Privacy policy
Introduction
Welcome to Ndisync.ai, your dedicated platform for connecting NDIS participants, support workers, companies, coordinators, and allied health professionals. We are committed to protecting your privacy and ensuring transparency in how we collect, use, and safeguard your data. This Privacy Policy applies to all users, including those utilizing our freemium model.
Information we collect
To provide and enhance our services, we collect various types of data:
- Personal information: Name, email address, phone number, and address.
- Professional Information: Job titles, work history, educational background, certifications, and qualifications.
- User Generated Content: Profile details, posts, and other content created by users.
- Permissions data: Access to files, media, microphone, camera, and notifications.
- Usage data: Interactions on the platform, such as activity on the news feed or community discussions.
- Verification documents: Documents submitted for identity and NDIS verification.
Verification process
To ensure authenticity and adherence to NDIS verification protocols, we internally manage all user verifications. Users are required to:
- Submit necessary documents via the "Verify" feature on the platform.
- Undergo manual review by our verification team.
Once verified, users will receive a verified badge on their profiles, enhancing security and trust.
Usage of collected data
The collected data is utilized for the following purposes:
Platform purpose
- Creating and updating profiles.
- Matching users with relevant opportunities and services.
Service Fulfillment:
Phone numbers and addresses are collected to facilitate communication, and service coordination.
Functionality Enablement:
Allowing document uploads, photo/video capturing, and audio recordings.
Service Improvements:
Analyzing service usage to customize and enhance user experience
Identity Verification:
Authenticating users to maintain the platform's integrity.
Data Collection Practices and Third Party Libraries
Our platform integrates third party libraries and services to enhance functionality, including:
- Local Storage Usage: For offline features.
- Notification Tokens: To manage notifications.
- Payment Information: For secure transactions via Stripe.
- Network Status Information: To optimize platform responsiveness.
These integrations collect data solely to improve performance and are not shared with external third parties for their independent use.
Third Party Data Sharing Practices
While personal data is not shared with third parties for independent purposes, certain functionalities necessitate data sharing:
- Payment Processing: Stripe processes payment information to ensure secure transactions.
- Notifications: Token access is used for managing and delivering notifications.
All data collected by third party services is restricted to the functionalities provided within the app.
User Consent Management
Users can manage their consent and preferences for data collection and sharing:
Marketing Communications:
Preferences can be adjusted in the app's settings menu.
Permissions Management:
Device permissions for camera, media, and notifications are prompted by the operating system and can be modified in device settings.
Opt Out Options:
Users may opt out of non essential communications through the platform's settings.
User Rights and Choices
As a user of Ndisync.ai, you have the following rights:
Access and Update:
Modify your personal information via the app's profile settings.
Data Deletion:
Request deletion of your personal data, with the exception of data retained for legal or operational purposes (e.g., email addresses linked to job posts).
Objection:
Decline specific uses of your data, such as marketing communications.
Restrictions:
Request processing limitations under specific circumstances, such as contested data accuracy.
Cookies and Tracking Technologies
We utilize cookies and similar technologies to enhance your experience:
Session Cookies:
Temporary cookies removed when you close your browser.
Persistent Cookies:
Remain on your device until expired or manually deleted.
These tools help store profile information (e.g., name, user role) and track activity for analytics. Users can manage cookie preferences via their browser settings.
Security Measures
We prioritize your data security and have implemented robust measures, including:
Encryption:
Data is encrypted in transit and at rest.
Secure Storage:
Data is stored in secure facilities with state of the art protocols.
Access Controls:
Only authorized personnel can access your data.
Regular Audits:
Routine security assessments to address vulnerabilities.
Incident Response:
Prompt responses to any security breaches.
Compliance with Data Protection Regulations
Ndisync.ai complies with the following regulations:
- Australian Privacy Principles (APPs):Ensuring transparency, security, and user control over data.
- General Data Protection Regulation (GDPR):For users within applicable jurisdictions.
Your rights under these regulations include:
Access: Request copies of your personal data.
Rectification: Correct inaccuracies in your data.
Erasure: Request deletion under specific conditions.
Restriction: Limit data processing in certain scenarios.
Portability: Transfer your data to another provider.
Objection: Decline data processing for specific purposes.
Data Retention
We retain user data only as long as necessary to fulfill service requirements or comply with legal obligations. For instance:
Billing Records:
Retained for 7 years as required by Australian law.
Operational Data:
Deleted upon user request or account termination, except for data required for ongoing legal or operational obligations.
Changes to This Policy
This Privacy Policy may be updated periodically. Users will be notified of significant changes via email or platform notifications. Continued use of the platform constitutes acceptance of the revised policy.
Contact Information
For questions or concerns regarding this Privacy Policy, contact us at: hello@ndisync.ai