Skip to main navigation Skip to main content

Your privacy

Privacy Statement | Privacy Collection Notice | Privacy Policy

Privacy Statement

Personal information collected by Red Cross is protected by the Privacy Act 1988 (Cth) (Privacy Act). Personal information is any information or an opinion that identifies you or is reasonably identifiable and includes sensitive and health information.

Red Cross complies with the Australian Privacy Principles contained in the Privacy Act in handling personal information collected from clients/beneficiaries, business partners, donors, members of the public and Red Cross people (including members, volunteers, employees, delegates, candidates for volunteer work and prospective employees).

Red Cross has developed a Privacy Policy to protect your privacy. The Policy is available below or in hard copy on request. It contains more information about Red Cross' responsibilities, your rights, the information that may be collected by Red Cross, and how it would be used.

The primary purpose for collecting personal information from individuals is to provide services to vulnerable people, including planning, funding, monitoring and evaluating our services. The kind of information we collect will depend on your relationship with Red Cross (e.g. as a client, donor, business partner, employee, volunteer or member, online user of the Red Cross website). A collection notice will be given to you setting out these uses at or close to the time we collect any information.

Your personal information may be used to:

  • provide you with a service,
  • report to government or other funding bodies how funding is used,
  • process your donation or purchase and provide receipts,
  • communicate with you about how your donation is used or about Red Cross services, causes, events, products and services, which we believe may be of interest to you,
  • respond to your feedback or complaints, and
  • answer your queries.

It may also be used for:

  • any other specific purpose for which it was requested and which was advised to you in the collection notice, and
  • directly related purposes.

Wherever possible, Red Cross uses information in a de-identified form. Personal information will not be disclosed to third parties without your consent, except where permitted or required under the Privacy Act.

All personal information collected from individuals will be securely stored by Red Cross and protected from unauthorised use or access. All reasonable steps will be taken to ensure information is accurate and up-to-date. Our Privacy Policy also provides a process for requesting access to your personal information and making a privacy complaint.

If you have any enquiries in relation to privacy or personal information please contact:

General Counsel
Legal & Policy Unit
Australian Red Cross Society
155 Pelham Street
Carlton VIC 3053

Tel: 61 3 9345 1800
Fax: 61 3 9348 2513
Email: privacy@redcross.org.au

If you wish to change how you receive communications from Red Cross (via mail, phone or email) please email us at contactus@redcross.org.au or call 1800 811 700.

Red Cross Privacy Collection Notice

Who is collecting the information?
Australian Red Cross Society

Privacy concerns can be sent to

General Counsel
Legal & Policy Unit
Australian Red Cross Society
155 Pelham Street
Carlton VIC 3053

Tel: 61 3 9345 1800
Fax: 61 3 9348 2513
Email: privacy@redcross.org.au

Facts and circumstances of collection
We may collect your information in a number of ways:

  • directly from you (for example, when you visited our website or contact us by telephone)
  • from third parties (for example, our professional marketing and fundraising contractors)
  • from publicly available sources or information (for example, White Pages).

Is the collection being made because a law or Court order applies?
No law or Court order applies to the collection of this information.

Why does Red Cross need to collect this information?
We need to collect this information so that we can do one or more of the following:

  • process your donation
  • process your membership
  • to verify your identity
  • enable you to participate in our activities or provide you with information about our activities
  • provide you with a tax receipt at tax time
  • enable you to participate in or invite you to participate in our fundraising campaigns including disaster appeals, raffles and other events such as the Big Cake Bake
  • to gain an understanding of your communication needs, to perform research and analysis to improve the way in which we engage with you as a supporter.

We also use your information for direct marketing. We use your information to promote our humanitarian activities and other services that we think will interest you. This marketing may be by email, phone, SMS, post or online. You are entitled to opt out of direct marketing at any time.

The primary purpose for which the information is being collected
The primary purpose of collecting your information depends on why we initially collected your information. Typically, the primary purpose will be one or more of

  • to process your donation
  • to process your membership
  • to participate in our activities (for example, Big Cake Bake, Wills Day, etc)
  • to provide you with direct marketing

The secondary purposes (if any) for which Red Cross is collecting this information
The secondary purpose of collecting your information is to profile our supporters so that we provide you with the high quality service and information that you expect from us.

What happens if Red Cross doesn't collect his information?
If Red Cross does not collect this information from you we may not be able to process your donation or membership, enable you to participate in our activities or provide you with direct marketing.

Anonymity/Nickname
You have the right to ask that we do not record your real name. Sometimes we may require your real name, for example, if you wish to be a member.

