Privacy
BENEFOLK PRIVACY POLICY
Effective Date: 24 June 2026
Introduction:
This Privacy Policy sets out our commitment to protecting the privacy of your personal information that we collect through this website www.benefolk.org or directly from you, including where you engage us for consulting, advisory, AI-enabled services, software development, workflow automation, digital products, online platforms or other technology-enabled services.
Please read this Privacy Policy carefully. Please contact us if you have any questions – our contact details are at the end of this Privacy Policy.
You providing us with personal information indicates that you have had sufficient opportunity to access this Privacy Policy and that you have read and accepted it.
If you do not wish to provide personal information to us, then you do not have to do so, however it may affect your use of this Site or any products and services offered on it.
Definitions:
AI-enabled services means consulting, software development, workflow automation, artificial intelligence, machine learning, digital platform and technology services provided by Benefolk.
Enterprise AI services means commercial artificial intelligence platforms operating under contractual business terms.
Personal information has the meaning given in the Privacy Act 1988 (Cth).
Collection of personal information:
Personal Information:
The type of information we collect may include:
- name;
- contact details including email address, business address and telephone number;
- website (if applicable);
- demographic information such as postcode;
- preferences and opinions;
- organisation name, position title and employment details (where relevant);
- survey responses, assessment responses, organisational capability and AI readiness information;
- business information, organisational documents, policies, procedures, strategic plans, workflow information and other material you provide to us in connection with our services;
- information relating to your systems, software, technology environment, integrations and digital platforms where relevant to the services we provide;
- prompts, uploaded files, documents, datasets, feedback, user-generated content and other information submitted through our software, digital platforms or AI-enabled services;
- and any other information requested on this Site or otherwise requested by us or provided by you.
Your use of our Site:
As with most online businesses, we may log information about your access and use of our Site, including through the use of Internet cookies, your communications with our Site, the type of browser you are using, the type of operating system you are using and the domain name of your Internet service provider.
Your opinion and feedback:
We may contact you to voluntarily respond to questionnaires, surveys or market research to seek your opinion and feedback. Providing this information is optional to you.
If we receive your personal information from third parties, we will protect it as set out in this Privacy Policy.
AI-enabled services:
Some of our services involve consulting, advisory, software development, digital platforms and the use of enterprise artificial intelligence ("AI") technologies. These technologies may assist us to analyse information, generate draft content, develop software, automate workflows, conduct organisational assessments, prepare reports and improve the efficiency and quality of our services.
Where AI technologies are used in delivering our services, we seek to:
- use enterprise AI services operating under contractual terms that prevent customer information from being used to train or improve the provider's AI models;
- configure AI and cloud services to use Australian data regions wherever reasonably available;
- minimise, redact, de-identify or aggregate information before it is processed by AI systems wherever reasonably practicable;
- apply safeguards appropriate to the sensitivity of the information being processed;
- ensure AI-assisted outputs are reviewed by appropriately qualified Benefolk personnel before they are relied upon or provided to clients; and
- process personal information solely for the purposes of delivering the agreed services or as otherwise authorised by law.
Use of personal information
We collect and use the information for purposes including:
- to contact and communicate with you;
- for internal record keeping;
- for market research and business development including website development;
- marketing including direct marketing;
- to run competitions or offer additional benefits to you;
- to send you a regular newsletter to update you on our news/developments; and
- to send you promotional information about third parties that we think may be of interest to you.
- to provide consulting, advisory, coaching, facilitation, project delivery and professional services;
- to undertake organisational capability reviews, AI readiness and maturity assessments, diagnostics and related evaluation services;
- to design, develop, configure, implement, host, maintain and support software applications, workflow automations, AI-enabled tools, digital platforms and other technology solutions;
- to analyse documents, data, survey responses, workflows and other information in order to prepare reports, recommendations, strategies and other deliverables;
- to process information using enterprise software, cloud platforms and enterprise artificial intelligence services where appropriate for the delivery of the agreed services;
- to improve our products, software, digital platforms, methodologies and service delivery, provided personal information is only used in accordance with this Privacy Policy and applicable contractual obligations;
- to verify identity, manage client relationships, administer projects, manage user accounts and provide customer support;
- to comply with our contractual, legal, regulatory and professional obligations; and
- for any other purpose authorised by you or required or permitted by law.
Disclosure of personal information:
We may disclose personal information:
- for the purpose of providing information, products, services or marketing to customers;
- to credit reporting agencies and courts, tribunals, regulatory authorities where customers fail to pay for goods or services provided by us to them;
- to courts, tribunals, regulatory authorities, and law enforcement officers as required by law, in connection with any actual or prospective legal proceedings, or in order to establish, exercise or defend our legal rights; and
- to third parties, including agents, contractors, specialist advisers, software providers, cloud hosting providers, enterprise AI providers, implementation partners, technology vendors, service partners and sub-contractors who assist us in providing information, products, software, digital platforms, AI-enabled services, technology services or direct marketing to you.
