Quick Links

Privacy Policy

At Everydayhero, we are committed to protecting your privacy and do so in accordance with the Australian Privacy Principles (“APPs”). Everydayhero also complies with the Australian Notifiable Data Breaches (“NDB”) scheme under Part IIIC of the Privacy Act 1988 (“Privacy Act”). We use your data as described below to allow you to use Everydayhero and enhance your experience using our platform.

  1. Who Are We?
  2. How to Reach Our Data Protection Officer?
  3. How Do We Notify You of Changes to this Policy?
  4. What Are Your Rights?
  5. What’s Our Relationship with Charities?
  6. What Data Do We Collect?
  7. How Do We Use Your Data?
  8. With Whom Are We Sharing Your Data?
  9. How Do Charity Partners Use My Data?
  10. Where Are We Sending Your Data?
  11. How Do We Use Personal Data of Our Partner Users?
  12. Payment Card Industry Data Security Standard
  • Who Are We?

    Everydayhero in Australia is a service provided by Everyday Hero Pty Ltd, an entity established under the laws of Australia. You can contact Everydayhero via help@everydayhero.com.au. This Policy applies to our collection and use of your data in connection with our services, like the Everydayhero website (the “Services”).

  • How to Reach Our Data Protection Officer?

    To contact Everydayhero’s Data Protection Officer regarding our processing of your personal data, email privacy@everydayhero.com.

  • How Do We Notify You of Changes to this Policy?

    We keep this Policy under regular review and place updates on the Everydayhero website. If you keep using the Services after the Policy has been updated, you consent to the updated Privacy Policy. If not, you may cancel your account.

  • What Are Your Rights?

    Everydayhero recognises that your personal data belongs to you and we don’t wish to use it in ways that you don’t want us to.

    You can exercise a variety of rights regarding our use of your data :

    • You can control whether or not you receive most types of email from Everydayhero by visiting the “Manage Notifications” tab in your account, you can unsubscribe from SMS, and you can change your browser settings to block browser notifications.
    • You can ask us for a copy of the information we have about you.
    • You can ask us to correct any incorrect data we have about you and you can also update your account details yourself at any time by visiting your Everydayhero account.

    To contact us about exercising your rights, click here. Also, note that you have the right to make a complaint about our alleged breach of the APPs or other applicable laws by emailing privacy@everydayhero.com.

  • What’s Our Relationship with Charities?

    We know that it’s complicated, but when you use the Services to make a donation or fundraise, some of your data is collected by us for the charity’s use and some is for ours. This makes us a data controller for the data we need to create your Everydayhero account, give you general customer support, send you helpful updates from Everydayhero and monitor and improve our Services. Charities are data controllers for donation and fundraising data, even though those activities happen on our platform.

    For more information, here's a handy infographic.

    Privacy policy gdpr infographic 2018 05 09
  • What Data Do We Collect?

    As stated above, we collect data for our use to create your account, give you general customer support, send you helpful updates from Everydayhero and monitor and improve our products. We discuss what data we collect for those purposes below.

    Charities ultimately determine the data we collect related to your donations and fundraising and how they’ll use that data. Even so, we thought it would be helpful to describe the data we’re collecting on their behalf when you make a donation or fundraise, so that information is also below.

    We don’t receive any personal data about you other than what you provide us, either by creating an account, using the Services, from Facebook, Fitbit, Twitter, MapMyFitness and Strava (your “Connections”) when you agree to share data between the Services and your Connections, or data we can infer from your use of the Services.


    When you create an Everydayhero account: We will collect basic contact information about you to set up your account. This will include your name, address, email address and phone number. We will also ask you to select a password so you can gain secure access to your account in the future.

    Alternatively, you may authorise us to collect your basic personal details from a secure online source (e.g. Facebook, Strava or MapMyFitness) to which you have already provided this information.

    When you sign in to Everydayhero using your Connections: If you choose to log in via one of the Connections, we will receive your profile information to allow you to login and populate our records about you. In addition, we obtain access to the following data:

    • When you connect your Facebook account, and only if you give us permission (via Facebook’s preference settings), Everydayhero may obtain access to your friend list but we only receive the names of your friends who are also Everydayhero users. We will only use this to see if people on your friends list are also using our website.
    • When you connect your MapMyFitness account, Everydayhero will receive your workouts, routes, courses, friendships and data friends have shared with you. We will use this information to allow you to share your workout information on your pages.
    • When you connect your Strava account, Everydayhero will receive your activities, activity streams, activity photos and comments from your friends about your activities.
    • When you connect your Fitbit account, Everydayhero will receive your daily tracker activities and individually-tracked workouts.