The organisations we usually disclose this information to are
We may disclose your information to third parties that provide services to us. These services include professional marketing and fundraising organisations who provide us with letter printing, call centre, email and data analysis services. These organisations may provide us with other similar services.
We may also disclose your information to organisations that provide us with information technology and banking services.

Access and correction
Information about accessing your information and requesting corrections is set out in the Red Cross Privacy Policy below. You can request a hard copy of our privacy policy by contacting:

General Counsel
Legal & Policy Unit
Australian Red Cross Society
155 Pelham Street
Carlton VIC 3053

Tel: 61 3 9345 1800
Fax: 61 3 9348 2513
Email: privacy@redcross.org.au

Complaints
Information about how to complain is also in the Red Cross Privacy Policy. You can also complain direct to the Privacy Commissioner at www.oaic.gov.au

Will my information be stored offshore? 
Your information is stored in Australia. Sometimes organisations that we may disclose your information to are located outside Australia. For example, we may disclose your information to service providers in New Zealand.

I understand that I can make a request not to receive direct marketing at any time by emailing contactus@redcross.org.au or calling 1800 811 700.

Australian Red Cross Society Privacy Policy

Date of Commencement: 24 May 2014
Review Date: 30 June 2017

POLICY STATEMENT

Red Cross respects every individual's legal right to privacy. This policy sets out Red Cross procedures relating to the collection, holding, use and disclosure by Red Cross of personal information and sensitive information relating to an individual, as required by the Privacy Amendment (Enhancing Privacy Protection) Act 2013 (Cth) (Law).

The policy is intended to let you know what the procedures are. Red Cross legal obligations are setout in full in the Australian Privacy Principles contained in the Act. You can find these on the Privacy Commissioner's website at www.oaic.gov.au.

SCOPE

This policy applies to all Red Cross employees, volunteers, contractors and members who are engaged in Red Cross activities.

RESPONSIBILITIES

It is the responsibility of every person in scope to ensure he or she complies with this policy. Where a person is unsure of his or her obligations under this policy, the Legal & Policy Unit should be contacted for clarification of any issues.

CONTENTS

1. Meaning of words

1.1 In this policy:

anonymity is where an individual is not required to and does not identify him or herself when engaging with Red Cross.

Commonwealth contract is any funding agreement between a Commonwealth agency and Red Cross that requires Red Cross to disclose personal and/or sensitive information about individuals to that agency.

Commonwealth record Personal or sensitive information collected by Red Cross in connection with a Commonwealth contract may also be a Commonwealth record and must be dealt with under another law - the Archives Act 1983 (C'th).

consent is a voluntary and informed agreement by an individual to something Red Cross does. Where Red Cross considers that a person is unable to give this consent to the use of his or her personal information for a particular purpose, Red Cross will ask that person's parent or guardian to provide the consent.

direct marketing is the promotion of Red Cross fundraising, disaster relief appeals, wills and bequests activities, Red Cross College training, educational resources and humanitarian programs to individuals and informing individuals of issues of humanitarian significance generally.

health records are part of personal information and sensitive information, and include information or an opinion about a person's health or disability. In the case of Red Cross, most health records that are subject to the Law are collected for the purpose of assessing and placing volunteers on assignment in Australia and overseas and for the provision of health services at Lady Lawley Cottage in Western Australia.

personal information is information, or an opinion, about an individual who is reasonably identifiable, whether or not that information or opinion is recorded in some way, and whether or not the information or opinion is true. Personal information collected by Red Cross includes contact details, educational qualifications, personal history, personal financial information or information about complaints made by that individual.

primary purpose - there are a large number of Red Cross activities that are primary purposes for which Red Cross collects information. Some examples are:

  • providing program services to individuals such as Migration Support Services, Restoring Family Links, Save a Mate, Telecross and Telechat, Partners in Recovery, working with Aboriginal and Torres Strait Islander peoples and the Young Parents program;
  • assessing, placing and engaging with Red Cross volunteers in particular our Australian domestic volunteers and those who volunteer through the Australian Volunteers for International Development Program;
  • the dissemination of International Humanitarian Law;
  • providing training and disability employment services;
  • conducting retail operations through the Red Cross stores (including member operated stores);
  • connecting with our Branch and other members and supporters;
  • conducting assessments and reference checks such as police checks through Crimtrac;
  • soliciting donations from the public and arranging wills days;
  • collecting personal histories and images for Red Cross archives and publication;
  • disaster relief and preparedness;
  • provision of health services particularly through Lady Lawley Cottage; and
  • sharing information with National Societies and the International Federation of the Red Cross Red Crescent Societies (IFRC) to further the work of the Movement in assisting those in our society who are the most vulnerable.

