Quick Exit
Search
Home Security

Security

Website Security Policy

Hutt St Centre
Effective date: 11 December 2025
Last reviewed: 10 December 2025

Hutt St Centre is committed to maintaining the security of our website and protecting the information of donors, volunteers, staff, supporters and people impacted by homelessness who engage with us online. This Security Policy outlines the measures we take to protect our website, how we manage security risks, and what to do if you identify a security issue.

1. Purpose and scope

This Security Policy applies to the Hutt St Centre website and related online systems operated by or on behalf of Hutt St Centre. It covers technical, organisational and procedural controls designed to safeguard information and maintain the integrity and availability of our online services.

This policy should be read alongside our Privacy Policy and Terms of Use.

2. Security principles

We apply the following principles to our website security practices:

  • Confidentiality – protecting information from unauthorised access or disclosure

  • Integrity – ensuring information is accurate and not improperly altered

  • Availability – ensuring systems are available and usable when needed

  • Least privilege – limiting access to systems and data to those who need it to perform their role

3. Security measures in place

We use a combination of administrative, technical and physical safeguards to protect our website and associated systems, including:

Technical controls

  • Secure hosting environments with firewalls and network protections

  • Encryption of data in transit using HTTPS/TLS

  • Regular software, plugin and security patch updates

  • Strong authentication controls for administrative access

  • Monitoring and logging to detect unusual or unauthorised activity

  • Malware scanning and vulnerability management

Organisational controls

  • Role-based access to website administration tools

  • Staff and contractor training in information security and safe online practices

  • Policies and procedures governing acceptable use, access and data handling

  • Due diligence and contractual security requirements for third-party service providers

4. Third-party services

We rely on trusted third-party providers for services such as website hosting, analytics, email communications and online payments. We take reasonable steps to ensure these providers maintain appropriate security standards and handle information in line with our Privacy Policy.

Payment transactions are processed by third-party payment gateways. Hutt St Centre does not store full payment card details on its website systems.

5. User responsibilities

While we work to keep our website secure, users also play an important role. When using our website, you should:

  • keep your own devices, browsers and software up to date;

  • avoid sharing passwords or sensitive information in insecure ways;

  • notify us promptly if you believe your interaction with our website may have been compromised; and

  • use the website only for lawful purposes, in line with our Terms of Use.

6. Data breaches and incidents

We have procedures in place to identify, assess and respond to security incidents, including suspected or actual data breaches.

If a security incident involving personal information is likely to result in serious harm, we will respond in accordance with the Privacy Act 1988 (Cth) and the Notifiable Data Breaches scheme. This may include notifying affected individuals and relevant regulators as required by law.

7. Reporting security vulnerabilities

We welcome responsible disclosure of security vulnerabilities.

If you believe you have identified a security issue, vulnerability or weakness affecting our website, please report it to us as soon as possible and do not publicly disclose the issue before we have had an opportunity to investigate.

Please report security issues to:
Email: [Insert security or privacy email address]
Subject line: Website Security Report

Include, where possible:

  • a description of the issue;

  • the URL or system affected;

  • steps to reproduce the issue; and

  • any supporting screenshots or logs.

We will acknowledge reports and take reasonable steps to investigate and address valid security concerns.

8. Limitations

While we take security seriously and apply reasonable safeguards, no website or online system can be guaranteed to be completely secure. Hutt St Centre cannot guarantee that unauthorised access or security incidents will never occur.

9. Policy updates

This Security Policy may be updated from time to time to reflect changes in technology, security practices or legal requirements. Any updates will be published on this page with a revised “Last reviewed” date.

10. Contact us

For questions about this Security Policy or website security matters, please contact:

Hutt St Centre
258 Hutt Street
Adelaide, South Australia, 5000
Email: hello@huttstcentre.org.au
Phone: 08 8418 2500

If you’re at risk of, or are currently experiencing homelessness, we’re here to support you.