PRIVACY POLICY
1. OVERVIEW
Six Care Nursing Agency Pty Ltd is committed to protecting the privacy and confidentiality of collection, storage, disclosure, or transfer of member information as required by the Privacy Amendment (Private Sector) Act (Cth) 2000, Health Records Act (Vic) 2001, and NSW Health Records & Information Privacy Act 2002 No. 71.
This Policy applies to all app users, applicants, clients and general users of the publicly available SixCare app (anyone may download and register) and outlines how we collect, use, store, disclose and protect personal and sensitive information.
2. PRIVACY COMMITMENT
Six Care Nursing Agency is dedicated to safeguarding personal and sensitive information and ensuring transparency in our data handling practices. We adhere to the following principles:
· Personal information is collected only for lawful and necessary purposes.
· Information is not used or disclosed beyond its original purpose without consent, unless required by law.
· Reasonable steps are taken to ensure data accuracy, security, and confidentiality.
· Individuals have the right to access and correct their personal information, subject to legal exceptions.
Security measures are in place to prevent unauthorized access, misuse, or modification of personal information.
3. ROLES & RESPONSIBILITIES
The responsibility for implementing and enforcing this policy rests with Six Care Nursing Agency. All users must comply with this policy.
Six Care Nursing Agency ensures:
· Personal data is collected only when necessary for lawful and legitimate purposes.
· Information is not used or shared beyond:
o Its original collection purpose.
o A related and lawful purpose.
o A legal requirement.
o Explicit individual consent.
o Conditions stated in Section 9 (Use of Electronic Systems).
· Reasonable steps are taken to maintain the accuracy, security, and confidentiality of personal information.
· Individuals have access to their data, except in cases outlined in Section 8 (Data Security & Storage).
The Quality Team is responsible for drafting and updating this policy, while the CEO is responsible for reviewing and approving it. Users are required to report any suspected privacy breaches or policy violations to their supervisor or the Quality Team for further investigation.
4. COLLECTION OF PERSONAL DATA
Six Care Nursing Agency collects personal information necessary to facilitate work-related operations and provide quality care.
Collected data may include, but is not limited to:
· Name, address, and contact details (e.g., phone number, email).
· Date of birth, tax file number, and bank details (for users).
· Emergency contact information and professional qualifications.
· Health information (e.g., medical history, care requirements) for clients and users, where relevant.
While most data is collected directly from individuals, Six Care Nursing Agency may also obtain information from third parties (e.g., referees, government agencies, or healthcare providers) where necessary. In such cases, individuals will be informed of the collection and the purpose for which it is being collected.
Six Care Nursing Agency ensures that all personal information is collected in a lawful and transparent manner, with consent obtained where required.
5. DATA MANAGEMENT
Six Care Nursing Agency collects and stores users records including payroll, superannuation, and compliance with workplace laws (e.g., Fair Work Act 2009). While user records are exempt under the Privacy Act 1988, Six Care Nursing Agency remains committed to ensuring their security and confidentiality.
Workforce records may include:
· Work history, performance details, and salary information.
· Leave entitlements, taxation details, and professional memberships.
· Emergency contact information and background check results.
· Health-related records are managed in compliance with the Health Privacy Principles (HPPs).
6. HANDLING HEALTH INFORMATION
Six Care Nursing Agency collects and manages health information in compliance with the Health Privacy Principles (HPPs) and other applicable laws. Health information is only disclosed:
· To authorized healthcare providers for the purpose of client care.
· In emergencies, to prevent or reduce a serious threat to life or health.
· As required by law (e.g., mandatory reporting obligations).
Health information is stored securely and accessed only by authorized personnel.
7. MOBILE APPLICATION DATA
The agency’s mobile applications collect operationally essential data, including:
· Location for shift check-in/out and on-shift safety (not required for general browsing/profile use).
· Device details necessary for app functionality.
· User authentication data for security purposes.
7.1 Third-Party Map SDK (Google Maps)
To display maps and show your location on the map view, we integrate the Google Maps Platform SDK. The SDK processes only the data necessary for map and location functionality, including:
· Location data (precise or approximate, depending on the permissions you grant);
· Device and network information (e.g., IP address, device/OS info, crash/performance logs) for security and performance;
· Advertising or app identifiers (e.g., Advertising ID/IDFA) and other platform-provided identifiers (if enabled) for security, abuse prevention and analytics.
Note: We do not access restricted hardware identifiers (e.g., IMEI, IMSI, device serial number, Wi-Fi MAC address) and we do not use location or device data for cross-site tracking. You can disable location permissions at any time in your device settings; general browsing and profile features remain available without location.