pseudonym is a pet name or nickname that is used by an individual engaging with Red Cross where Red Cross is not obliged to collect that individual's true name.

secondary purpose is, in the case of personal information, a purpose that is related to the primary purpose and, in the case of sensitive information, a purpose that is directly related to the primary purpose.

sensitive information is part of personal information and includes information Red Cross may collect such as racial or ethnic origin, religious beliefs, membership of a professional or trade association, criminal record, or health information.

solicited information is personal information that Red Cross takes active steps to collect.

unsolicited information is personal information about an individual that Red Cross has not asked for but receives in some other way. An example is where misdirected mail is received by Red Cross.

2. Open and transparent management of information

2.1 Red Cross will make this policy publicly available on its website at www.redcross.org.au and will take reasonable steps to provide a copy of this policy, free of charge, to anyone who asks for it. A person may request a copy of the policy by contacting Red Cross:

General Counsel
Legal & Policy Unit
Australian Red Cross Society
155 Pelham Street
Carlton VIC 3053

Tel: 61 3 9345 1800
Fax: 61 3 9348 2513
Email: privacy@redcross.org.au

2.2 When asked to do so by an individual, Red Cross will take reasonable steps (subject to the Law) to let the person know, generally, what sort of personal information Red Cross holds about that person, for what purposes, and how it collects, holds, uses and discloses that information.

2.3 Red Cross has put in place procedures, including this policy, to ensure that it complies with the Australian Privacy Principles, and that individuals may approach Red Cross with any questions or complaints about Red Cross compliance with the Law.

3. Anonymity and pseudonymity

3.1 Where it is not unlawful or impracticable, individuals dealing with Red Cross will be given the option of not identifying themselves, or of using a nickname, when dealing with Red Cross.

3.2 While it may not be always possible or lawful to allow individuals this choice, in cases where it is possible, Red Cross will give individuals this option.

4. COLLECTION

Personal Information

4.1 Red Cross has diverse operations. Because of that, Red Cross collects personal and sensitive information from individuals for many different purposes. This means that, each time Red Cross collects personal information, it will give the individual tailored advice that complies with paragraph 4.4.

4.2 Red Cross will only collect personal information (other than sensitive information) when the information is reasonably necessary for or directly related to one of more of the Red Cross functions or activities and it will only collect personal information by lawful and fair means.

4.3 Where it is reasonable and practicable to do so, Red Cross will only collect personal information from the individual it relates to.

4.4 At or before the time Red Cross collects personal information from an individual, or as soon as practicable after that, Red Cross will advise the individual of matters specifically related the personal information being collected, and will take reasonable steps to ensure that individual is aware of the following:

4.4.1 that Red Cross is the collector, and how to contact Red Cross;

4.4.2 the facts and circumstances of the collection - for example, whether the information is collected over the phone, by software applications (eg cookies), or from a third party;

4.4.3 that the individual is able to access that information and ask for it to be corrected;

4.4.4 the purposes for which the information is collected, both the primary purpose, and where there is a related purpose, that secondary purpose;

4.4.5 organisations (or the types of organisations) to which Red Cross usually discloses information of the kind being collected;

4.4.6 details of any Australian law or a court/tribunal order that requires the information to be collected;

4.4.7 whether or not that information will be transferred overseas (including information stored in the cloud) and to what countries (if known); and

4.4.8 the main consequences (if any) for the individual if all or part of the information is not provided by that individual.

4.5 If Red Cross collects solicited information about an individual from a third party, Red Cross will take reasonable steps to ensure that the individual is or has been made aware that the information has been collected, how it was collected, and from whom, and will comply with the requirements of paragraph 4.4.

4.6 Where it receives unsolicited personal information, Red Cross must decide within a reasonable period of time whether that personal information about an individual could have been lawfully collected by the Red Cross itself, and:

4.6.1 If so, the information will be dealt with in accordance with this privacy policy and paragraph 4.4 will be complied with in relation to that information; or

4.6.2 if not, and the information is not contained in a Commonwealth record, Red Cross will, as soon as practicable, but only if lawful and reasonable to do so, destroy the information or ensure that the information is de-identified, unless under A Commonwealth contract the information must be dealt with under another law.

