Privacy Policy
Authentic Allies (ABN 38 798 601 978) (we, us or our), understands that protecting your personal information is important. This Privacy Policy sets out our commitment to protecting the privacy of personal information provided to us, or collected by us, when interacting with you or your Dependent. In this Privacy Policy the word Dependent means any person (child or adult) for whom you are the legal representative or guardian.
The information we collect
​
Personal information: is information or an opinion, whether true or not and whether recorded in a material form or not, about an individual who is identified or reasonably identifiable.
The types of personal information we may collect about you include:
-
identity data including your name and age;
-
contact data including your telephone number, email and address;
-
National Disability Insurance Scheme (NDIS) plan details and reference number;
-
details about payments from you to us and to you from us and other details of products and services you have purchased from us or we have purchased from you;
-
information you provide to us when you participate in any interactive features, including surveys, questionnaires, feedback forms, activities or events;
-
your preferences in receiving marketing from us and our third parties and your communication preferences;
-
if we need to verify your identity (for example, because we have a legal obligation to do so), your government-issued identification and proof of address documents; or
if you access any software or websites we make available to you, details about your use of such platforms, which may include username and password details, your internet protocol (IP) address, your search queries or browsing behaviour (including through the use of cookies, tracking pixels, and other analytics tools).
Sensitive information: is a sub-set of personal information that is given a higher level of protection. Sensitive information means information relating to your racial or ethnic origin, political opinions, religion, trade union or other professional associations or memberships, philosophical beliefs, sexual orientation or practices, criminal records, health information or biometric information. The types of sensitive information we collect include:
-
where you are a user of our services, information about you or your Dependents, including:
-
health information, including individual or family medical history;
-
racial or ethnic origin (so that we can provide culturally appropriate care where possible); and
-
details of any relevant NDIS plan, or any other support plan or treatment report provided to us.
-
​
How we collect personal information
​
We collect personal information in a variety of ways, including:
-
when you provide it directly to us, including face-to-face, over the phone, over email, or online;
-
when you complete a form, such as registering for any events or newsletters, or responding to surveys and questionnaires;
-
from third parties, such as health practitioners through referrals; or
-
when you use any software or website we operate and make available to you (including from any analytics and cookie providers or marketing providers. See the “Cookies” section below for more detail on the use of cookies); or
-
from publicly available sources.
​
Why we collect, hold, use and disclose personal information
​
Personal information: We collect, hold, use and disclose your personal information for the following purposes:
-
to work with you as a customer or supplier of our business;
-
to contact and communicate with you about our business, including in response to any support requests you lodge with us or other enquiries you make with us;
-
to contact and communicate with you about any enquiries you make with us via any website we operate;
-
for internal record keeping, administrative, invoicing and billing purposes;
-
for analytics, market research and business development, including to operate and improve our business, associated applications and associated social media platforms;
-
for advertising and marketing, including to send you promotional information about our events and experiences and information that we consider may be of interest to you; and
-
to comply with our legal obligations or if otherwise required or authorised by law.
​
Sensitive information: We only collect, hold, use and disclose sensitive information for the following purposes:
-
any purposes you consent to;
-
the primary purpose for which it is collected;
-
secondary purposes that are directly related to the primary purpose for which it was collected, including disclosure to the below listed third parties as reasonably necessary to work with you as a customer or supplier of our business;
-
to contact emergency services, or to speak with your family, partner or support person where we reasonably believe there is a serious risk to the life, health or safety of you or another person and it is impracticable for us to obtain your consent; and
-
if otherwise required or authorised by law.
​
Our disclosures of personal information to third parties
​
Personal information: We will only disclose personal information (excluding sensitive information) to third parties where it is necessary as part of our business, where we have your consent, or where permitted by law. This means that we may disclose personal information (excluding sensitive information) to:
-
our employees, contractors and/or related entities;
-
IT service providers, data storage, web-hosting and server providers;
-
marketing or advertising providers;
-
professional advisors, bankers, auditors, our insurers and insurance brokers;
-
payment systems operators or processors;
-
our existing or potential agents or business partners;
-
if we merge with, or are acquired by, another company, or sell all or a portion of our assets, your personal information may be disclosed to our advisers and any prospective purchaser’s advisers and may be among the assets transferred;
-
courts, tribunals and regulatory authorities, in the event you fail to pay for goods or services we have provided to you;
-
courts, tribunals, regulatory authorities and law enforcement officers, as required or authorised by law, in connection with any actual or prospective legal proceedings, or in order to establish, exercise or defend our legal rights;
-
third parties to collect and process data, such as analytics providers and cookies;
-
any other third parties authorised by you, such as your family members and other providers; and
-
any other third parties as required or permitted by law, such as where we receive a subpoena.
