may collect your name, organisation, contact details, the amount and frequency of your donation and payment details
  • when you attend a professional development or training program or attend another event, we may collect your name, organisation, contact details, payment details (if applicable) and any dietary and accessibility requirements
  • when you participate in a survey, we may collect your name, organisation contact details and your survey responses
  • when you send us an enquiry, we may collect your name, contact details and details of your query
  • when you make a complaint, we may collect your name, contact details, the details of your complaint, information collected in any investigation of the matter and details of the resolution of the complaint
  • when you apply for a role at EDO ACT, we may collect the information you include in your application, including your cover letter, resume, contact details and referee reports.
    • EDO ACT is also required to collect some personal information relevant to the provision of legal advice under legal profession laws.
    • In some cases EDO ACT collects personal information through the use of cookies. When an individual accesses our website, we send a “cookie” (which is a small summary file containing a unique ID number) to the individual’s computer. EDO ACT uses cookies to measure traffic patterns, to determine which areas of our website have been visited and to measure transaction patterns in the aggregate. We use this to research our users’ habits so that we can improve our online services. If individuals do not wish to receive cookies, it is possible to set up a browser so that it does not accept cookies.
    • EDO ACT also logs server addresses, top level domain names, dates and times of visits, pages viewed and documents downloaded, previous sites visited and browser type (for example, Internet Explorer, Firefox) to analyse trends, administer the website and gather broad demographic information. This information is made anonymous and collected automatically.


  • EDO ACT collects personal information directly from an individual unless it is unreasonable or impracticable to do so. This may occur in a range of ways including in person; by letter, fax, email or telephone; on hard copy forms; through the website; from referring or third parties (with consent); and at events or forums.


  • When EDO ACT collects personal information, or as soon as possible after collection, we will provide individuals with a privacy notice (otherwise known as a collection notice) and/or refer individuals to this Privacy Policy.
  • The nature of EDO ACT’s work is that, generally, it is not possible to provide services or deal with individuals in an anonymous way. For example, if a client does not provide EDO ACT with the personal information described above EDO ACT may not be able to provide legal services to you, or to provide information about services.


  • EDO ACT collects, holds, uses and discloses personal information for the following purposes:
  • to assess whether a client is eligible for assistance
  • to provide legal services, referral or arrangement of non-legal assistance to clients
  • to answer enquiries and provide information or advice about EDO ACT’s services
  • to recruit staff, contractors and volunteers
  • for planning, quality control and for the creation of anonymous case studies
  • to update records
  • for use in monitoring and assessing EDO ACT’s services, including as part of peer review of service, and reporting to funding providers
  • to process and respond to any complaints, and
  • to comply with any law, rule, regulation, lawful and binding determination
    • EDO ACT may also collect, hold, use and disclose personal information for other purposes explained at the time of collection or which are required or authorised by or under law for which the individual has provided their consent.


  • EDO ACT may disclose your personal information to:
  • employees, volunteers, contractors or service providers for the purposes of providing legal services, fulfilling requests by clients, and to otherwise provide services to individuals including IT systems administrators, couriers, data entry service providers, electronic network administrators, and professional advisors such as accountants, solicitors, barristers and consultants, or provide services to EDO ACT, including managing EDO ACT’s computer network, website, databases, accounts or sending communications from EDO ACT, or on behalf of and as an agent for EDO ACT. In that circumstance at all times the EDO ACT will maintain effective control over the use of your personal information and ensure that it is used only in accordance with this policy.
  • any organisation for any authorised purpose with the individual’s express consent
  • other third parties where required by law
  • EDO ACT does not direct market, or provide personal information to other organisations for the purposes of direct marketing.
  • EDO ACT does not disclose personal information to anyone outside Australia


  • An individual may request access to any personal information EDO ACT holds about them at any time by contacting EDO ACT (see the details below). Where EDO ACT holds information that an individual is entitled to access, we will try to provide the information in the manner requested (for example, photocopies or by viewing a file) and in a timely way.
  • There may be instances where EDO ACT cannot grant access to the personal information held. For example, EDO ACT may need to refuse access if granting access would interfere with the privacy of others or if it would result in a breach of confidentiality. If that happens, EDO ACT will provide written notice outlining the reasons for the decision and available complaint mechanisms.
  • If an individual believes that personal information EDO ACT holds about them is incorrect, incomplete or inaccurate, then they may request us to amend it. EDO ACT will then consider if the information requires amendment. If we agree that it requires amendment we will take reasonable steps to correct that information. If EDO ACT does not agree that there are grounds for amendment then the individual may request that EDO ACT add a note to the personal information stating that the relevant individual disagrees with the information and EDO ACT will take reasonable steps to do so.
  • If EDO ACT corrects personal information about an individual and has previously disclosed that information to another agency or organisation that is subject to the Privacy Act, the individual may ask EDO ACT to notify that other entity and EDO ACT will take reasonable steps to do so, unless this would be impracticable or unlawful.
  • Client files
  • In addition to above, in circumstances where a client requests access to personal information held by EDO ACT, the Principal Solicitor will view the file and approve any copies of material to be given to the client prior to client access. A copy of the relevant part of the file will be made available to the client as soon as practicable after this.