Sensitive Information

4.7 Red Cross will not collect sensitive information about an individual unless:

4.7.1 the individual has consented to the collection of that information and the information is reasonably necessary for Red Cross to carry out one or more of its functions or activities; or

4.7.2 the collection of the information is required or authorised by or under an Australian law or a court/tribunal order; or

4.7.3 there are some special situations under the Law that allow the use or disclosure of sensitive information without consent. In each case, if it does this, Red Cross will comply with the relevant Australian Privacy Principle or Rules made by the Privacy Commissioner about this use of disclosure. Some of these special situations are :

(a) where Red Cross reasonably believes the use or disclosure is necessary to lessen or prevent a serious threat to the life, health or safety of an individual or to public health or safety;

(b) Red Cross has reason to suspect an individual may have done something unlawful or engaged in serious misconduct that relates to Red Cross functions or activities, and Red Cross needs to disclose the information so that it can take appropriate action; or

(c) Red Cross reasonably believes that the use or disclosure is reasonably necessary to assist another person to locate a person reported as missing.

The complete list of these special situations is contained in the Law.

5. USE AND DISCLOSURE

Primary purpose

5.1 Red Cross may use personal information collected from an individual for a primary purpose notified to that individual.

5.2 Where the information is sensitive information, Red Cross may only use that information for a primary purpose or a directly related purpose the individual has consented to.

5.3 Whether or not an individual has consented to the use or disclosure, in the case of any obligation Red Cross has under a Commonwealth contract, Red Cross is entitled to comply with a requirement under that Commonwealth contract to disclose personal or sensitive information to the Commonwealth agency funding the activity.

Secondary Purpose

5.4 Red Cross may sometimes use or disclose personal information about an individual for a secondary purpose. However, Red Cross will only use or disclose personal information about an individual for a secondary purpose in limited circumstances. Red Cross will, wherever reasonably possible, seek consent from individuals before using their personal information for a secondary purpose.

5.5 Red Cross may use personal information about an individual for a secondary purpose if:

5.5.1 the individual has consented to the use or disclosure; or

5.5.2 the individual would reasonably expect Red Cross to use or disclose the information for the secondary purpose and the secondary purpose is;

(a) if the information is sensitive information, it is directly related to the primary purpose; or

(b) if the information is not sensitive information, it is related to the primary purpose; or

(c) the use or disclosure of the information is required or authorised by or under an Australian law or a court/tribunal order; or

(d) Some special situations set out in the Law allow the use or disclosure of personal information without consent. In each case, if it does this, Red Cross will comply with the relevant Australian Privacy Principle or Rules made by the Privacy Commissioner. Some of these special situations are :

(i) where Red Cross reasonably believes the use or disclosure is necessary to lessen or prevent a serious threat to the life, health or safety of an individual or to public health or safety;

(ii) Red Cross has reason to suspect an individual may done something unlawful or engaged in serious misconduct that relates to Red Cross functions or activities, and Red Cross needs to disclose the information so that it can take appropriate action; or

(iii) Red Cross reasonably believes that the use or disclosure is reasonably necessary to assist another person to locate a person reported as missing, or

(iv) Red Cross reasonably believes that the use or disclosure of the information is reasonably necessary for an enforcement body's enforcement related activities (and Red Cross will make a written note that Red Cross has used the information for that purpose).

The complete list of these special situations is contained in the Law.

6. DIRECT MARKETING

6.1 Red Cross may only use personal information about an individual for direct marketing where an exception applies under the Law. In every situation where Red Cross is permitted to use or disclose personal information for direct marketing, Red Cross will allow the individual to 'opt out' and will act on the individual's request to 'opt out'.

6.2 Red Cross may use personal information (other than sensitive information) about an individual for direct marketing if:

6.2.1 Red Cross collected the information from the individual:

(a) and the individual would reasonably expect Red Cross to use or disclose the information for direct marketing; and

(b) Red Cross has provided a simple means so that the individual can easily request not to receive direct marketing communications from Red Cross; and

(c) the individual has not made a prior request to Red Cross to not receive direct marketing communications from Red Cross.

6.2.2 Red Cross collected the information from someone other than the individual and:

(a) either the individual has consented to the use or disclosure for the purpose, or it is impracticable to obtain the individual's consent; and

(b) in each direct marketing communication with the individual, Red Cross includes a prominent statement that the individual can ask not to receive further direct marketing communications from Red Cross; or

(c) Red Cross otherwise draws the individual's attention in some other way to the fact that the individual may make that request; and

(d) the individual has not made a request asking Red Cross to stop sending direct marketing communications.

