Donate

Privacy

Privacy policy

Date of commencement: 24 February 2023

1.1 Purpose

1.2 How Australian Red Cross collects and uses Personal Information

1.3 Who Australian Red Cross shares your Personal Information with

1.4 Remaining anonymous

1.5 Storing and securing Personal Information (including overseas disclosures)

1.6 Retaining Personal Information

1.7 Accessing, correcting and deleting your Personal Information

1.8 Data Incidents

1.9 Who should you contact if you have further questions or concerns?

1.10 Definitions

Australian Red Cross Society (“Australian Red Cross”, “we”) is committed to handling Personal Information in a lawful manner that protects people and supports the community’s trust.

This Policy sets out the principles that Australian Red Cross must follow when handling Personal Information, to ensure compliance with its obligations under the Privacy Act 1988 (Cth) and other applicable laws, regulations, industry standards and contractual obligations.

This Policy does not apply to Lifeblood, or to any Personal Information provided to Lifeblood. To read Lifeblood’s Privacy Policy, please see lifeblood.com.au/privacy

1.1 Purpose

This Policy, and the handling of Personal Information by Australian Red Cross, must be consistent with the requirements of the Australian Privacy Principles, and must ensure that Australian Red Cross:

  1. Is transparent about the way it handles Personal Information and the reasons why it is collected.
  2. Only collects, uses and discloses Personal Information if necessary to perform its functions or activities.
  3. Takes reasonable steps to keep Personal Information secure.
  4. Conducts activities in accordance with this Policy and appropriate procedures.

1.2 How Australian Red Cross collects and uses Personal Information

  1. Personal Information is information that identifies a person (or could reasonably lead to them being identified). The Personal Information that Australian Red Cross collects depends on the service, product, activity or program you are looking at or are participating in. Australian Red Cross only collects the minimum amount of information needed to perform its functions and activities, meet its obligations and to support you.
  2. Some programs or services offered by Australian Red Cross may require collection of Sensitive Information. Australian Red Cross will seek your consent when collecting Sensitive Information.
  3. The sections below outline when Australian Red Cross collects information, the types of information we collect, and how we use that information depending on the way you interact with Australian Red Cross.
  4. When reading this Policy, please keep in mind that depending on how you interact with Australian Red Cross, Personal Information may be collected over the phone, by email, by secure file sharing, via websites, via client portals, by social media, in writing or face-to-face:
  1. Directly from you.
  2. From third parties, including:
  1. Your guardian or a family member.
  2. Health professionals such as your doctor or your social worker.
  3. Government agencies, other service providers or partner organisations.
  4. Social media platforms (e.g., Facebook) or workplace giving platforms.
  5. Suppliers who provide services to Australian Red Cross, including but not limited to, recruitment agencies, IT platform providers, police check provider and visa check provider, marketing or fundraising agencies.

Note: If you have any questions or concerns regarding your privacy, or if you would like to make a complaint, please contact the Privacy Officer on 1800 733 276 (within Australia) or +61 3 9345 1800 (from overseas) or email privacy@redcross.org.au. For other options, please see section 1.9 of this policy.

Australian Red Cross collects Personal Information when you:

  • Enquire or apply for assistance or services, or otherwise communicate with Australian Red Cross
  • Agree to be referred to services of Australian Red Cross
  • Accept assistance or receive services from Australian Red Cross
  • Complete forms or respond to surveys
  • To assist and provide services to people who may be experiencing vulnerability, stress, or who have been affected by an emergency or disaster situation

Types of information collected by Australian Red Cross

  • Information that directly identifies you, such as your name and date of birth
  • Identity information, copies of identity documents (e.g. passport or visa) or government related identifiers
  • Contact information, such as email, address or phone number
  • Details of your emergency contacts, family members and next of kin
  • Details of assistance or services that Australian Red Cross is providing to you, and how you use the assistance or services provided
  • Information about you and your personal circumstances to help Australian Red Cross understand your needs
  • Details of Australian Red Cross communications or interactions with you
  • Sensitive Information, including information about your health, ethnic origin and main spoken language
  • Financial or banking information
  • Images of you, which may include photographs and/or surveillance footage of public areas in and around places where Australian Red Cross provides services or operates programs

