Privacy Policy

This Privacy Policy sets out the Australian Red Cross Blood Service’s (Blood Service) commitment to protecting the privacy of personal information, including health information, collected by the Blood Service or provided to the Blood Service, both tangibly (e.g.  in person at donor centres) or online (e.g. through Blood Service websites, mobile applications or other digital platforms).  

This Privacy Policy details how personal information is collected, used, stored and disclosed by the Blood Service and your rights in relation to this.

What personal information the Blood Service collected and holds

In order to provide life-giving blood, plasma, transplantation and biological products for world-leading health outcomes, the Blood Service collects and holds personal information about individuals (including sensitive health information).

Blood Donors 

For the safety of both donors and the blood supply, the Blood Service needs to collect information about health, medical history, travel and certain high risk activities (in the context of blood donation) of blood donors and people volunteering to be blood donors.  The information collected from blood donors includes:

  • Name
  • Contact details including email address, mailing  address, street address and telephone numbers
  • Date of birth
  • Medical history
  • Travel history
  • Certain high risk behaviours relevant to a safe blood supply, such as recent sexual activity

The Blood Service will collect and hold the personal information supplied by donors when they register, or attend the Blood Service as a donor including in the donor interview, test results for each donation, details of any adverse events and any communication or correspondence with individual donors.

From time to time the Blood Service may also collect personal information from donors or prospective donors through customer surveys.

Recipients of blood products

From time to time, Australian health service providers provide the Blood Service with details of recipients (including potential recipients) of blood products.  

This information may include the recipient’s name, blood type, test results and other health information.

Medical Pathology Services – Transplantations and Immunogenetics and Red Cell Reference

Personal information relevant to these services is not collected directly from an individual but is passed to the Blood Service Tissue Typing Service via referral from the individuals treating health service provider.

This information could include:

  • Name 
  • Date of birth 
  • Address, postal and email, and telephone numbers 
  • Medical history, current medication and other clinical information  
  • Emergency contact details 
  • Health fund and health insurance details 
  • Medicare number

The personal information provided to the Blood Service meets the requirements for Medical Pathology Services (NPAAC guidelines). 

More information about medical pathologies services is available online.

Research participants 

The Blood Service conducts research regarding blood donation and transfusion. Sometimes de-identified donation information, such as age and gender, may be used for that research.  Research on donor behaviour using both donor and non-donor participants is conducted where consent is obtained from the individual.

Before research is undertaken in relation to any part of a blood donation, approval from an appropriate Human Research Ethics Committee is required and obtained by the Blood Service. 

Website visitors 

The Blood Service may collect the following information about visitors to Blood Service websites or users of Blood Service mobile applications:

  • Additional personal information provided directly or indirectly through the use of the website, associated applications, associated social media platforms and or accounts from which users (including donors, recipients, health professionals and members of the public) permit us to collect information.
  • Browser session and geo-location data, device and network information, statistics on page views and sessions, acquisition sources, search queries and browsing behaviour.
  • Information about access and use of our website, including through the use of internet cookies, communications with our website, type of browser used, type of operating system used and domain name of internet service provider.

Why we collect personal information and what we use it for

The Blood Service will use your personal information for:

  • the primary purposes for which it was collected (as set out below); or
  • for secondary purposes directly related to the primary purposes for which it was collected which you would reasonably expect; or
  • for other purposes that the Blood Service has told the relevant individual’s about; or 
  • as permitted or required by law.

Blood Donors

Personal information is collected from and used by the Blood Service for the following purposes:

  • to assess the eligibility of individuals to donate blood and to protect both donor health and safety and the safety and sufficiency of blood and blood products;
  • to maintain contact with donors regarding past donations and for the purposes of future donations;
  • for research, including research regarding and research for the purposes of therapeutic benefit  blood transfusion and blood safety; and
  • to maintain contact with donors for the purposes of research, including market research, regarding blood donation and collection and participation in Blood Service activities.

The Blood Service also uses information collected from blood donors:

  • for internal record keeping and administrative purposes such as risk management, education and training of staff, quality assurance activities and to monitor donor satisfaction; and
  • to comply with its legal obligations including under the Therapeutic Goods Act and health record laws

Recipients of blood products

In order to provide the most appropriate blood product, Australian health service providers from time to time provide the Blood Service with details of recipients of blood products.  This information is held for future use in the event of further transfusion needs to assist in timely supply of appropriate blood products.

Medical Pathology Services – Transplantations and Immunogenetics and Red Cell Reference

The personal information collected by the Blood Service meets the requirements for Medical Pathology Services (NPAAC guidelines). The information is used to generate clinical reports which are provided to the appropriate health service providers directly involved in the individual’s clinical care for organ and stem cell transplant or immunogenetics testing. 

Research participants 

The Blood Service conducts world-class research to inform core activities and contribute to improved operational procedures and changes in clinical practice. Information from blood donors and other research participants is used to conduct this research.

Website visitors 

Information from visitors to Blood Service websites may be used:

  • for data analytics, market research and business development, including to operate and improve our website, associated applications and associated social media platforms;
  • for online transfusion education programs run for health professionals;
  • to send individuals tailored information about blood donation and the Blood Service.

