Privacy Statement as at 9 November 2020
Plan Hero Pty Ltd trading as ‘Plan Hero’ is one of Australia’s independent provider of Plan Management services to the disability sector including, but not limited to, plan management services, NDIS self-management assistance, provider services and assistance, social networking, news/blogs, webinars, and promotional marketing, information on disability issues and management of NDIS plan funding.
Plan Hero is committed to assisting people with disabilities and those that care for them. Plan Hero is routinely required to collect and use individuals’ personal and sensitive information to ensure delivery of appropriate, timely and quality services.
In line with our values, Plan Hero respects and upholds individuals’ rights to privacy and rights in respect of their personal information. The Privacy Act 1988 (Cth)(Privacy Act), and the Australian Privacy Principles (APPs) govern the way in which we manage your personal information and this policy sets out how we collect, use, disclose and otherwise manage personal information about you.
Primary purpose for collection of information
The personal information that we collect and hold about you depends on your interaction with us. Generally, we will collect, use and hold your personal information if it is reasonably necessary for or directly related to the performance of our functions and activities and for the purposes of:
- Providing Plan management services for your NDIS funding
- Providing Self management assistance for your NDIS funding
- Supplying you with a referral for plan management request.
- Providing assistance to providers of NDIS participants
- providing you with promotional material and information about other goods and services that we or other organisations that we have affiliations with, offer that may be of interest to you (unless you have asked us to stop sending you these materials as set out in ‘Electronic Mailing Lists’ below;
- facilitating our internal business operations, including the fulfilment of any legal requirements; and
- analysing our services and customer needs with a view to developing new or improved services.
Information we collect, use and store
Types of information collected
We may collect and hold personal information about you, that is, information that can identify you, and is relevant to providing you with the services you are seeking. In particular, we may collect:
- Your name and contact details (including your postal address, telephone number, email address and organisation name where relevant);
- Relevant demographic, location (IP address) and social information
- Financial institution and relevant payment information.
We may also collect and hold sensitive information about you, including information about your health information such as your accessibility requirements (for example auslan and visual aid requirements) and whether you have an NDIS plan.
Except as otherwise permitted by law, we only collect sensitive information about you if you consent to the collection of the information and if the information is reasonably necessary for the performance of our functions, as set out above.
Method of collection
Personal information will generally be collected directly from you through the use of any of our standard forms, over the internet (for example via web forms, event registration webpages, and social media websites) via email, through a telephone conversation with you, or in person at expos, forums and support groups. There may, however, be some instances where personal information about you will be collected indirectly because it is unreasonable or impractical to collect personal information directly from you. We will usually notify you about these instances in advance, or where that is not possible, as soon as reasonably practicable after the information has been collected.
In some instance, where it is reasonable to do so, we may rely on the third party from whom we collect your personal information to inform you that your information has been shared with us.
Consequences if personal information is not collected
Plan Hero is committed to providing its clients with the very best services to improve their quality of life and to provide information to you and your support network.
Plan Hero uses your personal information to improve our services to some of the most vulnerable groups in the community.
If the personal information you provide to us is incomplete or inaccurate, we may be unable to provide you, or someone else you know, with the services you, or they, are seeking.
Disclosure of personal information to others
Disclosure of your personal information to Plan Hero places Plan Hero in a position of trust and as such we seek to protect and uphold the privacy of individuals in accordance with the APPs. Generally, we only use or disclose personal information about you for the purposes for which it was collected (as set out above). We may disclose personal information about you to:
- our related entities and other organisations with whom we have affiliations so that those organisations may provide you with information about services and various promotions;
- other Plan Hero users where you both expressly consent to this disclosure and to connect with one another; and
- to third parties as otherwise permitted or required by law.
- Software used to assist with Plan management and Self-management services, including, but not limited to, Lumary PM, Salesforce and LanternPay.
In all other situations, we will only disclose your personal information with your consent or where relevant, the consent of a person that can provide consent on your behalf under the Privacy Act.
Notwithstanding the above, as a Plan Hero client you have the right to withdraw consent to disclose your personal information at any time by contacting us at the details below.
Keeping information up to date and accurate
We recognise that at times your personal information may change and we rely on you to update your personal information so as to ensure the accuracy of the information held. You may access the personal information we hold about you, upon making a written request. We will respond to your request within a reasonable period. We may charge you a reasonable fee for processing your request (but not for making the request for access).
We may decline a request for access to personal information in circumstances prescribed by the Privacy Act, and if we do, we will give you a written notice that sets out the reasons for the refusal (unless it would be unreasonable to provide those reasons).
If, upon receiving access to your personal information or at any other time, you believe the personal information we hold about you is inaccurate, incomplete or out of date, please notify us immediately. We will take reasonable steps to correct the information so that it is accurate, complete and up to date.
If we refuse to correct your personal information, we will give you a written notice that sets out our reasons for our refusal (unless it would be unreasonable to provide those reasons), including details of the mechanisms available to you to make a complaint.
Plan Hero strives to ensure the security, integrity, and privacy of your personal information. Periodically we review and update our security measures in relation to current and future technologies. Systems and procedures are already in place to protect your personal information from interference, misuse and loss and from unauthorised access, modification or disclosure, including electronic and physical security measures. Plan Hero will retain information in line with relevant laws. When information is no longer required or relevant it will be de-identified or destroyed in accordance with relevant laws.
If you access our website, we may collect personal information about you in the form of your IP address and domain name.
Our website may contain links to other websites. We are not responsible for the privacy practices of linked websites and linked websites are not subject to our privacy policies and procedures.
Electronic Mailing Lists
To be kept informed of informational, marketing or promotional content (e.g. Plan Hero latest news or marketing materials), individuals and businesses may subscribe to our electronic mailing lists on our website. We do not under any circumstances, sell these lists, or share these lists with any other party, unless required by law. Only authorised employees or contractors engaged by Plan Hero have access to view this information.
Should individuals or businesses not wish to continue receiving such communication from Plan Hero (i.e. they wish to unsubscribe from the electronic mailing list) or update their subscription preferences, our emails will contain instructions on how to do this (e.g. by clicking the unsubscribe link provided at the bottom of our emails, or simply reply to one of our emails with the word unsubscribe in the subject line). Alternatively you can unsubscribe at any time by sending an email stating your request to: email@example.com. We will try to comply with your request as soon as reasonably practical.
Privacy concerns, complaints and suggestions
Plan Hero is keen to adhere to the APPs and protect the individual’s right to privacy. If you have any concerns, questions or suggestions as to how we might improve in this area please contact us at the address below.
If you wish to make a complaint about a breach of the Privacy Act, the APPs or a privacy code that applies to us, please contact us using the details below and we will take reasonable steps to investigate the complaint and respond to you.
We aim to respond to your concerns or suggestions within five working days.
For more information about privacy in general, you can visit the Office of the Information Commissioner’s website at www.oaic.gov.au.
If you wish to make a complaint about the collection, use or disclosure of your personal information, please contact our privacy officer, and we will work with you to resolve the issue.
If after this process you are not satisfied with our response, you can submit a complaint to the Office of the Information Commissioner.
If after that you are still not satisfied, you can complain about a privacy matter to the Office of the Australian Information Commissioner. To lodge a complaint, visit the ‘Complaints’ section of the Information Commissioner’s website, located at http://www.oaic.gov.au/privacy/privacy-complaints, to obtain the relevant complaint forms, or contact the Information Commissioner’s office.
Any questions about this policy can be directed to the following email: firstname.lastname@example.org