Privacy Policy
1 Introduction
1.1 Unless expressly stated otherwise in this privacy policy, a reference to “Earni”, “we”, “us” and “our” means Earni Pty Ltd ACN 678 389 896 its related bodies corporate, officers, employees, agents and contractors of such entities.
1.2 Earni collects personal information in the course of doing business in Australia. This privacy policy has been developed to ensure that such information is handled appropriately.
1.3 We are committed to complying with the Privacy Act 1988 (Cth) (Privacy Act) in relation to all personal information we collect. Our commitment is demonstrated in this policy. The Privacy Act incorporates the Australian Privacy Principles (APPs). The APPs set out the way that personal information must be treated.
1.4 By using the Earni Mobile Application or any other associated Earni products, you consent to us collecting, holding, using and disclosing your personal information in accordance with this policy.
Who does the privacy policy apply to?
1.5 This policy applies to any person in relation to whom we currently hold, or may in the future collect, personal information. Broadly, we collect personal information from:
(a) our clients and prospective clients, including NDIS providers (as defined by the National Disability Insurance Scheme Act 2013 (Cth)) (NDIS provider);
(b) any representatives and agents of our clients and prospective clients (Representatives); and
(c) other third parties (Third Party) with whom we have (or any other person named in this paragraph has) a relationship in connection with the National Disability Insurance Scheme (NDIS).
1.6 This policy does not apply to acts and practices in relation to ‘employee records’ of our current and former employees, as these are exempt from the Privacy Act.
What information does the privacy policy apply to?
1.7 This policy applies to personal information (including sensitive information). In broad terms, ‘personal information’ is information or opinions relating to a particular individual who can be identified.
1.8 Information is not personal information where the information cannot be linked to an identifiable individual.
Anonymity and pseudonymity
1.9 We will take reasonable steps to destroy or de-identify personal information if that information is no longer needed for the purposes for which we are authorised to use it.
1.10 If you want to use a pseudonym or remain anonymous when dealing with us, you should notify us and we will try to accommodate your request, subject to our ability to interact with you without having your personal information.
1.11 You do not have to provide your personal information to us but if you do not provide the information requested by us, we may not be able to provide you with our products or services or otherwise engage with you.
2 What kinds of personal information do we collect and hold?
2.1 Our software platform and integrated mobile applications (collectively known as the Software Application) automatically collect hardware and software information about your mobile device including but not limited to:
(a) your IP address;
(b) the types of devices you are using;
(c) language and operating system;
(d) access times and time spent using the Application; and
(e) other automatically collected meta-data.
2.2 Our Software Application will also collect usage information from you. Broadly, this information relates to how you use and navigate the Application, including:
(a) information provided when you create an account;
(b) information provided when you interact with our Application or use Application features;
(c) information about pages, content or advertisements you have browsed or clicked on;
(d) any content, information or material you disclose to us;
(e) the location from which you have come to the site and the pages you have visited; and
(f) information about the features you have used on our Application.
Personal information
2.3 The personal information we may collect differs, depending on the nature of our interaction with you.
2.4 If you are a client or prospective client, we may collect and hold personal information about you, which may include:
(a) contact and identification information, including names and email address;
(b) date of birth;
(c) financial information;
(d) banking details;
(e) sensitive information (see paragraph 2.6);
(f) details relating to NDIS participation and funding, such as;
(i) NDIS numbers;
(ii) NDIS plan funding, funding requests and goals;
(iii) NDIS participant details;
(iv) NDIS funding balances;
(v) support that the NDIS has funded, funds and may in the future fund;
(vi) other information relating to NDIS funding expenditure such as funding balances, claims and statements;
(g) details of incidences, enquiries or complaints;
(h) records of contact and details of enquiries, conversations or correspondence made or received; and
(i) any other personal information required to provide our products and services.
2.5 If you are a Representative or Third Party, we may collect and hold personal information about you, which may include:
(a) names, email address and contact information;
(b) financial information;
(c) banking details;
(d) records of contact and details of enquiries, conversations or correspondence made or received with you; and
(e) any other personal information required to provide our products and services.
Sensitive information
2.6 ‘Sensitive information’ is a subset of personal information under the Privacy Act and includes personal information that may have serious ramifications for the individual concerned if used inappropriately.
2.7 We generally do not collect sensitive information but on occasion we may collect health information if it is relevant to the delivery of our products or services.
2.8 In any case, we will not collect sensitive information without the individual’s consent to whom the information relates unless permitted under the Privacy Act.
