Privacy Policy
Privacy Policy
Infinity Ledger is committed to protecting the privacy and the rights of individuals. In line with our values, Infinity Ledger respects and upholds an individual’s rights of personal and sensitive information it collects, holds and administers in the process of providing its services.
This policy sets out how we collect, use, disclose and manage your personal and sensitive information. These commitments are undertaken to comply with Australia Privacy Principles (APPS) prescribed in the Privacy Act 1998 (Cth).
1.Types of personal information we collect
According to the Privacy Act 1988 (Cth) personal information, generally is information or an opinion from which your identify is apparent or can be reasonable ascertained. The types of information we may collect include:
-
information about your identity (e.g. date of birth, country of birth, passport details, visa details and drivers’ licence);
-
name, address (e.g. residential and mailing address) and contact details (e.g. phone, email and fax);
-
information about your personal circumstances (e.g. age, gender, marital status and occupation);
-
information about your financial affairs (e.g. payment details, bank account details, and information about business and financial interests);
-
information about your employment (e.g. employment, work history and remuneration);
-
government identifies;
-
employment details and financial information (your salary and the name and address of your employer); and
-
other information as required by the Anti-Money Laundering Counter-Terrorism Financing Act 2006 (Cth).
2.Types of sensitive information we collect
We may also collect or hold a range of sensitive information about you. The types of sensitive information we may collect include; information about your health, racial or ethnic origin, health information or biometric information.
Generally, we do not collect sensitive information about you that will not aid in service delivery including:
-
religious beliefs or affiliations;
-
philosophical beliefs;
-
sexual preferences or practices; and
-
membership of political and professional or trade associations or trade.
We may have to collect such sensitive information with your prior consent if the information is required to provide you with a specific product or service or where required by law. If we collect sensitive information from a third party, we will also obtain your prior consent.
When you visit our websites, we may collect statistics on the number, date and time of your visit, the number of pages viewed and the way you navigate through our sites.
When you call us, we may collect statistics on the number, date and time of your call and the way you navigated through our telephony system. We may also monitor and/or record in-coming and out-going telephone calls for taxation, verification, substantiation and quality assurance purposes.
3.Why we collect your personal and sensitive information
We will only collect personal or sensitive information if you consent and it is reasonably necessary for, or directly related to, one or more of our functions or activities. Sometimes we may collect sensitive personal information without your consent, such as when it is required or authorised by a law, or court or tribunal order.
We may collect, hold, use and disclose your information for the purposes of the administration of your NDIS funds, co-ordination of your disability supports and liaising with your support providers and with the NDIA.
We may collect personal or sensitive information to assess, investigate and respond to any abuse, assault or neglect of customers and to provide the required reports to the relevant regulatory authorities, including mandatory reporting to the NDIS Quality & Safeguards Commission.
4.How we collect your personal and sensitive information
Infinity Ledger must only collect personal and sensitive information where it is reasonable and practical to do so, we will always collect personal and sensitive information directly from you. How we collect your personal information will depend on how you interact with us. For example, we may collect it through your access and use of our websites, during your conversations with our representatives or from application forms you complete.
There are occasions when we may need to collect your personal information from third parties, with or without your direct involvement but we will obtain your prior consent if we may need to obtain your sensitive information from third parties. Depending on the products or services you request or receive, the third parties from whom we may collect personal information include your employer, market research organisations, third party brokers and agents, government agencies, your representatives and your advisers and other organisations who, jointly with us, provide products or services to you. Those that we may collect sensitive information from include medical practitioners, health and disability support providers.
5.Disclosing your personal and sensitive information
We will not give your personal information to government agencies, private sector organisations, or anyone else unless you consent or one of the following exceptions applies:
-
you would reasonably expect us to use the information for that other purpose;
-
it is legally required or authorised, such as by an Australian law, or court or tribunal order;
-
formally requested by regulatory bodies, government agencies and law enforcement bodies, including the Department of Human Services, the NDIA or the NDIS Quality and Safeguards Commission;
-
we reasonably believe that it is necessary to lessen or prevent a serious threat to the life, health or safety of any individual, or to public health or safety; and
-
we have reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to our functions or activities has been, is being or may be engaged in and we reasonably believe that it is necessary for us to take appropriate action in relation to the matter.
In the unlikely event that the assets and operations of our business are sold to another party, our records of personal and sensitive information will be transferred to that party.
6. What if we can’t collect your information?
If you do not provide us with the personal or sensitive information described above, some or all the following may happen:
-
we may be unable to provide the requested products or services to you, either to the same standard or at all;
-
we may be unable to provide you with information about products and services you may want; or
-
we may be unable to tailor the content of our websites to your preferences and your experience of our websites may not be as enjoyable or useful.
7.Marketing our products and services to you
We may use your information to offer you products or services we believe may be of interest to you. You can notify us at any time if you no longer wish to receive marketing communications from us. Our contact details are set out in section 13 of this policy.
We do not sell personal or sensitive information to other organisations to allow them to do this.
8.Protection of your personal and sensitive information
We take reasonable steps to ensure your personal and sensitive information is protected from misuse and loss and from unauthorised access, modification or disclosure. We may hold your information in either electronic or hard copy form. Personal and sensitive information is destroyed or de-identified when no longer needed.
We safeguard our IT systems against unauthorised access and ensure that paper-based files are secured. We also ensure that access to your personal information within our systems is only available to our staff who need to have access to do their work, and to people that you have authorised access to the information available on your Dashboard.
If a data breach occurs, such as if personal information that we hold is subject to unauthorised loss, use or disclosure, we will respond in line with the Office of the Australian Information Commissioner’s Data breach notification process. We will aim to provide timely advice to you to ensure you are able to manage any potential harm or loss, financial or otherwise, that could result from the breach.To protect your information online, we ask that you observe the security requirements relating to the protection of your user identification number and/or password used to access your online account. We recommend that you:
-
change your password on initial access to our website;
-
ensure the user identification number given to you is kept securely;
-
destroy any documentation (including any email) we issue containing your password;
-
memorise your user identification number and password;
-
do not tell anyone of your user identification number and password; and
-
immediately telephone us if you suspect your online account or related email account has been breached.
9.Links to other websites
Our websites may contain hyperlinks to other sites maintained by different organisations. We do not claim any association with websites which are not clearly identified as our own and do not take any responsibility for their content. We encourage you to read each website’s privacy policies before providing any personal information.
10.Accessing or correcting your information
You have a right to access personal information we hold about you. You also have a right under the Privacy Act to request corrections to any personal information that we hold about you if you think the information is inaccurate, out-of-date, incomplete, irrelevant or misleading.
It is also possible to access, and correct documents held by us under the Freedom of Information Act 1982 (the FOI Act). In some circumstances we will suggest that you make your request for personal information under the FOI Act.
This is because:
-
an FOI access request can relate to any document in our possession and is not limited to personal information;
-
the FOI Act contains a consultation process for dealing with requests for documents that contain personal or business information about another person; and
-
you can complain to the Australian Information Commissioner about what we do under the FOI Act
-
if you are refused access under the FOI Act you have a right to apply for internal review or Information Commissioner review of the access refusal decision.
Find out more information about how to make a request under the FOI Act on the Australian Freedom of Information webpage: www.oaic.gov.au/freedom-of-information. You can also make a request by emailing foi@ag.gov.au. We will not charge you to access your personal information. However, there may be a charge involved for us to process a request under the FOI Act that goes beyond a request for personal information.
To make an enquiry about our compliance with the privacy laws, our privacy policy, or to access or correct the personal information we hold about you, please contact us.
We are entitled to refuse you access to your information in certain circumstances. For example, you may not be able to access information that would reveal information about another person, is commercially sensitive material or we are prevented by law from disclosing. If this happens, we will provide you with a reason for the refusal. If you have any questions regarding this policy or any concerns regarding our treatment of your personal information, we invite you to contact us.
11.Cookies
We may collect personal information about you using cookies. When you access our website, we may send a “cookie” (which is a small summary file containing a unique ID number) to your computer. This enables us to recognise your computer and greet you each time you visit our website without bothering you with a request to register. It also enables us to keep track of products or services you view so that we can send you news about those products or services.
We also use cookies to measure traffic patterns, to determine which areas of our website have been visited and to measure transaction patterns in the aggregate. We use this to research our users’ habits so that we can improve our online products and services. Our cookies do not collect personal information. If you do not wish to receive cookies, you can set your browser so that your computer does not accept them. We may log IP addresses (that is, the electronic addresses of computers connected to the internet) to analyse trends, administer the website, track users’ movements, and gather broad demographic information.
12.Do we disclose your personal information to anyone outside of Australia?
We may need to provide your personal information to an overseas recipient as part of our work. Wherever appropriate, we will ensure that we either have your consent or that your personal information is not identifiable.
In some cases, this will not be possible or appropriate, such as when our administrative functions require that we become involved in a law enforcement matter such as a criminal investigation. We may also disclose your personal information to recipients overseas under international agreements that relate to information between Australia and other countries.
If we are unable to seek your consent to provide your personal information to an overseas recipient, or it is impractical to do so, we will only provide your personal information to an overseas recipient if we can do so under the Privacy Act.
To provide our services to our customers we may engage other Service Providers to perform certain functions. These functions may involve the hosting or accessing of personal information by the Service Provider outside Australia.
13.Complaints
If you have any questions, concerns or have a complaint about how we have handled your privacy or a possible breach, please contact us using the details below.
We will respond to your complaint in accordance with our Feedback and Complaints Policy and Procedure, available on our website: www.planpartners.com.au/resources, or by contacting us. If you are still not satisfied with our response, you may also make a complaint to the Office of the Australian Information Commissioner on 1300 363 992 or visit www.oaic.gov.au or, you can contact the NDIS Quality and Safeguards
Commission on 1800 035 544 or visit www.ndiscommission.gov.au. Our contact details are;
Email: info@infinityledger.com.au
Phone: 0439 786 550
14.Changes to this policy
We reserve the right to change, modify or update this Privacy Policy from time to time, by posting an updated version on our website. The updated version will take effect immediately upon posting.
15.Relevant Legislation, Standards and Agreements Plan Partners commit to adhering to various Legislation, Standards and Agreements. These include, but not limited to the following;
Australian Privacy Principles in Privacy Act 1988 (Cth) Freedom of Information Act 1982 Privacy and Data Protection Act 2014 Health Records Act 2012 National Disability Insurance Scheme Act 2013 (Cth) National Disability Practice Standards National Disability Insurance Scheme Quality & Safeguarding Framework NDIS Code of Conduct