Privacy Policy

Overview

Veterans First Consulting Pty Ltd and its related entities (‘we’, ‘us’ or ‘our’) adhere to the Privacy Act 1988 (Cth) (‘Privacy Act’) and the Australian Privacy Principles (‘APPs’) and are committed to protecting your privacy. The purpose of this Privacy Policy is to outline how we collect, use, disclose and retain personal and sensitive information. It also sets out how you can make a complaint and how you can access the personal information we hold about you.

Collecting Your Information

The type of personal information that we collect and hold about you depends on your interaction with us. Generally, we will collect, use and hold your personal information for the purposes of:

• assisting us with providing appropriate assistance to our clients throughout the Department of Veterans Affairs (DVA) and Defence Force Ombudsman (DFO) claims processes (Support).

• providing services to you or someone else you know;

• issuing tax invoices for the services we may provide to you from time to time;

• providing you with information about other services that we, our related entities and other organisations that we have affiliations with, offer that may be of interest to you;

• facilitating our internal business operations, including the fulfilment of any legal requirements; and

• analysing our services and customer needs with a view to developing new or improved services.

What is personal information

Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable:

(a) whether the information or opinion is true or not; and

(b) whether the information or opinion is recorded in a material form or not.

For the purposes of this policy, personal information may include:

• name;

• address;

• nationality;

• residency status;

• e-mail address;

• Tax File Number;

• financial information; and

• health information, including any illness, disability or injury you may have suffered.

This is not an exhaustive list. We may need to collect additional information about you from time to time to provide services to you.

You might also need to provide us with personal information about other individuals (e.g. your authorised representatives). If so, we rely on you to inform those individuals that you are providing their personal information to us and to advise them about this policy.

Sensitive Information

We may also collect information which is considered ‘sensitive information’, being:

(a) racial or ethnic origin;
(b) physical and mental medical history (including medical reports, assessments and reports relating to an event of trauma);
(c) religious beliefs or affiliations;
(d) government identifiers (i.e. passport number, licence number, Medicare number or tax file number);
(e) sexual orientation or practices; and
(f) criminal record.

We treat all sensitive information with the highest duty of professional care, and such information will not be disclosed in a personally identifiable way to non-associated entities without your express consent (excluding in connection with the submission of your claim to the DVA or DFO).

Method of collection

Personal information will generally be collected directly from you through the use of any of our standard forms (such as when you enter into an agreement with us, contact us with a query or request, submit your details through our website or by email). We may also collect information other than directly from you where it is unreasonable or impractical to not do so, for example:

• from third parties such as our related entities, business partners, or your representatives;
• from publicly available sources of information;
• from our records of how you use our services; and
• from the third parties we list in the section of this policy with the heading ‘Use and disclosure’.

We will usually notify you in advance when we indirectly collect information, or where that is not possible, as soon as reasonably practicable after the information has been collected.

If you choose not to provide certain information about you, we may not be able to provide you with the products or services you require, or the level of service on which we pride ourselves.

If the personal information you provide to us is incomplete or inaccurate, we may be unable to provide you, or someone else you know, with the products or services you, or they, are seeking.

Internet users

If you access our website, we may collect additional personal information about you in the form of your IP address and domain name.

Our website uses cookies. The main purpose of cookies is to identify users and to prepare customised web pages for them. Cookies do not identify you personally, but they may link back to a database record about you. We use cookies to monitor usage of our website and to create a personal record of when you visit our website and what pages you view so that we may serve you more effectively.

Our website may contain links to other websites. We are not responsible for the privacy practices of linked websites and linked websites are not subject to our privacy policies and procedures.

Use or disclosure of personal information

If we collect personal information for a specific purpose (eg. to provide representative services to you), we will not use or disclose the information for another purpose unless you consent to the use or disclosure of the information or an exception in the APPs applies. For an outline of the exceptions, please consider Australian Privacy Principle 6.

1. Before we disclose your personal information to any third party, we will take reasonable steps to satisfy ourselves that:

(a) only personal information that is necessary for the third party to properly perform their notified functions will be shared;
(b) the third party has a commitment to protecting your personal information from use outside the function that they have notified us of; and
(c) you have provided consent (including deemed consent) under this Policy to the disclosure in this way.

Other than as set out in (1.) (above), we will not disclose your personal information to any third party without your express consent unless we are legally required or compelled by a law enforcement or government agency to do so; or we reasonably believe that disclosing your information is necessary to prevent serious harm to you or someone close to you.

Information accuracy

We take reasonable steps to ensure that all personal data collected is accurate, up to date and complete. You can ask us to correct any inaccurate information we hold or have provided to others by contacting us using the details in this policy. If the information that is corrected is information we have provided to others, you can ask us to notify them of the correction.

Security of personal information

We take care to protect the security of your personal information. We may hold your personal information in a combination of secure computer storage facilities, paper-based files and other formats. We take reasonable steps to protect personal information from misuse, loss, unauthorised access, modification or improper disclosure. These include instructing our staff who handle personal information to respect the confidentiality of customer information and the privacy of individuals. Please note, we are required by law to retain your personal information for a specific amount of time. We will generally destroy or de-identify personal information if it is no longer required.

Access to and correction of personal information

You can contact us to access or correct any personal information we hold about you. However, in certain situations, we are permitted to refuse access to personal information. These situations include where:

• giving access would have an unreasonable impact on the privacy of other individuals
• giving access would be unlawful, or where denying access is required or authorised by an Australian law or a court order
• giving access is likely to interfere with law enforcement activities.

For other situations, please consider Australian Privacy Principle 12.

If we receive a request to access personal information, we aim to respond to that request in a reasonable timeframe. In general, we will not impose an access charge unless the request of access and correct personal information is excessively onerous.

If we refuse access to personal information, we will provide you with reasons as to why access was refused and provide you with information on how to lodge a complaint about the refusal.

Third-party software and websites

In line with Australian data storage legislation, we use third-party cloud storage tools with servers in Australia to store sensitive client information. Halaxy is our preferred data storage provider for sensitive client information. You can find the Halaxy privacy policy here.

We may, whether on our website or in connection with our Support, provide links to third-party sites that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the privacy policy of every site you visit.

We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third-party sites, products or services whatsoever. You should be aware that your ability to opt-out of a third-party tool or platform will depend on the conditions governing your agreement with that third party.

Data breach notification

We accept our obligation to keep personal information safe. Should personal data systems be breached or data is misused or lost, then we will take all reasonable and practicable means to contact individuals whose personal information is involved. We will advise such individuals of the extent of the data breach (if known) and advise individuals of the most appropriate means of regaining control of their personal information. If appropriate, we will also report any eligible data breach to the Office of the Australian Information Commissioner in accordance with the Privacy Act.

Transfer of personal information

If you are located outside of Australia, you acknowledge and understand that your personal information will be transferred, processed and stored in Australia in accordance with this privacy policy. Australian privacy laws may not be as protective as those in your jurisdiction.

When we disclose personal information in accordance with this privacy policy, it may be accessed from, transferred to, and/or stored outside the country in which you are located. The privacy laws in that country may be of a lower standard than those in your own country. We will use our best endeavours to safeguard your personal information in accordance with this privacy policy.

Complaints

We strive to ensure compliance with this Policy and regularly review our practices to ensure they are compliant with our legal obligations.

If at any time you are not satisfied with our practices or our Policy, you can contact us at support@veteransfirstconsulting.com. All complaints made will be dealt with in confidence.

We endeavour to respond with a resolution or proposed resolution to the issue raised within 30 days of receiving the complaint in question.

If you are dissatisfied with our response to your compliant, you may make a further complaint to the Office of the Australian Information Commissioner about the handling of your personal information. Information on making a privacy complaint can be found on their website at http://www.oaic.gov.au/privacy/making-a-privacy-complaint

Contact us

If you have any questions about this policy, please contact us at support@veteransfirstconsulting.com