1. ABOUT THIS POLICY
We have developed an app and associated website that connects the parents of children with disabilities with each other in order to facilitate information sharing that supports and enhances the health, wellbeing, capacity and resilience of families and carers (App). Parents can match based on commonalities such as diagnostic journey, age group and shared interests. The purpose of the App is to provide a platform where parents can access unbiased, targeted resources and be part of a network that informs, unites and ultimately empowers the members of the disability community to confidently navigate the NDIS.
We are committed to protecting your privacy and understand the importance of protecting your personal information that is collected through the provision of our services. This Policy outlines:
- the types of personal information that we usually collect;
- the purposes for which we collect it;
- to whom we disclose it;
- how we hold and keep it secure; and
- your rights in relation to your personal information, including how to complain and how we deal with complaints.
We will handle your personal information in accordance with this Policy, legislation including the Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principles (APPs) and any relevant State and Territory health legislation (eg in NSW Health Records and Information Privacy Act 2002 (NSW) (HRIP Act), in relation to health information.
In addition to the Privacy Act, if you are located in the European Union (EU) (including the European Economic Area (EEA)), the section 'European residents' below provides further information about our processing of your personal information and your additional data subject rights in relation to the processing of your personal information (or personal data) under the General Data Protection Regulation (2016/679) (GDPR) by us.
In this Policy, personal information means any information or opinion about an identified individual or an individual who is reasonably identifiable, whether true or not. It does not include information that is de-identified (anonymous data).
2. TYPES OF PERSONAL INFORMATION WE COLLECT
The types of personal information we collect about you depends on the dealings you have with us and the consents that you provide and may include:
- email address;
- location data;
- Facebook or Google profile photo and any other photos you have uploaded to your gallery;
- your child's name;
- your child's gender identity;
- your child's age (expressed in years and months, or number of weeks if the child is unborn yet; not by date of birth); and
- health information about your child including their diagnosis/es, therapies etc.
- NDIS plan (to create Plan mapping report)
- NDIS budget (for Premium services)
If you are a volunteer or job applicant we may also collect information about your education and employment history, and if you are a service provider, we may collect information related to the provision of services to us.
3. DEALING WITH US ANONYMOUSLY OR USING A PSEUDONYM
Where possible and lawful, you may interact with us anonymously or using a pseudonym. For example, if you contact us with a general question we will not record your name unless we need it to adequately handle your question.
However, for many of our functions and activities we usually need your name, contact information and other details to enable us to provide our services or products to you.
4. WAYS WE COLLECT YOUR PERSONAL INFORMATION
We may collect personal information from or about you in different ways, including:
- directly from you via your interactions with us:
● on the App;
● on the website;
● our social media sites;
● via email or telephone communications;
- via email or telephone communications;
- from your parents or guardian if they have created a profile on our App and provide information about you as their child;
- from submitted NDIS plans;
- from another user or a third party and their interactions with us on the App, website, social media sites and email or telephone communication;
- from third parties including Facebook and/or Google if you use your profile to create your account and sign-into the App, and location data from the Rome2Rio API; and
5. COLLECTION OF INFORMATION VIA OUR WEBSITE
When you visit our website, we may also use 'cookies' or other similar tracking technologies that help us track your website usage and remember your preferences. Cookies are small files that store information on your computer, mobile phone or other device. They enable the entity that put the cookie on your device to recognise you across different websites, services, devices and/or browsing sessions. You can disable cookies through your internet browser but our website may not work as intended for you if you do so.
Whilst we do not use browsing information to identify you personally, we may record certain information about your use of our website, such as which pages you visit, the time and date of your visit, search engine referrals and the internet protocol address assigned to your computer.
Our web pages may contain electronic images, known as web beacons. These electronic images enable us to count users who have visited certain pages on our website. Web beacons are not used by us to access your personal information, they are simply a tool we use to analyse which web pages are viewed, in an aggregate number.
6. PURPOSES FOR WHICH WE COLLECT, USE AND DISCLOSE PERSONAL INFORMATION
We collect your personal information for a number of purposes, including:
- to communicate with you, including responding to any requests;
- to facilitate the functionality of the App;
- to better understand the interests and preferences of our users, including to offer suggestions and promote services relevant to the user's location;
- to create public profiles so people can have meaningful connections and friendships;
- to create your personalised NDIS Plan Mapping Report;
- to keep your NDIS budgets in check;
- to provide personalised articles for education purposes;
- to engage in direct marketing and targeted advertising;
- to conduct market research and understand the needs of the community of parents and carers which we are building through the App;
- to review and consider applications of individuals who wish to volunteer or work for us.
7. DISCLOSING YOUR PERSONAL INFORMATION
In the course of providing our products and services to you, we may disclose your personal information with:
- our employees and volunteers who work with us;
- external freelancers engaged by us;
- third party service providers; including providers for the operation of our websites and/or our business or in connection with providing our products and services to you;
- Other persons, including government agencies, regulatory bodies and law enforcement agencies, or as required authorised and permitted by law.
