Go to the app

Privacy Policy

Effective as at November 12, 2023

Your privacy is important to us and we are committed to ensuring that your personal information managed in accordance with the Privacy Act 1988 (Cth).

1. What is privacy policy?

In this Privacy Policy (Policy), “we”, “us” or “our” refers to Support Plus Pty Ltd ABN 78672512784
(Support Plus), and “you” or “your” we are referring to the reader as an individual.

At the date of this Policy, Support Plus is not regulated by the Privacy Act 1988 (Cth) (Privacy Act), however we remain guided by the Australian Privacy Principles Fstor in the Privacy Act. Whilst guided by the Australian Privacy Principles, we are bound only to the terms of this Policy until such time as we become specifically regulated by any applicable laws. 

This Policy sets out the way in which we collect, use and disclose your personal information in order to carry out our services and functions.

By using our services, accessing, requesting information on, enquiring about, using, receiving or providing feedback in relation to our operations or services (online, in writing, by telephone or in person), seeking employment or becoming a business partner or affiliate with us; or  otherwise providing, or consenting to the collection of, personal information by us or our officers, agents or employees, after this Policy has been brought to your attention, you acknowledge and consent to the use, collection, storage or disclosure of your personal information by us in accordance with this Policy and the Privacy Act.

If you do not agree to us handling your personal information in the manner set out in this Policy, we will not be able to provide our services to you and you should not provide us with any personal information.

2. What is personal information?

We follow the definition of personal given in the Privacy Act: “Personal Information means information or an opinion about an identified individual, or an individual who is reasonably identifiable whether the information or opinion is true or not and whether the information or opinion is recorded in a material form or not.”

3. What happens if you want to deal with us anonymously or using a pseudonym?

When contacting us, you can do so either anonymously or by using a pseudonym. However, when accessing our services if you do so anonymously, we may not be able to provide you with accurate or useful information, and you may not be able to access a full range of our services. Further, we may not be able to investigate incidents or complaints you have made.

4. What kinds of personal information might we collect and hold?

The personal information we may collect, hold and process about you depends upon your relationship with us, the service you have requested from us and how you interact with us. This information may vary depending on our specific needs.

For our customers and prospective customers

When you enquire about our services or when you become a client, a records is made which includes your personal information. We may collect the following kinds of personal information:

  1. personal and contact details which includes your name, address, email address, telephone number and other identification information;
  2. socio-demographic information such as age, date of birth, gender, postcode, country of birth, indigenous status, occupation, disability status, language spoken or religious affiliation;
  3. biometrics such as your photograph (in driver’s licences and passports);
  4. information about your identity (if required) such as country of birth, nationality, passport details, visa details, driver’s licence, birth certificates;
  5. information about your circumstances such as your education status, employment status and history, cultural and linguistic background;
  6. information about your family and related persons such as your authorised representatives, carers, guardians, parents, children, or dependents;
  7. Australian government identifiers such as Medicare card details;
  8. information about how you interact with us such as details of when you call us, use our services, make an enquiry, provide feedback or make a complaint;
  9. digital information including information such as location information (if enabled on your devices), IP address, details of the device and software used to access our websites and digital services;
  10. call records when you contact us (we will let you know at the start of each phone call if the call is being recorded);
  11. information required to provide a service or information you have requested; and
  12. any other information relating to you that you provide to us directly.

There are also circumstances where we collect and hold sensitive information. According to the Privacy Act, sensitive information includes but is not limited to personal information, health, racial or ethnic origin, political opinions, membership of a political association, professional or trade association or trade union, religious beliefs or affiliations, philosophical beliefs, sexual orientation or practices, criminal record, biometric information that is to be used for certain purposes.

We limit the collection of sensitive information when the information is reasonably necessary for, and directly related to, our services and activities and with your consent.  Sensitive information that we collect may include health and medical information (including an individual’s disability and medical history). We will treat your sensitive information appropriately and with utmost confidentiality and respect.  

We will only keep your sensitive information whilst you consent to us doing so, or if we are required to by law or to protect a legal right. If you want us to destroy or de-identify your sensitive information you may request we do so in writing. This may, however, limit our ability to serve and assist you.

