Privacy Policy

NavAble – Creating Pathways to Independence
Website: https://navable.com.au
Email: Info@NavAble.com.au

Effective Date: [01/03/2026]

1. Purpose

NavAble is committed to protecting the privacy, dignity, and confidentiality of all participants, nominees, representatives, and stakeholders with whom we engage.

This Privacy Policy outlines how NavAble collects, holds, uses, discloses, and safeguards personal and sensitive information in accordance with:

  • Privacy Act 1988 (Cth)

  • Australian Privacy Principles (APPs)

  • National Disability Insurance Scheme Act 2013 (Cth)

  • NDIS Quality and Safeguards Commission Practice Standards

  • NDIS Code of Conduct

This policy applies to all personal information collected in connection with the provision of Support Coordination and Capacity Building services.

2. Definitions

Personal Information means information or an opinion about an identified individual, or an individual who is reasonably identifiable.

Sensitive Information includes health information, disability information, racial or ethnic origin, or other information afforded a higher level of protection under privacy legislation.

Participant refers to a person receiving services from NavAble under an NDIS plan or other funding arrangement.

3. Types of Information Collected

NavAble may collect and hold the following information where reasonably necessary for service provision:

3.1 Personal Information

  • Full name

  • Date of birth

  • Residential and postal address

  • Contact details (phone, email)

  • Emergency contact details

  • Guardian or nominee information

3.2 NDIS-Specific Information

  • NDIS participant number

  • NDIS plan details

  • Funding categories and budgets

  • Service bookings

  • Plan management arrangements

  • Support goals and outcomes

3.3 Sensitive and Health Information

  • Disability information

  • Functional capacity information

  • Medical reports relevant to supports

  • Risk assessments

  • Behaviour support information (where applicable)

NavAble collects only information that is reasonably necessary to deliver lawful, safe, and effective supports.

4. Methods of Collection

Information may be collected:

  • Directly from participants

  • From authorised nominees or guardians

  • Through referral partners

  • Via intake forms, consent forms, service agreements

  • Through meetings, phone calls, emails, and digital platforms

  • From NDIA portals where authorised

Where information is collected from third parties, we will take reasonable steps to ensure the individual has consented to such disclosure.

5. NDIS-Specific Compliance and Confidentiality Obligations

As a provider of Support Coordination and Capacity Building services, NavAble adheres to the following NDIS-specific privacy and compliance obligations:

5.1 NDIS Practice Standards – Information Management

NavAble maintains policies and procedures to ensure:

  • Confidential handling of participant information

  • Secure storage of participant records

  • Controlled access to participant files

  • Protection against unauthorised disclosure

  • Clear consent processes for information sharing

Participant information is only accessed by authorised personnel for legitimate service delivery purposes.

5.2 Support Coordination Confidentiality

In delivering Support Coordination services, NavAble may be required to liaise with:

  • The NDIA

  • Plan Managers

  • Allied Health Professionals

  • Registered and non-registered service providers

  • Mainstream services (health, housing, education)

Information is shared strictly on a “need-to-know” basis and only with appropriate consent, unless otherwise required or authorised by law.

5.3 Consent Requirements

NavAble obtains informed consent before:

  • Collecting sensitive information

  • Sharing information with third parties

  • Uploading documentation to the NDIS portal

  • Engaging external service providers

Participants may withdraw consent at any time in writing, subject to legal or contractual limitations.

5.4 Record Keeping Obligations

In accordance with NDIS Practice Standards and audit requirements, NavAble:

  • Maintains accurate and contemporaneous participant records

  • Documents service delivery, goals, and progress notes

  • Retains records for the minimum legally required period

  • Ensures records are accessible for NDIS audits when required

5.5 Mandatory Reporting and Legal Disclosure

NavAble may disclose personal information without consent where required by law, including but not limited to:

  • Reportable incidents

  • Risk of serious harm

  • Fraud or misuse of NDIS funds

  • Court orders or statutory notices

Such disclosures will be limited to what is legally required.

6. Use of Personal Information

NavAble uses personal information for the purposes of:

  • Delivering Support Coordination and Capacity Building services

  • Developing, monitoring, and reviewing support plans

  • Coordinating services and referrals

  • Managing service agreements and funding

  • Invoicing and financial administration

  • Meeting regulatory and audit requirements

  • Quality assurance and service improvement

Personal information will not be used for marketing without explicit consent.

7. Data Storage and Security

NavAble takes reasonable and proportionate measures to safeguard information, including:

  • Secure cloud-based systems

  • Password-protected databases

  • Encrypted communications where practicable

  • Locked filing systems for physical records

  • Controlled staff access

NavAble implements safeguards against:

  • Misuse

  • Interference

  • Loss

  • Unauthorised access

  • Modification

  • Disclosure

8. Data Retention and Destruction

Personal information is retained in accordance with legislative and regulatory requirements.

When information is no longer required, NavAble will take reasonable steps to securely destroy or de-identify the information.

9. Access and Correction

Participants have the right to:

  • Request access to their personal information

  • Request correction of inaccurate, incomplete, or outdated information

Requests must be made in writing to:

Info@NavAble.com.au

NavAble will respond within a reasonable timeframe and in accordance with the Australian Privacy Principles.

10. Website and Digital Information

Our website may collect limited non-identifiable data, including:

  • IP address

  • Browser type

  • Pages visited

  • Date and time of visit

This data is used solely to improve website performance and service accessibility.

11. Complaints and Dispute Resolution

If you have concerns regarding the handling of your personal information, please submit a written complaint to:

NavAble
Email: Info@NavAble.com.au

NavAble will:

  • Acknowledge receipt of the complaint

  • Investigate the matter

  • Provide a written response within 30 days

If you are dissatisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC).

12. Policy Review

This Privacy Policy is reviewed periodically to ensure ongoing compliance with legislative and NDIS regulatory requirements.

The most current version will be available on the NavAble website.

Contact us now

ABN 14 976 631 992

Email

Phone

info@navable.com

+61 4929 73 669

© 2025. All rights reserved.