Provider Choice Privacy Policy

Australian Ability Enterprises Pty Ltd t/a Provider Choice (ABN 14 629 635 552) (Provider Choice, we, us or our) is committed to protecting your privacy. We understand the importance of being open and transparent with you in the way in which we collect, hold, store, use and share your personal information. We take protecting your privacy very seriously.

This policy explains how we collect, use and protect your personal information. It applies to all personal information we handle, whether we collect it through our website, in person, or through other means. We strongly encourage you to read this document, so that you understand and are comfortable with how we handle your personal information.

Quick overview

• We collect information you provide to us and information we gather when we interact with you
• We use this information to provide our services and improve your experience
• We protect your information using secure systems and processes
• You have rights regarding your personal information, including access and correction rights

About us

Provider Choice is a part of the T-Shirt Ventures Group, which also includes Australian Ability Enterprises Pty Ltd ABN 14 629 635 552 operating as T-Shirt Ventures, Provider Choice Plan Management Pty Ltd (ACN 627 164 194), HeyHubble Pty Ltd ABN 42 641 312 594, T-shirt Services Pty Ltd ABN 63 642 149 424 and Provider Choice Shop Pty Ltd ABN 22 678 898 265 trading as Fam Shop.

Information we collect

We may collect your personal information and, where relevant, the personal information of your dependent (meaning any person (child or adult) for whom you are the legal representative or guardian).

Identity and contact details

• Name, address, pronouns, email address, physical address and phone number
• Date of birth
• Professional details
• National Disability Insurance Scheme (NDIS) plan details and reference number

Service related information

• Payment and transaction details for products and services you've purchased from us or enquiries about our products and services, including bank account details or credit card information
• Your preferences for our services and your marketing preferences, including how you prefer to be communicated with
• Feedback and survey responses

Digital information

• IP address and general location information derived from your IP address
• Search and browsing behaviour
• Website usage patterns
• Cookie preferences

Recordings

• Call recordings (including recordings of your voice), where you have provided us with consent
• Records of meetings and decisions

Professional information (for job applicants and workers)

• Employment history
• Professional experience
• Required authorisations and licences, including screening checks
• Professional registrations
• Information about your right to work in the relevant jurisdiction
• Footage or recordings of you from our CCTV cameras at our premises, if you attend it

Sensitive Information

We handle sensitive information with extra care and protection, and we only collect this information with your consent or when legally permitted. This includes:

Health information

• Treatment reports
• Support plans and assessments (to coordinate care with your healthcare and NDIS providers and support team)
• Disability information including support needs
• Any relevant NDIS plan, including your budget, and start and end dates of your plan

Cultural and background information

• Racial or ethnic origin (to provide culturally appropriate services)
• Religious beliefs (when relevant)
• Criminal record checks (if we need to verify your background before hiring you)
• Professional memberships (to assess the suitability for employment)

How we collect personal information

• Directly from you when you: when you interact with us (such as making an account on our platform), contact us (via email, SMS, phone or social media), fill out forms, invest in our business or enquire as a potential purchaser, or apply for a position with us.
• Automatically when you: visit our website, use our technologies or tools, interact with our online services.
• From third parties: service providers, business partners, public sources, government organisations and organisations or people authorised by you.
• From publicly available sources: such as ASIC and other regulatory bodies and professional networking sites such as LinkedIn.
• From other members of the T-Shirt Ventures Group
• From third parties (NDIA related): such as the National Disability Insurance Agency (NDIA) and any other third party authorised by you such as your legal representative, support coordinator and your plan manager (if it is not us).

If you are sharing someone else’s information

Before you give us someone else's personal information (like if you're their plan nominee, support coordinator, emergency contact, or job referee), you need to get their permission first, tell them about this Privacy Policy and give them a chance to read it, if they would like to. We might ask you to prove you have their permission.

