Skip to content

Privacy Policy

  1. Who we are and what we do

This Privacy Policy relates to PLAN FOR YOU PTY LTD. ABN 57 667 082 466. We are committed to ensuring the privacy and rights of individuals is protected. As part of our values, Plan For You, respects the sensitive information we collect, hold and administer, and ensure it is only used to conduct our services. By using our Service, you agree to the collection and use of information in accordance with this policy.

As set out in this policy, it shows how we collect, use, disclose and manage your sensitive and personal information. We undertake this to ensure we comply with Australia Privacy Principles (APPS) contained in the Privacy Act 1998.

  1. This Privacy Policy

This Privacy Policy explains how we comply with these laws.

We may modify or amend provisions of this Privacy Policy from time to time. We will display a notice where this Privacy Policy is made available stating when any such revisions have been made. However, we will not materially qualify our commitments in this Privacy Policy as to our processes, practices and standards to protect privacy and information security of personal information about individuals in Australia.

This Privacy Policy should be read together with our Customer Terms as published where this Privacy Policy is made available.

  1. Personal information about you that we collect and use

Plan For You, must only collect information where it is seen reasonable and practical to do so. We will only collect it directly from you. Personal information that we collect and use includes information collected from you when you:

  • Deal with one of our plan managers.
  • Sign up on website
  • respond to communications from us by phone or email or text communications,
  • ask us to provide you with our newsletter, or
  • participate in another site feature.

The types of information we may collect include:

  • name,
  • e-mail address,
  • mailing address,
  • phone number,
  • date of birth or any other required information.

At times, we may need to collect your personal data from third parties, without your involvement. If this was to happen, we will obtain your prior consent to do so. Third parties could include, market research organisations, employer, brokers, government agencies, other providers who provide products or services to you. We may also liaise with medical practitioners or disability support providers.

  1. Why we collect your personal and sensitive information

Your personal or sensitive information, will only be collected if you consent and it is reasonably necessary for, or directly related to, one or more of our functions or activities.

We may collect, hold, use and disclose your information for the purposes of the administration of your NDIS funds. We may need it in co-ordination of your disability supports and liaising with your support providers and with the NDIA. 

We may collect personal or sensitive information and be required to provide reports to the NDIS Quality & Safeguards Commission. 

  1. Disclosing your personal information

Your personal information will not be given to any other organisation, unless you consent. On occasion, the following exceptions do apply:

  • we are legally required or authorised, under Australian law, or court order;
  • it is reasonably expected, that the information my need to be used for that other purpose;
  • regulatory bodies, law enforcement bodies or government agencies have made a formal request. This is not limited to ones such as, Department of Human Services, the NDIS Quality and Safeguards Commission or the NDIA;
  • there is reason to believe misconduct of a serious nature, and it is required for us in order to take appropriate action.


  1. Protection of your personal and sensitive information

All reasonable steps have been taken to ensure your personal and sensitive information will not be compromised, misused, or have unauthorised access. All information could be held in hard copy or electronic form. Once it is no longer needed, it will be destroyed.

  1. External links

Our website may contain links to external websites, maintained by other organisations, and therefore we do not have any responsibility of the content on those sites. Please ensure that you read any privacy policies listed on those sites before proceeding to provide any personal data.

  1. Access to your information

Where we collect personal information from an individual directly, we take steps to ensure that the personal information we collect, use and disclose is accurate, up to date and complete. These steps include maintaining and updating any personal information when we are advised by an individual that their information has changed.

Where we collect personal information about an individual from a third party, we rely on that third party to ensure that information it collects is accurate, up to date and complete.

An individual may request access to personal information about that individual that is held by us. Subject to any permitted exception under data privacy laws, we shall give that individual access to that personal information.

If an individual notifies us that personal information about that individual as held by us is not accurate, we will take reasonable steps to correct that information. To the extent that we have received any personal information indirectly (for example, from a business for which we act as sub-contractor), we may notify that business that it has received a request from an individual to access or correct the personal information it has provided to us.

