NSWICC Privacy Policy

This website and the associated NSWICC Portals (NSWICC Site & Portal) is operated by the NSW Indigenous Chamber of Commerce (NSWICC) using commercial web hosting facilities. The NSWICC is committed to protecting personal information and complying with the Privacy Act 1988 (Cth), including the Australian Privacy Principles (APPs), as well as all relevant state and federal legislation.

This Privacy Policy outlines how NSWICC collects, uses, stores and discloses personal information in the course of delivering its programs, services and responsibilities - including its role as the certifying body under the NSW Aboriginal Procurement Policy (APP).

By accessing our website or providing personal information to NSWICC, you agree to the practices described in this Privacy Policy.

 

1. Who we are

The NSW Indigenous Chamber of Commerce (NSWICC) is the peak Indigenous business body in New South Wales. NSWICC:

  • acts as a certifying body under the NSW Aboriginal Procurement Policy
  • provides verification of Aboriginal-owned businesses for APP participation
  • supports Indigenous enterprise development
  • facilitates procurement pathways with Government and Industry partners
  • delivers capability-building programs, training and advocacy initiatives.

NSWICC handles personal information - particularly Aboriginal identity information - with strict confidentiality, cultural respect and in compliance with all applicable laws.

 

2. What personal information we collect

The information we collect depends on your interactions with NSWICC.

2.1 General personal information

  • name
  • email address
  • phone number
  • business or organisation name
  • job title/role
  • mailing or physical address.

2.2 Information for NSW APP Certification (NSWICC Assured Member Businesses)

To assess and certify Aboriginal businesses under the NSW APP, NSWICC may collect:

  • proof of Aboriginal identity of owners, directors and/or significant shareholders
  • business ownership and control documentation
  • statutory declarations or affidavits
  • organisational and governance documents (e.g., trust deeds, partnership agreements, company records)
  • ABN/ACN details
  • business capability statements
  • information provided during certification reviews and audits.

Aboriginal identity information is sensitive information.
NSWICC stores and manages this information with the highest levels of care, confidentiality and access controls.

2.3 Information about Government or Industry Partners

  • organisation details
  • procurement focus areas
  • contact details for relevant staff
  • partnership engagement and activity history

2.4 Subscriber information

  • name
  • organisation details
  • contact information
  • communication preferences

2.5 Website interaction and analytics data

  • IP addresses
  • browser type and version
  • pages viewed
  • referring website
  • cookies and tracking technologies

2.6 Event and program participation

  • registration information
  • attendance records
  • dietary or accessibility requirements (with consent)
  • photos, videos or recordings (with notice)

3. How we collect information

3.1 We collect personal information:

  • during NSW APP certification processes
  • through business applications, forms or document submissions
  • through meetings, consultations and assessments
  • when you communicate with NSWICC (email, phone, web form, events)
  • when you subscribe to NSWICC communications
  • via our website, digital tools and analytics
  • from publicly available sources (ABN Lookup, ASIC, websites, LinkedIn etc)
  • from referrals, with consent where required

3.2 We collect personal information by lawful, transparent and culturally respectful means.

 

4. Why we collect personal information

4.1 NSWICC collects and uses personal information to:

4.1.1 Certification and Compliance

  • assess, certify and review businesses under the NSW Aboriginal Procurement Policy
  • verify Aboriginal ownership and control
  • meet NSW Government reporting, audit and compliance obligations
  • maintain accurate certification records

4.1.2 Procurement and Engagement

  • support connections between NSWICC Assured Member Businesses and Government or Industry Partners
  • facilitate procurement opportunities
  • assist businesses with capability development and tender readiness

4.1.3 Programs, Services and Events

  • deliver training, workshops, mentoring and events
  • manage registrations and participation
  • tailor programs to meet community and industry needs

4.1.4 Communications

  • provide newsletters, updates, opportunities and announcements
  • respond to enquiries and support requests

4.1.5 Administration and Website Experience

  • improve our digital platforms
  • analyse website use and engagement
  • maintain security and system integrity

NSWICC does not sell or rent personal information to any party.

 

5. When we share personal information

5.1 NSWICC may disclose personal information only in the following circumstances:

5.1.1 NSW Government Agencies (APP requirement)

As required under the NSW Aboriginal Procurement Policy, NSWICC may disclose:

  • certification status
  • business details relevant to procurement
  • updates, suspensions or revocations of certification

This disclosure enables NSW Government agencies to meet APP procurement obligations.

