2. Information We Collect
We collect personal information directly from you, or from authorised representatives such as carers, guardians, or plan managers.
Types of information we may collect include:
a) Personal Identification Information

• Full name, address, date of birth, and contact details (phone, email, mailing address).

b) NDIS & Service-Related Information

• NDIS participant number, plan details, goals, service preferences, and support coordination details.

• Information about health, wellbeing, and daily support needs (only where relevant to providing care).

c) Sensitive Information

• Health and medical information (with consent).

• Cultural background, language preferences, and accessibility requirements.

• Emergency contact details and next of kin.

d) Website & Technical Information

• IP address, device type, browser type, operating system.

• Pages viewed, time spent on site, and interaction with site elements.

• Anonymous analytics data collected via cookies or Google Analytics.

3. How We Collect Information
We may collect information through:

• Direct communication (phone, email, online forms, in-person meetings).

• Our website’s contact or enquiry forms.

• Service agreements or onboarding documents.

• NDIS portals or partner organisations (with consent).

• Cookies and analytics tools when you browse our website.

We only collect information that is reasonably necessary to provide our services and fulfil our obligations.
4. How We Use Your Information
Your personal information is used to:

1. Deliver and manage NDIS support services.

2. Match you with suitable support workers and plan services around your goals.

3. Communicate with you regarding appointments, updates, or service changes.

4. Comply with legal, regulatory, and reporting obligations.

5. Respond to feedback, complaints, or incident reports.

6. Improve our website, services, and participant experience.

7. Send newsletters or updates (only with your consent).

We will not use your personal information for purposes other than those listed above without your consent, unless required by law.
5. Disclosure of Personal Information
We may share information in the following limited circumstances:

• With your consent: when you authorise us to share information with family, carers, or other providers.

• With NDIS or government bodies: for compliance, audits, or reporting.

• With service partners: such as registered support workers, plan managers, or healthcare professionals involved in your care.

• As required by law: including subpoenas, court orders, or public health directives.

We do not sell, rent, or trade your information to any third party for marketing or profit.
6. Storage and Security of Information
We take all reasonable steps to protect personal data from misuse, loss, unauthorised access, alteration, or disclosure.
Measures include:

• Password-protected computers and secure cloud servers.

• Encrypted email communication where applicable.

• Physical file storage in locked cabinets accessible only to authorised staff.

• Regular staff training in privacy and confidentiality.

If a data breach occurs that may cause harm, we will follow the Notifiable Data Breaches (NDB) scheme and notify affected individuals and the OAIC as required.
7. Retention and Disposal of Information
Personal information is retained only as long as necessary for service delivery, legal compliance, or record-keeping requirements.
When no longer needed, data is securely destroyed or permanently anonymised.
8. Access and Correction
You have the right to:

• Request access to the personal information we hold about you.

• Request correction of inaccurate or outdated information.

Requests can be made by emailing [info@1upcare.com.au] or contacting us through our website. We may ask for identification to verify your request.
9. Cookies and Website Analytics
Our website may use cookies to improve functionality and track anonymous usage data. Cookies allow us to understand which pages visitors find most helpful.
You can disable cookies in your browser settings at any time. Some features of the site may not function properly if cookies are disabled.
We also use Google Analytics to collect anonymous data such as page views and session duration to help us improve content and usability.
10. Direct Marketing
We may occasionally send information about our services, community events, or updates if you’ve opted in.
You can unsubscribe at any time by following the link in the email or contacting us directly.
We comply with the Spam Act 2003 (Cth) for all electronic communications.
11. Third-Party Links
Our website may contain links to external websites or social media pages.
1Up Care is not responsible for the privacy practices or content of those sites.
We encourage users to read the privacy policies of any linked websites.
12. Children’s Privacy
We do not knowingly collect information from individuals under 18 without parental or guardian consent.
Where participants are minors, personal information is collected only with the authorisation of a parent, carer, or legal guardian.
13. International Data Transfers
All personal data is stored on servers located within Australia where possible.
If information is stored or processed overseas (for example, via secure cloud services), we ensure that the provider complies with Australian privacy standards.
14. Complaints and Concerns
If you believe your privacy has been breached, please contact us immediately.
How to contact us:
📧 info@1upcare.com.au
📍 Melbourne, VIC 3000
We will respond to your complaint within 30 days.
If you are unsatisfied with our response, you may contact:
Office of the Australian Information Commissioner (OAIC)
📞 1300 363 992
🌐 www.oaic.gov.au
15. Updates to This Policy
We may update this Privacy Policy periodically to reflect changes in law, our operations, or technology.
All updates will be posted on this webpage with a new “Last Updated” date.