6.3 If Red Cross uses or discloses personal information about an individual for:

6.3.1 direct marketing, an individual may ask Red Cross to stop sending direct marketing communications from Red Cross and Red Cross must do that within a 14 days after receiving the request unless exceptional circumstances apply; or

6.3.2 where the personal information is used for the purpose of facilitating direct marketing by other organisations on behalf of Red Cross, an individual may request Red Cross not to use or disclose the individual's information for direct marketing by other organisations and Red Cross must act on that request within 14 days after receiving the request (unless exceptional circumstances apply).

6.4 The individual may request Red Cross to be provide details of where his or her personal information came from (eg which other organisation) and Red Cross must do so within 14 days after receiving the request (except in exceptional circumstances) unless it is impractical or unreasonable to do so.

6.5 Red Cross will not charge any individual for the making of, or to give effect to, these requests.

7. GOVERNMENT RELATED IDENTIFIERS

7.1 Red Cross will not adopt a government related identifier of an individual as its own identifier of the individual unless the adoption of the government related identifier is required or authorised by law or a court/tribunal order.

7.2 Red Cross will not use or disclose a government related identifier of an individual unless:

7.2.1 the use or disclosure of the identifier is reasonably necessary for Red Cross to verify the identity of the individual for the purposes of the Red Cross's activities or functions; or

7.2.2 the use or disclosure of the identifier is reasonably necessary for Red Cross to fulfil its obligations to an agency or a State or Territory authority; or

7.2.3 the use or disclosure of the identifier is required or authorised by or under an Australian law or a court/tribunal order; or

7.2.4 Some of the special situations under the Law allows the use or disclosure. In each case, if it does this, Red Cross will comply with the relevant Australian Privacy Principle or Rules made by the Privacy Commissioner. Some of these special situations are:

(a) where Red Cross reasonably believes the use or disclosure is necessary to lessen or prevent a serious threat to the life, health or safety of an individual or to public health or safety;

(b) Red Cross has reason to suspect an individual may done something unlawful or engaged in serious misconduct that relates to Red Cross functions or activities, and Red Cross needs to disclose the information so that it can take appropriate action; or

(c) Red Cross reasonably believes that the use or disclosure is reasonably necessary to assist another person to locate a person reported as missing; or

(d) Red Cross reasonably believes that the use or disclosure of the information is reasonably necessary for an enforcement body's enforcement related activities (and Red Cross will make a written note that Red Cross has used the information for that purpose).

7.3 The complete list of these special situations is contained in the Law.

8. TRANSBORDER DATA FLOWS

8.1 Occasionally, Red Cross may transfer personal information to an organisation (other than Red Cross or the individual concerned) that is in a foreign country or, Red Cross may store some personal information on databases that are in the cloud. In most cases, where Red Cross transfers information to other National Societies or the IFRC, the information will be deidentified.

8.2 Red Cross will only send information overseas if it has taken reasonable steps to ensure that the transferred information, will not be held, used or disclosed by the recipient organisation inconsistently with the Australian Privacy Principles. Some ways Red Cross will assess this are:

8.2.1 Is the organisation receiving the information subject to a law, binding scheme or contract which effectively upholds principles for fair handling of the information that are substantially similar to the Australian Privacy Principles? and there are ways an individual can enforce the privacy right? or

8.2.2 Has the individual concerned consented to the information transfer after having been advised that Red Cross will not be taking reasonable steps to ensure that the transferred information is held, used or disclosed by the recipient consistently with the Australian Privacy Principles?; or

8.2.3 Is the use or disclosure of the information is required or authorised by or under an Australian law or a court/tribunal order?; or

8.2.4 Are there special situations set out in the Act that permit the transborder transfer of personal information? In each case, if it transfers information because of a special situation, Red Cross will comply with the relevant Australian Privacy Principle or Rules made by the Privacy Commissioner.

9. DATA QUALITY

9.1 Red Cross will take all reasonable steps to ensure that the personal information it collects is accurate, complete and up-to-date and relevant, having regard to the purposes of the use or disclosure of the personal information that is collected.

10. DATA SECURITY AND HANDLING

10.1 Red Cross will take all reasonable steps to protect the personal information it holds from misuse, interference (which may include measures to protect against computer attacks), loss and unauthorised access, modification or disclosure.

10.2 Red Cross data handling practices are regularly reviewed. All sensitive information is separately stored and shared among employees on a need to know basis only.

10.3 Client management records (that include personal, sensitive and health information) are stored on separate databases and are accessible only to those who require the information to undertake this activity e.g. case worker.

