← Back to website

Privacy Policy

Last updated: November 13, 2025

1. Introduction

Everleaf Care ("we", "us", "our") is committed to protecting your privacy and handling your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our website or engage our services.

2. Information We Collect

2.1 Personal Information

We may collect the following types of personal information:

  • Contact details: Name, email address, phone number, address
  • NDIS information: NDIS participant number (if provided), plan management type
  • Service requirements: Information about support needs, goals, preferences
  • Communication records: Records of your enquiries, emails, and conversations
  • Technical information: IP address, browser type, device information, cookies

2.2 Sensitive Information

We may collect sensitive information (such as health information) only:

  • With your consent, or
  • Where required or authorized by law, or
  • Where necessary to provide services you have requested

Please avoid submitting unnecessary sensitive health details in the website enquiry form. We will collect detailed information during the onboarding process with appropriate safeguards.

3. How We Collect Information

We collect personal information directly from you when you:

  • Submit an enquiry through our website contact form
  • Email or phone us
  • Engage us to provide services
  • Complete client intake forms and assessments
  • Interact with our website (automatically via cookies and analytics)

We may also collect information from third parties such as your plan manager, support coordinator, or with your consent, your family members or guardians.

4. How We Use Your Information

We use your personal information for the following purposes:

  • Service delivery: To provide NDIS support services, assess your needs, and coordinate support
  • Communication: To respond to enquiries, send service updates, and maintain contact
  • Administration: To manage bookings, scheduling, invoicing, and record-keeping
  • Legal compliance: To comply with NDIS requirements, quality standards, and legal obligations
  • Improvement: To improve our services, website, and customer experience
  • Safety: To ensure the safety and wellbeing of participants and staff

5. Disclosure of Information

We may share your personal information with:

  • Service providers: Support workers, contractors, web hosting, email services, accounting services (all bound by confidentiality)
  • NDIS entities: NDIA, plan managers, support coordinators (as required for service delivery)
  • Legal/regulatory authorities: When required by law, court order, or to protect rights and safety
  • Your representatives: With your consent, to your family, guardian, or authorized representatives

We do not sell your personal information to third parties.

6. Data Security

We take reasonable steps to protect your personal information from:

  • Misuse, interference, and loss
  • Unauthorized access, modification, or disclosure

Our security measures include:

  • Secure web hosting with SSL/TLS encryption
  • Password-protected systems and access controls
  • Staff training on privacy and confidentiality
  • Regular security reviews and updates

Note: No method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

7. Data Retention

We retain your personal information for as long as:

  • Required to provide services to you
  • Required by law (e.g., NDIS record-keeping requirements: minimum 7 years)
  • Necessary for legal or operational purposes

After this period, we will securely destroy or de-identify your information.

8. Your Rights

Under the Privacy Act, you have the right to:

  • Access: Request access to your personal information we hold
  • Correction: Request correction of inaccurate or incomplete information
  • Complaints: Lodge a complaint about our handling of your personal information
  • Withdrawal of consent: Where we rely on your consent, you may withdraw it (subject to legal/contractual obligations)

To exercise these rights, contact us at: privacy@everleafcare.com.au

9. Cookies and Analytics

Our website may use:

  • Essential cookies: Required for website functionality
  • Analytics cookies: To understand how visitors use our website (anonymized data)

You can control cookies through your browser settings. Disabling cookies may affect website functionality.

10. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these websites. Please review their privacy policies.

11. Changes to This Policy

We may update this Privacy Policy from time to time. The updated version will be posted on this page with a revised "Last updated" date. Continued use of our website or services constitutes acceptance of the updated policy.

12. Complaints and Disputes

If you have a complaint about our handling of your personal information:

  1. Contact us at privacy@everleafcare.com.au
  2. We will investigate and respond within 30 days
  3. If you're not satisfied, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC):

13. Contact Us

Everleaf Care
Email: privacy@everleafcare.com.au
Phone: +61 2 5555 1234
Address: Canberra, ACT, Australia

This Privacy Policy is provided for information purposes. For questions or to exercise your privacy rights, please contact us.