Welcome to our new website – explore our projects, news and member resources.
Skip to content


About the Riverine Plains privacy policy

The purpose of this privacy policy is to:

  • Clearly communicate the personal information handling practices of Riverine Plains
  • Enhance the transparency of Riverine Plains operations
  • Give individuals a better and more complete understanding of the sort of personal information Riverine Plains holds, and the way we handle that information.

If you would like to request the Privacy Policy in an alternate format (e.g. for the vision impaired), please contact us at info@riverineplains.org.au and reasonable steps will be taken to provide alternate access.

This Privacy Policy is reviewed and updated annually. Updates will be provided on our website. This Privacy Policy was last reviewed June 2024.

Our obligations under the Privacy Act

This Privacy Policy sets out how we comply with our obligations under the Privacy Act 1988 (Privacy Act). As a not-for-profit and recipient of public grant and RD&E funding, we are bound by the Australian Privacy Principles (APPs) contained in the Privacy Act which regulate how government agencies collect, use, store and disclose personal information, and how individuals may access and correct personal information held about them.

Personal information

Personal information is defined in Section 6(1) of the Privacy Act as ‘information or an opinion about an identified individual, or an individual who is reasonably identifiable:

  • Whether the information or opinion is true or not, and
  • Whether the information or opinion is recorded in a material form or not, and
  • What constitutes personal information will vary, depending on whether an individual can be identified or is reasonably identifiable in the particular circumstances.

For example, personal information could include:

  • A name or address
  • Bank account details
  • Photos or videos
  • Information about an individual’s traits, their opinions or where they work.

Note: information does not have to include an individual’s name to be personal information. For example, in some cases, a date of birth and postcode may be enough to identify a person.

Sensitive information

Sensitive information is a subset of personal information with additional requirements as defined under the Privacy Act:

  • Information or an opinion about an individual’s racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices, or criminal record that is also personal information
  • Health information about an individual
  • Genetic information about an individual
  • Biometric information that is to be used for the purpose of automated biometric verification/identification and biometric templates.

Types of personal information collected and held

We may collect and hold a variety of personal information:

  • information about identity (eg. date of birth, country of birth, passport details, visa details and drivers licence)
  • name, address and contact details (eg. phone, email and fax)
  • information about personal circumstances (eg. age, gender, marital status and occupation)
  • information about financial affairs (eg. payment details, bank account details, ABN)
  • information about employment (eg. applications for employment, work history, referee comments and remuneration)
  • photos, videos or audio of individuals
  • education details (level of education, study assistance and courses).

We may also collect and hold a variety of sensitive information:

  • racial or ethnic origin
  • membership of trade or professional associations or unions
  • criminal record
  • health information
  • farm information and management data.

In some situations, we provide the option for individuals to not identify themselves or use a pseudonym when dealing with Riverine Plains (unless it is impracticable to do so, or the we are legally required to deal with individuals who identify themselves).

For example, these situations could include when seeking general information about a program, grant or consultation process. Identification will generally only be necessary where it would be inappropriate not to identify yourself, such as if you are enquiring about the status or details of your own application for a particular program.

Collection of your personal information

Why Riverine Plains collects your personal information

Where Riverine Plains collects and holds your personal information, it is collected and held for our business purposes, which are generally to provide services to you.

We collect and hold a broad range of personal information in records relating to:

  • Individuals participating in programs and initiatives that we fund or deliver
  • The management of contracts and funding agreements
  • Individuals on our committees or participating in a meeting or consultation with us
  • Correspondence from members of the public or organisations to us
  • Complaints (including complaints relating to privacy) and feedback provided to us
  • Requests for access to information we hold about you or other information about Riverine Plains operations
  • The performance of our legislative and administrative functions
  • Employment and personnel matters for our staff and contractors.

We collect personal information for the following reasons:

  • To co ordinate or fund RD&E activities and other programs and initiatives in relation to the primary industries that Riverine Plains is responsible for;
  • To monitor, evaluate and report to the funders, our Board and its representative organisations on RD&E activities that are co ordinated or funded, wholly or partly, by Riverine Plains;
  • To disseminate and commercialise, and facilitate the dissemination, adoption and commercialisation of, the results of RD&E activities;
  • To carry out marketing activities for the benefit of the primary industries that Riverine Plains is responsible for;
  • To provide customer service support to stakeholders associated with Riverine Plains programs, events and/or platforms; and
  • For our internal business purposes (for example, to prepare metrics and analytics on Riverine Plains portfolio of research projects, or to collect website usage and engagement information).

How Riverine Plains collects your personal information

We generally collect personal information from you when you communicate with us. We collect personal information through a variety of means including the use of forms (either electronic or hard copy), online portals, other electronic or paper correspondence (including emails and written correspondence) and, at times, verbal conversations or interviews.

This may include, but is not limited to, the following means:

  • Directly from you in the course of delivering Riverine Plains activities or programs;
  • When you enter into any agreements with Riverine Plains, including Research Agreements or Provider Agreements in relation to
  • Riverine Plains’ research activities, or Partnership Agreements in relation to Riverine Plains events and programs;
  • When you submit emails or electronic forms to us (either in hard or soft copy) for matters such as signing up to newsletters and updates, registering as a participant for Riverine Plains event, registering as a Riverine Plains member, or logging into the Riverine Plains’ member portal
  • When you attend a committee, Project Reference Group or project meeting, or an event run by us;
  • When you submit a request or query to us face-to face, in writing or by telephone; and
  • Through the use of automated technologies or interactions such as clickstream data, Google Analytics, HubSpot, cookies, server logs and other similar technologies.