Independent processing by Google. For data received via the Maps SDK, Google typically acts as an independent data controller under its own policies and may process/store data on servers worldwide. See:
· Google Maps/Google Earth Additional Terms
We do not sell data obtained via the Maps SDK, and we do not share it with unrelated third parties except as required by law or necessary to provide the service.
8. DATA SECURITY & STORAGE
Six Care Nursing Agency takes reasonable steps to protect personal and sensitive information from unauthorized access, misuse, or loss. Security measures include:
· Encryption of data in transit and at rest.
· Access controls and firewalls to restrict unauthorized access.
· Secure disposal of physical and digital records when no longer needed.
· Prohibition of unencrypted USB devices for storing personal data.
We operate in line with Australia’s Notifiable Data Breaches (NDB) scheme and will assess, contain and notify eligible breaches as required. Users must immediately report it to their supervisor or the IT department at Six Care Nursing Agency.
9. USE OF ELECTRONIC SYSTEMS
Company electronic systems are the property of Six Care Nursing Agency and may be monitored for security, compliance, and operational reasons.
Any personal information discovered through monitoring will remain confidential unless disclosure is legally required or authorized by the individual.
Users using personal devices for work must:
· Immediately contact the company if they suspect a data breach, unauthorized access, or any other security risk.
· Follow workforce guidelines and protocols for handling sensitive information.
10. ACCESSING PERSONAL INFORMATION
Individuals request access to, or correction of, your personal information by contacting the General Manager (details in Section 14). We aim to respond within 10 business days and may need to verify your identity. Access may be provided electronically or in hard copy.
Individuals are responsible for ensuring their personal information is accurate and up to date.
11. RESTRICTED ACCESS TO INFORMATION
Access to personal information may be denied under the following circumstances:
· providing it would unreasonably impact another person’s privacy;
· it relates to existing or anticipated legal proceedings;
· it would reveal confidential commercial decision-making; or
· law prohibits disclosure.
If access is denied, Six Care Nursing Agency will provide a written explanation and information on how to appeal the decision.
12. INFORMATION DISCLOSURE & TRANSFER
We may disclose personal information to:
· service providers (e.g., IT hosting, security, communications, background-checking) under contractual confidentiality and data-protection obligations;
· healthcare providers/regulators where needed for care, safety or compliance;
· facilities/clients in connection with shifts or services you pursue;
· law enforcement/regulators as required by law; and
· others with your consent.
Overseas disclosure (if applicable): If information is transferred outside Australia, we take reasonable steps to ensure it is protected consistently with the Australian Privacy Principles.
Workforce-only: Disclosures for payroll/superannuation and workforce administration occur as required by law and contracts.
13. POLICY VIOLATIONS
We investigate alleged privacy breaches and take appropriate action.
Misuse or unauthorised disclosure by users may lead to disciplinary action up to termination and, where applicable, reporting to authorities (e.g., OAIC, AHPRA).
14. PRIVACY-RELATED INQUIRIES
Individuals with privacy concerns or complaints, including suspected data breaches, should contact the General Manager at 1300660521 for resolution.
15. POLICY REVIEW & UPDATES
We review this policy at least every two years or when laws/operations change. Updates will be posted in the app/website and, where material, we will notify you (e.g., in-app notice or email).
16. ADDITIONAL PROVISIONS
16.1 NDIS & Aged Care Compliance
Where services relate to NDIS participants or aged care residents, we adhere to the NDIS Code of Conduct and Aged Care Quality Standards.
16.2 Third-Party Vendors
We require vendors (e.g., IT, communications, background-checking, payroll) to comply with this policy and applicable privacy laws and to implement appropriate safeguards.
16.3 Data Breach Response
We will contain and assess incidents, notify affected individuals as required, and take steps to prevent recurrence in line with the NDB scheme.
16.4 Cookies & Tracking Technologies
Our websites/apps may use cookies and similar technologies to enhance your experience and measure performance. You can manage preferences via your browser/device settings.
17. DATA RETENTION & DELETION
17.1 Data Retention
We retain personal information only as long as necessary for the purposes described or as required by law (e.g., taxation, clinical/safety records).
17.2 Deletion
You can request deletion in-app (Account Settings → Delete Account) or via info@6care.com.au
· The process includes acknowledgement of permanent data loss and one-time email verification.
· Once confirmed, associated personal data will be permanently deleted or de-identified within 30 days, unless retention is legally required.
· Deletion results in permanent deactivation of your account and discontinuation of related services.
Contact Information
SIX CARE Nursing Agency Pty Ltd.
Phone: 1300 660 521
Email: info@6care.com.au
Website: www.6care.com.au