5.1.2 Government or Industry Partners

With consent or where reasonably expected, NSWICC may provide:

  • certification status
  • capability details
  • business contact information

This supports legitimate procurement engagement.

5.1.3 Service Providers

Including:

  • IT service providers
  • cloud hosting and storage providers
  • CRM platforms
  • auditors and advisors

All service providers must comply with strict confidentiality and privacy requirements.

5.1.4 Reporting to Funders

Some programs require reporting to government or other funders.

Where possible, this is done in aggregated or de-identified form.

5.1.5 Legal Requirements

We may disclose information where required by:

  • law
  • court order
  • regulatory authority, or
  • statutory reporting obligations

5.1.6 NSWICC does not share Aboriginal identity documentation with external parties except where legally required or with explicit owner consent.

 

6. How we store and protect personal information

6.1 NSWICC uses robust administrative, technical and physical safeguards to protect personal information, including:

  • secure digital storage with restricted access
  • encryption measures where appropriate
  • multi-factor authentication
  • access limited only to authorised NSWICC personnel
  • secure document destruction procedures
  • segregated storage of Aboriginal identity documentation and certification records

6.2 NSWICC complies with NSW and Commonwealth Governments’ expectations regarding the handling of identity information for APP certification.

6.3 If information is no longer required, it is securely deleted or anonymised.

 

7. Direct communications and marketing

7.1 NSWICC may send communications about:

  • procurement opportunities
  • events and workshops
  • programs and training
  • industry news and updates
  • announcements relevant to NSWICC Assured Member Businesses or partners.

7.2 You may unsubscribe at any time by:

  • clicking the ‘unsubscribe’ link in an email, or
  • contacting NSWICC directly

8. Cookies and website analytics

8.1 Our website may use:

  • cookies
  • tracking technologies
  • analytics tools (e.g., Google Analytics)

8.2 These help us:

  • improve website functionality
  • understand user behaviour
  • optimise content and services

8.3 You may disable cookies in your browser settings, but this may affect site functionality.

 

9. Access and correction

9.1 You may request at any time to:

  • access personal information we hold about you
  • correct inaccurate, outdated or incomplete information
  • withdraw consent (where applicable)

9.2 We will respond to all requests within a reasonable timeframe and in accordance with the law.

 

10. Complaints

10.1 If you believe NSWICC has breached privacy obligations or mishandled your information, you may lodge a complaint with us, via complaints@nswicc.com.au.

We will:

  1. Acknowledge receipt
  2. Investigate the matter
  3. Provide a written response

10.2 For concerns relating to NSW APP certification, identity verification or related disclosures, please indicate this in your complaint so NSWICC can direct it to the appropriate privacy or compliance officer.

Lodge complaints at complaints@nswicc.com.au

 

11. Changes to this Privacy Policy

11.1 NSWICC may update this Privacy Policy from time to time.

11.2 Changes will be published on our website, and continued use of our services constitutes acceptance of any updates.

 

12. Key definitions

NSWICC Assured Member Business

A business that is assessed and certified by NSWICC under the NSW Aboriginal Procurement Policy.

Government or Industry Partner

A government agency, corporate organisation or industry entity that partners with NSWICC to engage Aboriginal businesses or participate in procurement initiatives.

Subscriber

An individual who signs up to receive updates, newsletters, opportunities or communications from NSWICC.

Personal Information

Information or an opinion about an identified individual, or an individual who is reasonably identifiable.

Sensitive Information

A category of personal information that includes:

  • Aboriginal and/or Torres Strait Islander identity
  • cultural background
  • health information
  • political opinions
  • membership of associations
  • and other sensitive matters.

NSWICC only collects sensitive information with consent and in accordance with legal requirements.

 

12. Contact Us

Please contact the NSWICC if you have any specific queries in relation to this Privacy Policy, access requests, corrections or privacy complaints, by contacting the NSWICC or visiting the website www.nswicc.com.au

 

NSW  Indigenous Chamber of Commerce

2/1 Sabre Close, Rutherford NSW 2320

executive@nswicc.com.au 

+61 2 4932 7722

 

Last updated: 8 December 2025