top of page

Privacy Policy

Last Updated: March 2026

Overview: EmpowerUnity Pty Ltd is committed to protecting your privacy. We handle your personal and sensitive information (including health and NDIS-related information) in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). We also follow the NDIS Code of Conduct requirement to respect participants’ right to privacy.
 

1. What Information We Collect
 

We collect information necessary to deliver supports. This may include:
 

  • Personal Details: Name, address, contact information, date of birth, next-of-kin or emergency contacts.

  • NDIS Plan Information: NDIS number, plan goals, support coordinator or plan manager details.

  • Health and Support Needs: Medical history, disability details, allied health reports, current medications, behaviour support plans. (Note: Health and disability information is “sensitive information” under privacy law.)

  • Service Records: Notes from support sessions, incident reports, and other records of supports provided.

  • Financial Info: Bank account or invoice details for billing purposes.
     

All information collected is limited to what is necessary (principle of data minimisation). Examples of personal information (such as name, address and health details) illustrate our scope. We may also keep copies of documentation you provide (e.g. medical reports, consent forms) for the purposes of service delivery.
 

2. How We Collect Information
 

Information is collected:
 

  • Directly from you or your representatives (e.g. intake forms, interviews, emails).

  • From NDIS or government portals (with your permission).

  • With your consent, from third parties involved in your care (doctors, support coordinators, allied health professionals).

  • Through observations and notes made by our staff during service delivery (e.g. progress notes, incident logs).
     

We do not collect personal information on the website unless you submit a form or contact us. Any contact or enquiry forms you use on the site require minimal data (name, email, message).
 

3. Use of Information
 

Your personal information is used to:
 

  • Provide and coordinate your NDIS supports and services.

  • Communicate appointment details, invoices and feedback with you or your NDIS representatives.

  • Arrange billing and receive funding payments (e.g. invoicing NDIA/Plan Manager).

  • Meet legal and reporting obligations (NDIS Commission, insurance, audits).

  • Improve our services (quality assurance, training and service planning).

  • Occasionally, for marketing our services or informing you of our programs, but only with your consent.
     

We will not use your information for any purpose other than these without your consent, unless the law permits or requires it.
 

4. Disclosure of Information
 

We only disclose your personal information:

  • To NDIS and Government Agencies: as required for funding claims, regulatory compliance or investigations.

  • To Other Service Providers: (doctors, allied health, case managers) involved in your care, but only with your consent.

  • To Family or Guardians: when they are legally authorized to manage your care or finances.

  • To Legal Authorities: if required by law (e.g. court order, subpoena).

  • To Emergency Services: if needed to protect your health or safety.
     

We do not sell your personal information or share it for unrelated marketing. Any disclosure will comply with the APPs – for example, only with your authorization or under lawful circumstances.
 

5. Data Security and Retention
 

We take reasonable steps to safeguard your data from misuse, loss, unauthorized access or disclosure. These include:
 

  • Secure Storage: Records are kept in locked filing systems (paper) or password-protected digital systems. We use reputable software (ShiftCare, Careview, etc.) that comply with NDIS data security standards.

  • Limited Access: Only staff with a need to know (case managers, service coordinators) can access your file. All staff sign confidentiality agreements.

  • Retention: We retain personal records for at least 7 years after last contact, as required by professional and legal standards. After this period, records are securely destroyed or de-identified.
     

If a data breach occurs, we will take immediate action to mitigate its impact. We will notify affected individuals and regulators as required under the Privacy Act and NDIS rules.
 

6. Access and Correction
 

You have the right to access the personal information we hold about you, and to request corrections if any details are inaccurate or incomplete. To do so, please contact us in writing. We will usually respond within a reasonable time. In some cases (very old records or specific NDIS reporting) an exemption may apply, but we will explain any refusal.

We do not charge for reasonable access requests, but may charge a reasonable fee for photocopying or postage of large records (in line with legal guidelines).

If you believe information we hold is incorrect, please advise us as soon as possible. We will promptly update our records and ensure continuity of accurate support delivery.
 

7. Sensitive Information
 

Your health and disability details are considered sensitive information. We will only use sensitive information:
 

  • To provide the primary support services you have requested.

  • For closely related purposes (e.g. care planning, case reviews).

  • With your express consent, or where required by law (e.g. mandatory reporting of child protection issues or reportable incidents to the NDIS Commission).
     

Sensitive data is handled with the highest confidentiality standards. For example, behaviour support plans or medical charts are only accessed by authorized clinicians or staff under supervision.
 

8. Cookies and Website Tracking
 

Our website may use cookies, Google Analytics or Facebook Pixel to collect non-identifying data about user visits. This helps us improve site functionality and target outreach. You can disable cookies via your browser settings, but this may limit website features. We do not use cookies to collect sensitive personal information.
 

9. Complaints about Privacy
 

If you have any concerns about our privacy practices or suspect a breach of your privacy, please contact us immediately at the details above. We will investigate and try to resolve the issue promptly. If you remain dissatisfied, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) or the NDIS Commission.
 

10. Policy Updates
 

We may update this Privacy Policy to reflect changes in laws or our practices. The latest version will always be available on our website. We recommend you review it periodically. Significant changes will be communicated to you (e.g. via email).
 

By engaging EmpowerUnity’s services or using our website, you acknowledge that you have read and understood these Terms and Conditions and Privacy Policy, and agree to be bound by them. If you have any questions, please contact us for clarification.
 

Sources: Information in this document is based on the NDIS Pricing Arrangements and Price Limits, NDIS Commission guidelines (including the Code of Conduct and Practice Standards), and the Australian Privacy Principles.

 

11. Contact Information

EmpowerUnity Pty Ltd 

Email: info@empowerunity.com.au or support@empowerunity.com.au
Phone: +61 416 105 097

Address: [Insert Registered Address]
 

For complaints or urgent issues, you may also contact the NDIS Quality and Safeguards Commission:
Website: www.ndiscommission.gov.au | Phone: 1800 035 544

bottom of page