    You can control whether or not your Connections share this data with us, either by changing your preferences in the “Manage Connections” tab in your account or, if available, by visiting the app setting controls on the Connections’ websites.

    When you use the Services: We also collect information about your use of our Services, including your IP address, mobile device identifier, how much time you spend on the site, and what you do or view. We do this through the use of cookies. To read more about our use of cookies, please refer to our separate cookies page.


    When you make a donation: To enable us to process donations, we will collect basic payment information as well as your name, home address and email address.

    When you create a fundraising page: We will use the details you provided when you set up your account to create your Everydayhero fundraising page. Where applicable, we will ask you to provide details of how and when you are intending to fundraise and/or the occasion you are recognising by carrying out the fundraising.

    When you give us information about others: You may decide to provide us with information about others (or authorise us to collect this information on your behalf from your social networks) for example:

    • so we can help you tell your friends and family about charity fundraising you are carrying out; or
    • if you start fundraising for, or in the memory or in celebration of, another person

    You must ensure that they have agreed to you providing us with their information. Where required by local laws, we would advise you to keep a record of their agreement and provide them with a copy of, or link to, this Policy. This is especially the case if you provide us with sensitive information about them (e.g. a reference to an illness or health condition).

    You should also only contact individuals using the Services who you know would be happy to hear from you and must not use our Services to send unsolicited 'spam' messages.

    When you register for a fundraising event via a third-party registration platform connected to Everydayhero:
    Additional pieces of information may be requested from you by the charity, e.g. t-shirt size, school or class you are enrolled to, etc. These details are usually captured through a set of questions relevant to the particular event alone — not Everydayhero — and with the objective of allowing the charity and/or event organisers to be able to provide you with the best experience as a fundraiser for their campaign. Specific Terms & Conditions may be referenced and required to be accepted by you as part of your registration as a fundraiser for the event or campaign.

  • How Do We Use Your Data?

    Everydayhero uses your personal data to allow you to create an account, to give you customer support about general site usage, to send you communications and to enhance your ability to fundraise. We also use your data to help us make Everydayhero better.

    Create Your Account: We use your information to create your Everydayhero account.

    Help You Use the Website: We use your information to provide customer support about your use of the Services generally, like if you have problems accessing your account. Note that if we provide customer support with your donation or fundraiser, we do so on the charity’s behalf.

    Communications: We use your information to send you some different types of emails (on our own behalf and on behalf of charities) and you can stop receiving them as set forth below

    Types of Emails On Whose Behalf Are They Sent? How Can You Stop Getting Them?
    Fundraising page notifications, team fundraising notifications, important updates from campaigns you're fundraising in The charity you donate to or fundraise for You can opt out by visiting the "Manage Notifications" tab in your account or click unsubscribe on any email
    Helpful updates from Everydayhero Everydayhero You can opt out by visiting the "Manage Notifications" tab in your account or click unsubscribe on any email
    Triggered by actions you take using the Services, like page creation and cancellation notification emails The charity you donate to or fundraise for You can't opt out of these, but you won't receive any unless you take an action on Everydayhero. To stop receiving these emails, just don't take any actions on the platform.
    Containing communications charities are required to provide you by law, like donation receipts The charity you donate to or fundraise for Charities have to send these emails as required by law, as long as you make a donation. To stop receiving these emails, just don't make a donation.
    Containing communications, we're required to provide you by law, like notices about data breaches Everydayhero We have to send these emails as required by law, as long as you have an Everydayhero account. To stop receiving these emails, please contact us to delete your account. We may still send them if a breach occurred when you were a user.

    In addition to communications we send via email, we may message our users via SMS. To stop receiving SMS from Everydayhero, please unsubscribe using the instructions we provide via SMS. We may also send you notifications within the platform, like browser notifications you enable (and can turn off) and messages you trigger by using the platform—like how your fundraising efforts are going.

