Skip to content
Legal

Privacy Policy

How we collect, use, and protect your personal information.

Last updated: March 2026

Purpose

This Privacy Policy outlines how Professional Support Services & Solutions Pty Ltd ("we", "us", "our") collects, uses, stores, discloses, and protects your personal information in accordance with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and the National Disability Insurance Scheme Act 2013 (Cth).

We are committed to protecting the privacy and confidentiality of all personal information entrusted to us by NDIS participants, their families, carers, and anyone who interacts with our services.

Information We Collect

We may collect the following types of personal information:

  • Name, address, phone number, and email address
  • Date of birth and gender
  • NDIS participant number and plan details
  • Health information relevant to the provision of support services
  • Emergency contact details
  • Carer, guardian, or nominee information
  • Service preferences, goals, and support plan documentation
  • Feedback, complaint, and incident records
  • Website usage data (cookies, analytics) when you visit our website

How We Collect Information

We collect personal information:

  • Directly from you or your authorised representative during consultations and service delivery
  • Through our website contact forms and enquiry submissions
  • From the NDIA, Local Area Coordinators, or support coordinators with your consent
  • From other service providers involved in your care, with your consent
  • From referral sources such as hospitals, allied health professionals, or community organisations
  • Through cookies and analytics tools when you browse our website

How We Use Your Information

We use your personal information to:

  • Provide, coordinate, and manage NDIS support services
  • Develop, review, and update your individualised support plan
  • Communicate with you about your services, schedules, and progress
  • Process invoices and manage NDIS funding claims
  • Match you with appropriate support workers based on your needs and preferences
  • Meet our legal, regulatory, and reporting obligations
  • Improve our services, respond to feedback, and resolve complaints
  • Comply with NDIS Quality and Safeguards Commission requirements

NDIS-Specific Data Handling

As a registered NDIS provider, we handle participant information in accordance with the NDIS Act 2013, NDIS Practice Standards, and the NDIS Code of Conduct. This includes:

  • Maintaining accurate, complete, and up-to-date participant records
  • Storing NDIS-related information securely with appropriate access controls
  • Only sharing participant information with authorised parties and with your informed consent
  • Reporting incidents, complaints, and reportable events as required by the NDIS Quality and Safeguards Commission
  • Retaining records for the minimum period required by NDIS regulations (7 years after the last service, or longer for minors)

Disclosure of Information

We may disclose your personal information to:

  • The NDIA and NDIS Quality and Safeguards Commission as required
  • Other service providers involved in your care (with your consent)
  • Plan managers and support coordinators managing your NDIS funding
  • Government agencies as required by law
  • Our professional advisors (accountants, lawyers, insurers) under confidentiality obligations
  • Emergency services where there is a serious and imminent threat to life or safety

We will never sell, rent, or trade your personal information to third parties for marketing purposes.

Cookies and Website Analytics

Our website may use cookies and third-party analytics tools (such as Google Analytics) to understand how visitors use our site. This data is collected anonymously and helps us improve the website experience. You can disable cookies through your browser settings at any time.

Data Security

We take reasonable steps to protect your personal information from misuse, interference, loss, unauthorised access, modification, and disclosure. Our security measures include:

  • Secure electronic storage systems with role-based access controls
  • Encryption of sensitive data in transit and at rest
  • Mandatory staff training on privacy, confidentiality, and data handling obligations
  • Regular review and audit of our data security practices
  • Secure disposal of personal information that is no longer required
  • Physical security measures for any paper-based records

Data Retention

We retain personal information for as long as it is needed to fulfil the purposes for which it was collected, or as required by law. NDIS participant records are retained for a minimum of 7 years after the last service was provided, or until the participant turns 25 (whichever is later), in line with NDIS Practice Standards.

Your Rights

You have the right to:

  • Access your personal information held by us
  • Request correction of any inaccurate or outdated information
  • Withdraw consent for the collection or use of your information (where consent was the basis for collection)
  • Request deletion of your personal information, subject to legal retention requirements
  • Opt out of marketing communications at any time

To exercise any of these rights, please contact us using the details below. We will respond to your request within 30 days.

Complaints

If you believe we have breached the Australian Privacy Principles or mishandled your personal information, you can lodge a complaint by contacting us directly. We will investigate your complaint and respond within 30 days.

If you are not satisfied with our response, you may contact:

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Any updates will be published on this page with a revised "last updated" date. We encourage you to review this policy periodically.

Contact

For privacy-related enquiries or to exercise your rights under this policy, please contact us: