Privacy policy


Published: 1-4-2018
Updated: 24-9-2024

Easy read version here.

Privacy Policy

1. About This Policy

This Privacy Policy ("Policy") describes how Kindship Group Pty Ltd (ACN 648 460 646) and its subsidiary companies Kindship Pty Ltd (ACN 625 713 724) and Kindship Premium Services Pty Ltd (ACN 662 497 092), collectively operating as Kindship (referred to as "we", "us", or "our"), collect, handle, and protect your personal information. We are committed to safeguarding your personal data and ensuring your privacy in accordance with Australian privacy laws and regulations.

2. Types of Personal Information We Collect

The types of personal information we collect depend on your interactions with us and may include:

  • Basic Personal Details: Name, address, email address, mobile phone number, and location data.
  • Bio Information: Personal bio provided by you.
  • Child’s Information: Your child's name, gender identity, date of birth, and health information, including diagnoses and therapies.
  • NDIS Plan Details: NDIS plan and budget details, goals, provider details, and invoices related to the services you receive.
  • Sensitive Health Information: Details about your or your child's diagnosis, services accessed, progress reports and other relevant information for managing your NDIS plan.

If you are a volunteer or job applicant, we may also collect information about your education and employment history. If you are a service provider, we may collect information related to the provision of services to us.

3. How We Collect Your Personal Information

We collect personal information directly from you via our App, website, social media, email, or telephone. This includes information you provide as a parent or guardian or that we receive from submitted NDIS plans. We may also collect information from third parties, such as your authorised representatives, service providers, or other entities involved in your care.

We use cookies and similar technologies to collect information via our website.

4. Collection of Information via Our Website

Our website employs cookies and similar tracking technologies to enhance your browsing experience. These small files store data on your device, allowing us to recognise your preferences across various online platforms. While you may disable cookies via your internet browser, please note that this may affect our website's functionality.

Our website analytics do not use browsing data to personally identify you. Instead, we collect generalised information such as page visits, session times, search engine referrals, and your device's internet protocol address. Additionally, we use web beacons—electronic images for aggregating user visits on our website, not for accessing personal information. This technology assists us in understanding user engagement and improving our website.

5. Purposes for Which We Collect, Use, and Disclose Personal Information

We collect your personal information for several purposes, including:

  • Communication: To communicate with you and respond to requests.
  • Service Delivery: To facilitate App functionality and deliver our NDIS plan management services.
  • Personalisation: To understand user interests and preferences and personalise your NDIS journey recommendations.
  • Budget Management: To keep your NDIS budgets in check and provide you with tools and updates to monitor your NDIS budget.
  • Direct Marketing: To provide educational articles and special offers, with your prior consent.
  • Market Research: To conduct market research and improve our services by using aggregated and anonymised data.
  • Applications: To process applications for volunteers or employees.

By signing up and accepting our Terms and Conditions, Service Agreement, and Privacy Policy, you consent (opt-in) for the collection, use, and disclosure of your personal information as described in this Policy.

6. Disclosure of Your Personal Information

In the course of providing our products and services to you, we may disclose your personal information to:

  • Employees and Volunteers: Our employees and volunteers who work with us.
  • External Freelancers: External freelancers engaged by us.
  • Third-Party Service Providers: Providers for the operation of our websites, business, or in connection with providing our products and services to you, such as managing invoices, data storage, and technical support.
  • NDIS Support Providers: With your consent, your support providers, allied health professionals, or other NDIS team members to ensure coordinated support during our NDIS Family Strategy Drop-In Sessions.
  • Government and Regulatory Bodies: Other persons, including government agencies, regulatory bodies, and law enforcement agencies, as authorised and permitted by law.

Some of these individuals and organisations may be located outside Australia, including in Nepal. We ensure all transfers of personal information are handled securely and in compliance with relevant Australian privacy laws.

7. Sensitive Health Information and Kindship Community

As part of the Kindship Platform, we may share certain details, including sensitive health information, with the broader Kindship community to help members support one another, offer recommendations, and share experiences regarding services and NDIS management.

By signing up and accepting our Terms and Conditions, Service Agreement, and Privacy Policy, you consent (opt-in) for the collection, use, and sharing of your personal and sensitive health information as described in our policies.

If you are not comfortable sharing this information, you may:

  • Opt for De-Identified Sharing: Have your information shared in a de-identified manner, where no personally identifiable information is visible.
  • Opt-Out: Opt out of sharing your information entirely by contacting us via email.

We respect your preferences and will accommodate any specific requests to limit or adjust the type of information shared with the Kindship community.

8. Direct Marketing

At Kindship, we may engage in direct marketing to keep you informed about products, services, and special offers that might interest you. By signing up and accepting our Terms and Conditions, Service Agreement, and Privacy Policy, you consent (opt-in) to receive these communications.

Your consent is important, and you have the flexibility to opt out of receiving these communications at any time by unsubscribing from our mailing list or adjusting your preferences within the App.

9. Zero Data Retention for Conversations with Barb

In line with our commitment to privacy, we implement a Zero Data Retention policy specifically for interactions with Barb, our AI assistant. This means that conversational data with Barb is:

  • Not logged for human review.
  • Not stored persistently in the cloud or on any disk.
  • Only held temporarily in memory during the interaction.