How Australian Red Cross may use Personal Information

  • Verify your identity
  • Answer your queries or communicate with you
  • Provide you with information about programs and services
  • Assess your eligibility for services and how Australian Red Cross can best help you
  • Provide you with humanitarian and emergency assistance
  • Provide you with other services, including referring you to other support providers or engaging with authorities or other organisations on your behalf
  • Take action in response to any safety and wellbeing concerns for you or others
  • Report to government or other funding bodies about how funding is used
  • Plan, fund, monitor and evaluate the services and programs operated by Australian Red Cross
  • Perform research to improve the way we provide humanitarian support and improve responses to emerging needs in the community
  • Receive feedback and complaints
  • Meet professional and legal obligations

Australian Red Cross collects Personal Information when you:

  • Enquire or apply for our products or services
  • Receive or pay for our products or services
  • Participate in a training course such as first aid or mental health training
  • Make a donation or pledge, including a gift in your will
  • Sign up to participate in a fundraising activity, including raffles
  • Communicate with us, including through a form or survey

Types of information collected by Australian Red Cross

  • Information that directly identifies you, such as your name and date of birth
  • Contact information, such as email, address or phone number
  • Details of products or services that Australian Red Cross provides to you and how you use those products or services
  • Information about donations and contributions to Australian Red Cross
  • Details of Australian Red Cross communications or interactions with you
  • Financial or banking information
  • Information required by law to enable us to provide you with our training courses, such as Unique Student Identifiers, demographic information and education information.
  • Images of you, which may include photographs and/or surveillance footage of public areas in and around places where Australian Red Cross provides services or operates programs

How Australian Red Cross may use Personal Information

  • Answer your queries or communicate with you, including communicating about the work of Australian Red Cross, Australian Red Cross fundraising activities, or our products or services
  • Inform you about, and manage your purchase of, our products and services
  • Process your donation and provide you with a tax receipt
  • Manage your donation or gift
  • Monitor and evaluate the engagement and relevance of certain content
  • Understand your communication needs
  • Combine information about you from different sources, for marketing purposes
  • Perform research and analysis to improve engagement with our donors and customers
  • Comply with our legal and other compliance obligations, including as a Registered Training Organisation. This may include reporting to government departments.

Note about marketing: From time to time, Australian Red Cross may communicate with you in person, by email, phone, SMS, post or online about the work of Australian Red Cross, about Australian Red Cross fundraising events or opportunities, or about our products and services which we believe may be of interest to you. You can choose to not receive marketing communication at any time by emailing contactus@redcross.org.au or calling 1800 733 276 (within Australia) or +61 3 9345 1800 (if overseas).

Australian Red Cross collects Personal Information when you:

  • Make enquiries or contact us
  • Apply for a job (paid or volunteer) with Australian Red Cross
  • Work or volunteer with Australian Red Cross
  • Sign up to become an Australian Red Cross member or volunteer
  • Respond to a survey or fill out an Australian Red Cross form

Types of information collected by Australian Red Cross

  • Information that directly identifies you, such as your name and date of birth
  • Identity information or copies of documents that identify you (e.g. passport, visa, driver’s licence or government related identifiers (e.g. Tax File numbers)
  • Contact information, such as email, address or phone number
  • Name and contact details of your emergency contacts
  • Recruitment information (e.g. in your resume, job application or references)
  • Employment information (e.g. tax information, performance information)
  • Financial or banking information
  • Details of Australian Red Cross communications or interactions with you
  • Details of your membership and volunteer roles, including type and length of service
  • Health information (e.g. medical certificates, health conditions where relevant)
  • Diversity information such as ethnicity, religion, disability, gender and sexuality
  • Compliance screening checks (e.g. police checks)
  • Images of you, which may include photographs and/or surveillance footage of public areas in and around places where Australian Red Cross provides services or operates its activities
  • Information about your browsing activity while connected to Australian Red Cross wi-fi and information you include on Australian Red Cross IT systems