These providers may be located in Australia or overseas, or may use infrastructure that stores or processes information outside Australia. Wherever reasonably available and appropriate to an engagement, we configure enterprise cloud and AI services to process information within Australian data regions.
Some cloud and AI providers are multinational organisations and may remain subject to foreign laws, including legislation in the United States, even where information is processed within Australia. We assess these arrangements before engaging those providers and implement safeguards that we consider appropriate to the nature and sensitivity of the information being processed.
Where we disclose your personal information to third parties for these purposes, we will request that the third party follow this Privacy Policy regarding handling of your personal information.
Where we engage third-party technology providers, enterprise AI providers or cloud service providers to process personal information on our behalf, we seek to ensure they are contractually required to protect personal information in a manner substantially consistent with the Australian Privacy Principles and our obligations under this Privacy Policy.
Where AI-enabled services are used, we seek to use enterprise services operating under contractual terms that prevent customer prompts, data and outputs from being used to train or improve the provider's underlying AI models.
Where appropriate, we may minimise, de-identify, aggregate or redact information before it is processed by third-party technology or AI providers.
If there is a change of control of our business or a sale or transfer of business assets, we reserve the right to transfer to the extent permissible at law our user databases, together with any personal information and non-personal information contained in those databases. This information may be disclosed to a potential purchaser. We would seek to only disclose information in good faith and where we would seek to maintain confidentiality.
Data residency
Where reasonably available, Benefolk configures enterprise cloud and AI services to process information using Australian data regions.
While Australian-region processing reduces privacy risks and supports compliance with Australian privacy requirements, some cloud and AI providers remain subject to foreign laws regardless of the region in which information is processed. We assess these arrangements before engaging those providers and implement safeguards appropriate to the nature and sensitivity of the information being processed.
Your rights and controlling your personal information
Choice and Consent:
Providing us with your personal information is optional to you. You can choose not to provide personal information. When you provide us with your personal information, you consent to the terms in this Privacy Policy, and to us disclosing or receiving your personal information for these purposes.
Where the services you engage us to provide involve software development, digital platforms or AI-enabled services, you acknowledge that your personal information and other information you provide may be processed using enterprise cloud services, software platforms and enterprise artificial intelligence technologies solely for the purposes of providing those services and subject to the safeguards described in this Privacy Policy.
Restrict:
You may choose to restrict the collection or use of your personal information.
If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by contacting us at the email address listed in this Privacy Policy.
Access:
You may request details of personal information that we hold about you, in certain circumstances set out in the Privacy Act 1988 (Cth). An administrative fee may be payable for the provision of information. We may refuse to provide you with information that we hold about you, in certain circumstances set out in the Privacy Act.
Where we process personal information on behalf of a client as a service provider, including in connection with software development, AI-enabled services or technology consulting, requests relating to that information may be referred to the relevant client where appropriate.
Correction:
If you believe that any information we hold on you is inaccurate, out of date, incomplete, irrelevant or misleading, please contact us by email.
We rely in part upon customers advising us when their personal information changes.
We will respond to any request within a reasonable time.
We will endeavour to promptly correct any information found to be inaccurate, incomplete or out of date.
Complaints:
If you believe that we have breached the Australian Privacy Principles and wish to make a complaint about that breach, please contact us by email setting out details of the breach.
We will promptly investigate your complaint and respond to you in writing setting out the outcome of our investigation, what steps we propose to take to remedy the breach and any other action we will take to deal with your complaint.
If we become aware of an eligible data breach involving personal information we hold, we will respond in accordance with the Privacy Act 1988 (Cth), including complying with any applicable obligations under the Notifiable Data Breaches scheme.
Unsubscribe:
To unsubscribe from our e-mail database, or opt out of communications, please contact us at the details below.
Storage and Security
We are committed to ensuring that the information you provide is secure.
In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure**, including, where appropriate, encryption, secure cloud infrastructure, role-based access controls, multi-factor authentication, secure software development practices and ongoing cybersecurity measures.
Where we provide software development, AI-enabled services or technology consulting, we apply safeguards appropriate to the nature and sensitivity of the information being processed. These safeguards may include:
- the use of enterprise cloud and AI platforms operating under contractual data protection obligations;
- processing information within Australian data regions wherever reasonably available;
- data minimisation, redaction, de-identification or aggregation where appropriate before information is processed using AI technologies;
- access controls restricting information to personnel and authorised service providers with a legitimate business need;
- review of AI-assisted outputs by appropriately qualified personnel before they are relied upon or provided to clients; and
- project-specific privacy, security or risk assessments where appropriate to the engagement.
No information transmitted over the Internet can be guaranteed to be secure.
We cannot guarantee the security of any information that you transmit to us, or receive from us.
The transmission and exchange of information is carried out at your own risk.
Although we take measures to safeguard against unauthorised disclosures of information, we cannot assure you that personal information that we collect will not be disclosed in a manner that is inconsistent with this Privacy Policy.
Retention of information
We retain personal information only for as long as reasonably necessary to fulfil the purposes for which it was collected, to provide our services, comply with legal and regulatory obligations, resolve disputes, enforce our agreements and maintain appropriate business records.
