First Point Planning Pty Ltd trading as PlanM Support, ABN 97649028982 (referred to as PlanM) is committed to managing personal information in accordance with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth) (Privacy Act) and in accordance with other applicable privacy laws.
This document sets out our policies for managing your personal information and is referred to as our Privacy Policy.
In this Privacy Policy, “we” and “us” refers to PlanM and “you” refers to any individual about whom we collect personal information.
About PlanM
PlanM is a Registered NDIS Provider and is a wholly owned subsidiary of Mable Holdings Pty Ltd. It delivers plan management services to NDIS Participants.
What information does PlanM collect about you?
Customer and prospective customers
When you enquire about our services or when you become a client of PlanM, a record is made which includes your personal information.
The type of personal information (Personal Information) that we collect will vary depending on the circumstances of collection and the kind of service that you request from us, but could include:
- your name, e-mail, physical address, postal address, phone number and other contact details;
- Information about preferred modes of communication;
- personal details such as your date of birth, country of birth, family and emergency contacts, religion, ethnicity and languages spoken, care services needed, care plan details, health conditions, activities, and interests;
- information which verifies your identity such as medicare number, pension number, passport details or driver’s licence;
- financial information, living circumstances, and pension details;
- information relating to bank accounts if you choose “reimbursements” as a payment option for PlanM services;
- any information about your interactions with PlanM or PlanM services, platforms or websites including engagement with others whilst using PlanM platforms (e.g. feedback, “likes”, comments, choices, preferences, messages, survey responses, audio recordings);
- any additional personal information you provide to us, or authorise us to collect, as part of your interaction with PlanM; and
- NDIS details, including government identifiers such as your NDIS number if applicable.
Third party providers / support providers
We collect personal information relevant to the services you provide our clients. This may include:
- your name, e-mail, physical address, postal address and other contact details;
- information which verifies your identity such as passport details or driver’s licence and which verifies the credentials required for the services. This may include personal and professional references, your criminal history, your work experience and details of relevant qualifications or certifications;
- information about your employer or an organisation who you represent;
- personal details such as your date of birth, family and emergency contacts, religion, ethnicity and languages spoken, care services needed, care plan details, health conditions, activities, and interests;
- financial information, including bank details; and
- any additional personal information you provide to us, or authorise us to collect, as part of your interaction with PlanM.
Prospective employees/applicants
We collect personal information when recruiting personnel, such as your name, contact details, qualifications and work history. Generally, we will collect this information directly from you.We may also collect personal information from third parties in ways which you would expect (for example, from recruitment agencies or referees you have nominated). Before offering you a position, we may collect additional details such as your tax file number and superannuation information and other information necessary to conduct background checks to determine your suitability for certain positions (for example, positions which involve working with children and with NDIS participants).
Other individuals
PlanM may collect personal information about other individuals who are not customers of PlanM. This includes customers and members of the public who participate in events we are involved with; individual service providers and contractors to PlanM; and other individuals who interact with PlanM on a commercial basis. The kinds of personal information we collect will depend on the capacity in which you are dealing with PlanM. Generally, it would include your name, contact details, and information regarding our interactions and transactions with you.
If you are participating in an event we are managing or delivering, we may take images or audio-visual recordings which identify you.
Sensitive Information
Due to the nature of our services, PlanM may collect information which is considered sensitive information. This may include collecting health information about your conditions and care requirements.
You can always decline to give PlanM any personal information or sensitive information we request, but that may mean we cannot provide you with some or all of the services you have requested. If you have any concerns about personal information we have requested, please let us know.
Visitors to our websites
The way in which we handle the personal information of visitors to our websites is discussed below in the section “How does PlanM interact with you via the internet?”.
Unsolicited Information
Where we collect unsolicited information (being information provided to us without us having sought the information), we will only hold, use and disclose that information if we could otherwise do so had we collected it by the means described above. If that unsolicited information could not have been collected by the means described above, then we will destroy, permanently delete or de-identify the information as appropriate.
How and why does PlanM collect and use your personal information?
PlanM collects personal information reasonably necessary to carry out our business, as an NDIS Provider, that delivers plan management services to NDIS participants.
We may also collect information to fulfil administrative functions associated with these services, for example billing, entering into contracts with you and/or third parties and managing client relationships.
