Privacy Policy

1. Introduction

Hive Disability Services (“we,” “our,” or “us”) is committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services. This policy applies to all information collected through our website, mobile applications, and any related services.

2. Information We Collect

2.1 Personal Information

We may collect the following types of personal information:

• Contact information (name, email address, phone number, mailing address)
• NDIS participant details and plan information
• Health and disability-related information relevant to service provision
• Emergency contact information
• Financial information for billing and payment processing
• Communication records and service notes

2.2 Automatically Collected Information

When you visit our website, we may automatically collect:

• IP address and device information
• Browser type and version
• Pages visited and time spent on our website
• Referring website information
• Cookies and similar tracking technologies

3. How We Use Your Information

We use your personal information for the following purposes:

• Providing disability support services as outlined in your NDIS plan
• Communicating with you about our services and your care
• Processing payments and managing billing
• Complying with legal and regulatory requirements
• Improving our services and website functionality
• Ensuring the safety and security of participants and staff
• Conducting quality assurance and service evaluation

4. Information Sharing and Disclosure

We may share your information with:

• NDIS and government agencies as required by law
• Healthcare professionals involved in your care
• Authorized family members or guardians
• Service providers and contractors who assist in delivering our services
• Legal and financial advisors when necessary
• Emergency services in case of urgent situations

We will not sell, rent, or trade your personal information to third parties for marketing purposes without your explicit consent.

5. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance your browsing experience and analyze website usage. Cookies are small text files stored on your device that help us:

• Remember your preferences and settings
• Improve website performance and functionality
• Analyze website traffic and user behavior
• Provide personalized content and services

You can manage your cookie preferences through your browser settings. However, disabling cookies may affect the functionality of our website.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of sensitive data in transit and at rest
• Regular security assessments and updates
• Access controls and staff training
• Secure data storage and backup procedures

However, no method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

7. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, comply with legal obligations, resolve disputes, and enforce our agreements. Retention periods vary depending on the type of information and applicable legal requirements.

8. Your Rights

Under applicable privacy laws, you have the right to:

• Access your personal information
• Correct inaccurate or incomplete information
• Request deletion of your personal information
• Object to or restrict processing of your information
• Receive a copy of your personal information in a portable format
• Withdraw consent where processing is based on consent
• Lodge a complaint with the relevant privacy authority

To exercise these rights, please contact us using the information provided in the “Contact Us” section below.

9. Data Deletion Process

We are committed to respecting your right to request deletion of your personal information. This section outlines our data deletion process and your options for requesting removal of your data.

9.1 How to Request Data Deletion

To request deletion of your personal information, you can:

• Email us at privacy@hivedisability.com.au with “Data Deletion Request” in the subject line
• Call our Privacy Officer on [Contact Phone Number]
• Send a written request to our postal address listed in the “Contact Us” section
• Submit a request through our website's contact form (specify data deletion in your message)

9.2 Information Required for Your Request

To process your data deletion request efficiently and securely, please provide:

• Your full name and contact details
• Proof of identity (copy of driver's license, passport, or other government-issued ID)
• Specific details about the information you want deleted (if applicable)
• Your relationship to our services (current/former participant)
• NDIS participant number (if you are or were an NDIS participant)
• Preferred method for us to confirm completion of the deletion

9.3 Verification Process

For your security and privacy, we will verify your identity before processing any deletion request. This process typically takes 2-3 business days and may involve:

• Confirming your identity through documentation you provide
• Verifying your relationship to the data we hold
• Contacting you via phone or email to confirm the request

9.4 Processing Timeline

Once we verify your identity and process your request, we will:

• Acknowledge receipt of your request within 2 business days
• Complete the deletion process within 30 days
• Notify you in writing when the deletion has been completed
• Provide details of what information was deleted and any information that was retained (if applicable)

9.5 Limitations on Data Deletion

While we respect your right to data deletion, there are certain circumstances where we may need to retain some information:

• Legal obligations requiring us to retain records (e.g., NDIS compliance, taxation laws)
• Active legal proceedings or disputes where the information is relevant
• Legitimate business interests such as fraud prevention or debt recovery
• Safety concerns where deletion could pose risks to individuals
• Information required for insurance or liability purposes

We will clearly explain any limitations that apply to your specific request and provide details about what information, if any, cannot be deleted and why.

9.6 Third-Party Data

If your request involves data shared with third parties (such as NDIS, healthcare providers, or service partners), we will:

• Notify relevant third parties about your deletion request where feasible
• Request that they also delete your personal information
• Inform you about which third parties have been contacted
• Note that we cannot guarantee deletion by third parties, but we will make reasonable efforts

9.7 Backup and Archive Data

Personal information in our backup systems and archives will be deleted according to our standard backup cycle, typically within 90 days of the deletion request being processed. We will inform you of this timeline and confirm when backup deletion is complete.

9.8 Confirmation and Appeals

After processing your deletion request, we will provide you with:

• Written confirmation that the deletion has been completed
• Details of what information was deleted
• Explanation of any information that was retained and the legal basis for retention
• Information about your right to appeal our decision if you are unsatisfied

If you are not satisfied with how we handled your deletion request, you can lodge a complaint with the Office of the Australian Information Commissioner (OAIC) or contact our Privacy Officer for further discussion.

10. Children's Privacy

Our services may be provided to minors as part of NDIS support. When we collect personal information from children under 18, we do so with appropriate parental or guardian consent and in accordance with applicable privacy laws and NDIS requirements.

11. International Data Transfers

Your personal information may be transferred to and processed in countries other than Australia. When we transfer information internationally, we ensure appropriate safeguards are in place to protect your personal information in accordance with applicable privacy laws.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of significant changes by posting the updated policy on our website with a new “Last updated” date. We encourage you to review this policy periodically.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

You can also lodge a complaint with the Office of the Australian Information Commissioner (OAIC) if you believe we have not handled your personal information appropriately: