🛡️ Privacy Policy

Evercare Community Support (ECS)

Last updated: 29th May 2025

Introduction

Evercare Community Support (ECS) and its related entities (collectively referred to as ECS, we, us, and our) are committed to protecting your privacy and handling your personal information with care and respect. This Policy explains how we manage your information, aligning with our legal obligations under the Privacy Act 1988 (Cth), specifically the Australian Privacy Principles (APPs).

This Policy is designed to be clear and easy to understand. By engaging with ECS, you agree to the collection, holding, use, and disclosure of your personal information as described in this document.

Table of Contents

1. Scope of this Policy

This Policy applies to any individual who interacts with ECS, including:

  • Our clients, customers, and their authorised representatives receiving care or support services.
  • Contractors, suppliers, and business partners engaged with ECS.
  • Visitors and users of our digital platforms, including our website at www.evercarecommunity.com.au.
  • Current and prospective employees or volunteers.

2. What is Personal and Sensitive Information?

Personal Information

Any information that can identify you. This includes basic details like your name, address, date of birth, contact numbers (phone and email), and profession or occupation.

Sensitive Information

This is a subset of personal information that receives a higher level of protection due to its nature. For an organisation providing community support and care, this includes:

  • Health and Medical Information (e.g., medical history, condition, treatment plans, and health service provider details).
  • Information about your racial or ethnic origin.
  • Information about your religious beliefs, political opinions, or sexual orientation/practices (where relevant to your care plan or legal requirements).
  • Criminal record and police checks (required for employment/contracting).

When this Policy refers to personal information, it includes sensitive/health information.

3. Our Commitment to Dignity and Privacy

ECS procedures are established to uphold and promote dignity for all clients and staff. We are committed to ensuring that all personal and health information is kept private and that ECS representatives access information only as required by their professional or administrative role.

4. Collection of Personal Information

4.1 What We Collect

The specific information we collect depends on the nature of your relationship with us, but commonly includes:

General Information

Name, address (postal and email) and telephone numbers; gender, date of birth, marital status, occupation and next of kin.

Health and Care Information

Your health and medical information, condition and treatment plan, contact details for medical practitioners and treatment providers, and information we collect in the course of providing our services.

Identity and Financial Information

Financial information such as credit card details, health fund and health insurance cover details, Medicare details, NDIS details, concession card details, citizenship or residency details, driver's licence and passport details.

Service Records

Information we create in the course of our relationship with you, such as details or evaluations of your interactions with us, including photographs and videos for clinical/care provision purposes.

Workforce Information (for Employees/Contractors)

Information about your occupation, employment history, education and suitability for the role, including criminal history, social media profiles and whether you hold any licences/permits. This also includes emergency contacts, personal email address, car registration, and performance information.

Safety and Compliance Information

Information for health and safety compliance, including recent personal health history (communicable diseases), recent overseas travel, and contact with COVID-19 cases/symptomatic persons.

Premises Monitoring

CCTV footage from any of our premises.

Digital Health Records

If you have opted-in to the eHealth record system, we may collect and use information in accordance with the My Health Records Act 2012 (Cth). We may also collect your Individual Healthcare Identifier (IHI).

4.2 How We Collect It

We aim to collect information directly from you where it is reasonably practical, which typically occurs:

  • Through access and use of our website.
  • When completing any documentation to receive a service.
  • When voluntarily providing us with personal information, in person or by telephone, email or other means.
  • By accessing your eHealth record.

We may also collect information from third parties when necessary, including:

  • Where the patient has a Medical Treatment Decision Maker or Support Person.
  • From an individual's health service provider including specialists.
  • From a health professional who has treated the individual.
  • From an individual's health insurer or other insurer, or family.
  • Australia's eHealth record system operated by the Commonwealth Department of Health.
  • To assess job applicants (e.g. Criminal History Checks, employment reference checks and Professional Bodies like AHPRA).
  • From publicly available sources.

⚠️ Important: If you provide us with personal information about another person (e.g., next of kin or representative), you must ensure you have their permission to do so, and that they are aware of this Privacy Policy.

5. Anonymity

Where it is lawful and practical, you may deal with ECS anonymously or using a pseudonym (e.g., when making a general enquiry about services). However, to provide effective, personalised care and to meet our funding or legal obligations, we require personal identifying information for service delivery and bookings.

ECS staff will always explain the potential impact of choosing anonymity on our ability to provide services.

6. Use and Disclosure of Information

6.1 Primary Purposes of Collection

We collect, hold, use, and disclose your personal information to:

  • Verify your identity.
  • Provide our services to you, and communicate with you in relation to the products and services we provide.
  • Provide information to our related bodies, contractors, allied healthcare service providers or other third parties for us to provide care services to you.
  • Comply with applicable laws, regulations, rules, reporting requirements, regulator directions or in response to any lawful request for production of information.
  • Undertake accreditation, quality assurance or clinical audits.
  • Actively manage and respond to any complaints.
  • Undertake billing and debt recovery.
  • For the review and development of our products and services.
  • Contact individuals to respond to feedback and enquiries.
  • Assess suitability of potential employees or contractors and facilitate communication with them.
  • Manage and improve our website.
  • Communicate with individuals about our services or offers from our other integrated care providers.

CCTV footage specifically may be used for: Detecting and deterring unauthorised access and criminal behaviour; monitoring safety and security of customers, employees, contractors, suppliers and visitors; completing incident investigations; and reviewing the actions of our employees and contractors.