The purposes for which PlanM usually collects and uses personal information depends on the nature of your interaction with us, but may include:
- to facilitate the creation of, and secure, your account on our system;
to send you a welcome e-mail and to verify ownership of the e-mail address provided when your account was created; - to identify you as a user in our system;
- to prompt you to set up your profile after you have created your account (if you do not do so at the same time as creating your account);
- responding to requests for information and other general inquiries;
- managing, planning, advertising and administering services;
- researching, developing and expanding our facilities and services;
- informing you of our activities, facilities and services;
- recruitment processes (including for volunteers, internships and work experience); and
- responding to enquiries and complaints.
- PlanM generally collects personal information directly from you. We may collect and update your personal information over the phone, by email, over the internet or social media, or in person. We may also collect personal information about you from other sources, for example:
- community and marketing events;
- referral partners and suppliers;
- to send newsletters, surveys, offers, and other promotional materials related to our services and for other marketing purposes;
- to customise the advertising you may see on the site or through the services;
- to collect and/or distribute money;
- to verify your compliance with your obligations in our User Agreement or other policies; and
- government departments or agencies, for example the National Disability Insurance Agency or the NDIS Quality and Safeguards Commission; and / or
- third-party suppliers and contractors who assist us to operate our business and enable us to provide plan management services.
PlanM also collects and uses personal information for market research purposes and to innovate our delivery of products and services.
How does PlanM interact with you via the internet?
You may visit our websites www.PlanM.com.au without identifying yourself. If you identify yourself (for example, by providing your contact details in an enquiry), any personal information you provide to PlanM will be managed in accordance with this Privacy Policy. PlanM’s websites use cookies. A “cookie” is a small file stored on your computer’s browser, which assists in managing customised settings of the website and delivering content. We may collect certain information such as your device type, browser type, IP address, pages you have accessed on our websites and on third-party websites. You are not identifiable from such information.
You can use the settings in your browser to control how your browser deals with cookies. However, in doing so, you may be unable to access certain pages or content on our website.
PlanM’s websites may contain links to third-party websites. PlanM is not responsible for the content or privacy practices of websites that are linked to our website.
Can you deal with PlanM anonymously?
PlanM will provide individuals with the opportunity of remaining anonymous or using a pseudonym in their dealings with us where it is lawful and practicable (for example, when making a general enquiry). Generally, it is not practicable for PlanM to deal with individuals anonymously or pseudonymously on an ongoing basis. If we do not collect personal information about you, you may be unable to utilise our services or participate in our programs or activities we manage or deliver.
How does PlanM hold information?
PlanM is committed to protecting the security of your Personal Information. We use a variety of industry-standard security technologies and procedures to help protect your Personal Information from unauthorised access, use, and disclosure.
Any information which we hold about you is stored on secure servers that are protected in controlled facilities. We also require you to enter a password to access your account information. Please do not disclose your account password to anyone who you do not wish to access your account. We will assume all activity taking place on your account is either being conducted by you or is authorised by you.
Please notify us immediately if you become aware of any actual or suspected unauthorised use of your account, or any breach of security relating to your account.
No method of transmission over the Internet, or method of electronic storage, is 100% secure, so while PlanM uses reasonable efforts to protect your Personal Information, we cannot guarantee its absolute security.
In addition, our employees and contractors who provide services related to our information systems are obliged to respect the confidentiality and privacy of any Personal Information held by PlanM.
We take steps to destroy or de-identify information that we no longer require.
Does PlanM use or disclose your personal information for direct marketing?
PlanM may use or disclose your personal information for the purpose of informing you about our services, upcoming promotions and events, or other opportunities that may interest you. If you do not want to receive direct marketing communications, you can opt-out at any time by contacting us using the contact details below.
If you opt-out of receiving marketing material from us, PlanM may still contact you in relation to its ongoing relationship with you.
How does PlanM use and disclose personal information?
For customers
The purposes for which we may use and disclose your personal information will depend on the services we are providing you. For example, if you have engaged us to deliver a service, we may disclose information about you to service providers where this is relevant to our services. We will get your consent to disclose this information.
Disclosure to contractors and other service providers
PlanM may disclose information to third parties we engage in order to provide our services, including contractors and NDIS service providers as well as those we might engage for the purposes of data processing, data analysis, customer satisfaction surveys, information technology services and support, website maintenance/development, printing, archiving, mail-outs, and market research.
Personal information may also be shared between related and affiliated companies of PlanM, located in Australia.
Third parties to whom we have disclosed your personal information may contact you directly to let you know they have collected your personal information and to give you information about their privacy policies.
