Privacy Policy

phonebank.com.au

Last updated: 17 May 2026
Effective date: 17 May 2026

1. About This Policy

This Privacy Policy describes how the operator of phonebank.com.au ("Operator", "we", "us") collects, uses, holds, and discloses personal information in connection with the website at phonebank.com.au ("Site") and the services available through it ("Services").

The Operator is a private individual based in Sydney, New South Wales, Australia, contactable at dev@phonebank.au.

This Policy is written in accordance with the Privacy Act 1988(Cth) ("Privacy Act") and the Australian Privacy Principles ("APPs") contained in Schedule 1 of that Act. Although the Operator may qualify as a small business operator under section 6C of the Privacy Act, we voluntarily commit to compliance with the APPs because we consider the responsible handling of your personal information to be a core obligation of operating this platform.

By using the Site, you acknowledge that you have read and understood this Policy. If you do not agree with our practices, you should not use the Site.

Country-specific context: Australian users are primarily covered by the Privacy Act 1988 (Cth) and APP framework references used throughout this policy.

Cross-border processing may still occur via service providers, but APP-aligned controls remain the baseline for handling personal information.

2. What Is Personal Information

"Personal information" has the meaning given in the Privacy Act: information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether true or not, and whether recorded in a material form or not.

"Sensitive information" is a subset of personal information that includes information about a person's racial or ethnic origin, political opinions, religious beliefs, health, sexual orientation, and certain other categories. Sensitive information attracts a higher standard of protection under the APPs.

3. Information We Collect

3.1 Information You Provide Directly

When you register an account or use the Site, we may collect:

  • Identity information: your name or display name and email address provided at registration;
  • Account credentials: your password (stored in hashed, non-reversible form - we never store plaintext passwords);
  • Profile information: any optional information you choose to add to your account profile;
  • Forum content: comments, posts, and other content you contribute to the community forum;
  • Appeal and correspondence content: statements you provide in moderation appeals or direct communications with us at dev@phonebank.au;
  • Volunteer activity data: information you choose to share about your phone banking sessions, such as self-reported call counts or session sign-ups.

3.2 Information Collected Automatically

When you access the Site, our infrastructure may automatically record:

  • Log data: your IP address, browser type and version, operating system, referring URL, pages visited, and timestamps of access;
  • Session data: authentication tokens and session identifiers used to maintain your logged-in state;
  • Device information: general device type and screen resolution, used to optimise the Site's display.

We do not use persistent advertising trackers, cross-site tracking pixels, or third-party behavioural analytics on this Site.

3.3 Moderation Records

Where content you post is reviewed by our automated moderation system or a human moderator, we maintain records of:

  • the content reviewed;
  • the moderation outcome (approved, flagged, or violation);
  • the category and confidence score assigned by automated systems;
  • any strikes, suspensions, or appeal decisions associated with your account.

These records constitute part of your personal information held by us and are retained for the purposes described in clause 4.

3.4 Information We Do Not Collect

We do not collect:

  • payment card details or financial account information (the Site is currently free of charge);
  • government-issued identity document numbers;
  • biometric information;
  • precise geolocation data;
  • any personal information from minors - the Site is not directed at persons under 18.

4. How We Use Your Information

We use personal information only for the purposes for which it was collected or for a directly related purpose. Primary purposes include:

PurposeLegal basis / APP basis
Creating and managing your accountPerformance of our agreement with you (Terms of Service)
Operating the community forumLegitimate purpose of providing the Services
Sending transactional communications (account verification, moderation notices, appeal outcomes)Necessary for provision of Services
Moderating content to maintain community standardsLegitimate purpose; legal obligation to prevent harm
Maintaining audit records of moderation decisionsLegitimate purpose; accountability obligations
Improving and securing the SiteLegitimate purpose
Responding to your enquiries and support requestsPerformance of our agreement with you
Complying with applicable lawLegal obligation

We do not use your personal information for:

  • targeted advertising or sale to advertisers;
  • profiling for commercial purposes;
  • any political campaigning or targeted political communication on behalf of any candidate or party;
  • training machine learning models;
  • any purpose incompatible with the purposes described above without your prior consent.