6.2 When We Disclose Information

Subject to any consent exemptions you have given, we may disclose your personal information to third parties such as:

  • Treating medical practitioners / general practitioners and related health services.
  • Allied health services including pathology, radiology etc.
  • Third party contractors who are performing services for us, or on our behalf.
  • Government regulator / funding bodies including regulator audits.
  • Health funds / Medicare for the purposes of accounting, invoicing, billing and associated reporting / audit requirements.
  • Our contractors or sub-contractors for the purpose of providing services to you, or who provide services to us in connection with your services.
  • To our related companies in connection with the purposes set out in this Policy.
  • Consultancy services, such as accountants, solicitors, business advisors and consultants.
  • Authorised third party external audit providers.
  • Employee/contractor email addresses may be utilised for the purpose of group communications (e.g. newsletters).

We will only disclose information for a purpose other than the primary purposes (above) if:

  • You have consented to or requested the disclosure; or
  • You would reasonably expect us to use or disclose the information for the other purpose as it is directed related to the primary purpose of collection (i.e. provision of care services to you);
  • We believe the disclosure is necessary to prevent or lessen a serious threat to the life, or health or safety of any individual or to public health or public safety; or
  • The disclosure is required or permitted by law.

6.3 Disclosures to Authorised Representatives

We require written authority or evidence of legal authority before disclosing your personal information to anyone acting on your behalf.

6.4 What Happens if You Don't Provide Information?

If you choose not to provide us with your information, the following may occur:

  • We may not be able to provide the requested products or services to you, including health/care services, either to the same standard or potentially at all.
  • We may not be able to provide you with information about the health/care services or products that you want.
  • If you are a job applicant, we may not be able to process your application for a position at ECS.

Further information regarding the potential impact of choosing not to provide information can be obtained by discussing your concerns with the Privacy Officer.

7. Data Security and Retention

ECS takes all reasonable steps to protect the personal information we hold from misuse, loss, and from unauthorised access, modification, or disclosure in accordance with applicable legal and regulatory requirements. We comply with the notifiable data breaches scheme.

All private and health information (whether held in paper, electronic, film, video or audiotape format) will be protected. We retain information only for the period required for the purposes set out in this Policy, after which it is securely disposed of.

8. Accessing, Correcting, and Cross-Border Disclosure

8.1 Accessing or Correcting Your Information

You have the right to request access to the personal information we hold about you by contacting our Privacy Officer.

A request must be in writing and must provide sufficient information to identify you and the information sought. We may need to verify your identity. We may elect to charge you for our reasonable costs involved in providing access.

We may refuse access or decline to make a correction if permitted or required by law (e.g., if providing access would pose a serious threat to life or health). If we refuse, we will provide a written notice stating the reasons and the complaint mechanism available.

8.2 Cross-Border Disclosure

As at the date of this Policy, we are only likely to disclose personal information to our related companies and third parties located in Australia. We will not otherwise disclose your personal information to anyone located overseas without first complying with the requirements of the Privacy Act.

For clients in Victoria or New South Wales, the disclosure of your health information outside the respective state is managed in accordance with the Health Records Act 2001 (Vic) and the Health Records and Information Privacy Act 2002 (NSW), such as where you have given consent or the transfer is for your benefit.

9. Direct Marketing

You consent to receiving direct marketing communications from ECS via post, email, phone, or SMS to inform you about our services or complimentary ECS offerings. ECS will not provide your personal information to any third party for marketing purposes.

We will not use your sensitive information for direct marketing without your express consent. If you wish to stop receiving marketing communications, you can notify us by:

  • Contacting your service delivery nominated contact or the Privacy Officer.
  • Submitting a request via the contact us function on our Sites.
  • Clicking the "Unsubscribe" function in any electronic communications.

10. Our Website Data Management

10.1 Automatic Collection

Visitors to our website do not disclose personal information unless they provide it via the enquiry form. Non-personal information (e.g., browser type, pages viewed, access times) may be collected for the purpose of gauging visitor traffic and trends.

10.2 Analytics Services and Cookies

ECS may engage third parties (such as Google Display Network and Google Analytics) to perform functions on our behalf. We and these third parties use cookies (small files) to collect non-personally identifiable information. You can set your browser to notify you when you receive a cookie.

10.3 Location-Based Tools

We may collect the general geographic location of your computer or mobile device to improve location-based service information.

11. Amendments and Contact

11.1 Amendments to this Policy

This Policy was last amended on 29th May 2025. We may update it periodically to reflect changes in laws, technology, or our business practices. The most current version is available at www.evercarecommunity.com.au/privacy-policy/

11.2 Contacting Us

Please contact our Privacy Officer if you have any questions, feedback, or need to make a request or complaint:

  • To ask questions or give feedback about privacy.
  • Request access or corrections to your information.
  • Seek more information about anything contained in this Policy.
  • Make a privacy related complaint.

Privacy Officer Contact Details

Email:support@evercarecommunity.com.au
Telephone:03 7303 7203
Webform:www.evercarecommunity.com.au/contact-us

We request that all privacy related complaints be made in writing. We will endeavour to respond to your complaint within 30 days.

If you are not satisfied with the outcome, you also have the right to make a complaint to the Privacy Commissioner via:

Phone:1300 363 992
Email:enquiries@oaic.gov.au
Mail:Office of the Australian Information Commissioner, GPO Box 5218, Sydney, NSW 2001

This Privacy Policy is compliant with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).