United Disability Care Pty Ltd ACN 065 087 210 and its affiliates (UDC, we or us) provides support services to people with disabilities, including housing and accommodation, health care, domestic and other care services.
UDC is committed to managing Personal Information in accordance with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth) (Privacy Act) and in accordance with other applicable privacy laws which we must comply with.
WHAT IS “PERSONAL INFORMATION”?
(a) The Privacy Act currently defines “Personal Information” as meaning information or an opinion about an identified individual or an individual who is reasonably identifiable:
(i) whether the information or opinion is true or not; and
(ii) whether the information or opinion is recorded in a material form or not.
(b) If information does not disclose your identity or enable your identity to be ascertained, it will in most cases not be classified as “Personal Information” and will not be subject to this Policy.
(c) The Privacy Act also defines certain types of Personal Information to be “Sensitive Information”, which includes but not limited to health information, religious beliefs or affiliations and racial information.
(a) We may collect and hold Personal Information about you for the purpose of providing you with the services you are seeking. In particular, we may collect:
(i) Site information: when using the Site, version of web browser, IP address, time zone, cookie information, what pages or services you view, search terms, and how you interact with the Site;
(ii) App information: when using the App, device name, IP address, time zone and location data;
(iii) Personal details: name, gender, billing address, payment information (including banking details) email address and phone number; and
(iv) Other information: information about your personal interests requirements and preferences.
(b) We may also collect and hold Sensitive Information about you, including information about your health, religious beliefs or affiliations, racial or ethnic origin and sexual preferences or practices. This may include information about your illnesses, symptoms, disabilities and information required to provide you with a health service, care, a care service, appropriate accommodation, and servicing and management to assist you and where you live.
(a) The Personal Information that we collect and hold about you, depends on your interaction with us. Generally, we will collect, use and hold your Personal Information if it is reasonably necessary for or directly related to the performance of our functions and activities and for the purposes of:
(i) providing services to you or someone else you know, including:
(A) for use by health care or services personnel or team;
(B) to liaise with or confer with your carer, family or guardian;
(C) to liaise with or confer with those who assist you with or provide you with financial assistance or management;
(D) to liaise with health professionals, Medicare or your health fund;
(E) to assist your Commonwealth, State or Territory, health services or departments, or statutory or other authority to provide you with health or care services or to address issues you may raise with them;
(F) in an emergency where your life or health is at risk and you cannot consent;
(G) to manage our activities and services, including for processes relating to risk management, safety and security activities and quality assurance and accreditation activities; and
(H) for the education of health care and other care and service workers;
(ii) providing you with promotional material and information about other goods and services that we, our related entities and other organisations that we have affiliations with, offer that may be of interest to you;
(iiI) facilitating our internal business operations, including the fulfilment of any legal requirements (including maintaining medical records and other personal records as required under our policies and by law);
(iv) analysing our service and customer needs with a view to developing new or improved services; and
(v) to load the Site accurately for you, and to perform analytics on Site usage to optimize our Site.
(b) Except as otherwise permitted by law, we only collect Sensitive Information about you if you consent to the collection of the information and if the information is reasonably necessary for the performance of our functions, as set out above.
(c) In the case of the App, we only collect personal and sensitive information (such as your location data) for the purposes of accurately recording your journey/trip in connection with the provision of our services and otherwise for software development purposes relating to the App. Such information will not be used for any other purpose, including marketing or advertising purposes. You will be asked in the App to expressly provide your consent before the App accesses and collects personal and sensitive information about you. To withdraw your consent, you can uninstall the App.
(d) By using our Site, you consent to the receipt of direct marketing material. We will only use your Personal Information for this purpose if we have collected such information directly from you, and if it is material of a type which you would reasonably expect to receive from us. We do not use Sensitive Information in direct marketing activity. Our direct marketing material will include a simple means by which you can request not to receive further communications of this nature.
