Effective Date: 01 July 2024 ACRA Inclusions Pty Ltd T/AS Regional Independence Services is committed to protecting the privacy and confidentiality of personal information provided to us in accordance with the requirements of the National Disability Insurance Scheme (NDIS) and the Australian Privacy Principles (APPs) under the Privacy Act 1988.

1. Collection of Personal Information

• Types of Information: We collect personal information necessary for providing both NDISfunded and private booking services. This may include participant details, carer information, contact information, medical history, support needs, as well as personal details of private booking customers.

• How We Collect Information: Information is collected directly from participants, their representatives, or third parties involved in the provision of NDIS services. For private bookings, information is collected during the booking process or through interactions with our website or customer service.

2. Use of Personal Information

We use personal information for the following purposes:

• Service Provision: To deliver NDIS-funded services, manage support plans, and communicate with participants and their representatives.

• Private and Corporate Bookings: To facilitate bookings, manage reservations, process payments, and provide customer support for private and corporate customers.

3. Disclosure of Personal Information

We may disclose personal information in the following circumstances:

• Service Providers: To third-party service providers engaged to assist in delivering NDIS services (e.g., support workers, therapists) or facilitating private and corporate bookings (e.g., payment processors, booking platforms).

• Legal Compliance: When required or authorised by law, including reporting obligations to government agencies and regulatory bodies.

4. Data Security and Retention

We implement appropriate security measures to protect personal information from unauthorised access, use, or disclosure. Information is securely stored and retained only for as long as necessary to fulfill the purposes outlined in this policy or as required by law.

5. Access and Correction

Participants, private and corporate booking customers, have the right to request access to, and correction of, their personal information held by us. Requests should be made in writing to our Privacy Officer via email at karratha@ris-wa.com.au.

6. Complaints

If you have a concern about how we have handled your personal information, please contact our Privacy Officer. We take privacy complaints seriously and will respond to your complaint within a reasonable timeframe.

7. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal and regulatory reasons. Updated policies will be made available on our website or provided upon request.

8. Contact Us

If you have any questions or concerns about our Privacy Policy or the handling of your personal information, please contact our Privacy Officer via email at karratha@ris-wa.com.au.

Robert Sharpless Privacy Officer / Director