5. Sensitive Information

The community forum is designed for discussion of politically engaged topics. Content you voluntarily post - including opinions about foreign policy, healthcare, elections, and related matters - may reflect or reveal your political views, which constitute sensitive information under the Privacy Act.

We collect and hold this information only because you have voluntarily made it public by posting it to the forum. We do not aggregate or analyse your political views for any commercial or third-party purpose. Moderation records that may reflect sensitive content are held only for the operational purpose of maintaining community integrity.

If you do not wish us to hold any content reflecting your sensitive information, you may request deletion of specific posts by contacting dev@phonebank.au, subject to any overriding legitimate interest (such as ongoing moderation proceedings).

6. Disclosure of Personal Information

6.1 General Principle

We do not sell, rent, or trade your personal information to any third party for commercial purposes.

6.2 Service Providers

We use a limited number of third-party service providers who may process personal information on our behalf in order to operate the Site. These include:

  • Backend infrastructure: our application data is stored using Convex (Convex, Inc., United States). Data stored on Convex servers may be held on infrastructure outside Australia. We have assessed this provider as using appropriate data security standards. By using the Site, you consent to this cross-border disclosure for the purpose of operating the Services.
  • Authentication services: where third-party authentication is used, the relevant provider may receive your email address and authentication tokens.
  • Email delivery: transactional emails (account verification, moderation notices) may be sent via a third-party email delivery provider.

We take reasonable contractual steps to require that service providers handle your personal information consistently with Australian privacy standards and use it only for the purpose of providing services to us.

6.3 Cross-Border Disclosure

As described in clause 6.2, some personal information may be stored or processed on infrastructure outside Australia, including in the United States. Before disclosing personal information to overseas recipients, we take reasonable steps to ensure those recipients do not breach the APPs in relation to that information, consistent with APP 8.

You acknowledge that by using the Site, you consent to this cross-border transfer for the purpose of receiving the Services.

6.4 Disclosure Required by Law

We may disclose personal information if we are required or authorised to do so by Australian law or by a court or tribunal order, including in response to a lawful request from a law enforcement agency or regulatory body. Where legally permissible, we will take reasonable steps to notify you before making such a disclosure.

6.5 Business Continuity

In the event that operation of the Site is transferred to another operator, personal information held by us may be transferred to the new operator as part of that transition. We will take reasonable steps to ensure the receiving operator is bound by obligations consistent with this Policy and will notify registered users of any material change in operator.

6.6 No Other Disclosure

We do not otherwise disclose your personal information to third parties without your consent.

7. Third-Party Platforms

The Site contains links to third-party phone banking platforms, campaign volunteer portals, and related services operated by independent organisations. When you follow these links and interact with those platforms, your personal information is collected and handled by those third parties under their own privacy policies. We are not responsible for the privacy practices of any third-party platform and encourage you to review their policies before providing personal information.

8. Data Security

We take reasonable steps to protect personal information from misuse, interference, loss, and unauthorised access, modification, or disclosure. Security measures include:

  • password hashing using industry-standard one-way algorithms (we never store plaintext passwords);
  • HTTPS encryption for all data in transit;
  • access controls limiting staff access to personal information to those with a legitimate operational need;
  • use of managed infrastructure providers with their own security certifications.

No method of transmission over the internet or electronic storage is completely secure. While we take reasonable precautions, we cannot guarantee absolute security and do not warrant that your personal information will be protected against all possible threats.

If we become aware of a data breach that is likely to result in serious harm to any affected individual, we will assess the breach and notify the Office of the Australian Information Commissioner ("OAIC") and affected individuals in accordance with the Notifiable Data Breaches scheme under Part IIIC of the Privacy Act.

9. Data Retention

We retain personal information only for as long as necessary to fulfil the purpose for which it was collected or as required by law.

CategoryRetention period
Account information (name, email, password hash)Duration of account plus 12 months after account closure, unless earlier deletion is requested
Forum postsRetained while your account is active; deleted on account closure upon request unless subject to active moderation proceedings
Moderation records (strikes, suspension history, appeal records)24 months from the date of the relevant decision
Log data (IP addresses, access logs)90 days, then deleted or de-identified
Correspondence with us24 months from the date of the last communication

Where you request deletion and we cannot comply due to a conflicting legal obligation or overriding legitimate interest, we will inform you of the reason and the expected retention period.