(a) Personal Information will generally be collected directly from you through the use of any of our standard forms, over the internet via accessing our Site, via using our App, via email, or through a telephone or in-person conversation with you. There may, however, be some instances where personal information about you will be collected indirectly (for example, via a relative, a carer, a guardian or another health service or care provider) because it is unreasonable or impractical to collect personal information directly from you. We will usually notify you about these instances in advance, or where that is not possible, as soon as reasonably practicable after the information has been collected.
(b) If the Personal Information you provide to us is incomplete or inaccurate, we may be unable to provide you, or someone else you know, with the services you, or they, are seeking.
(c) You can always choose to deal anonymously (or by providing a pseudonym), however this may impact our ability to provide you with the services you are seeking.
(a) Our web-based services are maintained to an advanced level of security. However, there are inherent risks in transmitting information across the internet, including the risk that information sent to or from a website may be intercepted, corrupted or modified by third parties. This risk can be avoided by providing personal information by other means (e.g. by telephone or paper). Information transmitted over the internet cannot be guaranteed to be secure.
(b) Our Site may from time to time have links to other websites not owned or controlled by us. These links are meant for your convenience only. Links to third party websites do not constitute sponsorship or endorsement or approval of these websites. Please be aware that UDC is not responsible for the privacy practices of other such websites. We encourage our users to be aware, when they leave our websites, to read the privacy statements of each and every websites that collects personal identifiable information.
(c) Our Site may use web beacons from time to time. Web beacons or clear gifs are small pieces of code placed on a web page to monitor the behaviour and collect data about the visitors viewing a web page. For example, web beacons can be used to count the users who visit a web page or to deliver a cookie to the browser of a visitor viewing that page. When you visit the Site, certain information may be collected such as browser type, and operating system.
(e) A cookie is a small amount of information that is downloaded to your computer or device when you visit our Site. We use a number of different cookies, including functional, performance, advertising, and social media or content cookies. Cookies make your browsing experience better by allowing the Site to remember your actions and preferences (such as login and region selection). This means you do not have to re-enter this information each time you return to the Site or browse from one page to another. Cookies also provide information on how people use the website, for instance whether it’s their first time visiting or if they are a frequent visitor.
(f) You can control and manage cookies in various ways. Please keep in mind that removing or blocking cookies can negatively impact your user experience and parts of our website may no longer be fully accessible.
(g) Most browsers automatically accept cookies, but you can choose whether or not to accept cookies through your browser controls, often found in your browser’s “Tools” or “Preferences” menu. For more information on how to modify your browser settings or how to block, manage or filter cookies can be found in your browser’s help file or through such websites as www.allaboutcookies.org.
(h) Additionally, please note that blocking cookies may not completely prevent how we share information with third parties such as our advertising partners.
(i) We also use Google Analytics to help us understand how our customers use the Site. Google Analytics anonymously tracks how users interact with the websites, including where they came from, what they did on the websites and whether they completed any transactions on the websites. You can read more about how Google uses your Personal Information here: https://policies.google.com/privacy?hl=en. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
(j) The information generated by the cookie about your use of the Site (including your IP address) will be transmitted to and stored by Google on servers in the United States and other countries outside of Australia. Google will use this information for the purpose of compiling reports on the website activity and providing other services relating to the websites and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google.
(a) UDC has an obligation to notify individuals whose Personal Information is involved in a data breach that is likely to result in serious harm. This notification must include recommendations about the steps individuals should take in response to the breach. The Australian Information Commissioner (Commissioner) must also be notified of eligible data breaches.
(b) The UDC IT department will notify the quality team of any data breach. The quality team will lodge a statement about the data breach to the Commissioner through the Notifiable Data Breach Statement Form if, following its assessment of the data breach, believes the data breach is likely to result in serious harm and thus require notification.
(a) Generally, we only use or disclose Personal Information about you for the purposes for which it was collected (as set out above) or where we are permitted or required to do so by law. We may disclose Personal Information about you to:
(ii) our related entities and other organisations with whom we have affiliations so that those organisations may provide you with information about services and various promotions;
(iii) our service providers including insurers, professional advisers, agents, suppliers, or subcontractors insofar as reasonably necessary for the purposes set out in this Policy;
(iv) other parties to comply with a legal requirement, such as a law, regulation, court order, subpoena, warrant, in the course of a legal proceeding or in response to a law enforcement agency request;
(b) We may also use your Personal Information to protect the copyright, trademarks, legal rights, property or safety of UDC, its customers or third parties.