Disclosure of your personal information

The Blood Service may disclose your personal information to:

  • Blood Service employees whose job responsibilities require such access;
  • third party service providers for the purpose of enabling them to provide their services, including Australian health service providers where information is relevant for recipient care/clinical safety, IT service provides, data storage, webhosting and server providers, marketing or advertising provider;
  • our insurers, but only to the extent necessary and permitted by law;
  • courts, tribunals, regulatory authorities and law enforcement officers as required by law, in connection with any actual or prospective legal proceedings, or in order to establish, exercise or defend our legal rights;
  • third parties, including professional colleges and societies, agents or sub-contractors, who assist us in providing information, products, services or communications to you.  This may include parties located, or that store data, outside of Australia;
  • third parties to collect and process data on behalf of the Blood Service, such as Google Analytics. This may include parties located, or that store data, outside of Australia.

If the Blood Service provides your details to a third party acting on behalf of the Blood Service, the third party will be subject to a confidentiality agreement and must only use your personal information for the purposes for which it was provided.  They will be subject to privacy standards equivalent to those that the Blood Service is required to comply with.

The Blood Service will not use sensitive information, including health information, for any direct marketing.

The Blood Service will not sell your personal information.

Your rights and controlling your personal information

Consent

Please read this Privacy Policy carefully.  By providing personal information to us, you consent to us collecting, holding, using and disclosing your personal information in accordance with this Privacy Policy.

Access and correction

You have a right to request access to your own personal information.  You also have a right to request its correction if you consider it is incorrect. 

In order to protect your personal information from being disclosed to the wrong person, the Blood Service has processes in place to ensure that your identity is confirm as well as the information that you are requesting.

The process for requesting your personal information that the Blood Service holds is as follows:

Once the Blood Service receives the form and confirms your identity the proof of identity will be deleted or destroyed.

The Blood Service seeks to deal with requests promptly but the time to respond can vary depending upon the information requested and the number of requests received. If you can be as specific as possible about the information requested this assists in collating and providing the information.

If you believe any personal information we are holding is incorrect or incomplete please contact the Chief Privacy Officer at either:

Anonymity

You can contact the Blood Service anonymously online or by calling 1300 606 833.  In some cases, the Blood Service may not be able to provide further information without verifying your identity.

Information from Third parties

If the Blood Service receives information about you from a third party, the Blood Service  will protect that information as set out in this Privacy Policy. The Blood Service only seeks to collect information from someone else if you have consented, it is authorised or required by law, or if it is unreasonable or impracticable to collect that information from you. 

Unsubscribe

To unsubscribe from the Blood Service’s email database or opt out of communications please contact the Blood Service using the details below or opt-out using the opt-out facilities provided in the communication.

Complaints

If you believe that the Blood Service has breached the Australian Privacy Principles and wish to make a complaint, please contact the Blood Service setting out the details of the alleged breach, at either:

Your complaint will be promptly investigated and the Blood Service will respond to you, in writing, setting out the outcome of the investigation and the steps the Blood Service has taken or will take to deal with your complaint. 

If you are not satisfied with the Blood Service’s response you can refer your complaint to the Office of Australian Information Commissioner.

Storage and retention

The Blood Service is committed to ensuring that the personal information it collects is secure.  In order to prevent unauthorised access or disclosure the Blood Service has put in place suitable physical, electronic and managerial procedures to safeguard and secure the personal information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.

In order to administer, secure and back-up your personal information, your personal information may be transferred, stored, disclosed, or processed in data centres located outside Australia, including the United States of America, Singapore and  other jurisdictions from time to time.

Where information is stored by a third party, the Blood Service requires them to comply with the Privacy Act and our Privacy Policy. This compliance will be monitored by the Blood Service.

Under Therapeutic Goods Legislation the Blood Service maintains blood donor records for as long as reasonably required for the purposes of the safety of donors and recipients. 

Collection, use and disclosure of personal information through the Blood Services's website

When you email the Blood Service with a query, the Blood Service will collect the personal information you provide. Subject to any exceptions within the privacy legislation, the Blood Service will not use or disclose this information for any purpose other than to progress and respond to your query. 

The Blood Service may use cookies on our websites from time to time. Cookies are text files placed in your computers browser to store your preferences.  Cookies, by themselves, do not tell the Blood Service your email address or other personally identifiable information.  However, they do allow third parties, such as Google and Facebook, to cause Blood Service advertisements to appear on your social media and online media feeds as part of the Blood Service targeting campaigns.  If and when you choose to provide Blood Service websites with personal information, this information may be linked to data stored in the cookie.

The Blood Service may use web beacons on our websites from time to time. Web beacons (also knowns as Clear GIFs) are small pieces of code placed on a web page to monitor the visitor’s behaviour and collect data about the visitor’s viewing of a web page.  For example, web beacons can be used to count the users who visit a web page or to deliver a cookie to the browser of a visitor viewing the page.

Overseas disclosure

The Blood Service will not disclose personal information to an overseas entity except in circumstances where it is permitted under the Privacy Act 1988 (Cth). However, please note information about overseas storage in the “Storage and Retention” section above.

Applications for employment

Personal information provided to the Blood Service for the purposes of seeking employment is collected and used only for the purposes of considering your application.  The ‘Australian Red Cross Blood Service Recruitment Privacy Statement’ is provided to all applicants and contains a description of how information will be collected, used and stored.

Review and amendments

The Blood Service may, at any time, vary this Privacy Policy by publishing an amended Privacy Policy on its websites.  It is recommend that you check the Blood Service website regularly to ensure you are aware of the current Privacy Policy. 

This Privacy Policy will be reviewed by the Blood Service at least every 2 years or more frequently if required by the Privacy Act or other relevant legislation.

Back to top