Where appropriate and subject to legal, contractual and regulatory obligations, information provided in connection with software development, AI-enabled services or technology consulting will be securely returned to the client or securely deleted following completion of the relevant engagement.
Cookies & Web Beacons
We may use cookies on this Site from time to time.
Cookies are text files placed in your computer's browser to store your preferences.
Cookies, by themselves, do not tell us your e-mail address or other personally identifiable information.
However, once you choose to furnish the Site with personally identifiable information, this information may be linked to the data stored in the cookie.
We may use web beacons on this Site from time to time.
Web beacons or clear .gifs are small pieces of code placed on a web page to monitor the behaviour and collect data about the visitors viewing a web page.
For example, web beacons can be used to count the users who visit a web page or to deliver a cookie to the browser of a visitor viewing that page.
Where we provide software applications, online platforms or AI-enabled services, those services may also use cookies, session information, authentication tokens, analytics tools and similar technologies to enable functionality, improve security, administer user sessions and understand how our services are used. You may be able to manage certain cookie preferences through your browser settings, although doing so may affect the operation of some services.
Links to other websites
Our Site may contain links to other websites of interest.
We do not have any control over those websites.
We are not responsible for or liable for the protection and privacy of any information which you provide whilst visiting such websites, and such websites are not governed by this Privacy Policy.
Where our website or software integrates with third-party applications or services, the collection, use and disclosure of information by those third parties will be governed by their respective privacy policies and terms of use.
Amendments
This Privacy Policy may be amended, including with changes, additions and deletions, from time to time in our sole discretion.
Your continued use of our Site following any amendments indicates that you accept the amendments.
You should check this Privacy Policy regularly, prior to providing personal information, to ensure you are aware of any changes, and only proceed to provide personal information if you accept the new Privacy Policy.
Where you engage Benefolk to provide software development, AI-enabled services or technology consulting, additional data handling, privacy, security or data processing terms may apply to that engagement. Those documents supplement this Privacy Policy to the extent they deal with the specific services being provided.
For questions, please contact us here or by mail to PO Box 356, Port Melbourne VIC 3207 AU
Alternatively, you may contact us using the contact details published on our website.
BENEFOLK PTY LTD
ABN 79 630 374 515
PRIVACY COLLECTION NOTICE
(Australian Privacy Principle 5.1 requires that at or before or if that is not practicable, as soon as practicable after, personal information is collected, the person be notified about certain matters set out in Australian Privacy Principle 5.2. This notice sets out the matters of notification).
This collection notice relates to personal information collected by us in connection with our community and sector engagement activities.
Who is collecting the information?
Benefolk Pty Ltd ABN 79 630 374 515
Level 4, 454 Queen Street,
Melbourne, VIC, 3000
Our contact details are as follows:
Privacy Officer
Benefolk Pty Ltd ABN 79 630 374 515
Level 4, 454 Queen Street,
Melbourne, VIC, 3000
Phone 1300 236 336
Email hello@benefolk.org
How is the information collected?
We collect personal information from people who wish to join our Benefolk Network, engage us or our members, provide us with grants, enquire about working with us, or otherwise wish to support us. Personal information may be collected directly from you, through our website, online forms, email, telephone conversations, meetings, events and other interactions with us.
Is the collection required under a law or Court order?
No.
What are the purposes of collection?
The purpose of the collection is to assess and respond to your enquiry regarding joining our Benefolk Network, engage us or our members, provide funding or other support, enquire about working with us, or otherwise wish to support us. The purpose includes inviting you to participate in other activities and to find out about other opportunities to support our work or support Benefolk and its activities.
What happens if we don’t collect this information?
Without this information we may be unable to assist you or consider your enquiry or application or provide you with information about our services, events or updates where you have requested or consented to receive them.
Can you be anonymous?
No. All our engagements are based on a thorough understanding of your needs and expectations and so, necessarily, such engagements cannot be anonymous.
To whom do we share this information?
We may share your personal information with:
- members of the Benefolk Network where necessary to provide services;
- our professional advisers;
- technology, cloud hosting and software providers;
- AI service providers used in accordance with our Privacy Policy; and
- other third parties where authorised by you or required by law.
Do we share the information overseas?
Where reasonably available, we configure our cloud and technology providers to process information using Australian data regions. Some providers may nevertheless disclose or replicate information overseas or remain subject to foreign laws. Appropriate contractual, technical and organisational safeguards are applied where required.
How can I access and seek correction of this information?
Requests may be made by contacting our Privacy Officer. Information about how to complain is contained in our Privacy Policy. Complaints should first be directed to our Privacy Officer. If you are not satisfied with our response, you may complain to the Office of the Australian Information Commissioner (OAIC).
How can I complain?
Information about how to complain is contained in our privacy policy. You may also direct complaints to the Australian Information Commissioner as www.oaic.gov.au
Our Privacy Policy contains further information about how we collect, use, store and disclose personal information, how you can access or correct your personal information, and how to make a privacy complaint. A copy is available on our website above.