Use and disclosure for administration and management
PlanM will also use and disclose personal information for a range of administrative, management and operational purposes. This includes:
- administering billing and payments and debt recovery;
- planning, managing, monitoring and evaluating our services;
- continuous improvement activities;
- statistical analysis and reporting;
- training staff, contractors and other workers
- risk management and management of legal liabilities and claims (for example, liaising with insurers, legal representatives and auditors);
- responding to enquiries and complaints regarding our services;
- obtaining advice from consultants and other professional advisers; and
- responding to subpoenas and other legal orders and obligations.
Other uses and disclosures
Regardless of any choices you make regarding your Personal Information, PlanM may disclose Personal Information to third parties if it believes in good faith that such disclosure is necessary:
- in connection with any legal investigation;
- to comply with relevant laws, or to respond to subpoenas or warrants served on us;
- to lessen or prevent a serious threat to the life, health or safety of an individual or to public safety;
- to investigate or assist in preventing any violation or potential violation of the law;
- where another “permitted general situation” or “permitted health situation” (as defined in the Privacy Act) applies; and/or
where disclosure is reasonably necessary for a law enforcement related activity.
If you are a customer requiring plan management services for yourself, you acknowledge that we may use Personal Information about your emergency contact to get in touch with that person if necessary.
Does PlanM disclose your personal information overseas?
PlanM is an Australian organisation with local customers. Our service providers are located in Australia and outside of Australia. We may transfer or otherwise disclose your personal information to third parties located outside Australia, including for example, third parties who provide information technology and phone services to us.
By providing personal information to us, you consent to the transfer of that personal information.
We will only disclose or transfer your personal information to overseas recipients where we have taken reasonable steps to ensure that the overseas recipient does not breach the APPs in relation to your personal information.
How can you access or seek correction of your personal information?
You are entitled to access your personal information held by PlanM on request. To request access to your personal information please contact our Privacy Officer using the contact details set out below.
You will not be charged for making a request to access your personal information but you may be charged for the reasonable time and expense incurred in compiling information in response to your request.
We will take reasonable steps to ensure that the personal information we collect, use or disclose is accurate, complete and up-to-date. You can help us to do this by letting us know if you notice errors or discrepancies in information we hold about you and letting us know if your personal details change.
However, if you consider any personal information we hold about you to be inaccurate, out-of-date, incomplete, irrelevant or misleading you are entitled to request correction of the information. After receiving a request from you, we will take reasonable steps to correct your information.
We may decline your request to access or correct your personal information in certain circumstances in accordance with the APPs. If we do refuse your request, we will provide you with a reason for our decision and, in the case of a request for correction, we will include a statement with your personal information about the requested correction.
What should you do if you have a complaint about the handling of your personal information?
You may contact PlanM at any time if you have any questions or concerns about this Privacy Policy or about the way in which your personal information has been handled.
You may make a complaint about privacy to the Privacy Officer at the contact details set out below.
The Privacy Officer will first consider your complaint to determine whether there are simple or immediate steps which can be taken to resolve the complaint. We will generally respond to your complaint within a week.
If your complaint requires more detailed consideration or investigation, we will acknowledge receipt of your complaint within a week and endeavour to complete our investigation into your complaint promptly. We may ask you to provide further information about your complaint and the outcome you are seeking. We will then typically gather relevant facts, locate and review relevant documents and speak with individuals involved.
In most cases, we will investigate and respond to a complaint within 30 days of receipt of the complaint. If the matter is more complex or our investigation may take longer, we will let you know.
If you are not satisfied with our response to your complaint, or you consider that PlanM may have breached the APPs or the Privacy Act, a complaint may be made to the Office of the Australian Information Commissioner (OAIC). The OAIC can be contacted by telephone on 1300 363 992 or by using the contact details on the OAIC website.
How changes are made to this privacy policy?
PlanM may amend this Privacy Policy from time to time, with or without notice to you. We recommend that you visit our website regularly to keep up to date with any changes.
Your continued use of our site or services, or provision of further Personal Information to us after this policy has been updated, will constitute your acceptance of the amended policy.
How can you contact PlanM?
The contact details for PlanM are:
PlanM Privacy Officer
Level 12, 255 Pitt St, Sydney NSW 2021
Email: hello@planm.com.au
Phone: 1300 019 334
This Privacy Policy was last updated on 15 September 2022.