Privacy Policy
Personal information is information or an opinion about an individual, which identifies them or from which their identity is reasonably identifiable, whether:
a) the information or opinion is true and accurate, or not
b) the information or opinion is recorded in a material form, or not.
Sensitive information means a special category of personal information that may include:
a) information or an opinion about an individual’s
• racial or ethnic origin
• political opinions
• membership of a political association
• religious beliefs or affiliations
• philosophical beliefs
• membership of a professional or trade association
• membership of a trade union
• sexual orientation or practices
• criminal record, which is also personal information
b) health information about an individual
c) genetic information about an individual that is not otherwise health information
d) biometric information that is to be used for the purpose of automated biometric verification or biometric templates
What type of information do we collect?
We collect personal information from our members, donors, potential donors, event participants, community supporters, spontaneous and corporate volunteers and people who sign up to receive our communications. The type of personal information we collect and hold will depend on the nature of involvement with our organisation. Depending on the reason for collecting personal information, the personal information collected by us may include personal or sensitive information as defined in the Privacy Act 1988 (Cth). The personal or sensitive information we collect may include:
• an individual’s name, signature, address, phone number, date of birth and/or email address
• Health information, such as medical conditions and other information that may affect your ability to perform a role
• employee information
• employment and/or volunteer history
• photographs relating to our events and activities
• Internet Protocol (IP) addresses of technology that accesses our website
• location information from a mobile device
Whilst an individual is not required to provide personal and/or sensitive information requested by us, if you do not provide the information we reasonably request, we may not be able to provide you with certain services or allow you to participate in our activities. For example, an individual may donate or receive general information or communications anonymously or under a pseudonym; however, we are required to collect and store a minimum level of information to issue a tax-deductible receipt. Similarly, a member may agree to the provision of name, address, email, and phone number, but may not agree to use a personal mobile device for location tracking or use of other communication tools. This may impact a member's ability to perform certain operations. Our ability to provide services will be assessed on a case-by-case basis. Location information is used to ensure members' health, safety and welfare whilst engaged in our activities. In circumstances where we receive unsolicited personal information (meaning, personal information that has been received where we have taken no active steps to collect the information), we will destroy or de-identify the information as soon as practicable if it is lawful and reasonable to do so unless the unsolicited personal information is reasonably necessary for, or directly related to, our functions or activities.
How do we collect personal information?
Our staff, volunteers or contractors may collect personal information from individuals from time to time via various means, including (but not limited to):
• membership database
• expressions of interest for DRA activities
• personal and team device tracking
• vehicle tracking
• internet member access portal
• merchandise online shop
• Microsoft Office login
• social media
We will, wherever practicable, collect personal information directly from the owner of the personal information, including via phone, face to face, our website, email, SMS, electronic and hard copy forms, social media and third-party online portals.
Occasionally, we may collect personal information from a third party, such as sector-relevant coalitions. If we collect personal information about you from a third party, we will, where appropriate, request the third party to inform you that we are holding your information, how we will use and disclose it, and that you may contact us to gain access to and correct or update the information. We will generally obtain consent from the owner of personal information to collect their personal information. Consent may be provided in writing, oral form, or may be implied through a person’s engagement with us.
We will endeavour to only ask for personal information if it is reasonably necessary for the activities that an individual is seeking to be involved in.
Location information is collected using on-board devices in vehicles, trailers, plant or equipment, issued mobile phones and other devices, and in some circumstances, personal devices.
How does we use personal information?
We may collect, hold, use, or disclose personal information for the following general purposes:
• to offer and provide services, including through our websites
• to identify an individual
• for the purpose for which the personal information was originally collected
• to help ensure the health, safety and welfare of members engaged in our activities
• for a purpose for which an individual has consented
• for any other purpose where the information is used in aggregated form
• for any other purpose authorised or required by an Australian law
• for any other purpose authorised or required by a court or tribunal
• for research purposes (de-identified)
The information collected is used to further our mission, including fundraising, charitable aid, relief, development, advocacy, education, and related activities. This includes (but is not limited to) processing donations, issuing receipts and other materials, managing staff and representatives' contacts, and analysing data to personalise and improve supporter engagement.
After obtaining informed consent, we may publish images of members, supporters, staff, contractors, and other volunteers in publications, on social media, or in public advertisements.
If an individual has any concerns about how we use their personal information, they must notify us at hello@disaster.org.au.
Disclosure
We will not pass information on to third parties except in the following circumstances:
• where required by law or other regulation
• information is given to financial institutions/intermediaries for normal bank processing, in which case, there is a contractual expectation of confidentiality
• information is given to communication service providers for bulk processing, in which case, there is a contractual expectation of confidentiality
• the Australian Taxation Office or other government authority, Australian law or court requires or authorises the disclosure of information
• an individual has consented to us disclosing their personal information to a third party
• other parties, including agents and contractors, who have agreed to keep information secure and confidential in line with the Australian Privacy Principles (APPs). When disclosing personal information to a third party, we will take reasonable steps to ensure that the third party does not breach the APPs in relation to the information.