In many cases, when we collect your personal information, we will issue you with a collection notice explaining the purpose of the collection, the intended use of the personal information and to whom we may disclose it.

When we collect personal information about you, in the majority of cases, this will be information provided directly from you for the particular function or activity we are carrying out.

Other entities that may collect your personal information on behalf of Riverine Plains

As well as collecting personal information directly from you, we may also collect your personal information through other individuals or organisations acting our behalf, including those such as contracted service providers. If this occurs, such collection will be in accordance with the APPs.

We may collect personal information about you from a third party if you have been nominated as a representative or a contact person of that entity in its dealings between us and the relevant third party.

Unsolicited personal information

On occasion, unsolicited personal information is provided to Riverine Plains by individuals (or other entities) without it being requested. In such circumstances, we will determine whether or not we could have collected the personal information via our regular methods and if so we may use and handle the personal information as if we had collected it. If we determine that the personal information could not have been collected by us via our regular methods and the information is not contained in a Commonwealth record, we will destroy or de-identify the information provided it is lawful and reasonable to do so.

Consequences if personal information is not collected

If you do not or are unable to provide us with the requested personal information, we may not be able to provide you with the information, goods or services which you have requested or enable you to participate in Riverine Plains’ programs, research projects or events.

Storing and securing personal information

We will take all reasonable steps to protect your personal information from loss, unauthorised access, use, modification or disclosure, and against other misuse.  Among other things, we take reasonable steps to safeguard our IT systems against unauthorised access, and ensure that paper-based files are secured. We also ensure that access to your personal information within our systems is only available to our staff that needs such access in order to do their work.

When the personal information that we collect is no longer required, we delete or destroy it in a secure manner, unless we are required to maintain it because of a law, or court or tribunal order.

This situation might arise where the Archives Act 1983 requires that we maintain your personal information because it is, or forms part of, a Commonwealth record. We are also required to maintain records for certain other purposes, including where the National Archives of Australia issues a disposal freeze in response to prominent or controversial issues or events. More information on current disposal freezes is available from the National Archives of Australia website.

Personal information held by third parties

Under the Privacy Act we are required to take measures to ensure that when your personal information is to be held by a third party, that the third party complies with the same privacy requirements applicable to the department.

We have privacy clauses in all of its legal documents, including funding contracts and deeds, services contracts and various other ad-hoc arrangements. This is to ensure third parties we deal with are required to handle personal information in accordance with the APPs.

Use and disclosure of your personal information

The purpose for collecting your personal information is important as it restricts how we can use and disclose your personal information, unless an exception in the Privacy Act applies.

Unless an exception applies, the corporation will:

  • Only use or disclose your personal information for the primary purpose it was collected, and
  • Notify you of this purpose at the time of collection, or as soon as practicable after collection.

We will only use or disclose your personal information for another purpose if you consent to that secondary purpose, or where you would reasonably expect us to use or disclose it for that secondary purpose (and the secondary purpose is related to the primary purpose).

Riverine Plains may disclose your personal information to a third party if the disclosure is necessary to prevent or lessen a serious and imminent threat to the life, health or safety of you or another person and it is unreasonable or impracticable to obtain your consent.

Riverine Plains may disclose your personal information to overseas recipients only in accordance with the Privacy Act. Overseas recipients are likely to be located in numerous countries.

Riverine Plains will not otherwise disclose your personal information without your consent unless required or authorised by law.

Sensitive information

If Riverine Plains holds any sensitive personal information about you, that information will only be used and disclosed by Riverine Plains if you have consented to such use and disclosure (your provision of that information will be taken to be consent) and will only be used and disclosed for the purpose that it was provided by you.

How to access and seek correction of personal information

Individuals have a right to request access to their personal information and to request its correction if it is inaccurate, out of date, incomplete, irrelevant or misleading. Requests for access to or correction of personal information should be directed to our Finance & Governance Manager.

We will take reasonable and practicable steps to provide you access and/or make a correction to your personal information within 30 calendar days, unless we consider there is a sound reason under the Privacy Act or other relevant law to withhold the information, or not make the changes.

If we do not provide you access to your personal information, or refuse to correct your personal information, where reasonable we will:

  • Provide you with a written notice including the reasons for the refusal
  • Provide you with information regarding available complaint mechanisms
  • At your request, take reasonable steps to associate a statement with the personal information that you believe it to be inaccurate, out of date, incomplete, irrelevant or misleading.
  • Otherwise, if we correct your personal information, at your request, we will also take reasonable steps to notify other agencies or organisations (bound by the Privacy Act) of the correction; if we have previously disclosed your personal information to those agencies or organisations.

How to make a complaint

You can make a complaint if you believe we have breached the APPs or mishandled your personal information. Complaints should be directed to our Finance & Governance Manager whose details are provided below.

Privacy breaches can be caused by a variety of factors, affect different types of personal information and give rise to a range of actual or potential harm to individuals, agencies and organisations. Consequently, there is no single way of responding to a privacy breach. Each breach will need to be dealt with on a case-by-case basis. All complaints and alleged privacy breaches will be investigated by the privacy officer and the complainant will be advised of the outcome.

For further information about privacy issues, see the Office of the Australian Information Commissioner’s website.

Contact: Finance & Governance Manager
Email: finance@riverineplains.org.au
Phone: 03 5744 1713