Privacy Policy

Resilient Hearts prioritises the privacy and dignity of NDIS participants, their families, carers, and representatives. This policy explains how we collect, manage, and protect your personal information in alignment with:

  • Privacy Act 1988 (including Australian Privacy Principles)

  • NDIS Act 2013 and NDIS Code of Conduct

  • NDIS Practice Standards and Quality and Safeguards Framework

Our Privacy Commitment

We uphold the rights of people with disabilities by:

  • Collecting only necessary information to deliver NDIS services.

  • Ensuring transparency about how data is used and shared.

  • Implementing strict security measures to prevent unauthorised access.

  • Empowering you to control your information through clear access and correction processes.

Information We Collect

Types of Data

  • Personal Details: Name, contact information, date of birth, NDIS participant number.

  • Support Requirements: Disability-related information, health records, NDIS plan goals.

  • Financial Data: Billing details for NDIS plan management or service agreements.

  • Representative Information: Guardian, nominee, or advocate contact details.

How We Collect It

  • Directly from you via service agreements, phone calls, or email.

  • From the National Disability Insurance Agency (NDIA) or trusted third-party providers (e.g., allied health professionals) with your consent.

How We Use Your Information

Your data enables us to:

  • Deliver personalised NDIS support services (e.g., support coordination, therapy).

  • Liaise with the NDIA and other providers to coordinate your care.

  • Process claims and comply with NDIS financial reporting requirements.

  • Improve service quality through anonymised feedback analysis.

When We Share Information

We disclose data only when essential and always with accountability:

  • NDIA Requests: To fulfil reporting obligations under the NDIS Act.

  • Care Teams: With your consent, we share details with allied health professionals or support workers involved in your plan.

  • Legal Requirements: If mandated by law (e.g., court orders, safety investigations).

We never sell, rent, or trade your information.

Security & Storage

  • Encryption: Electronic records secured with enterprise-grade encryption.

  • Access Restrictions: Staff access is limited to those directly involved in your care.

  • Physical Security: Paper records stored in locked, access-controlled facilities.

  • Retention: Data is retained only as long as required by NDIS regulations or your active engagement with us.

Digital Practices

Website Analytics
We collect non-identifiable data (e.g., browser type, visit duration) to improve site functionality.

Cookies

  • Used to personalise your browsing experience and analyse traffic trends.

  • Decline cookies via browser settings, though some features may become unavailable.

Third-Party Platforms

  • Social media interactions (e.g., comments, polls) are voluntary and governed by the platform’s policies.

  • We do not control external websites linked from our domain.

Third-Party Websites & External Links

Resilient Hearts may provide links to external websites for your convenience, such as:

  • Government portals (e.g., NDIS, MyGov)

  • Disability advocacy organisations

  • Allied health resources or NDIS-registered partner services

Key Disclosures for Compliance:

  1. No Endorsement: Links do not imply endorsement of content, services, or privacy practices.

  2. No Control: We do not govern how third parties collect, use, or disclose your data.

  3. User Responsibility: Review the privacy policy of any external site before sharing personal information.

NDIS-Specific Safeguards:

  • We prioritize linking to NDIS-approved resources (e.g., NDIA, Disability Advocacy Organisations).

  • Links to non-NDIS sites (e.g., mental health blogs) will be clearly labeled as informational only.

  • We avoid linking to platforms that conflict with NDIS values.

Your Privacy Choices:

  • Use browser tools like “Do Not Track” to limit cross-site tracking.

  • Contact us if you encounter a problematic link on our site via email [email protected] or phone 0412 44 45 46.

Social Media Engagement

Resilient Hearts uses social media platforms (e.g., Facebook, Instagram, LinkedIn) to share NDIS-related resources and connect with participants, families, and carers.

What We Collect:

  • Publicly available information from comments, messages, or interactions with our content.

  • Non-identifiable analytics (e.g., post engagement metrics) to improve our communications.

Important Notes:

  • Voluntary Participation: Any information you share on social media (e.g., comments, polls) is public and governed by the platform’s privacy policies.

  • No Sensitive Data: We will never request NDIS numbers, health details, or financial information via social media.

  • Privacy Controls: Adjust your platform-specific settings to manage what you share publicly.

Third-Party Platforms:
We do not control how social media companies collect, use, or disclose your data. Review their policies directly to understand your rights.

Contact Us

For privacy-related inquiries or to exercise your rights:
Privacy Officer
Email: [email protected]
Phone: 0412 44 45 46

Policy Updates

Changes will be published on our website. Continued engagement with our services constitutes acceptance of revised terms.

Last Updated: February 2025