Privacy Policy

The public-facing privacy policy for your website footer and intake docs — plain language, Privacy Act 1988 aligned, deliberately shorter than your internal policy.

The public-facing privacy policy. Goes on your website footer and is shared with participants at intake. Deliberately shorter and plainer than the internal Privacy & Confidentiality Policy (in the Foundation Policies Pack).

Sixteen sections covering: who you are; what's covered; what you collect; why; who you share with; how you store and protect; how long; participant rights; data breaches; website and digital tools; children; international transfers; how to contact you; how to complain; updates; version control.

Aligned with the Privacy Act 1988 and the 13 Australian Privacy Principles.

What's included

• 8-page privacy policy (editable .docx)
• 16 sections covering Privacy Act obligations
• Cookies and digital tools section
• Notifiable Data Breaches scheme reference
• OAIC complaints pathway
• International transfers section
• Version control block
• Practice Standards reference (Information Management, Privacy & Dignity)

FAQs

Q. Different from the internal Privacy & Confidentiality Policy?
A. Yes. Internal version = how workers handle info. This public version = what you tell the public on your website. Both are needed.

Q. Should this be lawyer-reviewed?
A. Worth a one-off privacy lawyer review (~$300) if budget allows, especially if you handle particularly sensitive information.

Q. Editable?
A. Yes, Word .docx.

Q. Affiliated with NDIS Commission?
A. No. Independent.

Q. Refund policy?
A. Non-refundable once accessed.

Format: Single .docx (8 pages, 16 sections)

Template by Northform Health. Not legal, regulatory or clinical advice. Not affiliated with the NDIS Quality and Safeguards Commission. Single-user licence. Digital downloads are non-refundable once accessed.