Privacy Policy

How we collect, use, and protect your personal information

1. About this policy

Prossolo Plans Pty Ltd (ABN [To Be Confirmed]) ("we", "us", "our") is committed to protecting the privacy of your personal information. This Privacy Policy describes how we collect, hold, use, and disclose personal information in connection with our NDIS plan management services.

We are bound by the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth), as well as the privacy and confidentiality requirements of the National Disability Insurance Scheme Act 2013 (Cth) and the NDIS Code of Conduct.

2. Information we collect

We collect personal information that is reasonably necessary to provide plan management services. This may include:

  • Your name, date of birth, address, phone number, and email address
  • Your NDIS participant number and plan details (support categories, budget allocations, plan dates)
  • Details of your service providers and the supports they deliver
  • Invoice and payment records relating to your NDIS plan
  • Details of your nominee, guardian, or authorised representative (if applicable)
  • Your support coordinator's contact information (if applicable)
  • Any other information you provide to us in the course of our service

We may also collect sensitive information, such as information about your disability, where it is directly related to the administration of your NDIS plan. We will only collect sensitive information with your consent or where required or authorised by law.

3. How we collect information

We collect personal information directly from you (or your authorised representative) when you complete our Participant Information Form, communicate with us by phone, email, or through our online portal, or when you provide information as part of your ongoing service.

We may also collect information from the NDIA through the NDIS portal (PRODA/PACE) to access your plan details and process claims, and from your service providers when they submit invoices for payment.

4. How we use your information

We use your personal information to:

  • Provide NDIS plan management services, including processing invoices, submitting claims, and paying providers
  • Track and report on your plan budget and spending
  • Communicate with you about your plan, budget, and services
  • Comply with our obligations under the NDIS Act, NDIS Rules, and NDIS Practice Standards
  • Respond to enquiries, complaints, or feedback
  • Meet our legal, regulatory, and record-keeping obligations

5. Who we share your information with

We may share your personal information with:

  • The National Disability Insurance Agency (NDIA) — to submit claims and manage your plan funding
  • Your service providers — to facilitate invoice processing and payment
  • Your support coordinator — with your consent, to assist with plan implementation
  • Your nominee, guardian, or authorised representative — as authorised
  • The NDIS Quality and Safeguards Commission — if required by law or as part of our regulatory obligations
  • Our professional advisors (accountants, auditors, legal advisors) — where necessary for compliance or business operations, under strict confidentiality obligations

We will not sell, rent, or otherwise disclose your personal information to any other third party without your written consent, unless required or authorised by law.

6. Data security

We take reasonable steps to protect your personal information from misuse, interference, loss, unauthorised access, modification, or disclosure. Our security measures include:

  • Using an ISO 27001:2022–certified plan management platform with encrypted data storage
  • Restricting access to personal information to authorised personnel only
  • Using multi-factor authentication for system access
  • Maintaining secure backup and disaster recovery procedures
  • Training staff on privacy obligations and data handling procedures

7. Access and correction

You have the right to request access to the personal information we hold about you. You also have the right to request that we correct any information that is inaccurate, out-of-date, incomplete, or misleading.

To make a request, contact us using the details below. We will respond to your request within 30 days.

8. Complaints

If you believe we have breached the Australian Privacy Principles or mishandled your personal information, you may make a complaint by contacting us directly. We will investigate your complaint and respond within 30 days.

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au or by calling 1300 363 992.

9. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in legislation or our practices. The current version will always be available on our website. We will notify you of any material changes.

10. Contact us

If you have questions about this Privacy Policy or how we handle your personal information, please contact us:

  • Email: hello@prossoloplans.com.au
  • Phone: 0400 000 000
  • Post: Prossolo Plans Pty Ltd, St Leonards, Victoria, Australia

Last updated: March 2026