03 9863 6438

Privacy Policy

Trinity Help > Privacy Policy

1. About this Privacy Policy

Trinity Help Disability Services Pty Ltd (“Trinity Help”, “we”, “us”, “our”) is committed to protecting the privacy and personal information of every person we support, employ, work with, or engage with through our website.

This Privacy Policy explains how we collect, hold, use, and disclose personal information in accordance with:

  • the Privacy Act 1988 (Cth) and the 13 Australian Privacy Principles (APPs);
  • the National Disability Insurance Scheme Act 2013 (Cth) and the NDIS (Code of Conduct) Rules 2018;
  • the NDIS Practice Standards and Quality Indicators;
  • relevant Victorian privacy and health records legislation, including the Health Records Act 2001 (Vic); and
  • the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act.

Entity: Trinity Help Disability Services Pty Ltd
ABN: 48 668 853 923
Address: 84 Hotham Street, Preston VIC 3072
Phone: +61 413 001 341 / 03 9863 6438
Email: admin@trinityhelp.com.au

By using our website, engaging our services, or providing us with personal information, you consent to the collection, use, and disclosure of that information as described in this policy.

2. What is “personal information”?

Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable. It includes sensitive information, such as health information, disability information, racial or ethnic origin, religious beliefs, and other categories defined under the Privacy Act.

Because Trinity Help is an NDIS-registered disability services provider, much of the information we handle is sensitive information, and we apply additional protections accordingly.

3. The kinds of personal information we collect

The categories of personal information we collect depend on your relationship with Trinity Help.

3.1 NDIS participants and prospective participants

We may collect:

  • name, date of birth, gender, address, phone number, email, and emergency contact details;
  • NDIS participant number, plan details, plan dates, funding categories, and plan management arrangements;
  • disability type, diagnoses, functional capacity, and assessment reports;
  • health information including medical history, current medications, treating practitioners, allergies, and behaviour support plans;
  • support needs, goals, preferences, cultural and communication needs, and risk assessments;
  • guardian, nominee, or substitute decision-maker details where applicable;
  • information about household members or co-residents where relevant to safe service delivery;
  • service notes, progress notes, incident reports, and other records created during the delivery of supports;
  • billing, claiming, and payment information.

3.2 Family members, carers, and informal supports

We may collect contact details, relationship to the participant, and information necessary to coordinate safe and appropriate supports.

3.3 Workers, contractors, and applicants

For prospective and current support workers, allied health professionals, and contractors, we may collect:

  • name, contact details, date of birth, photograph;
  • right-to-work documentation, Tax File Number, superannuation, and bank details;
  • NDIS Worker Screening Check, Working with Children Check, police checks, qualifications, and references;
  • training records, performance information, and complaints data.

3.4 Website visitors and general enquirers

When you visit our website at trinityhelp.com.au or contact us, we may collect:

  • information you submit through forms (name, email, phone, message, suburb);
  • IP address, browser type, device information, pages viewed, and referring URL;
  • cookies and analytics data (see Section 8).

3.5 Other parties

We may also collect information about support coordinators, plan managers, treating practitioners, advocates, and government representatives where this is necessary to deliver supports.

4. How we collect personal information

Wherever practicable, we collect personal information directly from you. This may occur through:

  • intake forms, service agreements, and assessment interviews;
  • phone calls, emails, and in-person meetings;
  • our website (contact forms, enquiries);
  • service delivery interactions and progress notes;
  • job applications and employment processes.

Where it is not reasonable or practicable to collect information directly from you — for example, in an emergency, when authorised by your nominee, or when collecting from your support coordinator, treating practitioner, or the NDIA — we may collect personal information from third parties. We will only do so where the collection is reasonably necessary for our functions and permitted by law.

We will take reasonable steps to ensure you are aware of the matters set out in APP 5 at or as soon as practicable after collection.

5. Why we collect, hold, use, and disclose personal information

We collect and use personal information for purposes including:

  • assessing eligibility for, and delivering, NDIS-funded supports;
  • developing personalised support plans aligned with your NDIS goals;
  • coordinating with your support team, family, treating practitioners, and the NDIA;
  • claiming payment from the NDIA, plan managers, or self-managed participants;
  • meeting our obligations under the NDIS Practice Standards, NDIS Code of Conduct, and worker screening requirements;
  • managing incidents, complaints, and feedback (including reportable incidents under the NDIS Commission rules);
  • recruiting, screening, training, and managing our workforce;
  • responding to enquiries made through our website or other channels;
  • improving our services, training our team, and ensuring quality and safety;
  • complying with legal obligations (including health, safety, taxation, and reporting obligations); and
  • preventing, detecting, and investigating fraud, abuse, neglect, or exploitation.

We will not use or disclose your personal information for a purpose other than the one for which it was collected, unless you have consented, the use is directly related and you would reasonably expect it, or another exception under the APPs applies (for example, where required or authorised by law).

6. Disclosure of personal information

We may disclose personal information to:

  • the National Disability Insurance Agency (NDIA) and the NDIS Quality and Safeguards Commission, including for reportable incident notifications;
  • plan managers and support coordinators involved in your supports;
  • treating practitioners and allied health professionals where relevant to safe service delivery;
  • family members, guardians, or nominees where you have consented or where authorised by law;
  • our workers and contractors on a need-to-know basis to deliver your supports;
  • insurers, lawyers, and professional advisors;
  • government agencies, regulators, and law enforcement where required or authorised by law (including under the Notifiable Data Breaches scheme and mandatory reporting obligations);
  • third-party service providers who help us run our business (see Section 7); and
  • Australian courts and tribunals where we are legally compelled.

