# Privacy & Security

### Secure Hosting & Data Storage

* RaffleLink self-hosts web application on a server based in Victoria
* All data retained and stored internally in secure environment
* Data used solely for compliance record-keeping requirements
* No cross-border data sharing
* Server located in secured Australian data centre

### Data Security Infrastructure

#### Secure Transaction Environment

* Uses Transport Layer Security (TLS) technology
* Creates encrypted environment for commerce
* Establishes encrypted link between web server and browser
* All data passed between server and browsers remains private
* Highest industry standard used by millions of websites

#### Browser Compatibility

* Compatible with all major browsers:
  * Edge
  * Firefox
  * Chrome
  * Safari
  * Other modern browsers

#### Security Verification

* Look for security indicators:
  * Lock icon in browser
  * Green bar with "RaffleLink" near top
  * URL begins with 'https\://' (standard pages begin with 'http\://')

#### Server Access Controls

* Secure MySQL database for ticket purchaser data
* Strictly limited access to:
  * Server Admins
  * RaffleLink Admins
  * Raffle Client Admins (only their specific raffle data)
* Virtual Server access credentials stored in secure intranet system
* Protected via Firewall and TLS

### Data Collection & Usage

#### Personal Information Collection

* Only collects information reasonably necessary for:
  * Business activities
  * RaffleLink promotion/marketing
* Collection methods:
  * Website
  * Phone
  * Social media
  * Online contact forms
  * Business meetings
  * Registration forms
  * Ticket purchases

#### Website Visitor Data

Collects:

* IP address and browser type
* Access date and time
* Referring website address
* Used only for measuring site section visits
* Anonymous browsing supported

#### Credit Card Security

* No credit card information stored
* Unauthorized use must be reported to card provider
* Secure payment gateway (Stripe) for transactions

### Privacy Policy Compliance

#### Australian Privacy Principles Adherence

* Complies with Privacy Act 1988
* Open and transparent management
* Supports anonymity and pseudonymity
* Only collects solicited information
* No sensitive information collection (race, politics, religion, etc.)

#### Information Usage

Primary Purpose:

* Service communication
* Raffle management
* Transaction processing

Secondary Purpose:

* Business promotion
* Service updates
* Client raffle promotion
* Feedback collection
* Platform development

#### Information Sharing

Information disclosed to:

* Payment gateway (Stripe)
* Raffle organizers/beneficiaries
* Government bodies (as required)
* Third-party organizations for:
  * Marketing
  * Website maintenance
  * Platform development
  * Government auditing

### Data Quality & Maintenance

#### Accuracy Measures

* Parameter-controlled system inputs
* Cross-checking with public information
* Internal system auditing
* User update opportunities

#### Protection Against:

* Misuse
* Interference
* Loss
* Unauthorized access
* Modification
* Disclosure

### User Rights & Access

#### Personal Information Access

* Users may request access to their data
* Identity verification required
* Access may be refused if:
  * Against the law
  * Impacts others' privacy

#### Information Management

* Correction requests accepted
* Regular updates maintained
* Reasonable steps taken for accuracy
* De-identification when no longer needed
* Marketing opt-out available
* Source disclosure upon request

### Direct Marketing

* Consent required for marketing communications
* Clear opt-out methods provided
* Source disclosure available
* Prompt compliance with opt-out requests

### Security Breach Procedures

* Unauthorized access must be reported
* Credit card breaches reported to providers
* System security regularly reviewed
* Incident response protocols in place

*All personal information is handled in accordance with Australian Privacy Principles and relevant legislation.*


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://help.rafflelink.com.au/other/privacy-and-security.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.