    Making Everydayhero Better: We use aggregated and personal data about you and your use of our Services to develop and test better fundraising tools, to drive our research and development and to better understand our users and charity partners. Everydayhero does this analysis using a variety of data sources — transactional data (how you use the Services), click stream and log data (web traffic and Services usage), email data (how you respond to emails we send you), survey data, customer service data and data you agree to share with us from your Connections. We may send you surveys about the Services, but you can opt out of these by visiting the “Manage Notifications” tab in your account and participation is completely voluntary.

  • With Whom Are We Sharing Your Data?

    We may disclose your data to our affiliated organisations and subsidiaries, and to service providers who render services to us or you on our behalf. We also may disclose your information if required by law, requested by law enforcement authorities or to enforce our legal rights. We may share your information in connection with a sale or reorganisation of Everydayhero.

    We also share your personal data with fundraisers and charities as follows:

    Fundraisers: If you donate to a fundraising page, we pass on details about you that are already publicly available on the page. In other words, we let the page creator know your display name, your comment (if you’ve made one) and amount of your donation (if you’ve chosen not to make it anonymous).

    Charities: We share with charities and not-for-profits details about donations made to them and fundraising pages created for their behalf, including your personal data, and they’re actually the data controller of such information. For more information, please see the section "How Do Charity Partners Use My Data?" below.

    Event Partners and Companies: We sometimes share data about fundraising pages with third parties that host or sponsor events so they can understand who is fundraising for their events and how well fundraising efforts are progressing or performed. The data we share with these event partners and companies includes fundraiser name, the name and creation date of your page, your fundraising target, how much you have raised and the number of donors to your page. If an event benefits multiple charity and you choose to fundraise for a particular charity, event partners and companies will also receive the name of the charity for which you’re fundraising. This data is already publicly available on fundraising pages. Event partners and companies don’t receive personal data about donors.

    Note that through the use of the Everydayhero platform, some of the public information visible on your supporter page may also be displayed publicly on other parts of the Everydayhero platform or third-party sites via the Everydayhero API.

  • How Do Charity Partners Use My Data?

    As stated above, when you donate to or fundraise for a charity, that charity is the data controller for the personal data related to that transaction and Everydayhero only acts on behalf of the charity when it handles that data. This means that such charities are responsible for their own compliance with data protection laws when they use your personal data, and all such use is subject to the charity’s own privacy policy. Everydayhero is not responsible for charities’ use of your personal data or the charities’ compliance with applicable laws.

    When you create a fundraising Hero Page on behalf of a charity, Everydayhero is required to send an email to the charity advising them of your Hero Page for approval. Information contained in this email advice is as follows: Hero Page address, name, address and email details of the fundraiser. When you create a fundraising Hero Page, you consent to be contacted by the charity. Such organisations may contact you to let you know about their causes, to confirm your fundraising status, or to thank you for your fundraising efforts.

    When you donate to a fundraising page, Everydayhero will ask whether or not you consent to be contacted by the charity about their cause. We will pass your consent preference on to the charity.

    If you want to change your preferences for a charity to use your data (to contact you or otherwise), please contact the charity directly.

  • Where Are We Sending Your Data?

    Some of our service providers, affiliated organisations, and charities with which we share your data may lie outside Australia. Therefore, sometimes we may transfer your data outside Australia but in any case, we take reasonable steps to ensure such overseas recipients do not breach applicable laws (including the APPs) or the recipients are subject to a law or scheme that is substantially similar to the way the APPs protect your information.

  • How Do We Use Personal Data of Our Partner Users?

    If you work for a charity or company that has a business relationship with Everydayhero, we use your data in slightly different ways than for individual users of the Services.

    We collect a charity user’s name, position, work email address and office number. We use this data to enable you to sign into your organisation’s account. In addition, we may use your data to perform business services you request. Finally, we will send you the following email communications: operational emails, customer service emails and business marketing emails. You can opt out of receiving emails from us by clicking “unsubscribe” on the bottom of our emails, but you cannot opt out of service emails related to your requests.

  • Payment Card Industry Data Security Standard

    Everydayhero adheres to the Payment Card Industry Data Security Standard (PCI DSS). The PCI DSS is a proprietary information security standard for organisations that handle branded credit cards from the major card schemes including Visa, MasterCard, American Express, and Discover.

    Date and number of this version: September 05, 2019, version 3.0 .