We do not sell your personal information.

7. Third-party service providers

We use trusted third-party providers to operate our business and deliver services. These providers are bound by contractual or legal obligations to protect your information. They include:

  • cloud hosting and email providers (for example, our website host and email infrastructure);
  • client management, rostering, and care-management software used to record service delivery;
  • accounting, payroll, and superannuation providers;
  • background-check, training, and worker-screening providers;
  • communication tools (phone, SMS, video conferencing);
  • analytics providers (see Section 8).

Where reasonably possible, we choose providers who store data within Australia. Where data is held overseas, we take reasonable steps to ensure the recipient handles the information consistently with the APPs (APP 8).

8. Cookies, analytics, and our website

Our website uses cookies — small text files stored on your device — to help the site function and to understand how visitors use it. Cookies do not personally identify you on their own, but may be linked to other information.

8.1 Google Analytics 4

We use Google Analytics 4 (GA4), a service provided by Google LLC, to understand how people use our website so we can improve it. GA4 collects information such as:

  • pages viewed and time spent on each page;
  • approximate geographic location (city/region — not your exact address);
  • device, browser, and operating system;
  • referring website or search query.

GA4 uses IP-anonymisation by default and we have not enabled Google Signals or advertising features. Google may transfer this information to servers outside Australia, including the United States. You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

8.2 Other tracking

We do not use Meta Pixel, advertising trackers, or third-party marketing pixels on this site. If we add any in future, we will update this Privacy Policy and seek consent where required.

8.3 Managing cookies

You can control or disable cookies through your browser settings. Disabling cookies may affect how the website works.

9. How we hold and protect personal information

We hold personal information in a combination of secure electronic systems and, where necessary, paper records. We take reasonable steps to protect information from misuse, interference, loss, and unauthorised access, modification, or disclosure, including through:

  • access controls, role-based permissions, and unique logins;
  • multi-factor authentication on critical systems;
  • encryption in transit (HTTPS) and at rest where supported;
  • staff confidentiality agreements and privacy training;
  • regular reviews of our information-handling practices;
  • secure destruction or de-identification of records when no longer needed.

Despite our efforts, no system is completely secure. If you believe your information has been compromised, please contact us immediately (see Section 13).

10. Data breaches

If we become aware of a data breach that is likely to result in serious harm to any individual whose personal information is involved, we will respond in accordance with the Notifiable Data Breaches scheme under Part IIIC of the Privacy Act. This includes notifying affected individuals and the Office of the Australian Information Commissioner (OAIC) as soon as practicable.

11. How long we keep your information

We retain personal information only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Specific minimum retention periods apply, including:

  • NDIS participant records: at least 7 years after the last service was provided, in line with NDIS Practice Standards and the NDIS Quality and Safeguards Commission requirements;
  • employment records: at least 7 years under Fair Work and tax obligations;
  • financial records: at least 5 years under the Income Tax Assessment Act and related laws;
  • incident and complaint records: in line with NDIS Commission requirements.

When records are no longer required, we securely destroy or de-identify them.

12. Your rights — accessing and correcting your information

Under APPs 12 and 13, you have the right to:

  • access the personal information we hold about you;
  • request that we correct information that is inaccurate, out-of-date, incomplete, irrelevant, or misleading;
  • withdraw consent for certain uses of your information (note: this may affect our ability to deliver services);
  • request that we anonymise or delete information, where we are not required by law to retain it;
  • ask how your information has been used or disclosed.

To make a request, contact us using the details in Section 13. We will respond within a reasonable period (usually 30 days) and will not charge you for accessing your information, although a reasonable cost-recovery fee may apply for providing copies of large records.

In limited circumstances permitted by the Privacy Act, we may decline a request — for example, where access would unreasonably affect another person’s privacy or where we are legally required to refuse. If we decline, we will explain why in writing and tell you how to complain.

13. Complaints

If you believe Trinity Help has breached your privacy or mishandled your personal information, you can raise it with us first. We take privacy complaints seriously and will work with you to resolve the issue.

Privacy Officer
Trinity Help Disability Services Pty Ltd
84 Hotham Street, Preston VIC 3072
Email: admin@trinityhelp.com.au
Phone: 03 9863 6438

We will acknowledge your complaint within 7 days and aim to provide a substantive response within 30 days.

If you are not satisfied with our response, you can escalate to:

Office of the Australian Information Commissioner (OAIC)
Website: oaic.gov.au
Phone: 1300 363 992

For complaints related specifically to NDIS service delivery, including conduct of workers or quality of supports, you can also contact:

NDIS Quality and Safeguards Commission
Website: ndiscommission.gov.au
Phone: 1800 035 544

For complaints relating to health information in Victoria, you may contact the Health Complaints Commissioner (Victoria) at hcc.vic.gov.au.

14. Anonymity and pseudonymity

Where lawful and practicable, you have the option of dealing with us anonymously or under a pseudonym (APP 2). However, we will usually need to identify you to deliver NDIS-funded supports, claim payment, or comply with our regulatory obligations.

15. Overseas disclosure

Some of our service providers (for example, cloud-based software vendors) may store data outside Australia. Before disclosing your information overseas, we take reasonable steps to ensure the recipient handles it consistently with the APPs, except where an exception under APP 8 applies.

16. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal obligations, or services. The current version will always be available on our website at trinityhelp.com.au/privacy-policy. We encourage you to review it periodically.

Last updated: 6 May 2026
Version: 1.0