10. Cookies and Tracking

The Site uses cookies and similar technologies only for the following purposes:

  • Session management: a session cookie is used to keep you logged in during your visit. This cookie is deleted when you close your browser.
  • Authentication tokens: a persistent cookie may be used to maintain your logged-in state across sessions if you select a "stay logged in" option. This cookie expires after 30 days.
  • Security: cookies may be used to detect and prevent fraudulent access and automated abuse.

We do not use:

  • third-party advertising cookies;
  • cross-site tracking cookies;
  • analytics cookies from third-party platforms such as Google Analytics.

You may configure your browser to block or delete cookies, but doing so may prevent you from logging in or using certain features of the Site.

11. Your Rights

Under the Privacy Act and the APPs, you have the following rights in relation to your personal information:

11.1 Access

You have the right to request access to the personal information we hold about you. We will respond to access requests within a reasonable period (generally 30 days). We may refuse access in limited circumstances permitted by APP 12, such as where disclosure would be unreasonable or would affect the rights of others, and we will tell you the reason for any refusal.

11.2 Correction

If you believe that personal information we hold about you is inaccurate, out of date, incomplete, irrelevant, or misleading, you may request that we correct it. We will take reasonable steps to correct the information within 30 days or notify you if we decline to make the correction and the reason why.

11.3 Deletion

You may request deletion of your account and associated personal information by contacting dev@phonebank.au. We will action deletion requests subject to any overriding legal obligation or legitimate interest (such as retaining moderation records required for community integrity).

11.4 Opt-Out of Communications

You may opt out of non-essential communications from us at any time by following the unsubscribe link in any email we send or by contacting dev@phonebank.au. You cannot opt out of transactional communications that are necessary to operate your account (such as suspension notices or account security alerts).

11.5 Portability

Although the Privacy Act does not currently impose a mandatory data portability obligation, we will, on request, provide you with a copy of your personal information in a structured, machine-readable format where technically practicable.

12. Anonymity and Pseudonymity

Where lawful and practicable, you may use the Site pseudonymously by choosing a display name that does not identify you. However, your email address is required to register an account and will always be associated with your account in our records.

You may browse the public portions of the Site without creating an account.

13. Children's Privacy

The Site is not directed at children under the age of 18. We do not knowingly collect personal information from minors. If we become aware that we have inadvertently collected personal information from a person under 18, we will take prompt steps to delete that information. If you believe we have collected information from a minor, please contact us at dev@phonebank.au.

14. Changes to This Policy

We may update this Policy from time to time to reflect changes to our practices, Services, or legal obligations. Where changes are material, we will take reasonable steps to notify registered users, including by displaying a notice on the Site or sending an email to the address associated with your account.

The updated Policy will take effect on the date specified at the top of this document. Your continued use of the Site after that date constitutes acceptance of the updated Policy.

15. Complaints

If you believe we have mishandled your personal information or breached the APPs, we encourage you to contact us first so we can attempt to resolve the matter.

Contact: dev@phonebank.au

We will acknowledge your complaint within 5 business days and endeavour to respond with a substantive outcome within 30 days. If we are unable to resolve your complaint to your satisfaction, you have the right to lodge a complaint with the Office of the Australian Information Commissioner:

Office of the Australian Information Commissioner (OAIC)
Website: www.oaic.gov.au
Phone: 1300 363 992
Post: GPO Box 5218, Sydney NSW 2001

The OAIC may investigate complaints and, where appropriate, make determinations or seek undertakings from organisations that have breached the APPs.

16. Contact Us

All privacy-related enquiries, access and correction requests, deletion requests, and complaints should be directed to:

Email: dev@phonebank.au

The Operator is based in Sydney, New South Wales, Australia.

This Privacy Policy was drafted to reflect the Australian Privacy Principles under the Privacy Act 1988 (Cth). It does not constitute legal advice. If you have specific legal questions about the handling of your personal information, you should seek independent legal advice.