Privacy Policy

Introduction

Allevi8 Pty Ltd (ABN 12 345 678 901) is committed to respecting your privacy. We understand that your privacy is important to you, and we take our responsibility to protect your personal information seriously.

This Privacy Policy explains how we collect, use, disclose, and otherwise handle your personal information. It applies to our website, mobile applications, products, and services. Allevi8 is an NDIS registered provider and complies with the Australian Privacy Act 1988 and the Australian Privacy Principles (APPs).

If you have any questions about this Privacy Policy or our privacy practices, please contact us using the details provided at the end of this document.

Information We Collect

We collect various types of information in connection with the services we provide, including:

Personal Information

• Contact Details: Name, residential address, phone number, email address
• Identification: Date of birth, gender, ABN (for businesses)
• Communication Preferences: How you prefer to be contacted

Health Information

We collect health information when you use our products or services, or when you apply for NDIS funding. This may include:

• Disability or medical conditions relevant to your product selection
• Clinical assessments or occupational therapy recommendations
• Information about your mobility, pain management, or sleep issues
• NDIS plan details and support category information

Health information is sensitive personal information under the Australian Privacy Principles and is only collected with your consent for the purpose of delivering our services.

Financial Information

• NDIS plan manager details and participant numbers
• Payment information (card details are processed securely by third-party payment processors and not stored by us)
• Invoice and purchase history

Usage Data

• Pages visited and time spent on our website
• Device type, browser type, and operating system
• IP address and location (country/state level)
• Referring website and click-through data

How We Collect Information

Directly from you: When you complete forms on our website, place an order, call us, email us, or speak with us in person.

From third parties with your consent: From your occupational therapist, support coordinator, or plan manager with your explicit permission to coordinate your order and NDIS claim.

Automatically: Through cookies, web beacons, and analytics tools when you browse our website (see Cookies & Analytics section below).

How We Use Your Information

We use the information we collect for the following purposes:

• Processing Orders: To process your purchase, arrange delivery and installation, and send confirmation emails
• NDIS Administration: To prepare funding quotes, submit NDIS provider claims, and liaise with the NDIA, your plan manager, or support coordinator
• Service Delivery: To provide clinical advice, product recommendations, and follow-up care
• Communication: To respond to enquiries, provide customer support, and send service updates
• Marketing: To send newsletters, product updates, and promotional offers (only with your consent, and you can opt out at any time)
• Website Improvement: To understand how you use our website and improve our services, products, and user experience
• Compliance: To comply with legal obligations, including NDIS provider requirements and consumer protection laws

Sharing Your Information

We do not sell your personal information to third parties. However, we may share your information with the following parties when necessary:

• NDIS Agency / NDIA: To process your funding claim and verify provider registration
• Plan Managers & Support Coordinators: With your consent, to coordinate your purchase and funding
• Delivery & Installation Partners: To arrange delivery and installation of your products
• Payment Processors: To process payments securely (Stripe, Square, PayPal, Afterpay, Zip)
• IT Service Providers: Cloud hosting, email, and customer relationship management systems operate under data processing agreements
• Legal & Compliance: If required by law, court order, or regulatory authority

Health Information

Health information is sensitive personal information under the Australian Privacy Principles. We handle it with special care:

• We collect health information only with your explicit consent
• We use it only for direct service delivery and NDIS claims
• We store it securely with restricted staff access (see Data Security below)
• We do not share it with marketing third parties or use it for marketing purposes without separate consent
• You can request access to, or correction of, your health information at any time

Data Security

We take data security seriously and implement appropriate technical and organisational measures to protect your personal information:

• Encryption: Our website uses SSL/TLS encryption for all data transmission
• Access Controls: Only authorised staff members can access personal information, and access is limited to what is necessary for their role
• Staff Training: All staff who handle personal information receive privacy and security training
• Data Retention: We retain NDIS-related records for 7 years as required by NDIS legislation. Other records are retained only as long as necessary
• Incident Response: In the event of a data breach, we will notify affected individuals and relevant authorities as required by law

Cookies & Analytics

Our website uses cookies and similar tracking technologies to enhance your experience and gather analytics:

Types of Cookies

• Essential Cookies: Required for website functionality (e.g., authentication, cart management)
• Analytics Cookies: Help us understand how visitors use our website (Google Analytics)
• Marketing Cookies: Allow us to deliver personalised content and track campaign effectiveness

Google Analytics

We use Google Analytics to track website usage. Google Analytics collects data about your visits including pages viewed, time on site, and referrer. This data is anonymised and cannot identify you personally. You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

Opting Out

You can control cookie preferences through your browser settings. Most browsers allow you to refuse cookies or alert you when cookies are being sent. Please note that disabling essential cookies may affect website functionality.

Your Rights

Under the Australian Privacy Act, you have the following rights:

• Right to Access: You can request access to the personal information we hold about you
• Right to Correction: You can request that we correct inaccurate or incomplete personal information
• Right to Deletion: You can request deletion of your personal information, subject to legal retention requirements (e.g., NDIS records must be kept for 7 years)
• Right to Opt Out: You can opt out of marketing communications at any time by clicking the unsubscribe link in our emails or contacting us directly
• Right to Lodge a Complaint: You can lodge a complaint with us or with the Office of the Australian Information Commissioner (OAIC)

To exercise any of these rights, please contact our Privacy Officer using the details below.

Contact & Complaints

If you have questions about this Privacy Policy, or if you wish to exercise any of your privacy rights, please contact us:

Making a Complaint

If you believe we have breached the Australian Privacy Principles, you can lodge a complaint:

• To Allevi8: Contact our Privacy Officer at the details above. We will investigate your complaint within 30 days and provide a response.
• To the OAIC: If you are not satisfied with our response, you can lodge a complaint with the Office of the Australian Information Commissioner (OAIC):

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. Your continued use of our website or services constitutes your acceptance of the updated Privacy Policy.