How Australian Red Cross may use Personal Information

  • Answer your queries or communicate with you
  • Process job or volunteer applications
  • Commence, manage and support your employment, membership or volunteering role(s)
  • Recognise length of service with Australian Red Cross and issue awards
  • Process your membership, volunteering or employment application
  • Communicate with you about the work Australian Red Cross is involved in
  • Manage and respond to work, health and safety matters and conflicts of interest
  • Contact you about current or future job or volunteering opportunities
  • Receive feedback and complaints
  • Meet professional and legal obligations
  • Conduct reporting on Red Cross People
  • Perform research to improve the way Australian Red Cross provides humanitarian support

Australian Red Cross collects Personal Information when you:

  • Visit Australian Red Cross websites, social media pages or mobile applications
  • Contact Australian Red Cross through the website, a mobile application or via social media
  • Visit the Australian Red Cross online store
  • Make an application for support through an online application portal of Australian Red Cross
  • Send a request to access or correct your Personal Information
  • Submit feedback, or raise a concern or complaint

Types of information collected by Australian Red Cross

  • Information about your use of websites, social media and mobile applications (analytics information)
  • Information about your response to and interaction with Australian Red Cross marketing
  • Information about your enquiry or communication with Australian Red Cross, including your name, age and contact information if provided
  • Your device’s IP address and approximate location

How Australian Red Cross may use Personal Information

  • Improve your experience or engagement with Australian Red Cross websites, mobile applications and social media
  • Personalise your experience on Australian Red Cross websites, mobile applications and social media
  • Match your name and profile to your online activity on Australian Red Cross websites and social media
  • Communicate with you and respond to your enquiries
  • Process your request to access or correct your Personal Information
  • Respond to your privacy complaint

Note: Analytics information helps Australian Red Cross understand how you use its websites or interact with it online. The information collected may include information to enable Australian Red Cross to personalise your experience on its websites. Australian Red Cross generally collects this information using cookies. More information about this is contained in the Cookie Notice which can be accessed at redcross.org.au/cookies

1.3 Who Australian Red Cross shares your Personal Information with

  1. Australian Red Cross will take reasonable steps to ensure that Red Cross People and its contractors and Suppliers will only access your personal information on a ‘need-to-know’ basis.
  2. In some situations, Australian Red Cross may disclose or share your Personal Information with people outside of Australian Red Cross.
  3. Where practicable, Australian Red Cross will explain the reasons for disclosing your Personal Information before doing so. Australian Red Cross may share your personal information with other people if you have agreed or would expect it (or if Australian Red Cross is required or authorised by law to share your information or if it is necessary to keep someone safe).
  4. The section below outlines some key examples of who Australian Red Cross may disclose your information to depending on the situation:

Australian Red Cross may disclose your information to:

  • Government authorities engaged in humanitarian work, disaster relief or other activities where Australian Red Cross is involved, such as:
  • State Emergency Services during a disaster relief activity that Australian Red Cross is involved in.
  • Services Australia to provide direct assistance to an Australian Red Cross client.
  • Australian Red Cross partners, such as other support providers including (but not limited to) health service providers, translators, interpreters and other external parties who assist to provide Australian Red Cross products and services.
  • The IFRC, ICRC, the Arolsen Archives and other Red Cross or Red Crescent Movement entities and National Societies (e.g. helping locate a missing person overseas).
  • Government agencies who provide funding to Australian Red Cross.
  • Australian Red Cross uses Suppliers to provide services and functions (e.g. IT systems, marketing, fundraising, printing, payment processing and website analytics) on its behalf which might require Personal Information to be shared.
  • Australian Red Cross takes reasonable steps to ensure that (amongst other things) strict security and data breach reporting controls are in place, and Suppliers only process and use Personal Information for the purpose it was provided to them, and not for any other purpose.
  • Emergency services (i.e., ambulance, police, fire or SES) where Australian Red Cross or Red Cross People are concerned about a serious threat to the life, health or wellbeing of a person or you have agreed for us to contact them.
  • Government bodies and community partners, for the purpose of child protection, vulnerable adult safeguarding or managing risk relating to domestic violence.

People authorised by or responsible for you, such as an employer when you participate in a training program conducted by Australian Red Cross at your organisation.

Australian Taxation Office, to enable a tax deduction for your donation or contribution to be processed.

Government authorities if required or authorised by law (e.g., to provide information about students completing first aid and mental health training).

  • Your representatives or advisors (e.g., where you request your information to be provided to your lawyer or financial advisor)
  • Universities and research organisations (e.g., to allow research relating to disaster relief response to improve processes, which may include sharing de-identified data with other organisations to improve future emergency responses.)
  • Other external organisations where Australian Red Cross has a lawful ability or requirement to disclose the information (e.g., providing video footage to police to investigate theft at Australian Red Cross or providing information to Police about a potential case of fraud, such as a fraudulent application for a grant).

1.4 Remaining anonymous

You can choose to remain anonymous and not provide your Personal Information when dealing with Australian Red Cross. However, there are some instances where Australian Red Cross is unable to provide products, services or opportunities (including grants) to you without obtaining Personal Information to verify your identity.

1.5 Storing and securing Personal Information (including overseas disclosures)

  1. To ensure your Personal Information is appropriately protected, Australian Red Cross stores Personal Information within Australia or within jurisdictions that have comparable privacy laws where practicable. Some IT systems and applications used by Australian Red Cross are hosted overseas, including in Switzerland, the United States of America, the United Kingdom, and countries in the European Union such as Germany.
  2. Australian Red Cross may also disclose Personal Information to entities located outside Australia, such as the ICRC, IFRC and other Red Cross or Red Crescent National Societies, where necessary to perform its functions and activities. When Australian Red Cross discloses Personal Information to an entity located overseas, Australian Red Cross will take reasonable steps to ensure that the entity handles your information in accordance with Australian privacy laws.
  3. Australian Red Cross uses Suppliers to store specific types of Personal Information (such as analytics and credit card information) on its behalf. Personal Information stored by Suppliers relates directly to their functions and services and is stored in accordance with the contract with these Suppliers.
  4. Australian Red Cross holds Personal Information in hard copy and electronic forms. Australian Red Cross uses a range of technological, operational and physical measures to protect Personal Information, including (but not limited to):
  1. Education and training to ensure Red Cross People understand their obligations when handling Personal Information.
  2. Technological security measures, including firewalls, encryption of Personal Information during transit and at rest, anti-virus software, access controls, and multi-factor authentication (where possible).
  3. Physical security measures, such as security passes to access offices.

1.6 Retaining Personal Information

  1. Australian Red Cross keeps Personal Information for as long as it is needed for the purpose it was collected or for another lawful purpose.
  2. Australian Red Cross is committed to securely destroying or de-identifying Personal Information where it is no longer required for the purpose it was collected or for another lawful purpose such as record-keeping.

1.7 Accessing, correcting and deleting your Personal Information

  1. Australian Red Cross supports your rights to:
  1. Access your Personal Information.
  2. Correct your Personal Information (where it is inaccurate, incomplete or out of date).
  1. You may also request Australian Red Cross to delete your Personal Information. Australian Red Cross may not be able to delete your information if it is legally or contractually required to keep your Personal Information.
  2. Please contact the Privacy Officer to request access to, correction or deletion of, your Personal Information:
  1. Email: privacy@redcross.org.au
  2. Post: C/- Privacy Officer, GPO Box 9949, Melbourne Vic 3001, Australia

Note: Australian Red Cross will only provide Personal Information to the individual which the Personal Information relates (unless you permit us or there is a lawful ability or requirement to provide it to someone else). Before processing your request, you will be required to verify your identity.

1.8 Data Incidents

  1. Australian Red Cross will promptly investigate and respond to data incidents upon becoming aware of unauthorised access, disclosure of, or loss of Personal Information.
  2. If a data incident occurs that is likely to result in serious harm to one or more individuals, Australian Red Cross will promptly notify people affected by the data incident and notify the Office of the Australian Information Commissioner (OAIC), in accordance with all applicable laws.