If you want to give us information about someone under 18, you must be their parent or legal guardian. You need to give permission for us to collect, use and share their information as explained in this Privacy Policy.

Why we collect, hold, use and disclose personal information

We collect and use your personal information to run our business and provide our services as set out below.

Business operations

• To manage our relationship with you as a customer or supplier
• To process and deliver our products and services
• To provide you with information about our products, tools and services
• To handle your inquiries, support requests, and communications
• To maintain accurate records for billing and administration
• To verify your identity when required or permitted by law

Communication and support

• To respond to your questions and support requests
• To communicate important updates about our services
• To handle inquiries made through our website or platforms
• To manage your participation in surveys, feedback sessions, or events

Service improvement

• To conduct analytics and market research
• To improve our business operations and services
• To create anonymous data by removing identifying information and combining it with other data to understand trends and improve our services
• To develop and enhance our applications and platforms
• To understand how our services are used

Marketing and promotions

• To send you promotional information about our services and events
• To inform you about products or services that may interest you
• To provide you with educational content that may interest or help you
• To manage your marketing preferences
• To run competitions, promotions, and special offers
• To provide additional benefits to our customers

Employment purposes

• To assess employment applications
• To evaluate candidate qualifications
• To manage professional certifications and licences
• To maintain employment records

Legal and compliance

• To comply with our legal obligations
• To ensure we have records of your consent
• To respond to court orders or legal processes
• To maintain required business records
• To fulfill regulatory requirements or reporting obligations
• To protect our legal rights and interests or as authorised by law

Our disclosures of personal information to third parties

We may disclose personal information to:

Service providers

• IT service providers
• Data storage providers
• Web hosting and server providers
• Payment processors
• Marketing and advertising providers
• Analytics providers

Professional advisers

• Bankers
• Auditors
• Insurers and insurance brokers
• Legal advisers
• The NDIA

Your Service Providers

• Providers who provide you with services, such as your support coordinator, your plan manager (if it is not us) and other health care professionals or persons/entities as necessary to provide our services
• You understand that any information you share with your service providers or that we share with your service providers will be handled in accordance with the privacy practices of those service providers.
• We encourage you to read your service provider’s privacy policy and discuss your communication preferences or privacy concerns with them directly.

Business partners

• Our existing or potential agents
• Our business partners or contractors

T-Shirt Ventures Group

• Other members of the T-Shirt Ventures Group
• Other members of the T-Shirt Ventures Group may have their own privacy policy which governs the way you interact with them. They will contact you and manage your personal information in accordance with their own privacy policy, not this Provider Choice Privacy Policy

Corporate transactions

If we merge with or are acquired by another company, or sell our business assets:

• Your information may be disclosed to our advisers
• Your information may be disclosed to the potential purchaser's advisers
• Your information may be included in the transferred assets

Legal and regulatory bodies

• Courts and tribunals
• Regulatory authorities including as required for reporting obligations
• Law enforcement officers

Other parties

• Third parties you have authorised or nominated
• Emergency services when necessary
• Any other parties as required or permitted by law

Overseas disclosure

Storage and access

We store your personal information in Australia. However, your information may be accessed from or transferred to locations outside Australia (such as New Zealand and the Philippines) in these circumstances:

• When our service providers are located overseas
• When we work with overseas business partners
• When using cloud-based services or data storage solutions

Our approach to overseas disclosure

Before disclosing your personal information overseas, we take reasonable steps to ensure that the recipient treats your information in accordance with applicable law by only sending what is necessary, requiring recipients to protect your information through contractual agreements which require the recipient to comply with the privacy standards in applicable law or through other mechanisms that provide comparable safeguards and by monitoring how recipients handle your information.

Your privacy rights and choices

Providing information

You can choose whether to provide personal information to us, however, if you don't provide certain information, we may not be able to provide some services. Let us know if you don’t want to provide information and we will let you know when information is required versus optional.

Can you use a different name or no name?