If you require access to personal information about you, please contact Before we provide you with access to personal information about you, we will require you to provide proof of identity.

For most requests, your information will be provided free of charge, however, we may charge a reasonable fee if your request requires a substantial effort on our part.

If we refuse to provide you with access to the information, we will provide you with reasons for the refusal and inform you of any permitted exception under data privacy laws that we rely upon, unless it would be unreasonable for us to do so.

We take reasonable steps to ensure that your personal information is accurate, complete, and up-to-date whenever we collect or use it. If the personal information we hold about you is inaccurate, incomplete, irrelevant or out-of-date, please contact us and we will take reasonable steps to either correct this information, or if necessary, discuss alternative action with you.

  1. Cookies

Information collected could be contained in a cookie. Upon access to our website, we may send a “cookie” to your computer, to enable us to recognise you each time you visit our website. You can use your browser settings to indicate your preference upon entering out website. Not accepting some cookies, may result in features of our website not to work.  Our cookies do not collect personal information regarding you.

  1. Other ways in which we use personal information

We use personal information to provide products and services and conduct our business. 

Administration – We may use personal information to help us manage the products and services we provide, to deal with customer enquiries and complaints, and to maintain and update our records.

Services security and fraud protection – We undertake a range of network, security and fraud protection activities including identifying and blocking possible malicious actors, code or content. We may also use personal information to determine whether an individual might be impacted, and take action to block the malicious activity or notify the individual so that the individual can take protective action.

We also collect personal information about our personnel (employees and contractors), and applicants for positions with us, to support management our human resource functions and statutory obligations. We may monitor communications of our personnel that are made using work resources, to ensure that we provide safe and secure services and that we handle personal information of others only in accordance with this Privacy Policy and to the extent permitted or required by law. We will inform our personnel of this workplace monitoring and conduct this monitoring only to the extent permitted by law.

Some of our service providers that analyse and augment personal information for us provide their services from outside Australia and may store personal information outside Australia. We will take reasonable steps to ensure that those service providers do not breach applicable Australian laws in relation to personal information that they handle on our behalf.

  1. Retention of personal information

We retain personal information after we have used the personal information for the purposes for which we collected or received it.

If we retain such personal information, it will only be used for the following purposes:

(a) as required by or under Australian law, or a court / tribunal order;

(b) as required for professional indemnity insurance; and

(c) in accordance with our back-up archive policy.

When no longer required, its best endeavours to ensure that all such information will be destroyed in a secure manner and in a reasonable time frame.

  1. How we hold and secure your information

The security of personal information about individuals is important to us.

We take appropriate industry recognised steps to prevent personal information that we hold from misuse, interference or loss, and from unauthorised access, modification or disclosure. This protection includes the use of technologies and processes such as access control procedures, network firewalls, encryption and physical security.

  1. How to contact us

If you would like to access or inquire about any personal information we hold about you,

have a query in relation to this Privacy Policy or our administration of it, would like to make a complaint about our handling of personal information about you, please contact us using the details below.


If you wish to make a complaint about an alleged breach of the Privacy Laws, we ask that you send us your complaint in writing to the email address listed above. We endeavour to respond to complaints within a reasonable period (usually 30 days). If you are not satisfied with our response, you may make a complaint to the Office of the Australian Information Commissioner by phoning 1300 363 992 or by email at  You can contact the NDIS Quality and Safeguards Commission on 1800 035 544 or visit

14.Relevant Legislation, Standards and Agreements   

Plan For You is commit to adhering to various Legislation, Standards and Agreements. These include, but not limited to the following;

Australian Privacy Principles in Privacy Act 1988 (Cth), Freedom of Information Act 1982,  Privacy and Data Protection Act 2014, Health Records Act 2012,  National Disability Insurance Scheme Act 2013 (Cth), National Disability Practice Standards, National Disability Insurance Scheme Quality & Safeguarding Framework NDIS Code of Conduct.

This Privacy Policy was last updated on 12 June 2023