Other individuals

We may collect personal information about other individuals who are not our customers such as family members of clients, members of the public who participate in our events we are involved with, service providers and contractors to Support Plus, and other individuals who interact with us on a commercial basis. The kinds of personal information we collect will depend on the capacity in which you are dealing with us. Generally, it would include your name, contact details, and information regarding our interactions and transactions with you.

Visitors to our website

You may visit our website without identifying yourself. If you identify yourself (for example, by providing your contact details in an enquiry), your personal information will be managed in accordance with this Policy.

5. How do we collect personal information?

We generally collect personal information directly from you for example, when you provide that information to us, we contact you or when you contact us.  We only collect personal information about you that is necessary for us to perform the services you are seeking for and when it is reasonably necessary and directly related to our services and functions.

We may also collect information about you from a third party such as a parent, carer, guardian, health service provider, government agency or such persons authorised by you.  We only do so if you have authorised us to collect information in this manner or where it is not reasonable or practical for us to collect this information directly from you.

6. How do we hold and secure your personal information?

We store your personal information digitally (unless legally required to retain in hard copy format). Any hard copy material is secured at our headquarters in Adelaide, South Australia. All digital material is secured using password protected computers and databases.

We primarily use data storage providers located inside Australia, Cloudways Vultr. However, some data may potentially be stored overseas, likely in the United States, due to the use of third party services from businesses that originate in the United Stated. Where appropriate, we have agreements with our storage providers to keep all personal information they store secure, using reasonable and appropriate security methods. We conduct regular audits of our compliance with this Policy and the Privacy Act to ensure that our privacy framework is in line with industry best-practice.

We destroy or de-identify personal information in a secure manner when we no longer need it.  For example, we generally destroy a record about a complaint after 3 years from when the complaint was resolved.

7. Why do we collect, hold, use and disclose personal information?

If you are our customer, we collect, hold and use your personal information to:

  1. provide you with our services;
  2. record our communications with you and how you interact with us;
  3. cooperate with government agencies and law enforcement bodies or where required by law (including reporting on the services we provide);
  4. providing you with information about our services, events, activities that may be of interest to you;
  5. ensuring consistency of service across our business and other operational purposes;
  6. developing or refining our services as well as tailoring our services;
  7. notifying you about changes to our website, services, or activities we offer or provide;
  8. operational purposes (including but not limited to corporate, audit, record retention) and to deliver on our services as well as to meet our legal obligations;
  9. work with our service providers and contractors;

Our use of personal information may extend beyond the uses described above, but will be restricted to purposes that we consider to be related to our functions and activities.

8. Who do we share your personal information with?

We may share your personal information with third parties for the reasons referred to in section 6, or where the law otherwise allows or requires us to.

The types of third parties include:

  1. persons you have authorised us to do so or where are legally required such as your legal representatives, carers, guardians, attorneys;
  2. our employees and service providers; and
  3. government and law enforcement agencies including for example, the Office of the Australian Information Commissioner when we investigate or review a privacy complaint which you have referred to them.

9. Do we use your personal information for direct marketing purposes?

We may use your personal information to communicate directly with you to promote our services and provide you with information about our services and activities that we believe you may be interested in. If you receive direct marketing material from us, and do not wish to continue receiving it, please contact us by any of the methods stated in this Policy, asking to be removed from all future direct marketing programs. Once we have received your opt-out request, we will remove you from our direct marketing programs as soon as reasonably practicable.

10. What about Cookies, pixels and analytics?

When you access our website, or when you use our services, we may receive information about you via automated methods, including (but not limited to) use of a ‘cookie’, a ‘pixel’ or from analytics software. These are tools that our web server may direct your traffic to, send to your computer, or embed on a website, when you visit our website. These tools help us provide services to you, and to recognise when you re-visit the website, serve you customised content and to optimise your experience.

We generally do not collect your personal information through the use of these tools, though we may be able to access your IP address and information about what your computer technology is when using analytical software.

You may be able to change the settings of your browser so that cookies are not accepted generally or that you are provided with options to accept or reject them as they are sent to your browser.

11. Do we send your information overseas?

We are a South Australian based organisation, however our data may be stored in cloud back up software (such as MS Office 365, Dropbox, Google Drive) which may be potentially stored overseas, most likely in the United States.