10.4 Training and guidance to Red Cross personnel has been established to support this privacy policy.

10.5 Red Cross will take all reasonable steps to destroy or permanently de-identify personal information about an individual that it holds, if the information is no longer needed for any purpose for which it is able to be used or disclosed, and where there is no law or Court/tribunal or Commonwealth contract that requires Red Cross to keep the information.

11. ACCESS AND CORRECTION

11.1 If Red Cross holds personal information about an individual, and the individual wants access to that information, Red Cross will provide the individual with access to that information unless any of the following exceptions apply:

11.1.1 Red Cross reasonably believes that giving access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety; or

11.1.2 giving access would have an unreasonable impact upon the privacy of other individuals; or

11.1.3 the request for access is frivolous or vexatious; or

11.1.4 the information relates to existing or anticipated legal proceedings between Red Cross and the individual, and the information would not be provided by the process of discovery in those proceedings; or

11.1.5 providing access would reveal the intentions of Red Cross in relation to negotiations with the individual in such a way as to prejudice those negotiations; or

11.1.6 providing access would be unlawful; or

11.1.7 denying access is required or authorised by or under an Australian law or a court/tribunal order; or

11.1.8 both of the following apply:

(a) Red Cross has reason to suspect that unlawful activity, or misconduct of a serious nature, that relates the Red Cross functions or activities has been or is being or may be engaged in; and

(b) giving access would be likely to prejudice the taking of appropriate action in relation to the matter; or

(c) providing access would be likely to prejudice one or more enforcement related activities conducted by, or on behalf of, an enforcement body; or

(d) giving access would reveal evaluative information generated within Red Cross in connection with a commercially sensitive decision-making process.

11.2 Red Cross will respond to an access request within a reasonable period after the request is made and will give access to the personal information in the manner requested by the individual, if it is reasonable and practicable to do so. Red Cross may, in appropriate circumstances, charge the individual an appropriate (and not excessive) fee for giving access to the personal information.

11.3 If Red Cross refuses to give access to personal information in the manner requested by the individual or because one or more of the exceptions referred to in paragraph 11.1 of this policy apply, Red Cross will give the individual a written notice about the refusal that complies with the regulations to the Law and includes information about how a person can complain about the refusal.

11.4 An individual can ask Red Cross to correct personal information held by Red Cross. Red Cross will respond to the request within a reasonable period of time after the request is made and will take reasonable steps to correct the information to ensure that it is accurate, up to date, complete, relevant and not misleading. Red Cross may also take such itself, if Red Cross it finds personal information it holds about an individual is inaccurate, out of date, incomplete, irrelevant or misleading.

11.5 If Red Cross refuses to correct the personal information when requested to do so by an individual, Red Cross will give the individual a written notice about the refusal that complies with the regulations to the Law and includes information about how a person can complain about the refusal.

11.6 Where Red Cross has previously disclosed personal information about the individual to another APP agency, an individual can request Red Cross to notify that APP entity of corrections made to their personal information. Red Cross will take all reasonable steps to give that notification unless it is impracticable or unlawful to do so.

11.7 An individual can request Red Cross to attach a statement to information saying that the information is inaccurate, out of date, incomplete, irrelevant or misleading. Red Cross will answer that request within a reasonable period after it is made and will take reasonable steps as are to ensure the statement is able to be seen by the users of the information.

12. COMPLAINTS

12.1 Red Cross will consider complaints made by an individual in relation to:

12.1.1 a decision by Red Cross to refuse access to personal information requested by the individual; or

12.1.2 a decision not to correct an individual's personal information; and Red Cross will respond within a reasonable period after the complaint is received. The Red Cross response to a complaint is final.

12.2 Any individual may make a complaint about how Red Cross handles an individual's personal information to the Office Australian Information Commissioner (OAIC). Further information is available on the OAIC website www.oaic.gov.au.

13. CONTACT DETAILS

13.1 All queries or complaints regarding this Privacy Policy, or requests for access to, or correction of, personal information should be directed to the Red Cross Privacy Officer as follows:

General Counsel
Legal & Policy Unit
Australian Red Cross Society
155 Pelham Street
Carlton VIC 3053

Tel: 61 3 9345 1800
Fax: 61 3 9348 2513
Email: privacy@redcross.org.au

14. REVIEW

14.1 This Privacy Policy will be reviewed annually, when there are any changes to the Law, and updated as required.

Subscribe to our newsletter

Subscribe to our monthly newsletter for the latest news and inspiring stories