2. TYPES OF PERSONAL INFORMATION WE COLLECT
The personal data we collect may include the following:
(b) mailing or street address;
(c) email address;
(d) social media information;
(e) telephone number and other contact details;
(g) date of birth;
(h) credit card or other payment information;
(i) sensitive information (such as health information) as set out below;
(j) information about your business or personal circumstances;
(k) information in connection with any client surveys, questionnaires and promotions you participate in;
(l) when we use analytical cookies, your device identity and type, I.P. address, geo-location information, page view statistics, advertising data and standard web log information;
(m) information about third parties; and
(n) any other information provided by you to us via this website, in the course of us providing services to you, or otherwise required by us or provided by you.
3. HOW WE COLLECT PERSONAL INFORMATION
We endeavour to ensure that information we collect is complete, accurate, accessible and not subject to unauthorised access. We may collect personal data either directly from you, or from third parties, including where you:
(a) contact us through on our website;
(b) communicate with us via email, telephone, SMS, social applications (such as LinkedIn, Facebook or Twitter), in-person or otherwise;
(c) engage us to perform services to you;
(d) engage a NDIS plan manager and that NDIS plan manager provides personal data to us on your behalf;
(e) when you or your organisation offer to provide, or provides, services to us;
(f) interact with our website, social applications, services, content and advertising; and
(g) invest in our business or enquire as to a potential purchase in our business.
4. USE OF YOUR PERSONAL INFORMATION
We collect and use personal data for the following purposes:
(a) to provide services or information to you;
(b) for record keeping and administrative purposes;
(c) to comply with our legal obligations, resolve disputes or enforce our agreements with third parties;
(d) where we have your consent, including to send you marketing and promotional messages and other information that may be of interest to you. In this regard, we may use email, SMS, social media or mail to send you direct marketing communications. You can opt-out of receiving marketing materials from us by using the opt-out facility provided (e.g. an unsubscribe link);
(e) for our legitimate interests including:
(i) to develop and carry out marketing activities and to conduct market research and analysis and develop statistics;
(ii) to improve and optimise our service offering and customer experience;
(iii) to send you administrative messages, reminders, notices, updates and other information requested by you;
(iv) to consider an application of employment from you; and
(v) the delivery of our services.
5. SENSITIVE INFORMATION
Collection of sensitive information
We may collect sensitive information about you during the course of providing you our goods and services. We will only collect this sensitive information where you consent to such collection and either directly provide us with this information or it is provided by a referring health care provider (for example, an NDIS plan manager).
Types of sensitive information we collect
The sensitive information we collect may include the following:
(a) health information, history and reports;
(b) referring health care provider and associated referral letters;
(c) your NDIS plan and budget;
(d) any other sensitive information provided by you or a third party to us via our website or platforms, or otherwise provided by you or a third party to us.
How we use your sensitive information
Your sensitive information will only be used for the purpose of:
(a) providing you with our goods and services;
(b) complying with our legal obligations, resolving disputes or enforcing our agreements with you;
(c) sending you messages, reminders, notices, updates, security alerts, and other information requested by you; or
(d) any other purpose which is permitted or required under applicable privacy laws.
How we disclose your sensitive information
Your sensitive information will only be disclosed to third parties for the purpose of:
(e) providing a referral to another health care provider; or
(f) any other purpose which is permitted or required under applicable privacy laws.
How you can withdraw consent
If you wish to withdraw your consent to our collection, use or disclosure of your sensitive information, please contact us using the email address on our website. We will deal with all such requests within a reasonable timeframe.
6. SHARING YOUR DATA
We may share your personal data in certain circumstances, as follows:
(a) where there is a change of control in our business or a sale or transfer of business assets, we reserve the right to transfer to the extent permissible at law our user databases, together with any personal data and non-personal data contained in those databases. This information may be disclosed to a potential purchaser under an agreement to maintain confidentiality. We would seek to only disclose information in good faith and where required by any of the above circumstances;
(b) credit-checking agencies for credit control reasons;
(c) disclosures required by law or regulation; and
(d) service providers and other affiliated third parties to enable us to provide our services to you including other professional advisers such as contractors, accountants, disaster recovery service providers or auditors and/or overseas counsel.
We take reasonable steps to ensure your personal data is secure and protected from misuse or unauthorised access. Our information technology systems are password protected, and we use a range of administrative and technical measures to protect these systems. However, we cannot guarantee the security of your personal data.
Our website may contain links to other websites. Those links are provided for convenience and may not remain current or be maintained. We are not responsible for the privacy practices of those linked websites and we suggest you review the privacy policies of those websites before using them.
9. YOUR RIGHTS
You have various rights with respect to our use of your personal data:
(a) Access: You have the right to obtain access to your information (if we’re processing it) and certain other information (similar to that provided in this privacy notice). This is so that you’re aware and can check that we’re using your information in accordance with data protection law.
(c) Rectification: We aim to keep your personal data accurate, current, and complete. We encourage you to contact us using our email address provided below to let us know if any of your personal data is not accurate or changes, so that we can keep your personal data up-to-date.
(d) Objecting: You also have the right to object to processing of your personal data in certain circumstances, including processing for direct marketing.
(e) Restricting: You have the right to ‘block’ or suppress further use of your information. When processing is restricted, we can still store your information, but may not use it further.
(f) Erasure: You have the right to ask us to erase your personal data when the personal data is no longer necessary for the purposes for which it was collected, or when, among other things, your personal data have been unlawfully processed.
(g) Portability: You have the right to request that some of your personal data is provided to you, or to another data controller, in a commonly used, machine-readable format.
(h) Complaints: If you believe that your data protection rights may have been breached, you have the right to lodge a complaint with the applicable supervisory authority. In the UK, the supervisory authority is the Information Commissioner’s Office.
(i) Withdraw consent: If you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time. This includes your right to withdraw consent to us using your personal data for marketing purposes. You may, at any time, exercise any of the above rights, by contacting our email address provided below.
10. HOW LONG WE KEEP DATA
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. We will securely destroy your personal data in accordance with applicable laws and regulations. If you would like further information about our specific retention periods for your personal data, please contact us using our email address provided below.
11. TRANSFERS OUTSIDE THE EUROPEAN ECONOMIC AREA (‘EEA’)
To provide our services, we may transfer the personal data we collect to countries outside of the UK or EEA which do not provide the same level of data protection as the country in which you reside and are not recognised by the European Commission as providing an adequate level of data protection. When we do this, we will make sure that it is protected to the same extent as in the EEA and UK as we will put in place appropriate safeguards to protect your personal data, which may include standard contractual clauses. For more information, please contact us at our email address provided below.
12. CONTACT US
Living and working on the sovereign lands of the Wurundjeri people of the Kulin Nation. I pay my respects to Elders past and present. A percentage of my monthly income goes to Pay the Rent.