  • What this Privacy Policy covers
    • The following privacy policy covers how EDO ACT manages personally identifiable information from visitors to the EDO ACT website.
    • EDO ACT’s privacy policy may change from time to time to reflect technological changes, policy changes, and feedback. Any changes will be posted on this page so that users are always aware of what information is collected, how it is used and the way in which information may be disclosed.
  • What personal information is collected by EDO ACT and when is it collected?
    • EDO ACT only collects personal information that that has been voluntarily provided to us. You can access and browse the EDO ACT website without disclosing any personal information.
      Instances in which we collect information from users include:
      a) Responding to inquiries made through our website
      b) Subscription to our newsletters and other alerts
      c) Donations to the EDO ACT through our website (Nationbuilder), or Everyday Heroes
      d) Application for membership, or renewal of membership
      e) purchase of publications or other resources
      f) Registration for workshops, legal education sessions, conferences and seminars
    • EDO ACT web site uses the IP (Internet Protocol) addresses of visitors to the site to administer the site, track users’ movements, and to gather broad demographic information. These addresses are not linked to personally identifiable information and therefore the information and statistics does not enable individual users to be identified.
  • Does EDO ACT use users’ personal information?
    • We use personal information for the purpose in which it was provided to EDO ACT. EDO ACT will record your email address if you send us a message. It will not be added to a mailing list, unless expressly requested by you. We will also use the information collected to notify you about any changes to our website and services. You can email to remove your email address from our mailing lists.
  • Does EDO ACT share user information?
    • The only time when a third party will have access to your personally identifiable information is where that third party is managing and/or maintaining the EDO ACT’s computer network, website or databases. In that circumstance at all times the EDO ACT will maintain effective control over the use of your personal information and ensure that it is used only in accordance with this policy.
      EDO ACT donations are collected through our website (Nation Builder), the website and Everyday Heros. For information on how your personal data will be managed, see their respect privacy policies.
  • Does this policy cover sites EDO ACT links to?
    • EDO ACT is not responsible for the content of external internet sites. Links to other relevant websites have been provided in good faith. When you click through to one of the linked websites, we recommend you read the privacy statement of that site to familiarise yourself with its privacy policy and practices before disclosing any personal information. Other internet sites or services that may be accessible through EDO ACT have separate data and privacy practices independent of us, and therefore we disclaim any responsibility or liability for their policies or actions. Please contact those vendors and others directly if you have any questions about their privacy policies.
  • What other security precautions should users take?
    • No data transmission over the Internet can be guaranteed to be 100% secure. As a result, while we strive to protect users’ personal information, EDO ACT cannot ensure or warrant the security of any information transmitted to it or from its online products or services, and users do so at their own risk.
      Once EDO ACT receives your transmission, we will make every effort to utilise appropriate technologies and security methods to store the information collected and prevent unauthorised access and improper use of the information.
  • Additional Information
    • Questions regarding this policy and any changes or updates to personal information we hold should be sent to


  • If an individual believes that their privacy has been breached, please contact our Chief Executive Officer in writing.
  • EDO ACT treats all complaints confidentially. Upon receipt of a complaint, EDO ACT will try to resolve all complaints in a timely, fair and reasonable way, by providing a response within 30 days.
  • If an individual is not satisfied with EDO ACT’s response, a complaint can be made to the Office of the Australian Information Commissioner (by telephone: 1300 363 992, by email or by post: GPO Box 5218 Sydney NSW 2001).


  • EDO ACT takes reasonable steps to ensure that personal information we collect, use and disclose is accurate, up-to-date and complete and relevant. EDO ACT also takes reasonable steps to ensure personal information is protected from misuse and loss and from unauthorised access, modification or disclosure.


  • For questions about this Privacy Policy, as well as any concerns or a complaint please contact the Chief Executive Officer on


  • EDO ACT reserves the right to amend this Privacy Policy from time to time, as may be necessary. We may notify you about changes to this privacy policy by posting an updated version on our website.

Subscribe to our Newsletter Contact Us


get updates