Sally Smith – Positive Behaviour Support

Privacy Policy

Last updated: 26 June 2026

Introduction

Sally Smith Positive Behaviour Support ("I", "my", or "the service") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how I collect, use, disclose, and safeguard your information when you use my services or visit my website.

Information I Collect

I may collect the following types of personal information:

  • Contact Information: Name, email address, phone number, postal address
  • NDIS Information: NDIS participant number, plan details, funding information
  • Health Information: Disability-related information, support needs, medical reports (with consent)
  • Service Information: Records of services provided, goals, progress notes, assessments
  • Emergency Contact Information: Details of nominated support persons or emergency contacts
  • Website Usage Data: IP address, browser type, pages visited, time spent on pages

How I Use Your Information

I use your personal information for the following purposes:

  • To provide Positive Behaviour Support services funded under your NDIS plan
  • To communicate with you about services, appointments, and behaviour support plan reviews
  • To collaborate with people in your support network involved in your care (with consent)
  • To comply with NDIS reporting and regulatory requirements
  • To process invoices and manage billing through the NDIS portal
  • To improve my services and website functionality
  • To respond to enquiries submitted through my website

Information Sharing and Disclosure

I may share your personal information with:

  • Service Providers: Other disability service providers involved in your care (only with your explicit consent)
  • NDIS: The National Disability Insurance Agency as required for plan management and compliance
  • Healthcare Professionals: Medical practitioners, therapists, and specialists (with consent)
  • Legal Authorities: When required by law, court order, or to protect safety
  • Professional Advisors: Accountants, lawyers, or auditors for business operations

I will not sell, rent, or trade your personal information to third parties.

Data Security

I take reasonable steps to protect your personal information from misuse, interference, loss, unauthorized access, modification, or disclosure. This includes:

  • Storing physical records in secure, locked filing systems
  • Using password-protected and encrypted digital systems
  • Restricting access to personal information to authorized personnel only
  • Regularly reviewing and updating security measures
  • Secure disposal of information when no longer needed

Data Retention

I retain your personal information for as long as necessary to provide services and comply with legal obligations. NDIS-related records are retained for 7 years after the last service provision, in accordance with NDIS Practice Standards and Australian legal requirements. After this period, records are securely destroyed.

Your Rights

Under the Australian Privacy Act 1988, you have the right to:

  • Access: Request access to your personal information held by me
  • Correction: Request corrections to inaccurate or incomplete information
  • Complaint: Lodge a complaint about how your information is handled
  • Consent Withdrawal: Withdraw consent for information sharing (subject to legal requirements)

To exercise these rights, please contact me using the details below.

Cookies and Website Analytics

This website uses privacy-friendly analytics provided by Vercel Analytics to understand general site usage (such as page views). This helps me improve the website. Analytics data is aggregated and does not identify you personally. You can control cookies through your browser preferences. Disabling cookies may affect some website functionality.

Third-Party Services

My website uses third-party services to operate securely, including Resend (email delivery for contact, referral, and service agreement forms) and Vercel Blob (secure storage for referral file uploads and signed service agreements). These providers process data only as needed to deliver these services. My website may also contain links to third-party websites. I am not responsible for the privacy practices of external sites.

Changes to This Policy

I may update this Privacy Policy from time to time to reflect changes in my practices or legal requirements. The updated policy will be posted on this page with a revised "Last updated" date. Continued use of my services after changes constitutes acceptance of the updated policy.

Complaints and Contact

If you have questions, concerns, or complaints about how I handle your personal information, please contact me:

Sally Smith Positive Behaviour Support
Email: hello@sallysupport.com.au
Phone: 0422 530 810
Address: Murray Bridge, South Australia

I will investigate all complaints and respond within a reasonable timeframe. If you are not satisfied with my response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

NDIS Practice Standards Compliance

As a registered NDIS provider, I comply with the NDIS Practice Standards and the NDIS Code of Conduct, which include requirements for privacy, confidentiality, and secure information management. I am committed to upholding the rights and dignity of all participants.