RREDD Privacy Policy

1. Information We Collect

Personal Information

Information you voluntarily provide to us, including:

• Your name and professional title
• Email address and phone number
• Organisation or community affiliation
• Billing or mailing address
• Information submitted through contact forms, service enquiries, or training registrations
• Cultural background or community information, where voluntarily provided for the purpose of service delivery
  

Automatically Collected Information

When you visit the Website, we may automatically collect:

• IP address and geographic region
• Browser type and version
• Device type and operating system
• Pages visited and navigation pathways
• Date, time, and duration of visits
• Referring website addresses
  

Cookies and Tracking Technologies

We may use cookies, analytics tools, and similar technologies to improve user experience and analyse Website traffic. You can manage or disable cookies through your browser settings. Where you decline non-essential cookies, your access to core Website content will not be affected.

2. How We Use Your Information

We may use your information to:

• Provide, maintain, and improve our Website and consulting services
• Respond to enquiries, service requests, or customer support needs
• Process transactions and issue invoices or receipts
• Administer training, workshops, and educational programs delivered through RREDD Academy
• Send service-related communications and, where consent is given, promotional updates
• Conduct research and analysis to improve governance services and policy outcomes
• Monitor Website security and performance
• Comply with legal, regulatory, and contractual obligations
  

We will only use your personal information for the purpose for which it was collected, or for a directly related purpose, unless you have consented otherwise or we are required to do so by law.

3. Sharing Your Information

RREDD does not sell your personal information. We do not trade in personal data for commercial gain.

We may share information with:

• Service providers and contractors who assist us in delivering our services, under appropriate confidentiality obligations
• Analytics and technology providers supporting Website functionality
• Payment processors for transaction handling
• Legal authorities or regulatory bodies, where required or permitted by Australian law
• Successors or related entities in the event of a business restructure, merger, or transfer of operations
  

Where personal information is shared with third parties, RREDD takes reasonable steps to ensure those parties handle your information consistently with the Australian Privacy Principles.

Indigenous Data Sovereignty

RREDD acknowledges the rights of Aboriginal and Torres Strait Islander peoples to govern the collection, ownership, and application of data about their communities, cultures, and peoples. Where our work involves community-level information, we apply additional protections aligned with Indigenous Data Sovereignty principles. Such information will not be shared, published, or used beyond the agreed scope of engagement without the informed consent of relevant community representatives.

4. Data Retention

We retain personal information only for as long as necessary to fulfil the purposes for which it was collected, or as required by law, professional obligations, or contractual commitments. Governance and legal engagement records may be retained for longer periods in accordance with applicable record-keeping requirements. When personal information is no longer required, we will take reasonable steps to destroy or de-identify it securely.

5. Data Security

RREDD implements reasonable administrative, technical, and physical safeguards to protect your personal information from misuse, interference, loss, and unauthorised access, modification, or disclosure. These measures are proportionate to the nature and sensitivity of the information we hold.

Notwithstanding these precautions, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee the absolute security of information transmitted to or from our Website and encourage you to take appropriate precautions when sharing personal information online.

6. Third-Party Links

Our Website may contain links to third-party websites, platforms, or resources. RREDD is not responsible for the privacy practices, content, or security of those external sites. We encourage you to review the privacy policies of any third-party sites you visit.

7. Your Rights

Under the Privacy Act 1988 (Cth) and the Australian Privacy Principles, you have rights in relation to your personal information, including:

• Access — the right to request access to the personal information we hold about you
• Correction — the right to request correction of inaccurate, outdated, or incomplete information
• Complaint — the right to lodge a complaint if you believe your privacy has been breached
• Withdrawal of consent — where processing is based on your consent, the right to withdraw that consent at any time
• Objection — the right to object to certain uses or disclosures of your information
  

To exercise any of these rights, or to make a privacy-related complaint, please contact us at:

admin@rredd.com.au

We will respond to access and correction requests within a reasonable timeframe and at no charge, unless the request is complex or resource intensive. If we are unable to resolve your complaint, you may refer the matter to the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

8. Sensitive Information

RREDD recognises that some personal information is particularly sensitive, including racial or ethnic origin, cultural background, health information, and information about community membership or affiliations. We will only collect sensitive information where it is reasonably necessary for our services and where you have provided explicit consent, or where collection is required or authorised by law.

Sensitive information will not be used or disclosed for a purpose other than the primary purpose of collection without your consent, except where permitted by the Privacy Act 1988 (Cth).

9. Children's Privacy

Our Website is not directed to children under the age of 18 and does not knowingly collect personal information from minors. If you believe we have inadvertently collected information from or about a child, please contact us promptly at admin@rredd.com.au and we will take steps to remove that information.

10. International Users

RREDD is based in Australia and its services are primarily delivered within Australia. If you access our Website from outside Australia, your information may be transferred to, stored in, or processed in Australia, where privacy laws may differ from those in your jurisdiction. By using this Website, you acknowledge and consent to this transfer where applicable.

Where RREDD shares information with overseas recipients (for example, cloud-based service providers), we take reasonable steps to ensure those recipients handle your information in a manner consistent with the Australian Privacy Principles.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal obligations, or service offerings. Changes will be posted on this page with an updated "Last Updated" date. We encourage you to review this Policy periodically. Continued use of the Website following any update constitutes acceptance of the revised Policy.

12. Contact Us

If you have any questions, concerns, or complaints about this Privacy Policy or the handling of your personal information, please contact us:

RREDD – Indigenous Governance & Risk Consulting

PO Box 5005, West End QLD 4101

Email: admin@rredd.com.au

Website: www.rredd.com.au

RREDD acknowledges Aboriginal and Torres Strait Islander peoples as the First Peoples of Australia.

We recognise their ongoing connection to Country, culture, and community.