We will only disclose personal information to third parties where it is necessary as part of our business, where we have your consent, or where permitted by law. We do not sell or share personal information for marketing purposes.
Sensitive information: We will only disclose sensitive information with your consent or where permitted by law. This means that we may disclose sensitive information to:
-
any purposes you consent to;
-
to contact emergency services, or to speak with your family, partner or support person where we reasonably believe there is a serious risk to the life, health or safety of you or another person and it is impracticable for us to obtain your consent;
-
our employees, contractors and/or related entities;
-
the NDIA, your support coordinator, your plan manager, and other health care professionals or persons/entities as necessary to provide our services;
-
IT service providers, data storage, web-hosting and server providers;
-
professional advisors;
-
courts, tribunals, regulatory authorities and law enforcement officers, as required or authorised by law, in connection with any actual or prospective legal proceedings, or in order to establish, exercise or defend our legal rights;
-
any other third parties authorised by you, such as your family members and other providers; and
-
any other third parties as required or permitted by law, such as where we receive a subpoena.
Overseas disclosure
​
We store your personal information in Australia. Where we disclose your personal information to third parties, those third parties may store, transfer or access personal information outside of Australia. We will only disclose your personal information overseas in accordance with the Australian Privacy Principles.
Your rights and controlling your personal information
​
Your choice: Please read this Privacy Policy carefully. If you provide personal information to us, you understand we will collect, hold, use and disclose your personal information in accordance with this Privacy Policy. You do not have to provide personal information to us, however, if you do not, it may affect our ability to work with you as a customer or supplier of our business.
​
Information from third parties: If we receive personal information about you from a third party, we will protect it as set out in this Privacy Policy. If you are a third party providing personal information about somebody else, you represent and warrant that you have such person’s consent to provide the personal information to us.
Restrict and unsubscribe: To object to processing for direct marketing/unsubscribe from our email database or opt-out of communications (including marketing communications), please contact us using the details below or opt-out using the opt-out facilities provided in the communication.
​
Access: You may request access to the personal information that we hold about you. An administrative fee may be payable for the provision of such information. Please note, in some situations, we may be legally permitted to withhold access to your personal information. If we cannot provide access to your information, we will advise you as soon as reasonably possible and provide you with the reasons for our refusal and any mechanism available to complain about the refusal. If we can provide access to your information in another form that still meets your needs, then we will take reasonable steps to give you such access.
Correction: If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, please contact us using the details below. We will take reasonable steps to promptly correct any information found to be inaccurate, out of date, incomplete, irrelevant or misleading. Please note, in some situations, we may be legally permitted to not correct your personal information. If we cannot correct your information, we will advise you as soon as reasonably possible and provide you with the reasons for our refusal and any mechanism available to complain about the refusal.
Complaints: If you wish to make a complaint, please contact us using the details below and provide us with full details of the complaint. We will promptly investigate your complaint and respond to you, in writing, setting out the outcome of our investigation and the steps we will take in response to your complaint. If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner.
Storage and security
​
We are committed to ensuring that the personal information we collect is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures, to safeguard and secure personal information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.
While we are committed to security, we cannot guarantee the security of any information that is transmitted to or by us over the Internet. The transmission and exchange of information is carried out at your own risk.
User-Generated Content
​
While we do not actively solicit or host user reviews or content on our own platforms, we recognise that third-party sites (such as Google) may allow users to post reviews or comments about our services. We have no control over such external content or how others may use information posted on these platforms. We are not responsible for the privacy, security, or accuracy of any externally posted content related to our services, or for the use or misuse of that information by any third parties.
​
Cookies and Analytics
​
We may use cookies, tracking pixels and similar technologies on our website and in our emails from time to time. Cookies are text files placed in your computer's browser to store your preferences. Tracking pixels are tiny, invisible images (typically the size of one pixel) embedded in web pages or emails. Cookies and tracking pixels, by themselves, do not tell us your email address or other personally identifiable information. However, they do recognise you when you return to our online website and allow third parties to cause our advertisements to appear on your social media and online media feeds as part of our retargeting campaigns. If and when you choose to provide our online website with personal information, this information may be linked to the data stored in the cookie or collected by tracking pixels. Unlike cookies, tracking pixels do not store any information on your device, but instead send information to our servers when the pixel is loaded.
​
You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies.
​
You can block tracking pixels by using ad-blocking or privacy-focused browser extensions. Some email providers allow you to block images by default, which can prevent tracking pixels in emails from loading.