Most of the time, we need your real name to provide our services to you. However, sometimes you can choose not to give us your name or use a different name when it's practical and lawful to do so - for example, if you're just making a general enquiry through our website or by phone.

Access to your information

You can request access to the personal information we hold about you and we will respond to your request within a reasonable time. We may charge a reasonable administrative fee for providing access and if we cannot provide access, we will explain why and explore alternative ways to share relevant information.

Correction rights

You can ask us to correct any information that is inaccurate, out of date, incomplete, irrelevant or misleading and we will take reasonable steps to correct your information promptly. If we cannot make the correction, we will explain why and discuss alternatives. You can ask us to add a statement to your information noting your requested correction.

Marketing communications

We will only send marketing communications in accordance with applicable privacy and marketing laws, and only where you have not opted out from receiving such communications from us.

If you have indicated a preference for a method of communication, we will endeavour to use that method wherever practicable.

You can opt-out of receiving marketing communications at any time. Each marketing communication will include an unsubscribe option. You can change your marketing preferences by contacting us. We will process your request as soon as practicable.

Please note that if you are a customer of multiple T-Shirt Ventures Group products and services (for example you receive services from Provider Choice, and also from Provider Choice Shop or HeyHubble), even if you opt-out from receiving direct marketing communications from Provider Choice, this will not mean you are opted out from receiving direct marketing communications from HeyHubble or Provider Choice Shop, and they may communicate with you in a way that is different from other members of the T-Shirt Ventures Group. Your interactions with other T-Shirt ventures Group members will also be governed by their separate privacy policies.

Regardless of whether you opt-out from receiving any or all direct marketing communications, we will still communicate with you if we are required by law to provide you with information, or in relation to the services or products we are providing you with (for example, in relation to the management of your NDIS plan).

Links to other websites

Our website and emails may include links to other websites for your convenience. We're not responsible for how those websites handle your information, so we recommend checking their privacy policies before sharing any personal information with them.

How to contact us about your rights or to make a complaint and what happens next

Step 1: Contact our privacy officer

• Email: planmanagement@providerchoice.com.au
• Phone: 1300 776 246
• Post: Level 8/418A Elizabeth St, Surry Hills, NSW

What to include:

Your full name, contact details, clear details about your request or complaint, and any relevant dates or reference numbers.

Step 2: Our response

We will:

• Verify your identity before processing your request
• Investigate thoroughly (for complaints) or process your request (for rights)
• Respond to you in writing within reasonable timeframes and as required by law
• Explain what actions we will take and keep you updated on progress
• Not charge you for making a request (except for reasonable access fees if applicable)
• Help you understand and exercise your rights

Step 3: If you're not satisfied (complaints only)

If you're not satisfied with our response to your complaint, you can:

• Ask for a review by our senior management, or
• Contact external bodies:
• Australian residents: Office of the Australian Information Commissioner (Phone: 1300 363 992, Website: www.oaic.gov.au)

This is the same process whether you want to access your information, correct mistakes, change marketing preferences, or make a complaint about our privacy practices.

Protecting your information

We use multiple layers of security to protect your information.

Technical safeguards

• Enterprise-grade encryption for data storage and transmission
• Regular security testing and monitoring
• Automated threat detection systems

Operational security

• Staff training on security and privacy
• Strict access controls based on job requirements
• Regular security audits and incident response procedures testing

Physical security

• Secure premises with controlled access
• Secure disposal of physical documents
• Equipment security protocols

Public information

Please note that any information you choose to share publicly on online platforms (such as comments or reviews) can be accessed and used by others. We cannot control or protect information that you make publicly available.

How long we keep your information

We keep your personal information only as long as we need it for the purposes we collected it, or as required by law. When we no longer need it, we securely destroy or de-identify it.

Cookies and Analytics

What We Use

We use cookies, tracking pixels, and similar technologies on our website and in our emails to improve your experience and our services.