Further, the personal information that you choose to make available through your use of the App, for example on your profile or communicated through online message boards, will be disclosed to other users of the App.
Some of these individuals and organisations may be located outside of Australia. User and volunteers are based in US, UK, New Zealand and Canada and Foreign freelancers are based in Nepal.
8. DIRECT MARKETING
We may use your personal information to identify a product or service that you may be interested in including from third parties. We may, with your consent, use the personal information we have collected about you to contact you from time to time by email, push notifications and within the App itself to tell you about new products or services and special offers that we believe may be of interest to you.
You can withdraw your consent to receiving direct marketing communications from us at any time by unsubscribing from the mailing list or updating your privacy settings within the App
9. SECURITY AND STORAGE
We store your personal information electronically. All of your activity and data uploaded or otherwise collected via the app gets stored on a Sydney based server. Electronic information is then stored by Google Cloud Platform and Algolia third party data storage solutions. We take reasonable and appropriate steps (including organisational and technological measures) to protect your personal information from misuse, interference and loss, as well as unauthorised access, modification or disclosure. This includes using encryption when transmitting Personal Information and only providing access to authorised employees, volunteers and external freelancers engaged by us for permitted business purposes only.
We only keep your personal information for as long as it is required, for the purpose for which it was collected or as otherwise required by applicable laws. If we no longer need to hold your personal information for any reason or we are no longer required by law to keep it, we will take reasonable steps to de-identify or destroy that information. These steps may vary depending on the nature of the information, the way it was collected and how it was stored.
10. ACCESS TO AND CORRECTION OF YOUR INFORMATION
We will endeavour to ensure that the personal information collected from you is up to date, accurate and complete.
You may request access to, or correction of, the personal information we hold about you at any time by contacting our support team using the details found in this Policy. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data. We may also contact you to ask you for further information in relation to your request so that we may adequately respond. Subject to any applicable exceptions or requirements, we will provide you with access to the personal information you request, or make reasonable modifications to your personal information, within reasonable time and usually within 28 days. If we decide to refuse your request we will tell you why in writing and how to appeal via complaint if desired.
11. DATA REMOVAL REQUESTS
If you desire for all or part of your personal information held by us to be deleted or removed, you can do so within the App, via navigating to Profile, Settings, Deactivate Account. Alternatively, you may make a request in writing to the support team via the information provided in the ‘CONTACT US’ section of this Policy. We may need to confirm your identity and ensure your right to request removal of personal information.
During use of the App, you may link it to your Facebook, Google or Apple accounts. You can remove this at any time by visiting the application settings on your Facebook, Apple or Google profile (as applicable) and following the instructions to remove Kindship access permissions.
During account deactivation, reasonable attempts will be made to de-identify, aggregate or otherwise obscure previously disclosed personal information such that it can no longer be used to identify you. However where personal information has been shared to other users or made public during the course of using the App and other services, copies of the information may still be held by these users, or shared with search engines. These actions are outside of our control, and we do not accept liability for them.
During your use of the App, you may have accessed links to third-party websites, applications or other services, which may have allowed those third parties to collect or share your personal information. We are not responsible for their services and privacy statements; you will need to review their specific privacy policies to establish your rights in relation to disclosed personal information to these entities.
If you are not satisfied with our response to your requests for removal or deletion of your personal information, you may submit a complaint via the method described in this Policy.
You can make a complaint in writing to us using the details listed in the ‘CONTACT US’ section of this Policy. We may need to request specific information from you to help us confirm your identity and ensure your right to make a complaint regarding the contents of this policy in relation to your personal information held by us. . We will respond to you within a reasonable period of time to acknowledge your complaint and inform you of the next steps we will take in dealing with your complaint.
If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC) via the OAIC website, www.oaic.gov.au.
13. ACCESS AND COMPLAINTS IF YOU ARE IN THE EUROPEAN UNION
If you are an individual based in Europe and we offer or provide our products or services to you, or our processing of your personal information will be subject to the GDPR. Pursuant to the GDPR you have, in certain circumstances, the right to request that the personal information that is collected from you is erased, its further processing is restricted, or to object to its further processing and the right to data portability. You can also ask that personal information provided by you to us is transmitted to another party. You may also withdraw your consent where it has been provided as a condition of our processing your information or object to the further processing of your personal information in certain circumstances.
If we refuse any request you make in relation to these rights, we will write to you to explain why and how you can make a complaint about our decision.
To make a request in respect of these rights or to make a complaint, please contact us via the contact details in Section 11 below.
You also have the right to lodge a complaint with a relevant data protection supervisory authority (for example in the place you reside or where you believe we breached your rights).
14. CONTACT US
If you have a question or comment regarding this Policy or wish to make a complaint or exercise your privacy rights, please contact our support team on the following details:
Suite 17, Stone & Chalk Startup Hub
Lot Fourteen, North Terrace
ADELAIDE SA 5000;
Phone: 1300 057 084