Not for Profit
The Insured engaged a third party supplier for assistance in marketing their organisation and gathering donors’ information; including names, emails and phone numbers. The Insured was advised that the third party supplier’s system was breached and data had been lost.
The Insured notified DUAL who appointed a law firm to advise in relation to the Insured’s privacy legislation obligations. The Insured did not have to report the incident to the Privacy Commissioner based on individual circumstances and the IT data they had available to them. Payment was made in relation to the legal costs.