(c) We use Google Workplace as our email hosting service provider who maintains servers located in countries outside of Australia. To that extent, Personal Information that we collect may from time to time be stored, processed in, or transferred between parties located in countries outside of Australia. We are not otherwise likely to disclose your Personal Information overseas, except as permitted by the Privacy Act, unless we otherwise advise you in writing.
(d) We will not sell your Personal Information in the ordinary course of business. If there is a change of control in our business or a sale or transfer of business assets, we reserve the right to transfer to the extent permissible at law our user databases, together with any Personal Information and non-personal information contained in those databases. This information may be disclosed to a potential purchaser under an agreement to maintain confidentiality. We would seek to only disclose information in good faith and where required by any of the above circumstances.
(e) By providing us with Personal Information, you consent to the terms of this Policy and the types of disclosure covered by this Policy. Where we disclose your Personal Information to third parties, we will request that the third party follow this Policy regarding handling your Personal Information.
(f) Records of Personal Information are retained for such period as required by law, in the case of health records for a minimum of seven years. If the Personal Information is no longer required by UDC for any purpose for which it was collected and is no longer required by law to be retained, UDC will destroy or de-identify the information.
(a) UDC is committed to ensuring that the information you provide to us is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure. Such measures include storing all Personal Information in an encrypted manner consistent with best industry practice.
(b) The transmission and exchange of information is carried out at your own risk. We cannot guarantee the security of any information that you transmit to us or receive from us. Although we take measures to safeguard against unauthorised disclosures of information, we cannot ensure that Personal Information that we collect will not be disclosed in a manner that is inconsistent with this Policy.
(a) You may access the Personal Information we hold about you, upon making a written request. We will respond to your request within a reasonable period. We may charge you a reasonable fee for processing your request (but not for making the request for access).
(b) We may decline a request for access to personal information in circumstances prescribed by the Privacy Act, and if we do, we will give you a written notice that sets out the reasons for the refusal (unless it would be unreasonable to provide those reasons).
(c) If, upon receiving access to your personal information or at any other time, you believe the Personal Information we hold about you is inaccurate, incomplete or out of date, please notify us immediately. We will take reasonable steps to correct the information so that it is accurate, complete and up to date.
(d) If we refuse to correct your Personal Information, we will give you a written notice that sets out our reasons for our refusal (unless it would be unreasonable to provide those reasons), including details of the mechanisms available to you to make a complaint.
If you have a complaint concerning the manner in which we maintain the privacy of your Personal Information, please contact us using the details in section 13 below. All complaints will be considered by our Leadership Team, and we may seek further information from you to clarify your concerns. If we agree that your complaint is well founded, we will, in consultation with you, take appropriate steps to rectify the problem.
Our Complaints Procedure requires that we:
(a) take immediate action where there appears to be a high risk of harm, neglect or abuse;
(b) aim to acknowledge complaints within two business day from receipt;
(c) aim to resolve complaints within 14 business days of receipt; and
(d) publish information on our performance.
If we are unable to satisfactorily resolve your concerns about our handling of your Personal Information, you can contact the Office of the Australian Information Commissioner:
GPO Box 5218
Sydney NSW 2001
Tel: 1300 363 992
This Policy will be reviewed from time to time to take account of new laws and technology, changes to our operations and practices and the changing business environment. The most current version of this Policy is located at https://www.uniteddisability.com.au/privacy-policy/ and can also be obtained by contacting our Leadership Team at the details set out in section 13 below.
If you have any queries, or if you seek access to your Personal Information, or if you have a complaint about our privacy practices, you can contact our Leadership Team below:
United Disability Care Pty Ltd ACN 065 087 210
Address: Level 5, 35 Robina Town Centre Drive, Robina QLD 4226
Phone: + 61 1300 454 850