top of page

PRIVACY POLICY

Weight of War LIMITED (ACN 698 550 999)

Weight of War Ltd ("we", "us", "our", or "the Company") is committed to protecting your privacy. As a registered Australian public company and a charity bridging the military-civilian divide, we are bound by the Privacy Act 1988 (Cth) (Privacy Act), the 13 Australian Privacy Principles (APPs), and the Notifiable Data Breaches (NDB) scheme.

This Privacy Policy strictly outlines how we collect, hold, use, and disclose your personal and sensitive information to ensure we meet our rigorous legal and governance obligations to the Australian Charities and Not-for-profits Commission (ACNC) and the Australian Securities and Investments Commission (ASIC).

By providing us with your personal information, interacting with us, using our website, or participating in our events (such as the Weight of War Run), you consent to the collection, use, and disclosure of your personal information in accordance with this Privacy Policy.

1. Types of Information Collected

We may collect and hold information about you that is relevant to our functions and activities as a direct-action veteran charity.

1.1 Personal Information

For all individuals we deal with, we may collect:

  • Your name, contact details (email address, phone number, residential or postal address), and date of birth.

  • Information relevant to providing you with the services, events, or support you are seeking (including veteran, active-duty, or civilian status).

  • Payment and billing information for donations, merchandise, or event registrations (processed via secure, PCI-compliant third-party platforms such as Stripe or Chuffed).

  • Device and digital data (IP address, browser type, date and time of visit, and geographic location) when you use our website.

1.2 Sensitive (Health) Information

Because we operate intense physical endurance events and facilitate placements into mental health and rehabilitation pipelines, we are required to collect "Sensitive Information" as defined by the Privacy Act. This includes:

  • Medical history, physical fitness declarations, and emergency contact details.

  • We only collect this sensitive information via explicitly signed medical/safety waivers prior to your participation in our physical events, or during formal intake processes for our partner programs.

  • Strict Limitation: We will only use your sensitive health information for the absolute primary purpose of ensuring your safety during our events, facilitating your requested placement into a support program, or providing critical data to professional medical staff and emergency services in the event of an incident.

1.3 Government Related Identifiers

In the course of assisting veterans, we may occasionally be provided with government-related identifiers (such as Department of Veterans' Affairs (DVA) numbers, PMKeys numbers, or Medicare numbers). We will strictly comply with APP 9 and will not adopt these identifiers as our own internal tracking numbers, nor will we use or disclose them unless strictly required or authorised by Australian law.

 

2. Method of Collection

 

2.1 Solicited Information

Where practical, we collect your personal information directly from you through a variety of avenues, including:

  • Via our event registration processes and mandatory safety declarations.

  • When you make a donation or purchase merchandise online or in person.

  • Via emails, phone calls, and other digital communications.

  • In person at our events, basecamps, or community gatherings.

  • From third parties, such as where partner organisations (e.g., Survive To Thrive Nation or Zero79 Foundation) are acting on your behalf, or when an individual registers a team on your behalf.

 

2.2 Unsolicited Information

If we receive personal or sensitive information about you that we did not ask for (e.g., if you spontaneously email us unrequested medical records), we will determine whether we could have lawfully collected that information under the APPs. If we determine we could not have, and the information is not contained in a Commonwealth record, we will legally and securely destroy or de-identify the information as soon as practicable.

 

3. Purpose of Collection, Use, and Disclosure

We collect, hold, use, and disclose your information for the primary purpose of conducting our operations as a charity. These purposes include:

  • Event Execution & Safety: Registering you for the Weight of War Run, managing event-day logistics, enforcing safety protocols, and ensuring participant welfare.

  • Program Placement: Facilitating your placement into evidence-based rehabilitation and mentorship pipelines with our partner charities.

  • Fundraising & Governance Compliance: Processing donations, providing tax receipts, fulfilling our legal, accounting, and regulatory governance requirements (including ASIC, ACNC, and ATO reporting), and managing our internal financial ledgers.

  • Communication & Marketing: Providing you with information about future events, initiatives, or other services that we, or our affiliated organisations, offer.

 

4. Minors and Vulnerable Persons

The Weight of War Run is a demanding physical event. We do not knowingly collect personal or sensitive information from individuals under the age of 18 without explicit, written consent from a parent or legal guardian. If we discover that we have collected information from a minor without appropriate consent, we will take immediate steps to securely delete that data.

5. Photography, Video, and Media Consent

By registering for, attending, or participating in the Weight of War Run or our associated public events, you acknowledge and consent to the Company (and its authorised external photographers/videographers) capturing your image, voice, or likeness.

