Friendship Tree | Friendship Tree

Privacy policy

This document is the privacy policy of Friendship Tree Foundation Limited (ACN 687 825 092). We respect your rights to privacy under the Privacy Act 1988 (Cth) (Privacy Act). Our privacy policy sets out how we collect and manage your personal information.

Table of contents

What does this privacy policy apply to?

This privacy policy applies to all personal information we collect and manage from our website www.friendshiptree.com.au, our Friendship Tree mobile application and our social media platforms.


What is personal information?

As defined in the Privacy Act, personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable (whether the information or opinion is true or not and whether the information or opinion is recorded in a material form or not). Generally speaking, personal information is any information that can be used to identify you.This may include your name, address, telephone number and email address, amongst other things.


What personal information do we collect and hold?

The types of personal information that we collect and hold about you depends on the nature of your relationship with us.

We do not collect personal information from children under 16 years of age, unless we have obtained valid consent on their behalf from their legal parent or guardian. If any parent or guardian is aware of or believes that the personal information of a child under 16 years of age has been disclosed to us, they should contact us to arrange for deletion/ de-identification of that information.


Donors, potential donors and other members of the public

If you are donating (or potentially donating) on any of our platforms, if you are enquiring about donating or if you are otherwise engaging on any of our platforms as a donor or potential donor, we may collect the following types of personal information about you:

  • your full name, age and date of birth;
  • contact details including your email address, telephone number and postal or street address;
  • financial information including details about any donation you make, such as the donated amount (and currency), the charity, transaction ID and credit card/digital wallet details;
  • any additional information about you that you provide to us via our website, our Friendship Tree mobile application or through social media, or when you deal with one of our personnel or ○ representatives (including by email, telephone or in person); and
  • your marketing preferences – for instance, whether you opt-in to various campaigns we may run from time to time.

We may also collect some information from you that is not personal information because it does not identify you (including where we do not require that you identify yourself when dealing with us). For example, we may collect technical information about how you use our website, our Friendship Tree mobile application or how you engage with our social media platforms (including about your computer or other device) – this could include IP addresses, device IDs and device details (e.g. browser details, OS, pages viewed, referring URL, error logs, interaction timestamps etc).


Collecting sensitive information

As defined in the Privacy Act, sensitive information includes health information, racial or ethnic background, sexual orientation or practices, criminal record, biometric and genetic information, religious, political or philosophical beliefs and membership of a union or political or professional association.

If you are donating (or potentially donating) on any of our platforms, we may collect sensitive information about you only when we are required to conduct identity checking. All sensitive information we collect as part of this process will only be collected with your explicit consent.


How we collect your personal information

We generally collect your personal information directly from you where possible. In some circumstances, we may collect personal information about you from third parties (including in the circumstances set out in this privacy policy or where it is otherwise impracticable for us to collect personal information directly from you).

We may collect personal information from you when you:

  • access or use our website or our mobile application (including when you create an account, interact with our app, submit a donation form, lodge a support ticket, subscribe to any of our marketing communications or submit an enquiry);
  • communicate with us or our representatives or personnel, including by telephone, email, SMS or instant message, completing a survey, via social media or in person; or
  • when you otherwise deal with us or our representatives or personnel (including as part of a business relationship that you or the third party that employs or engages you has with us).

In some cases, we may also collect personal information from third parties including:

  • from third party payment processors, identity verification vendors, social login providers and/or publicly available registers; or
  • from law enforcement agencies and other government entities.


Why we collect, hold, use and disclose your personal information

We generally collect personal information about you so that we can perform our business functions and activities. The purposes for which we collect, hold, use and disclose your personal information include:

  • to provide our products and/or services to you;
  • to comply with our contractual and organisational requirements;
  • to detect, investigate, and prevent fraud or misuse of our products and/or services;
  • to improve our products and/or services;
  • to answer your enquiries and to provide information or advice about our products and/or services;
  • to send marketing and other communications requested by you;
  • for administrative, marketing (including direct marketing), planning, product or service development, quality control and research purposes;
  • to consider and respond to any complaint that you may make; and
  • to comply with any law, rule, regulation, lawful and binding determination, decision or direction of a regulator, or in co-operation with any governmental authority.


