Privacy policy

This is the privacy policy of Bright Light Disability Services ( 69 543 232 726), referred to as ‘we’, ‘us’ or ‘our’ and you as a "customer or visitor to this website is referred to as 'you' or 'your'. Customers, candidates, business contacts and other individuals with whom we deal with may provide us with personal information (defined below). The purpose of this privacy policy is to provide information about how we deal with and manage personal information based on the requirements of the Privacy Act 1988 (found here - Privacy Act) and exist in respect of our dealings with “personal information” of “individuals”.

This policy also ensures that we comply with the Convention on the Rights of Persons With Disabilities – Article 22 – Respect For Privacy, and, insofar as they relate to privacy, the National Standards for Disability Services.

Personal information is defined in the Privacy Act as:

Information or an opinion about an identified individual, or an individual who is reasonably identifiable: (a) whether the information or opinion is true or not; and (b) whether the information or opinion is recorded in a material form or not.

Why do we collect personal information?

When it is legitimately necessary for our operations, activities, and the services we offer, we collect personal information. The following are some typical instances of the personal information that we may gather: a person's name, contact information, and information on the services they have received from us.

providing disability services to affected individuals including services relating to:
- In-home support
- personal care
- community and social activities
providing support and correspondence in relation to the National Disability Insurance Scheme (NDIS)
marketing our services;
undertaking research to improve our services;
obtaining goods and services from other businesses;
employing staff; and
complying with legal and regulatory obligations.
the use or disclosure is required or authorised under a particular law or a court or tribunal order;
a permitted general or health situation exists as defined in the Privacy Act; or
we reasonably believe that the use or disclosure of the personal information is reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body.

The Privacy Act recognises certain types of personal information as sensitive information. Examples of sensitive information about an individual include information about the individual’s:

health;
racial or ethnic origin;
political opinions;
membership of a political association, professional or trade association or trade union;
religious beliefs or affiliations;
philosophical beliefs;
sexual orientation or practices; and
criminal record.

It is in the nature of the services we provide that we may collect sensitive information from our clients and other individuals with whom we deal. Any sensitive information which we do collect will either be collected with the consent of the relevant individual or as permitted by law.

We receive personal information in different ways and through a number of different media including:

via online sources (including email and other electronic communication channels, Facebook, Instagram, Twitter and other social media and technology platforms);
by telephone;
through face to face communications; and
by hard copy correspondence and documentation.

We maintain a variety of records, some of which contain personal data. These comprise both hard copy files and electronically stored records on private, secure internal databases. We take reasonable precautions to guard the personal information we have against loss, theft, alteration, misuse, and unauthorised access.

Your personal information might be disclosed to third parties, including our service providers (such as IT services, cloud storage services, insurers, financial institutions, and mailing houses), member organisations, other business partners, our professional advisers (such as attorneys, accountants, and auditors), as well as governmental, regulatory, and law enforcement agencies.

We utilise the personal data we gather for a range of activities connected to the services we offer. Only where permitted by the legislation in your specific jurisdiction do we store and process personal data.

Information transmission over the internet is not completely secure. Although we implemented the above-mentioned security measures to protect your personal information, we cannot guarantee the security of information transmitted to our Site, and any transmission is at your own risk.

We will respond quickly if we discover or are informed of a security breach in which your personal information has been lost, stolen, accessed, used, disclosed, copied, modified, or disposed of by unauthorised persons or methods.

Retention of your personal information

Our business records must be kept for up to 7 years by law, and some of that data may contain personal information. The point at which that responsibility ceases to apply to a given piece of information is determined by a number of variables, including the time the record was produced and/or last updated. Your personal information will only be kept by us for as long as it's required for the purposes outlined in this policy or as long as it's required by law, whichever is longer.

How can you access personal information relating to you that we hold?

If you'd like access to your personal information held by us, please get in touch with our administrative officer (email details in contact). Where we are obligated to by law, we shall grant access. We have the right not to grant access in other circumstances. Additionally, we reserve the right to charge you for the reasonable costs associated with giving you access to the personal data we hold on you.