All personal information is held in Australia
As at the date of this Privacy Policy, we are not likely to disclose personal information to overseas recipients. If in future we do propose to disclose personal information overseas, we will do so in compliance with the requirements of the Privacy Act 1988 (Cth). Specifically, we will only disclose your personal information to a recipient overseas in certain circumstances and in accordance with the APPs where:
• the individual has consented to the disclosure; or
• we reasonably believe that the overseas recipient is subject to a law or binding scheme that protects the information in a way that is substantially similar to the way the information is protected under the Privacy Act and the APPs; or
• the disclosure is required or authorised by an Australian law or a court order.
Please let us know if you do not want us to disclose your information to overseas recipients.
Occasionally, we may engage an overseas recipient to provide us with services, such as cloud-based storage solutions. Please note that using overseas service providers to store personal information does not always involve disclosing personal information overseas or to that overseas provider.
Direct Marketing
From time to time, we may send supporters updates and information that is consistent with our mission and future development. Supporters are provided with the option to unsubscribe from communication and may contact us if they do not wish to receive such information.
How do we store personal information?
We ensure all reasonable steps are taken to protect personal information we hold from misuse, loss, and unauthorised access, modification, or disclosure. Supporters' personally identifiable information is kept secure by securely storing paper and electronic records through firewalls, password-restricted access to computerised records, routine security risk assessments, and internal policies concerning access to personal information. Physical, electronic and managerial procedures have been put in place to safeguard the security and integrity of your personal information. Whilst we take reasonable steps to maintain the security of your personal information transmitted via the internet, unfortunately, no data transmission over the internet can be guaranteed to be completely secure. Although we strive to protect such information, we do not warrant the security of any information transmitted over the internet, and you do so at your own risk.
Cookies
A cookie is a small text file stored in your computer’s memory or on your hard disk for a pre-defined period. We use cookies to identify specific machines and collect aggregate information on how visitors are experiencing our website. While cookies allow a computer to be identified, they do not permit any reference to a specific individual. For information on cookie settings of your internet browser, please refer to your browser’s manual. You can block cookies on your machine, which may inhibit your ability to access the website.
Keeping details accurate and up to date
We are committed to holding accurate and up-to-date personal information. Individuals are encouraged to contact us anytime to update their personal information. This can be done by contacting our membership team. We will destroy or de-identify any personal information that is no longer required for any purpose for which we may use or disclose it unless we are required by law or by court order to retain it.
How individuals can access their personal information
If an individual wants to access a copy of their personal information that we hold, or to seek correction, they may do so by contacting us. Under the Privacy Act, we may refuse access to personal information in some circumstances, including where giving access to the information would pose a serious threat to the life, health or safety of a person, the information relates to existing or anticipated legal proceedings and would not be available under the discovery process, or denying access is required or authorised by an Australian law or court order. We will handle all requests for access to personal information as quickly as possible.
Data Breach
We will notify you and the Office of the Australian Information Commissioner when there has been an eligible data breach as defined in the Privacy Act. This is when:
a) we suspect that a data breach relating to your personal information has occurred; and
b) there is real risk of serious harm to you as a result of the breach; and
c) we cannot take remedial steps to reduce the risk of serious harm.
Changes
We reserve the right to change the terms of this Privacy Policy from time to time without giving you notice. An up-to-date copy of our Privacy Policy is available on our website, and we encourage you to check our website periodically to make sure you are aware of our current Privacy Policy.
The last update to this document was July 2025.
How to contact us
If an individual has any questions, comments, or complaints about our Privacy Policy or information handling, please contact us at 1300 280 510 between 9 a.m. and 5 p.m. (AEST or AEDST) Monday through Friday.
Alternatively, they can email hello@disaster.org.au or write to us at PO Box 220 Strathdale, VIC 3550.
We take all feedback seriously, and any feedback on our privacy principles or handling of personal information will be investigated promptly. The feedback provided will be delivered within a reasonable time from the initial receipt.
Further information about individual privacy rights and privacy law can be obtained from the Office of the Australian Information Commissioner by:
• calling the Privacy Hotline - 1300 363 992
• visiting their website - http://www.oaic.gov.au
• Writing to them - The Australian Information Commissioner, GPO Box 5218 Sydney NSW 1042
Related Australian References
• Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth).
• Privacy Act 1988 (Cth) and subsequent Amendments
• Our Fundraising Policy
• Workplace Surveillance Act 2005 No 47 – (NSW)
• Workplace Privacy Act 2011 (ACT)
• SURVEILLANCE DEVICES ACT 1998 (WA)
• SURVEILLANCE DEVICES ACT 1999 (VIC)
• SURVEILLANCE DEVICES ACT 2016 (SA)
• SURVEILLANCE DEVICES ACT 2007 (NT)