Privacy Policy
Effective Date: 27 May 2025
Last Updated: 27 May 2025
Good Company Disability Services Pty Ltd (“we”, “our”, or “us”) is committed to protecting your personal information and ensuring your privacy is respected in accordance with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and the NDIS Practice Standards.
By providing us with your personal information—whether through our website, forms, email, or other communication—you consent to our collection, use, and disclosure of that information as described in this Privacy Policy.
1. What Information We Collect
We may collect the following types of personal and sensitive information:
a. Personal Details
Full name, date of birth, and gender
Contact details (email address, phone number)
Emergency contact information
b. Sensitive Information (with consent)
Health and medical history
Disability and support needs
Cultural background, language preferences
NDIS participant and plan details
c. Website and Technical Data
IP address, browser, and device type
Website interaction history
Cookies and analytics tracking data
2. How We Collect Information
We collect information through:
Website forms and registrations
Direct communication (email, phone, in person)
Service agreements, intake forms, and feedback tools
Use of cookies and analytics platforms
Photography, video, or audio recordings (with consent)
3. Why We Collect Information
We collect personal information to:
Provide and tailor NDIS support services
Communicate with clients, carers, and families
Comply with legal, funding, and reporting obligations
Improve our services, staff training, and quality assurance
Enhance user experience on our website
Promote our services (with explicit consent for media)
4. Use and Disclosure of Personal Information
We only use or disclose your personal information for the purposes it was collected or where otherwise permitted by law. This may include sharing information with:
Our staff and contractors involved in delivering services
Health professionals and allied service providers (with consent)
Government bodies including the NDIA and NDIS Commission
IT and CRM service providers under appropriate privacy agreements
Emergency services in the event of a medical emergency
We do not sell, rent, or trade your personal information.
5. Use of Images, Video and Recordings
We may request consent to capture and use photos, video, or audio recordings of participants for specific purposes. Before doing so, we will:
Explain how and where the media will be used
Seek your consent in writing or verbally
Respect your right to refuse or withdraw consent at any time
6. Website Cookies and Analytics
We use cookies and analytics tools to:
Monitor website traffic and user behaviour
Improve website content and navigation
Support digital marketing activities
You may opt out or disable cookies through your browser settings. Some features may be limited as a result.
7. Data Security
We safeguard personal information through:
Secure, encrypted cloud storage systems
Role-based access controls and password protection
Cybersecurity protocols and regular audits
Staff training in data privacy and breach response
8. Data Retention and Disposal
We retain personal information only as long as necessary for our business, regulatory, and legal obligations. Information no longer required is securely deleted or de-identified using industry best practices.
9. Staff Training and Responsibilities
All staff receive training on privacy, data handling, and confidentiality as part of their onboarding and through ongoing development. Only authorised staff may access personal information relevant to their roles.
10. Participant Rights and Choices
You have the right to:
Request access to your personal information
Ask for corrections to inaccurate details
Withdraw consent at any time
Lodge complaints about privacy handling
We will respond promptly to all enquiries in accordance with our obligations.
11. Data Breach Notification
In the event of a data breach that could result in serious harm, we will:
Act promptly to contain and assess the breach
Notify individuals affected and the OAIC (if required)
Implement measures to reduce future risks
12. Overseas Disclosure
Some of our third-party systems may be hosted overseas. We ensure these providers meet Australian privacy standards and that appropriate safeguards are in place before transferring any information.
13. Third-Party Websites
Links to third-party sites may appear on our website. We are not responsible for their content or privacy practices and recommend reviewing their privacy policies before sharing your information.
14. Use of Artificial Intelligence (AI)
Good Company Disability Services uses artificial intelligence tools, including ChatGPT by OpenAI, to assist with internal administrative tasks such as:
Drafting internal documentation
Improving service templates
Supporting team learning and compliance
We reassure you that:
No personal, health, or identifiable client data is input into AI systems
Only anonymised or generic content is used
Use is restricted to trained and authorised staff only
Access is protected through multi-factor authentication (2FA) and cybersecurity safeguards
Good Company uses ChatGPT Team (a business-grade AI solution), which ensures:
“All API data and Enterprise/Team user prompts and outputs are excluded from any training dataset.”
“OpenAI enforces this through contractual terms and technical measures under its business offerings.”
“As part of this plan, OpenAI does not use our business data (inputs or outputs) to train its models.”
This practice complies with the Privacy Act 1988 (Cth) and the NDIS Practice Standards on the date noted as effective date on this policy.
15. Making a Privacy Complaint
If you believe your privacy has been breached:
Contact us directly using the details below.
We will investigate and respond within a reasonable timeframe.
If unresolved, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.
16. Contact Us
For privacy-related enquiries or complaints:
Good Company Disability Services Pty Ltd
Email: [email protected]
Website: www.goodcompanyds.com.au
Phone (Perth Office): (08) 9334 6995
Phone (Melbourne Office): (03) 9069 7866
17. Updates to This Policy
We may review and update this Privacy Policy periodically. The most current version will always be available on our website, with the effective date clearly noted above.