Privacy Policy

1. Our commitment to privacy

Your privacy is a top priority for us.

When dealing with your personal and/or sensitive information, we observe our obligations under the Privacy Act 1988 (Cth) (Privacy Act), and we comply with the Australian Privacy Principles, as well other relevant State and Territory legislation.

This policy sets out how we will collect, use, store, disclose and de-identify your personal and/or sensitive information.

2. The types of information we collect

2.1 Personal Information

The types of personal information we collect regarding you include:

  1. contact details (name, address, telephone numbers, email, etc.);
  2. skills and work experience;
  3. donation history; and
  4. credit card or debit card details.

2.2 Sensitive Information

The types of sensitive information we collect include, but are not limited to, the following types of information regarding you:

  1. personal financial information;
  2. personal credit card data; and
  3. any idiosyncratic information we obtain from you or others.

3. Why we collect private information about you

3.1 Overview

Change Holdings Pty Ltd (ACN 617 764 771) (Change Holdings) is a for-profit specialist fundraising organisation, that currently provides services for charities.

This means that we embark on a number of activities, including the following:

  1. operating fundraising websites;
  2. operating fundraising mobile applications; and
  3. anything ancillary to or in the spirit of the activities set out in clauses 3.1(a) and 3.1(b).

3.2 Charity Partners

We have a strong connection with a number of Australian charities (our charity partners), for which we conduct fundraising activities, and create pathways for supporters to donate to them. As part of these arrangements, charity partners request us to provide your contact details and/or demographic data to them if you have donated to that charity through our services. In some instances, this may be necessary to facilitate your use of a specific service or offering.

3.3 Service Providers

We use service providers to help us provide our services. These service providers include information security storage providers, payment agents, providers of electronic fund transfer services, and providers of development services.

We may provide your personal and/or sensitive information to these service providers in order to allow them to help us provide our services to you.

3.4 Other Uses

We might also collect your information for the following purposes:

  1. for the immediate reason for which you have provided it to us (for example, to enable us to process a request, payment, registration, subscription, etc.);
  2. to maintain contact with you about our work, to report to you about our work, or to encourage you to learn about what we do;
  3. any other purpose directly related to our work and for which you have provided consent (where it is reasonably required by law); and
  4. any purpose which is reasonably related to or necessary for our purposes.

3.5 Direct Marketing

We will not use your information for direct marketing, except where we have obtained your consent, and the direct marketing relates to our own products and services. We will always provide you with an easy option to opt out of direct marketing regarding our products and services.

4. How we collect your information

We will endeavour to collect information from you directly wherever possible, but we may also collect information from third parties. Where we collect information from you directly, we will take all practical and reasonable steps to notify you of the collection of your information under the principles of this privacy policy.

We electronically collect your personal and/or sensitive information in the following direct ways:

  1. from you providing information when creating an account, and updating that information from time to time;
  2. website forms and online surveys;
  3. during phone calls;
  4. via social media; and
  5. from coupons and other correspondence (both in writing and electronically).

Our notice of collection of information from third parties as contained in this clause 4 of this privacy policy is a standard one, and we will not separately inform you each time your information is collected from a third party.

5. How we use your information

We only use your information for:

  1. the reason we collect it as set out above; or
  2. in the case of personal information, for any purpose which is reasonably related to or necessary for the purpose for which it was collected; or
  3. in the case of sensitive information, for any purpose which is directly related to and/or necessary for the purpose for which it was collected; or
  4. as otherwise permitted by law.

5.1 Disclosure

Your information may be disclosed to affiliates or third parties in order to further the purpose for which it was collected.

The types of organisations to which we may disclose your personal information include:

  1. our professional advisors;
  2. if you are a candidate for employment, a professional reference to help assess your application;
  3. our contractors or service providers; and
  4. our charity partners, as explained in clause 3.2 of this privacy policy.

If you do not want your personal and/or sensitive information disclosed to another organisation, then please let us know, either at the time we collect the information, or any later time, and we will ensure that the disclosure either ceases or does not occur. However, this may mean that we are unable to provide services to you, due to the requirements of our charity partners.

Sometimes we may be legally required to disclose your information, for example, to government departments.

We take reasonable steps to ensure that all third party recipients of the information which you provide to us are bound by confidentiality and privacy obligations when handling your personal and/or sensitive information.