However, if you use your browser settings to block all cookies (including essential cookies) and tracking pixels you may not be able to access all or parts of our website and you may not receive personalised content.
Google Analytics: We may use Google Analytics Advertising Features. We and third-party vendors may use first-party cookies (such as the Google Analytics cookie) or other first-party identifiers, and third-party cookies (such as Google advertising cookies) or other third-party identifiers together. These cookies and identifiers may collect Technical and Usage Data about you.
​
You can opt-out of Google Analytics Advertising Features including using a Google Analytics Opt-out Browser add-on found here. To opt-out of personalised ad delivery on the Google content network, please visit Google’s Ads Preferences Manager here or if you wish to opt-out permanently even when all cookies are deleted from your browser you can install their plugin here. To opt out of interest-based ads on mobile devices, please follow these instructions for your mobile device: On android open the Google Settings app on your device and select “ads” to control the settings. On iOS devices with iOS 6 and above use Apple’s advertising identifier. To learn more about limiting ad tracking using this identifier, visit the settings menu on your device.
​
To find out how Google uses data when you use third party websites or applications, please see here.
Facebook/Meta Analytics: We may use tools provided by Meta, such as the Meta Pixel, advanced matching, and Conversions API. These allow us to measure ad performance and deliver ads that may be relevant to you on Meta platforms based on your activity on our website/app. You can control whether we can join data from third party partners with your Meta account for ads by adjusting your preferences within Meta's settings. You can disconnect this data from your Meta account by changing your settings for Off-Facebook activity. For more information, please see Meta's Privacy Policy here.
Links to other websites
​
Our website may contain links to other party’s websites. We do not have any control over those websites, and we are not responsible for the protection and privacy of any personal information which you provide whilst visiting those websites. Those websites are not governed by this Privacy Policy.
​
Personal information from single sign-on accounts
If you connect your account with us using a single sign-on account, we will collect your personal information from the single sign-on provider. We will do this in accordance with the privacy settings you have chosen with that provider.
The personal information that we may receive includes your name, ID, username, handle, profile picture, gender, age, language, list of friends or follows and any other personal information you choose to share.
​
We use the personal information we receive from the single sign-on provider to create a profile for you on our platform and to access our services.
​
Where we have accessed your personal information through your Facebook account, you have the right to request the deletion of personal information that we have been provided by Facebook. To submit a request for the deletion of personal information we acquired from Facebook, please send us an email at the address at the end of this Privacy Policy and specify in your request which personal information you would like deleted. If we deny your request for the deletion of personal information, we will explain why.
​
Use of Artificial Intelligence (AI)
​
Overview: We may use artificial intelligence and machine learning technologies, including AI Technologies provided by third parties (AI Technologies) in our business operations and the provision of our Services. We will only use AI Technologies when legally permitted and necessary for our business operations.
How we use AI Technologies: We may use AI Technologies for the following purposes:
-
to assist with clinical documentation, specifically as a scribe/note-taking assistant during client sessions.
​
Data Protection and Security: Where we use service providers who provide AI Technologies to us, we will take reasonable steps to ensure that such service providers handle your personal information according to privacy law, including by ensuring that we have contracts in place requiring the service provider to protect personal information.
We will not input your personal information into any platform provided by an AI Technology service provider which then trains its model based on that information.
Your Rights and our Commitments: We will treat information generated or inferred by the AI Technologies about individuals as personal information and you maintain all rights over your personal information as outlined in this privacy policy, regardless of whether AI Technologies are used in processing. When using AI Technologies with your personal information:
-
Transparency and control: we will implement processes to verify the accuracy of AI-generated outputs and we will take reasonable steps to maintain human oversight and review of significant AI-generated output. Our staff are trained to understand the limitations of AI systems and verify outputs before they are relied upon; and
-
Security: we implement appropriate technical and organisational measures to ensure that our use of AI Technologies maintains the security and integrity of your personal information. This includes regular testing and monitoring of AI outputs for accuracy and reliability; and
-
Risk mitigation: We regularly assess and document the risks associated with our use of AI Technologies in processing personal information and implement appropriate mitigation measures. This includes ongoing monitoring of AI Technologies and regular reviews of their performance and impact.
​
Amendments
​
We may, at any time and at our discretion, vary this Privacy Policy by publishing the amended Privacy Policy on our website. We recommend you check our website regularly to ensure you are aware of our current Privacy Policy.
For any questions or notices, please contact us at:
Authentic Allies (ABN 38 798 601 978)
Email: hello@authenticallies.com.au