This policy ensures that your conversations with Barb are private and secure, adhering to the highest standards of data protection.

10. Payments and Financial Data

We use third-party services, such as Stripe, for secure payment processing during the booking of our NDIS Family Strategy Drop-In Sessions. Please refer to Stripe’s privacy policy for details on how they handle your financial information.

11. Security and Storage

Your personal information is stored electronically on secure, Australian-based servers provided by Google, Amazon, Microsoft, DigitalOcean, Intercom, and Planability.

International Access and Data Protection

We recognise that, to provide our services effectively, certain authorised personnel and third-party service providers located outside Australia (including in Nepal) may need to access your data. When accessing data internationally, we ensure that:

  • Data Protection Measures: All international access is conducted over secure connections using encryption and authentication protocols to prevent unauthorised access.
  • Compliance with Australian Privacy Laws: We require all third-party service providers and international personnel to comply with Australian privacy laws and this Privacy Policy, ensuring that your data is protected to the same standard as if it were accessed within Australia.
  • Contracts and Agreements: We have agreements in place with these parties to ensure they handle your personal information securely and confidentially.

Despite the international access, we are committed to protecting your information from misuse, loss, unauthorised access, modification, or disclosure, maintaining the highest standards of data security and privacy.

For NDIS Family Strategy Drop-In Sessions, sensitive information such as NDIS plans, medical records, and goals is stored securely and is only accessed by authorised Kindship personnel.

We take all reasonable steps to ensure your personal information is stored securely. This includes:

  • Using encryption and secure servers to protect your information.
  • Restricting access to authorised personnel only.
  • Regularly reviewing and updating our security practices to safeguard against unauthorised access, misuse, or loss of information.

If a data breach does occur, we will notify you promptly and take immediate steps to address the breach in line with legal requirements.

12. Use of AI in Service Delivery

Our services, including interactions with Barb, utilise advanced AI technology. We are committed to ethical AI use, ensuring transparency, accuracy, and fairness in all AI-assisted interactions. Our AI systems are designed to enhance your experience while respecting your privacy and data security.

Note on AI Improvement

Even with our Zero Data Retention policy for Barb, we continuously improve our AI services through:

  • Aggregate Data Analysis: Using de-identified, aggregated data that does not include personal or sensitive information.
  • Feedback Mechanisms: Encouraging users to provide feedback voluntarily to help improve our services.

13. Access to and Correction of Your Information

You have the right to access the personal information we hold about you. If any of the information is inaccurate, incomplete, or outdated, you may request corrections, and we will promptly update it.

To request access to your information or make corrections, please contact our support team by email, and we will respond within a reasonable timeframe.

14. Data Removal Requests

To request the removal of your personal information, contact us via the 'Contact Us' section. We'll confirm your identity before processing your request.

Personal information collected during the NDIS Family Strategy Drop-In Sessions will be retained for the duration of our engagement with you or as required for legal or compliance purposes. You may request deletion of your personal information upon conclusion of our services, unless retention is necessary for ongoing support or legal obligations.

15. Audits and Compliance

As part of our obligations as a registered Plan Manager, we are periodically audited to ensure compliance with NDIS standards. These audits may include a review of your interactions with us and feedback on our service delivery.

By accepting this Policy, you consent to being contacted as part of an audit to discuss your experience with us. If you do not wish to be contacted for this purpose, please inform us, and we will respect your preference.

16. Complaints

If you have a complaint about our handling of your personal information, please follow this process:

  1. Contact Us: Reach out to our support team via email at hello@kindship.com.au or phone at 1300 057 084 with details of your complaint.
  2. Acknowledgement: We will acknowledge your complaint within two business days.
  3. Investigation: We will investigate your complaint and may request additional information.
  4. Resolution: We aim to provide a resolution or response within ten business days after receiving all necessary information.
  5. External Resolution: If you are not satisfied with our response regarding your privacy complaint, you may contact the Office of the Australian Information Commissioner (OAIC) via the OAIC website: www.oaic.gov.au.

17. Contact Us

If you have any questions or concerns, please contact us:

Address:

Suite 17, Stone & Chalk Startup Hub
Lot Fourteen, North Terrace
ADELAIDE SA 5000

General Inquiries Email: hello@kindship.com.au
Member Support Email: members@kindship.com.au

Phone: 1300 057 084

Definitions

  • ACN: Australian Company Number, a unique nine-digit number issued by the Australian Securities and Investments Commission (ASIC) to every company registered under the Commonwealth Corporations Act 2001.
  • Kindship Group: Kindship Group Pty Ltd (ACN 648 460 646) and its subsidiary companies Kindship Pty Ltd (ACN 625 713 724) and Kindship Premium Services Pty Ltd (ACN 662 497 092).
  • Kindship Platform: The apps, software, websites, and any other information technology, including updates, that we use to communicate and deliver our services to you.
  • Personal Information: Information or an opinion about an identified individual, or an individual who is reasonably identifiable.
  • Sensitive Information: Includes information about an individual's health, racial or ethnic origin, political opinions, religious beliefs, sexual orientation, or criminal record.
  • We, Us, Our: Refers to Kindship Group Pty Ltd and its subsidiary companies.
  • You, Your: Refers to the individual whose personal information we collect and handle.