5.2 Accessing and correcting your personal and/or sensitive information

You can access your information by asking us. Occasionally, we may need to refuse your request to access information (for example, where granting you access would infringe someone else’s privacy).

When you request access, we will ask you to provide some form of identification so that we can ensure that you are the person to whom the information relates.

In some cases, we may also ask you to pay a reasonable fee to cover the cost of access.

We will take all reasonable steps to ensure that any personal and/or sensitive information that we collect about you is accurate, up-to-date and complete.

If you have a question about this privacy policy or want to access or correct your personal and/or sensitive information, then you can contact us at:

Yoinki Team


PO Box 1856

Sydney, NSW


We will aim to respond to you within twenty-eight (28) days of receiving your request. However, in some cases, particularly if the request is complex, our response may take longer.

If we are not able to help with your request, you will receive a written explanation as to why.

5.3 Complaints about a breach of your privacy

If you are concerned about how we have collected or managed your personal and/or sensitive information, then we request that you contact us at the address included in section 5.2 of this privacy policy, setting out the relevant information relating to your complaint. In order to allow us to properly address your complaint, we suggest that the information included the following:

  1. the nature of your involvement with Change Holdings;
  2. details of your complaint;
  3. whether your complaint relates to a particular individual within Change Holdings;
  4. how the complaint has affected you;
  5. how you came to be aware of the complaint; and
  6. the action that you prefer to address the complaint.

After we receive all the information we need from you, please allow us approximately twenty-eight (28) days for us to address your complaint.

If you are not satisfied with how we have handled your complaint, you can then refer the matter to an independent mediator, agreed upon by both you and us. If the matter is still not resolved after mediation, then you can contact the Office of the Australian Information Commissioner (OAIC) by emailing

The OAIC is a government body independent of us. It has the power to investigate complaints about possible interference with your privacy.

5.4 Disclosing your personal and/or sensitive information overseas

Occasionally, we may use overseas facilities or contractors to process or back-up information or to otherwise assist with our service provision.

As a result, we may disclose your personal and/or sensitive information to our overseas facilities or contractors for these purposes.

However, any disclosure of your personal and/or sensitive information overseas does not change our commitment to safeguarding your privacy.

We take reasonable steps to:

  1. ensure that overseas service providers are subject to privacy laws which impose obligations which are substantially similar to those contained in the Privacy Act; and
  2. ensure the security of personal and sensitive information that is disclosed overseas, and to protect it against loss, misuse or unauthorised access, destruction, use, modification or disclosure.

5.5 Securing your information

Our IT systems are password protected and comply with applicable security standards.

Only authorised individuals are permitted to access the personal and sensitive information that we hold about you.

It is our policy to:

  1. permanently de-identify personal and/or sensitive information where there is no longer a legal or business need for the information to be identified; and
  2. destroy personal and/or sensitive information once there is no longer a legal or business need for us to retain it.

5.6 Anonymity

It is your right to be dealt with anonymously, provided that it is lawful and practicable.

We will try to accommodate a request for anonymity wherever possible. However, we note that in some circumstances, this may prevent us from practically and effectively communicating with you, as well as providing our services to you. If this is the case, we will notify you.

5.7 Cookies

When you visit this website, a record of your visit may be logged. The following data may be supplied by your browser:

  1. Your IP address and/or domain name;
  2. Your operating system (type of browser and platform);
  3. The date, time and length of your visit to the website; and
  4. The resources you accessed and the documents you downloaded.

This information may be used to compile statistical information about the use of our  website. It is not used for any other purpose. If you do not want ‘cookies’ to be used, then please adjust your browser settings to disable them.

Although we may collect information through our website, and through ‘cookies’, generally you can visit the Change Holdings website without revealing your name and without providing us with any information about yourself.

5.8 Links to other websites

Our website may contain links to third party websites, and third party websites may also have links to our website.

Our privacy policy does not apply to external links or other websites.

The operators of other websites may collect your personal and/or sensitive information.

We encourage you to read the privacy policies of any website you link to from our website.

6. Amending this privacy policy

We have the right to amend this Privacy Policy at any time by posting a revised version on our website and mobile application.

If you have an account on our website or mobile application, then we will email the address linked to your account with notice of any changes. If we use personal and/or sensitive information in a method substantially different from that communicated when it was collected, we will endeavour to seek the consent of all users of the website and mobile application, and give them the opportunity to cease using our services.