Privacy Policy.

GDS Plan Management Privacy Policy

At GDS Plan Management, we value your privacy and are committed to protecting your personal and sensitive information. This policy explains how we collect, use, store, and disclose information in the course of providing our plan management services.

We are bound by the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). We also comply with the National Disability Insurance Scheme Act 2013 (Cth), the NDIS Practice Standards, and the NDIS Code of Conduct.

In line with our values, GDS Plan Management respects and upholds the rights of individuals in relation to the information we collect, hold, and use.

1. Types of information we collect

We may collect:

  • Personal details (name, date of birth, contact details, gender, marital status).

  • Identity and government details (driver’s licence, Medicare, passport, NDIS number).

  • Financial details (bank account information, payment details, financial interests).

  • Employment details (employment status, work history).

  • Health and disability information, including medical history and support needs.

  • Other information where required by law.

We generally do not collect information such as religious or philosophical beliefs, sexual orientation, or political affiliations unless it is necessary for service delivery or required by law.

2. Why we collect information

We collect personal and sensitive information to:

  • Administer your NDIS funds and process claims.

  • Liaise with the NDIA and your support providers.

  • Ensure supports are delivered safely and appropriately.

  • Comply with legal and safeguarding obligations, including mandatory reporting to the NDIS Commission.

  • Communicate with you about your plan and services.

3. How we collect information

We usually collect information directly from you or your representative. We may also collect information from:

  • The NDIA.

  • Support providers or health professionals.

  • Government agencies.

  • Other parties, but only with your consent or where authorised by law.

We may also collect limited statistical information when you use our website or call our office (e.g. visit numbers, call times).

4. Disclosure of information

We will not disclose your personal information to third parties unless:

  • You give consent;

  • It is required or authorised by law;

  • It is necessary to work with the NDIA, regulators, or your providers;

  • It is necessary to prevent or respond to a serious threat to life, health, or safety;

  • There is suspected unlawful activity or misconduct that requires action.

If GDS Plan Management is ever sold or transferred, relevant records may also be disclosed to the purchaser and their advisers.

We may disclose information overseas only if necessary and in line with the Privacy Act 1988 (Cth).

5. Protection of information

We take reasonable steps to protect personal information from misuse, loss, unauthorised access, or disclosure. This includes:

  • Secure storage of electronic and paper files.

  • Restricted access to information on a “need to know” basis.

  • Secure destruction or de-identification of information no longer required.

  • Compliance with the Office of the Australian Information Commissioner (OAIC) Notifiable Data Breaches scheme.

6. Access and correction

You have the right to request access to personal information we hold about you, and to ask for corrections where information is inaccurate, out-of-date, incomplete, irrelevant, or misleading.

Requests may be made directly to us, or under the Freedom of Information Act 1982 (Cth). In some cases, FOI requests may be more appropriate, for example if documents include information about other individuals or commercially sensitive material.

We will not charge you to access your information but may pass on costs for complex FOI requests.

7. Cookies and website use

Our website may use cookies and other tracking technologies to collect information such as:

  • Device ID, IP address, and session details.

  • Pages visited and interaction history.

This information helps us improve services. You may disable cookies through your browser if you prefer.

8. Complaints

If you have concerns about how your personal information is handled, please contact us:

Email: admin@gdsaust.com.au
Phone: 1300 443 776
Mail: GDS Plan Management, PO Box 3165, Waurn Ponds VIC 3216

We will respond under our Feedback and Complaints Policy. If you are not satisfied, you may contact the Office of the Australian Information Commissioner (1300 363 992, www.oaic.gov.au) or the NDIS Commission (1800 035 544, www.ndiscommission.gov.au).

9. Policy review

This policy will be reviewed regularly and updated as required.

10. Legislative references

This Privacy Policy recognises and complies with the following:

  • Privacy Act 1988 (Cth)

  • National Disability Insurance Scheme Act 2013 (Cth)

  • Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth)

  • Freedom of Information Act 1982 (Cth)

  • Health Records Act 2012 (VIC)

  • NDIS Practice Standards

  • NDIS Quality and Safeguarding Framework

  • NDIS Code of Conduct

Download PDF Version of this Privacy Policy