The below policy applies to all divisions of Afea Pty Ltd.
The privacy of your personal information is very important to us.
1. PROTECTING YOUR PRIVACY
Afea Pty Ltd (ABN 93 118 260 156) and its related bodies corporate (together Afea, we, us or our) is committed to protecting your privacy and the privacy of any personal information provided to us. We comply with the Australian Privacy Principles set out in the Privacy Act 1988 (Cth) (Privacy Act)
2. WHAT PERSONAL INFORMATION DO WE COLLECT AND WHY DO WE NEED IT?
Afea may collect personal and sensitive information (including health information) from you in order to provide you with appropriate services and for marketing purposes. We will only collect your health information with your prior consent. The information that we collect about you or the person you care for, may include, but is not limited to, identity and contact details, gender, culture, financial information, your National Disability Insurance Scheme (NDIS) plan details, My Aged Care record including Home Care Package and health details.
When you contact Afea, the information that you provide will be collected and held for the following purposes:
- to provide you with our services and products, including access to our portals;
- updating our records and keeping your details up to date;
- managing our ongoing relationship with you, including any communications with you;
- communicating with you by phone or by email to distribute our publications, promotional materials, raise awareness about our services and respond to queries and complaints;
- administrative, product or service development, and research purposes for Afea, our related bodies corporate, contractors, or authorised third-party service providers;
- to ascertain that our services meet the quality indicators or practice standards of the NDIS Quality and Safeguards Commission and Aged Care Quality and Safety Commission – your personal information will not be passed on;
- reporting to government and other funding bodies on the services they fund (e.g. National Disability Insurance Scheme and My Aged Care through Home Care Package). Reports generally cover demographic and service use information only – your personal information will not be passed on, unless required by the NDIS and My Aged Care through Home Care Package; and
- to comply with applicable laws.
We may also send you marketing material (with your prior consent). If you wish to opt out of receiving marketing material from Afea, please follow the unsubscribe link where applicable, or call
us on 1300 65 11 33. Visitors of our website will not be ‘spammed’ or have their information shared with third parties.
3. HOW DO WE COLLECT YOUR PERSONAL INFORMATION?
Information is primarily collected directly from you or your authorised representative. It might also be collected on occasion by our contractors or from service providers, and it could be in writing, by telephone and by other electronic communication channels.
We may also need to obtain your personal information from others, with your consent, to ensure that we are fully informed for the provision of appropriate services or as part of a referral scheme.
4. WHO WILL SEE OR HAVE ACCESS TO YOUR PERSONAL INFORMATION?
Unless we are required to provide your personal information to others by law, by court order or to administer or investigate an incident or a claim, your information may be disclosed to:
- comply with applicable laws.
- our staff, employees or our related bodies corporate;
- our authorised third-party service providers and contractors;
- your authorised representative (including next of kin or family members);
- your doctor or medical health provider;
- government agencies, including the National Disability Insurance Agency and My Aged Care; and
- any other persons as authorised by you.
Information disclosed to program funding bodies for the purposes of reporting is de-identified. Information disclosed to third-party service providers and contractors for the purposes of referral only occurs with prior consent. Third-party contractors are predominantly in Australia, however may be based overseas, such as the United States of America. Apart from these circumstances, we are unlikely to disclose any personal information to overseas recipients.
We may also disclose aggregated and statistical information to our business partners or clients. This information is not specific to an identifiable individual.
5. SECURITY OF INFORMATION
Our information systems and files are kept secure from unauthorised access and our staff and contracted agents and service providers have been informed of the importance we place on protecting your privacy and their role in helping us to do so. Information will be stored and disposed of in a secure environment, which may only be accessed by authorised personnel.
6. WHAT IF I WANT TO CHECK WHAT PERSONAL INFORMATION YOU HOLD ABOUT ME?
You are entitled to view what personal information we hold about you. This will be the case unless there is a relevant exception under the Privacy Act that applies. If you wish to access this personal information, please call us on 1300 65 11 33.
7. CAN I CORRECT THE INFORMATION?
If you believe there are errors in our records about you, please let us know and we will investigate and correct any inaccuracies.
8. CROSS BORDER DISCLOSURE OF INFORMATION
In order for us to provide our services to you, we may store your information on servers that are not in Australia. Afea will take reasonable practicable steps to ensure contracted data storage providers protect the security of our data in accordance with the Privacy Act.
9. HOW DO WE MANAGE SUSPECTED OR ACTUAL BREACH OF PERSONAL INFORMATION?
A data breach is an unauthorised access to or an unauthorised disclosure of personal information, or a loss of personal information, that Afea holds.
These are the steps that we follow once a data breach is suspected or known:
- Contain a suspected or known breach where possible. This means taking immediate steps to limit any further access or distribution of the affected personal information, or the possible compromise of other information.
- Assess – Afea will need to consider whether the data breach is likely to result in serious harm to any of the individuals whose information was involved. If Afea has reasonable grounds to believe that this is the case, then we are required and we will notify the Office of Australian Information Commissioner (Privacy Commissioner). If we have grounds to suspect that this is the case, then we will conduct an assessment process.
The assessment will include a 3-step process:
- Initiate: the assigned personnel will plan an assessment
- Investigate: the assigned personnel will gather relevant information about the incident to determine what has occurred.
- Evaluate: the assigned personnel will make an evidence-based decision about whether serious harm is likely to occur.
- If serious harm is likely to happen, Afea will prepare a statement for the Commissioner. Afea will also notify the affected individuals and inform them of the contents of the statement.
- If serious harm is unlikely to happen, Afea will Review the incident and act to prevent future breaches.
10. WEBSITE TRACKING
Afea utilises external providers (such as Google Analytics) to track visits to our website. This information is collected anonymously to gauge website trends without identifying individual visitors.
We use this information to track the effectiveness of our website. Types of data collected include visits, viewed pages and the technical capabilities of our visitors. These statistics will not identify you as an individual.
11. EXTERNAL WEBSITES
13. DIRECT MARKETING
Apart from notifying you of our service offerings, we do not, without your consent, sell, rent, license or otherwise disclose your information to any party not contracted to us for the purposes of direct marketing. An “opt-out” mechanism is provided to enable you to stop receiving any direct marketing material from Afea.
14. FURTHER INFORMATION
If you would like further information, or if you have any complaints or concerns over the protection of the information you have given to us, or that we have collected from others, please contact us directly at:
Telephone: 1300 65 11 33