1.9 Who should you contact if you have further questions or concerns?

  1. If you have any questions or concerns regarding your privacy, you can contact the Privacy Officer by:
  1. Email: privacy@redcross.org.au
  2. Telephone: 1800 733 276 (within Australia) or +61 3 9345 1800 (outside Australia)
  3. Post: C/- Privacy Officer, GPO Box 9949, Melbourne Vic 3001, Australia
  1. If you are not satisfied after asking a question, raising a concern or complaint with the Privacy Officer, and you want to escalate your concern, you should do so in writing to the CEO by email to ceo@redcross.org.au or post to C/- Office of the CEO, GPO Box 9949, Melbourne VIC 3001, Australia.

Note: The CEO may take any steps that they determine are appropriate in the circumstances (including referring the matter to a committee of the Board) or deciding not to take any further action.

  1. While Australian Red Cross prefers to receive, assess, and respond to any privacy concerns directly to enable us to assess and take appropriate corrective action as quickly as possible, if you believe that Australian Red Cross has not adequately handled your privacy complaint, you may complain to the Office of the Australian Information Commissioner (OAIC).

Note: For details on how to lodge a privacy complaint with the OAIC, see oaic.gov.au/privacy.

1.10 Definitions

Arolsen Archives
An international centre on Nazi persecution with an archive of information about Nazi victims and survivors

Australian Red Cross
Australian Red Cross Society, and for the purposes of this Policy is limited to Humanitarian Services. References to “we” in this Policy refer to Australian Red Cross.

Note: For the purposes of this Policy, Australian Red Cross does not include products or services provided exclusively by Lifeblood.

Beneficiary
A person who receives a benefit from Australian Red Cross (e.g. cash grant recipient), but who is not an ongoing client.

Biometric Information
Electronic copy of your face, fingerprints, iris, palm, signature or voice that is used to identify you.

Client
A person who receives assistance or support services from Australian Red Cross.

Customer
A person who purchases goods or services from Australian Red Cross.

Donor
A person who donates money, property or other material benefits to Australian Red Cross.

Humanitarian Services
The teams and programs responsible for undertaking the humanitarian work of Australian Red Cross and the supporting functions required.

IFRC
International Federation of Red Cross and Red Crescent Societies

ICRC
International Committee of the Red Cross

Lifeblood
Australian Red Cross Lifeblood, the trading name of Australian Red Cross Blood Service

OAIC
Office of the Australian Information Commissioner

Personal Information
Has the same meaning as defined in the Privacy Act 1988 (Cth), being information or an opinion about an identified individual, or an individual who is reasonably identifiable whether the information or opinion is true or not, and whether it is recorded in a material form or not (i.e., in writing).

Red Cross People
As the context requires, all employees, volunteers, and members of Australian Red Cross (but excludes Lifeblood employees)

Sensitive Information
Has the same meaning as defined in the Privacy Act 1988 (Cth), being:

  • Information or an opinion about an individual’s racial or ethnic origin, political opinions, membership of a political association, religious beliefs for affiliations, philosophical beliefs, membership of a professional or trade associations, membership of a trade union, sexual orientation or practices, criminal record
  • Health information about an individual
  • Genetic information about an individual that is not otherwise health information
  • Biometric information that is to be used for the purposes of biometric verification or biometric verification
  • Biometric templates

Supplier
Third party suppliers engaged by Australian Red Cross to provide services to or on behalf of Australian Red Cross

Privacy collection notice for website visitors and supporters

Who is collecting the information?
Australian Red Cross Society

Facts and circumstances of collection
We may collect your personal information in a number of ways, including:
• directly from you (for example, when you visit our website or contact us by telephone)
• from third parties (for example, our professional marketing and fundraising service providers)
• from our website software (for example, cookies and other digital tracking and analytics)
• from publicly available sources (for example, White Pages).

