Privacy Policy

1. Introduction

J.PEER Health Pty Ltd (ABN 16 683 516 761) ("J.PEER Health", "we", "us", "our") is committed to protecting your personal information. This Privacy Policy explains how we collect, use, store, and disclose personal information in accordance with the Australian Privacy Principles contained in the Privacy Act 1988 (Cth).

By using our website or engaging our services, you consent to the practices described in this policy. This policy applies to all personal information we collect about clients, their family members, website visitors, and other individuals who interact with us.

2. What personal information we collect

We may collect the following types of personal information depending on how you interact with us:

• Contact details: name, phone number, email address, postal address
• Health information: medical history, care needs, clinical notes, disability information, medications, and Allied Health assessments — this is "sensitive information" under the Privacy Act and is handled with additional care (see Section 6 below)
• Financial information: payment details, income details for government funding purposes, bank account or card details for billing
• Government identifiers: My Aged Care ID number, Medicare number (where relevant)
• Communication records: records of phone calls, emails, and enquiries made to us
• Emergency contacts: name and contact details of nominated family members, guardians, or power of attorney
• Website usage data: IP address, browser type, pages visited, and time spent on our site (via cookies — see Section 9 below)

We only collect personal information that is reasonably necessary for the purposes described in this policy. We do not collect more information than is needed.

3. How we collect personal information

We collect personal information in the following ways:

• Directly from you when you contact us by phone, email, or through our website enquiry form, or when you engage our services and complete a service agreement
• From My Aged Care when you nominate J.PEER Health as your provider through the My Aged Care portal or by calling My Aged Care on 1800 200 422
• From your authorised representative — this may be a family member, guardian, carer, or person holding power of attorney who contacts us on your behalf
• From health professionals involved in your care (such as your GP, specialist, hospital discharge team, or Allied Health provider) where you have consented to the sharing of that information
• Automatically through our website via cookies and similar technologies when you browse jpeerhealth.com

Where it is practicable, we collect personal information directly from the individual concerned. If we collect information from a third party, we will take reasonable steps to notify you.

4. Why we collect personal information

We use your personal information to:

• Provide and coordinate home care services tailored to your needs and care plan
• Communicate with you and your authorised representatives about your care
• Comply with our obligations under the Aged Care Act 2024 and the requirements of the Support at Home program
• Process payments, manage government funding, and issue invoices
• Conduct care assessments and develop or review your care plan
• Arrange rostering and match you with appropriate carers
• Respond to enquiries submitted through our website or by phone
• Improve our services and train our care team
• Meet our legal and regulatory obligations, including reporting to the Aged Care Quality and Safety Commission (ACQSC)
• Analyse website usage to improve our online presence (using anonymised data only)

We will not use your personal information for purposes other than those listed above without your consent, unless permitted or required by law.

5. Disclosure of personal information

We may share your personal information with:

• Your care team — carers, nurses, and Allied Health professionals directly involved in delivering your care
• My Aged Care and the Department of Health and Aged Care as required under the Aged Care Act 2024 and associated program guidelines
• The Aged Care Quality and Safety Commission (ACQSC) for regulatory and compliance purposes
• Your authorised representative — the family member, guardian, or power of attorney you have nominated
• Health professionals involved in your care such as your GP or specialist, with your consent
• IT and software providers who help us store and manage data — these providers are bound by confidentiality obligations and data processing agreements and must not use your data for their own purposes
• Emergency services where there is a serious or immediate threat to your health or safety

We do not sell, rent, or trade your personal information to any third party. We will only disclose your information for the purposes outlined in this policy, with your consent, or where required by law.

If we disclose information to overseas recipients (for example, cloud-based IT infrastructure), we take reasonable steps to ensure those recipients handle your information in a way that is consistent with the Australian Privacy Principles.

6. Health information (sensitive information)

Health information is classified as "sensitive information" under the Privacy Act 1988 and is afforded a higher level of protection. We only collect health information that is directly necessary for the provision of your care.

By engaging J.PEER Health's services, you consent to the collection and use of your health information for the purposes of providing care, complying with aged care regulations, and communicating with health professionals involved in your care.

We take additional steps to protect sensitive information, including:

• Restricting access to health records to staff directly involved in your care
• Storing health records in password-protected, access-controlled systems
• Requiring all staff to complete privacy and confidentiality training
• Not using health information for marketing or any secondary purpose without your explicit consent

7. Data security

We take reasonable steps to protect your personal information from misuse, interference, loss, and unauthorised access, modification, or disclosure. Our security measures include:

• Password-protected systems and role-based access controls
• Secure, encrypted digital storage for client records
• Staff confidentiality agreements and regular privacy training
• Secure document handling and disposal procedures
• Regular review of our security practices and procedures

While we take all reasonable precautions, no method of data transmission or storage is completely secure. If you believe your information has been compromised, please contact us immediately at Care@Jpeerhealth.com.

We retain personal information only for as long as necessary to provide our services and meet our legal obligations. When personal information is no longer required, we securely destroy or de-identify it.

8. Accessing and correcting your information

Under the Australian Privacy Principles, you have the right to:

• Access the personal information we hold about you
• Request corrections if any information is inaccurate, incomplete, out of date, or misleading
• Request deletion of your personal information (subject to our legal obligations to retain certain records)

To make an access or correction request, please contact our Privacy Officer:

• Email: Care@Jpeerhealth.com
• Phone: 0469 371 121
• Post: J.PEER Health Pty Ltd, Melbourne VIC, Australia

We will respond to your request within 30 days. In some circumstances, we may need to verify your identity before providing access. There is no charge for making an access or correction request.

If we are unable to provide access or make a correction, we will explain why in writing and advise you of any available avenues for review or complaint.

9. Cookies

Our website (jpeerhealth.com) uses cookies — small text files stored on your device — to improve your browsing experience and help us understand how visitors use our site.

The types of cookies we use include:

• Essential cookies: necessary for the website to function properly (for example, form session cookies)
• Analytics cookies: used to analyse site traffic and understand how visitors interact with our pages — this data is anonymised and aggregated

Cookies do not identify you personally. You can disable or delete cookies through your browser settings at any time. Please note that disabling cookies may affect the functionality of some parts of our website.

We do not use cookies for targeted advertising or to share your data with advertising networks.

10. How to make a privacy complaint

If you believe we have breached the Australian Privacy Principles or handled your personal information improperly, we encourage you to contact us in the first instance so we can try to resolve your concern.

Step 1 — Contact us: Email our Privacy Officer at Care@Jpeerhealth.com or write to J.PEER Health Pty Ltd, Melbourne VIC, Australia. Please describe your concern in as much detail as possible. We will acknowledge your complaint within 5 business days and provide a full response within 30 days.

Step 2 — External complaint: If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC):

• Website: oaic.gov.au
• Phone: 1300 363 992
• Post: GPO Box 5218, Sydney NSW 2001

11. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal obligations. The current version will always be available at jpeerhealth.com/privacy-policy, along with the date it was last updated.

Where changes are significant, we will take reasonable steps to notify active clients — for example, by email or by a notice on our website. We encourage you to review this policy periodically.

Your continued use of our services after any changes have been made constitutes your acceptance of the updated policy.

12. Contact us

If you have any questions about this Privacy Policy or how we handle your personal information, please contact our Privacy Officer.