We may use these images and recordings across our digital platforms, social media, website, and promotional materials (including government grant applications and sponsorship decks) to raise community awareness and advance our charitable objects. If you do not wish to be photographed, you must notify the Basecamp Commander or an event official upon arrival.

6. Disclosure to Third Parties and Overseas Data Hosting

We will never sell, rent, or trade your personal information. We may disclose your personal information to:

  • Our directors, employees, contractors, and volunteers who require the information to assist us with the purposes for which it was collected.

  • Third-party service providers who assist us in operating our business and executing our events (e.g., professional medical contractors, traffic management personnel, and ticketing/accounting platforms).

  • Our trusted partner organisations (e.g., Survive To Thrive Nation and the Zero79 Foundation) solely for the purpose of placing veterans into agreed support programs.

  • Emergency services (Ambulance, Police, Fire) if required during a critical incident or medical emergency.

  • Any entity where disclosure is required or authorised by Australian law (e.g., a court order or regulatory audit).

 

Cross-Border Disclosure:

To operate efficiently and securely, we utilise industry-standard, cloud-based technology providers (such as Google Workspace, Wix, Stripe, and Xero). By providing us with your personal information, you consent to the transfer of your data to these servers, which may be located overseas (predominantly in the United States, United Kingdom, and the European Union). We take reasonable steps to ensure these providers adhere to globally recognised privacy, security, and encryption standards that are comparable to the APPs.

7. Anonymity and Pseudonymity

If you request to deal with us anonymously or pseudonymously, we will take reasonable steps to comply if it is possible and lawful.

Operational Security (OPSEC) Exception:

We recognise that active-duty personnel may be bound by strict OPSEC requirements. In these specific instances, individuals may register pseudonymously through our vetted partner organisations (such as the Zero79 Foundation) or under an agreed alias. To satisfy our strict medical and public liability insurance requirements, a secure, offline medical waiver process will be facilitated directly by our Event Command prior to participation.

For all other civilian participants, failing to provide required personal information (such as a real name or signed medical waiver) will legally bar you from participating in our physical endurance events due to our safety obligations.

8. Security, Retention, and Data Breaches

Security:

We store your personal information electronically via secure, encrypted cloud databases. We take all reasonable measures, including multi-factor authentication, secure password protocols, and strict access controls, to protect it from interference, misuse, loss, unauthorised access, modification, or disclosure.

Retention & Destruction: We will only retain your personal and sensitive information for as long as is necessary to fulfill our core charitable functions, or to comply with our legal, taxation, and insurance document-retention obligations. Once this statutory period expires, we will take reasonable steps to securely destroy or permanently de-identify the data.

Notifiable Data Breaches (NDB):

In the unlikely event of a data breach that is likely to result in serious harm to any individual whose personal information we hold, we will act strictly in accordance with the NDB scheme under the Privacy Act. We will promptly notify the affected individuals and the Office of the Australian Information Commissioner (OAIC).

9. Internet Users and Cookies

Our website uses cookies to identify users and prepare customised web pages for them. Cookies do not identify you personally, but they may link back to a database record. We use cookies to monitor website usage so that we may serve you more effectively. You can disable cookies in your web browser settings.

10. Access and Correction

You may access the personal information we hold about you by making a written request. We will respond within a reasonable period and will not charge a fee for making the request. For security reasons, you will be required to provide proof of your identity.

If you believe the information we hold is incorrect, incomplete, or inaccurate, you may request that we amend it. If we refuse, we will provide written reasons (unless unreasonable) and detail the mechanisms available to make a complaint.

11. Opting Out of Communications

You may unsubscribe from our mailing or marketing lists at any time by using the "unsubscribe" feature on our emails or by contacting us in writing.

12. Changes to this Policy

We may review and update this Privacy Policy from time to time to reflect changes to our governance practices, technological updates, or legal obligations. The updated Privacy Policy will be published on our website and will take effect immediately upon posting.

13. Contact Us and Complaints

If you have any questions about this Privacy Policy, wish to access or correct your personal information, or wish to make a formal complaint regarding a breach of the Australian Privacy Principles, please contact our

Public Officer at:

Weight of War Ltd

Email: info@weightofwarrun.com

Call: 0437184910

Post: 163/71 Beeston St, Teneriffe, QLD, 4005

If you make a privacy complaint, our Board of Directors will investigate the issue and respond to you in writing within 30 days. If you are not satisfied with our response, you may escalate your complaint directly to the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

bottom of page