Cookies

• Small text files stored on your device
• Help remember your preferences
• Enable certain website functions
• Make your interactions with our website more efficient

Tracking Pixels

• Tiny, invisible images in web pages and emails
• Help us understand how you interact with our content
• Allow us to measure email engagement
• Enable more relevant content delivery

How we use these technologies

Essential Functions

• Remember your login status
• Maintain your session security
• Store your preferences
• Enable core website features

Analytics and Performance

• Understand how our website is used
• Measure page views and traffic
• Analyse user navigation patterns
• Identify areas for improvement

Personalisation

• Remember your preferences
• Tailor content to your interests
• Improve your browsing experience
• Provide relevant recommendations

Your control

You can manage these technologies by:

• Adjusting your browser settings to block or delete cookies
• Using privacy-focused browser extensions
• Configuring your email client to block images
• Using our cookie preference settings

Note: Blocking all cookies may affect website functionality and your user experience.

Google Analytics

We use Google Analytics to understand how people use our website. This involves cookies that collect information about your browsing activity. You can opt out of Google's advertising features through your Google account settings, browser add-ons, or your device's privacy settings. Google provides various tools and options to control how your data is used for advertising purposes. You can learn more about how Google uses your data and your available options on Google's privacy pages.

Meta advertising tools

We use Meta's advertising tools (such as Meta Pixel) to understand how our ads perform and to show you more relevant advertisements on Meta platforms like Facebook and Instagram when you visit our website or app. You can manage whether we connect information from our website with your Meta account for advertising purposes by adjusting your settings within your Meta account preferences.

When you sign in with another account (like Facebook or Google)

What we collect

When you use single sign-on to connect with us, we'll receive personal information from that provider based on your privacy settings with them. This may include your name, username, profile picture, and other details you've chosen to share.

How we use it

We use this information to create your profile on our platform and give you access to our services.

Your rights

If you connected through Facebook, you can ask us to delete the personal information we received from Facebook. To do this, email us at our email below and tell us what information you'd like deleted. If we can't delete certain information, we'll explain why.

Use of location services data

We collect your precise or approximate location via our mobile application for the following purposes:

• To provide you with accurate and relevant recommendations
• For security and safety
• To prevent and detect fraud
• As permitted by law

We collect this information when you work with us. If you do not want us to use your location for the purposes above, you should turn off the location services in your account settings or in your mobile phone settings. If you do not provide geolocation data to us, it may affect our ability to work with you as a customer or supplier of our business.

Artificial Intelligence (AI) Technologies

Overview

We use artificial intelligence and machine learning technologies in our business operations and services, including AI tools provided by third parties. We only use these technologies when legally permitted and necessary for our business.

How we use AI

We may use AI technologies to:

• Conduct analysis and data processing
• Generate and modify content and coding
• Improve and optimise our services and operations
• Automate routine tasks and communications
• Assist with customer support and queries

Data protection and security

When we work with third-party AI providers, we ensure they handle your personal information in accordance with privacy laws through contractual requirements and appropriate safeguards.

Your rights and our commitments

Any information generated or inferred about you by AI technologies is treated as personal information, and you maintain all the rights outlined in this privacy policy. When using AI with your personal information, we commit to:

Transparency and control

• We'll inform you when AI is used to make decisions that may significantly affect you
• We maintain human oversight and review of significant AI-generated decisions
• Our staff are trained to understand AI limitations and verify outputs before relying on them
• We implement processes to verify the accuracy of AI-generated outputs

Security

• We use appropriate technical and organisational measures to maintain the security and integrity of your personal information
• We regularly test and monitor AI outputs for accuracy and reliability

Risk mitigation

• We regularly assess and document risks associated with using AI to process personal information
• We implement appropriate measures to address these risks
• We continuously monitor AI performance and regularly review their impact

Amendments

We may update this policy at any time by posting the revised version on our website. We recommend that you review our website regularly to stay current with any policy changes.