Is the collection being made because a law or Court order applies?
No law or Court order applies to the collection of this information.

Why does Red Cross need to collect this information?
We need to collect this information so that we may do one or more of the following:
• process your donation or membership.
• verify your identity
• enable you to participate in our activities or fundraising campaigns, or provide you with information about our activities or fundraising campaigns including disaster appeals, newsletters, community fundraising appeals and other events such as the Human Race
• provide you with a tax receipt at tax time
• gain an understanding of your communication needs, or perform research and analysis to improve the way in which we engage with you.

We also use your information for direct marketing and targeted marketing. We use your information to promote our humanitarian activities, fundraising opportunities and other services that we think will interest you. This marketing may be by email, phone, SMS, post or online. You can opt out of direct marketing at any time by emailing contactus@redcross.org.au or calling 1800 RED CROSS (733 276).

The primary purpose for which the information is being collected
The primary purpose of collecting your information depends on why we initially collected your information. Typically, the primary purpose will be one or more of the following:
• to process your donation
• to process your membership
• to enable you to participate in our activities (for example, The Human Race, Wills Day, etc)
• to provide you with direct marketing
• to provide you with a newsletter (if you have signed up on the website)
• to process your online order

The secondary purposes (if any) for which Red Cross is collecting this information
The secondary purpose of collecting your information may be to:
• keep you informed about our activities, campaigns and appeals
• profile our supporters and people who may be interested in Australian Red Cross and conduct data analytics and data matching so that we better understand and connect with our supporter base and provide you with the high quality service and information that you expect from us
• personalise your experience with Red Cross digital services, and to suggest appeals, products and services that might be of interest to you
• display your name on our website for a fundraising leaderboard when participating in events like the Human Race
• prevent and detect fraud
• better understand who our supporters and others who deal with us are

What happens if Red Cross doesn't collect this information?
If Red Cross does not collect this information from you we may not be able to process your donation or membership, provide you with a donation receipt, enable you to participate in our activities, provide you with direct marketing or inform you about other services, products or campaigns that may be of interest to you.

Anonymity/Nickname
You can ask that we do not record your real name. Sometimes we may require your real name, for example, if you wish to be a member of Australian Red Cross or receive a donation receipt.

The organisations we usually disclose this information to are
We may disclose your information to third parties that provide services to us. These services include technology service providers, social media platforms and professional marketing and fundraising organisations who provide us with services such as letter printing, call centre, email, digital marketing, telemarketing, fundraising and data analysis. These organisations may provide us with other similar services. We may also disclose your information to organisations that provide us with information technology and banking services. We may also disclose your information if we are legally required to provide this information, for example by the Australian Taxation Office.

Access and correction
Information about accessing your information and requesting corrections is set out in the Red Cross Privacy Policy.

Complaints
Privacy concerns or complaints can be sent to:

Privacy Officer
Australian Red Cross Society
GPO Box 9949, Melbourne Vic 3001, Australia
Tel: 1800 RED CROSS (733 276)
Email: privacy@redcross.org.au

Information about how to complain is in the Red Cross Privacy Policy. You can also complain direct to the Office of the Australian Information Commissioner at oaic.gov.au

Will my information be stored offshore? 
Australian Red Cross stores Personal Information within Australia or within jurisdictions that have comparable privacy laws where practicable. Some IT systems and applications used by Australian Red Cross are hosted overseas, including in Switzerland, the United States of America, the United Kingdom, and countries in the European Union such as Germany.

Sometimes organisations that we may disclose your information to are located outside Australia. For example, we may disclose your information to service providers in New Zealand and the United States of America.

You can make a request not to receive direct marketing at any time by emailing contactus@redcross.org.au or calling 1800 RED CROSS (733 276).

Red Cross pays our respects to the Aboriginal and Torres Strait Islander custodians of the country where we work, and to Elders, past, present and emerging.

Learn about our Reconciliation Action Plan and how we can all make reconciliation real.

This website may contain the images, voices or names of people who have passed away.

About
Resources
More

© Australian Red Cross 2025. ABN 50 169 561 394