In the event that your information is sent overseas, we will use our best endeavours to ensure that any overseas supplier will keep all personal information secure.

12. How you can access and/or correct your personal information?

You may request access to personal information we hold about you. Upon receiving an access request, we may request further details from you to verify your identity. The steps appropriate to verify an individual’s identity will depend on the circumstances and we seek the minimum amount of personal information needed to establish an individual’s identity. 

We reserve the right not to provide you with access to personal information that we hold about you if we cannot verify your identity to our reasonable satisfaction. An administrative fee may be charged to cover our costs in providing you with access to such information. This fee will be explained to you before it has been incurred.

We will respond to your access or correction request within a reasonable period of time.

If we refuse to provide you with access, we will notify you of our reasons and mechanism by which you can complain about our decision.  Access may be denied where:

  1. we believe your request is frivolous or vexatious;
  2. we are entitled to reject a request by law;
  3. we are unable to verify your identity; or
  4. you have not paid the administrative fee (if any).

If you believe that the personal information we hold about you is inaccurate or otherwise requires correction, you may send us a correction request by contacting us. If we make a correction and we have disclosed the incorrect information to others, you can ask us to tell them about the correction.  We must do so unless there is a valid reason not to.

13. How to make a complaint

You may contact our Privacy Officer at the contact details below at any time if you have any questions or concerns about this Policy or about the way in which we handle your personal information.

The Privacy Officer will first consider your complaint to determine whether there are simple or immediate steps which can be taken to resolve the complaint. We will generally respond to your complaint within a week.

If your complaint requires more detailed consideration or investigation, we will acknowledge receipt of your complaint within a week and endeavour to complete our investigation into your complaint promptly. We may ask you to provide further information about your complaint and the outcome you are seeking. We will then typically gather relevant facts, locate and review relevant documents and speak with individuals involved.

In most cases, we will investigate and respond to a complaint within 30 days of receipt of the complaint. If the matter is more complex or our investigation may take longer, we will let you know.

If you are not satisfied with our response to your complaint, or you consider that we may have breached the Australian Privacy Principles or the Privacy Act, a complaint may be made to the Office of the Australian Information Commissioner (OAIC) (for the most up-to-date contact details, please go to the OAIC’s website www.oaic.gov.au).   The OAIC is independent to us.

If you have a question or complaint, you can raise it with us by contacting our Privacy Officer.

14. GDRP - Notice

This notice is to European residents and is supplementary to our Privacy Policy to explain your additional or specific rights as a European resident.

The GDPR is the European Union (EU) data protection law. Australian-based organisations that offer goods or services to persons in the EU or who may access their website. This provision will not apply to a significant portion of the persons who use our site or services.

From time to time, we may capture or collect personal information that passes through the EU. This might occur, for example, if a person in the EU accesses the Site and we collect analytical data about them, enquiries about our services from the EU, or if one of our customers gives us information about a person in the EU. If this occurs, we will treat the personal information received in accordance with this policy.

Where data is processed or monitored in the EU, you may have additional rights, such as:

  1. The right to request that we delete your personal information (unless we require that information to comply with a legal obligation, or need it to bring or defend a legal claim);
  2. The right to restrict our processing of your personal information (where it is inaccurate, would be unlawful to process, or where it has not been deleted due to us needing it to meet a legal obligation); and
  3. Right to data portability (the right to receive your personal information in a readable format);
  4. The right to object to the processing of personal information.
  5. For a complete list of your rights may be viewed here: General Data Protection Regulation (GDPR) – Official Legal Text (gdpr-info.eu)

We also have certain obligation in relation to the management of a data breach, including:

  1. We must advise the relevant statutory authority of a data breach within 72 hours of becoming aware of the breach; and
  2. We must advise affected persons.

15. Does this Policy ever change?

From time to time, we may make changes to this Policy, with or without notice to you. We recommend that you visit our website to keep up to date with any changes.

This policy was last reviewed on November 12, 2023.

16. Contact us

Our Privacy Officer’s contact details are:

Email: [email protected]

Become a Member Today.

No referral needed - just peace of mind. Anyone can sign up and start Future Planning with Support Plus today! Because having a plan in place means feeling secure for whatever comes your way.

Become a Member
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram