This privacy policy applies to the handling and management of your personal information (“Your Information”) by or on behalf of Autonomy Plan Management Pty Ltd, ACN 637 870 092, ABN 33 637 870 092, trading as myAutonomy (“myAutonomy, we, us, our”).

We have created this privacy policy in order to demonstrate our commitment to the Privacy Act 1988 Cth (“Privacy Act”), the Australian Privacy Principles (“APPs”), and relevant State based health privacy legislation that applies to the handling of health information by private sector health service providers (together, the “Australian Privacy Laws”). It sets out how we may collect, hold, use or disclose Your Information in the course of running our business.

Where applicable Australian Privacy Laws provide for exceptions or exemptions, we may rely on those exceptions or exemptions in our information handling practices.

In this privacy policy, “personal information” has the meaning under Australian Privacy Laws, and (in summary) means information or an opinion about an identified individual or an individual who is reasonably identifiable, whether true or otherwise.

1. What personal information do we collect?

We collect and hold Your Information, which may include (but is not limited to) your name, phone number, email address, mailing address, date of birth, gender, next of kin, family relationships, health information, information about whether you identify as aboriginal or Torres Strait Islander, NDIS reference number, and other information relevant to the supply of our services.

If we enter into contracts with you, or you request or receive services from us or have any other commercial dealings with us, we may collect your financial details including bank or credit card details for payment, billing information and your signature.

Some of Your Information may also be considered “sensitive information” as defined under Australian Privacy Laws, such as your “health information” (which includes information about your physical health and disabilities), information about whether you identify as aboriginal or Torres Strait Islander and other personal information collected for the purpose of providing our services to you (e.g. considering whether you can attain funding in order to obtain goods and services in connection with your NDIS plan).

We only collect sensitive information about you with your consent, or otherwise in accordance with the Australian Privacy Laws. If you do provide sensitive information to us for any reason, you consent to us collecting that information and to us using and disclosing that information for the purpose for which you disclosed it to us and as otherwise permitted by Australian Privacy Laws.

We may also collect personal information automatically about your interaction and communications with our website and applications, including information we receive from devices and operating systems you use, when you access, visit or use our website and applications.

In addition to the types of personal information identified above, we may collect personal information as otherwise permitted or required by Australian Privacy Laws.

You may elect not to provide us with personal information. However. where you choose not to provide your personal information, we may not be able to provide you with the full range of services.

2. How do we collect Your Information?

We collect Your Information as part of us providing and offering our services. This includes when you provide Your Information to us in person through consultations and appointments and through some of the following means:

(a) when you contact us via a nominated representative;

(b) when you contact us via phone, teleconference, email or other means;

(c) when you register your details or make an enquiry or booking with us, including through our website (via webform or otherwise) located at;

(d) when you fill in referral, assessment, registration and other forms (including where you provide these details to a third party who intends to provide them to us on your behalf);

(e) when you upload content or interact with us on our website, mobile applications or via our social media pages;

(f) in administering and performing any contracts with our service providers; and

(g) as otherwise required to manage our business.

Generally, we collect Your Information directly from you but from time to time we may also collect Your Information from third parties such as your parent or guardian if you are under 18 years of age or suffer from a disability which requires ongoing guardianship; your nominated representatives, including NDIS support coordinators and other NDIS plan managers; organisations that maintain public records; and other third parties including referrers, suppliers, contractors and our business partners if you have given your consent for us to do so.

To the extent that any additional obligations arising under the Australian Privacy Laws apply to our collection of your sensitive information, we also comply with those obligations and will only collect sensitive information from you directly unless it is not reasonable or practical to do so.

3. How do we use Your Information?

Main purposes for using your personal information

We need your personal information to provide you with our services, including to allow access to your funds provided under your NDIS plan and the disburse funds to services providers engaged by you (Main Purposes).

Additional uses of your personal information

We also only collect, use, hold and disclose Your Information where it is reasonably necessary for our business functions, activities, or operations other than in connection with our Main Purposes. In particular, we may collect, use, hold and disclose Your Information:

(a) for internal record keeping purposes;

(b) to contact you in relation to customer surveys and feedback;

(c) to operate, develop, protect and improve our website and mobile applications;

(d) to improve our services;

(e) to administer our relationship with you by responding to your enquiries and to contact you regarding the above, including via electronic messaging such as SMS and email, by mail, by phone or in any other lawful manner;

(f) to connect and communicate with relevant persons and entities in connection your NDIS Plan; and

(g) for a purpose related to one of the Main Purposes.

We may also collect, use, hold and disclose Your Information for any purpose related to the purposes above that could be reasonably anticipated at the time Your Information was collected or for other purposes you to which you have consented (including as disclosed to you in an information collection statement at the point where we collect Your Information) and any other purpose required or authorised by law (including the Australian Privacy Laws).

To the extent that our obligations under the Australian Privacy Laws in relation to our use of your sensitive information vary from our obligations with respect to use of Your Information that is not sensitive information, we will comply with the obligations applicable to sensitive information.

4.Who do we share Your Information with?

By submitting Your Information to us, you consent to us disclosing Your Information in connection with the purposes described in section ‎3 of this privacy policy.  This may include disclosing Your Information to third parties including; our suppliers, contractors, and organisations that provide us with services; our accountants, insurers, lawyers, auditors and other professional advisers; any other third parties you have directed or permitted us to disclose Your Information to (e.g. the NDIA, your support coordinator and relevant goods or service providers); and if we or our assets are acquired or considered for acquisition by a third party, that third party and its advisors.

5. Can you remain anonymous or use a pseudonym?

You have the right to request to remain anonymous in any dealings or communications you may have with us, but we may not be able to provide you with services on that basis.

6. Do we disclose Your Information overseas?

We may disclose Your Information to third parties (including subcontractors) located outside Australia in order to assist us in providing services to you. We generally disclose Your Information to recipients located in the Philippines. We may also engage overseas service providers to provide services to us (like cloud storage services or other types of network or electronic systems) from time to time which may not necessarily always involve a disclosure of Your Information to that overseas service provider.

By providing us with Your Information, you consent to Your Information being used, stored and disclosed to overseas recipients for the purposes necessary to operate our business and acknowledge that any such overseas recipients will not be required to comply with the Australian Privacy Laws and in the event that an overseas recipient breaches the Australian Privacy Laws, that entity will not be bound by and you may not be able to seek redress under, the Australian Privacy Laws.

7. Is Your Information protected and secure?

We are committed to ensuring that Your Information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure, including by engaging reputable third-party cloud-based storage services.

If we no longer need Your Information for any valid purpose for which the information may be used or disclosed or there is no need for it to be kept by law, it will be destroyed or permanently de-identified.

8. Direct Marketing

We may use Your Information to provide you with information about topics which we consider may be of interest to you via email, phone, or SMS where you have consented to us doing so or it is otherwise permitted by law (e.g. the distribution of our monthly newsletter). You may ‘opt out’ at any time if you no longer wish to receive this information. You may make this request by contacting us, or by ‘unsubscribing’ from our marketing messages.

9. Cookies

Cookies are small data files sent by a website or application and stored on a user’s computer or device at the request of that site or app for a pre-defined period of time. We may from time to time use cookies and other similar technologies to collect information about your use of our websites and applications. Cookies assist us to store information about how you use our website and applications, your usage preferences and to provide you with a more consistent user experience across our websites and applications. We may use knowledge of your user experience collected through the cookies to collect statistical information, analyse trends, administer our services, diagnose problems and target and improve the quality of our services. We may use third-party service providers to assist us in collecting and understanding the usage information.

We do not use information from cookies to personally identify you however, if cookie information is linked with personal information (as described above), that cookie information becomes personal information and will be treated in the same manner as the personal information to which it has been linked. Most browsers can be set to detect browser cookies and to let you choose which cookies to accept or reject if you do not want information collected through the use of cookies. You can remove or reject cookies by adjusting the settings on your web browser. Please note that some parts of our website or applications may not function fully for users that disable cookies. By using our website and/or applications, you agree to the use of these tracking technologies and you consent to the processing of your usage data by us and by our service providers.

10. Links

Our website and mobile applications may contain links to other websites operated by third parties. We are not responsible for any third party websites and we make no representations or warranties in relation to the privacy practices of those third party websites. We encourage you to read the privacy policy of any third party website that we may provide a link to on our website or mobile applications.

11.Changes to our Privacy Policy

We may update our Privacy Policy from time to time and the changes will be effective immediately upon being made public on our website. An up-to-date copy of our privacy policy is available on our website.

12. How to correct, access or update Your Information?

We take reasonable steps to ensure that Your Information we collect, use and disclose is accurate, complete and up-to-date. You may request access to Your Information that we hold about you and/or to make corrections to that information at any time. To protect your privacy and security, we will take reasonable steps to verify your identity before granting access or making corrections to Your Information. We will provide access to Your Information in accordance with the Australian Privacy Laws, subject to certain exemptions which may apply. In circumstances where we refuse access, we will provide you with a written notice stating our reasons for refusing access. We may seek to recover reasonable costs we may incur for providing you with access to Your Information we hold about you.

You can make a request to access or make correction to Your Information by contacting us (see section 14 below). We will endeavour to respond to any request for access to or correction of Your Information within a reasonable time.

13. What to do if you have a privacy complaint or concern

If you have a question or want to make a complaint about our privacy policy or how we handle Your Information, complaints can be lodged utilising the process located on our website at <>.

14. Contact us

The contact details for our Privacy Officer are as follows:

Email: [email protected]

Phone 1300 60 33 89

Post: myAutonomy, Suite 6, Lvl 12 350 Collins St Melbourne Vic 3000

Last date Updated: 12 August 2022