Who we disclose your information to

We may disclose your personal information to:

  • our employees, contractors and service providers and other third parties for the purposes of operating our business, fulfilling requests by you, to manage our business or other relationship with you and to otherwise provide products and services to you;
  • our suppliers and other third parties in connection with any of the purposes listed in this privacy policy, including IT service providers (including cloud computing providers), third party identity verification service providers and payment processors;
  • registered charities and project partners that work with us;
  • our professional advisers such as accountants, lawyers, business advisers and consultants;
  • law enforcement agencies, regulators and other government entities such as AUSTRAC, ACNC and the ATO (where required or authorised by law); and
  • any other third party for any other purpose that you request or consent to.

We may disclose personal information to our contractors, third party suppliers and service providers located overseas for some of the purposes listed in this privacy policy. Some overseas-based entities may also be able to access your personal information, even if it is stored in Australia. When we do this, we take reasonable steps that are designed to ensure that the overseas recipients of your personal information do not breach applicable privacy obligations relating to your personal information. Your personal information may be disclosed to, accessible by or stored on our behalf by our IT service providers, who are located in Australia and our suppliers and other relevant third parties located in Australia.


Handling your personal information

Cookies and IP addresses

When you access or use our website or our mobile app, we may create and store a “cookie” (which is a small text file containing a unique ID number and other non-identifying information) on your computer or other device. This enables us to recognise your computer or device and to automatically log you in to your account again. We may also use cookies for fraud prevention and load balancing, as well as to measure traffic patterns on our website/our app and for marketing purposes. Our cookies do not collect personal information.

Security

We do not guarantee the security of transmission of any information that you send to us via our website, our mobile application or by email. We also cannot guarantee that the information you provide to us electronically (including over the internet) will not be intercepted while being transmitted.

Our website may include links to third-party websites. We do not make any representations or warranties regarding the privacy practices of these third-party websites. It is the responsibility of third-party websites to inform users about their own privacy practices, including how the operators of those third-party websites collect, hold, use or disclose any personal information or other information that you provide them or which they collect.

Direct marketing

We (or third parties acting on our behalf) may use and disclose your personal information to send you direct marketing communications about our products and/or services and information that we consider may be of interest to you, but only in accordance with applicable marketing laws, such as the Privacy Act, the Do Not Call Register Act 2006 (Cth) and the Spam Act 2003 (Cth). We may communicate with you for marketing purposes by telephone, mail, SMS, push notification, instant message and email. You can opt-out of receiving marketing communications from us by contacting us (using the details in the ‘Contacting us’ section below) or by using opt-out facilities provided in any email, SMS or instant message that we send to you. We will give effect to your opt-out request within a reasonable time (and in any event within the time required by applicable law).

Automated decision making and AI

In some parts of our business, we use personal information about you in connection with automated decision making systems, including artificial intelligence systems and similar computer programs. Specifically, we use automated decision making in conducting certain fraud checks and sanctions screening. Any decision that could reasonably be expected to significantly affect your rights or interests will be subject to human review on request.

Security and quality of personal information

We take reasonable steps to ensure that the personal information about you that we collect, use and disclose is accurate, complete, up to date and relevant, and to protect the personal information that we hold about you from misuse and loss and from any unauthorised access, unauthorised modification or unauthorised disclosure.

We may hold your information in either electronic or paper form. We take reasonable steps to destroy or de-identify your personal information when we no longer need it or when we are no longer required by law to retain it (whichever is the later). Specifically, we keep personal information:

  • relating to any transactions (such as donations) including Know-Your-Customer (KYC) records for a minimum of 7 years after the last donation;
  • relating to marketing data about individuals until they unsubscribe from the relevant mailing list or 2 years after their last engagement; and
  • in technical logs for 12 months unless required longer for security investigations.


Accessing and correcting your personal information

Access to your personal information

You have a right under the Privacy Act to request access to any personal information that we hold about you. You can make an access request at any time by contacting us using the contact details in the ‘Contacting us’ section below. We may require you to verify your identity before we respond to your request. We will respond to your request within a reasonable time. We do not charge a fee for simply making an access request. However, we may charge you a reasonable fee to cover our administrative and other reasonable costs in providing access to your personal information to you.

Where we hold personal information about you that you are entitled to access, we will provide you with access to your personal information. We may do this by posting or emailing a copy of your personal information to you. We will endeavour to accommodate any other method of providing access that you request.

There may be some circumstances where we cannot provide you with access to or a copy of some (or all) of the personal information that we hold about you. The Privacy Act sets out the basis on which we can do this. For example, we are permitted under the Privacy Act to refuse to provide you with access to your personal information if providing access would interfere with the privacy of others or if it would result in a breach of confidentiality. If we refuse to provide you with access to any of the personal information about you to which you have sought access, we will provide a written explanation of the basis for our refusal and set out any options that are available to you to complain about our refusal of your request.

Correcting your personal information

If you consider that any of the personal information that we hold about you is inaccurate, out-of-date, incomplete, irrelevant or misleading, then you may request that we correct it. We may require you to verify your identity before we respond to your request. We will consider if the information requires correction or updating and respond to your request within a reasonable time. If we refuse to correct any personal information about you, we will provide a written explanation of the basis for our refusal and set out any options available to you to complain about our refusal of your request.

If we refuse to correct your personal information, you have a right under the Privacy Act to request that we add a statement associated with the personal information stating that the information may be inaccurate, out-of-date, incomplete, irrelevant or misleading. We will not charge you for making a request that your personal information be corrected, for correcting your personal information or adding a statement associated with the personal information stating that it is inaccurate, out-of-date, incomplete, irrelevant or misleading.


Privacy complaints

If you consider that we have breached the Privacy Act when handling your personal information, you can make a complaint to us using the contact information below. We may ask that you provide details of your complaint so that we can investigate it. We will treat your complaint confidentially, investigate your complaint and aim to ensure that we respond to your complaint within a reasonable time (and in any event within the time required by the Privacy Act, if applicable).

If you are not satisfied with our response to your complaint, you have the right to make a complaint to the Office of the Australian Information Commissioner. You can find contact details for the Office of the Australian Information Commissioner at www.oaic.gov.au/contact-us.


Contacting us

If you have any questions about this privacy policy or any concerns or a complaint regarding our handling of your personal information, you can contact our Support Team using the details set out below.

Our Support Team can be contacted at:

Post: Support Team

Friendship Tree Foundation Ltd

C/O Dentons Brisbane

Level 16, 111 Eagle St

Brisbane City Qld

Australia 4000

Tel:   07 2143 9268

Email:   support@friendshiptree.com.au

We will treat your requests or complaints confidentially. If you have made a complaint, we will investigate your complaint and provide a written response. Our representative will contact you within a reasonable time after receipt of your query or complaint (and in any event within any time required by applicable law).


Changes to our privacy policy

We may make changes to this privacy policy from time to time, including to reflect any new or different collections, uses or disclosures of personal information. If we make any changes to our privacy policy, we will post an updated version of this privacy policy on our website and in our mobile application. The updated privacy policy will be effective from the date of posting.


Version

1.0

Review Date

23/10/2026

Approver

Adam White, Director

Effective Date

23/10/2026

Your inbox deserves a little good
Help grow a world where doing good is part of everyday life.
DonateAboutFAQArticlesFor donorsFor charitiesContact
© 2025 Friendship Tree. All rights reserved.
Privacy PolicyTerms of serviceACNC