3 How do we collect personal information?
3.1 We usually collect your personal information directly from you, whenever you interact with our Application and may collect your personal information via (for example):
(a) the Software Application;
(b) online forms;
(c) surveys and questionnaires;
(d) telephone calls;
(e) physical or virtual meetings; and
(f) email.
3.2 We may also collect personal information from third parties such as:
(a) your representatives and advisers;
(b) through referrals from individuals or other entities;
(c) banks and financial institutions;
(d) government bodies (such as relevant departments, regulatory authorities etc.);
(e) NDIS providers and support coordinators;
(f) our employees, contractors and agents; and
(g) through marketing and business development events.
Use of cookies
3.3 Our Software Application may use ‘cookies’, a text file that is placed on your hard disk by a webpage server. Cookies are uniquely assigned to you.
3.4 A cookie notifies the webserver that you have returned to a specific page. For example, if you create an account on our Application, a cookie:
(a) helps us to recall your specific information on subsequent visits; and
(b) simplifies the process of recording your personal information.
3.5 You have the ability to accept or decline cookies. If cookies are automatically accepted, you can usually modify your settings to decline cookies if you prefer. This may affect your ability to access all parts of the Application.
4 How do we hold personal information?
4.1 Our usual approach to holding personal information is to store it:
(a) physically, in paper files stored securely at our premises; and
(b) electronically, in computer systems, databases and cloud servers either operated by us or our external service providers.
4.2 We implement and maintain processes and security measures to protect personal information which we hold from misuse, interference or loss, and from unauthorised access, modification or disclosure. Some of these processes and systems include:
(a) using secure servers to store personal information;
(b) using unique usernames, passwords and other protections on systems that can access personal information;
(c) arranging for our employees to complete training about information security;
(d) holding certain sensitive documents securely; and
(e) monitoring and reviewing our policies.
5 Why do we collect, hold, use or disclose personal information?
5.1 We take reasonable steps to hold, use and disclose personal information for the primary purpose for which we collect it. The primary purpose for which we collect information varies depending on the individual that we are collecting the information from but is generally as follows:
(a) in the case of current and prospective clients, to provide our products and services – for example:
(i) to manage, perform and renew any service agreement entered into with you or a Representative acting on your behalf;
(ii) to help us identify, calibrate and develop products and services that may interest you;
(iii) to provide customer service functions;
(iv) to maintain and enhance our relationship with you;
(v) to conduct market or customer satisfaction research;
(vi) to conduct marketing and promotional activities;
(vii) to ensure compliance with legislative and regulatory requirements;
(viii) to provide you with information about other products and services that you may be interested in;
(ix) with respect to information generated by the Software Application – to monitor online traffic, deliver customised content and assess user experience;
(b) in the case of a Representative or a Third Party, to assist us in providing our products and services in the course of our business; and
(c) in the case of other persons that contact us, to assist us to respond to your enquiries.
5.2 Personal information may also be collected, held, used or disclosed by us for secondary purposes that are within your reasonable expectations and that are related to the primary purpose of collection.
5.3 We may disclose personal information to:
(a) our contractors, agents, employees and related entities;
(b) our external auditors, brokers and insurance providers, legal and other advisers;
(c) banks;
(d) your representatives and agents;
(e) government bodies (such as relevant departments, regulatory authorities etc.);
(f) NDIS participants or support coordinators;
(g) law enforcement agencies; and
(h) third parties considering the acquisition of the whole or part of our assets or business.
5.4 We will only disclose personal information to third parties if:
(a) we are required or authorised by law to do so;
(b) we have received express consent to the disclosure, or consent may be reasonably inferred from the circumstances; or
(c) we are otherwise permitted to disclose the information under the Privacy Act.
5.5 If you do not provide us with your personal information, we may not be able to provide you with our services, communicate with you or respond to your enquiries.
Retention of information
5.6 If at any time you delete or remove your account from our Software Application, in some cases a backup of information may persist in our Software Application that cannot be practicably retrieved or deleted.
5.7 We will take reasonable steps to destroy or de-identify Personal Information once that Personal Information is no longer needed by us for any purpose for which it may be used or disclosed under the APPs.
5.8 You may request further information surrounding retention from the Privacy Officer identified in section 7 of this policy.
6 Will we disclose personal information outside Australia?
6.1 We will disclose personal information outside of Australia if you expressly request us to do so.
6.2 In some cases, we may indirectly disclose personal information overseas through disclosures to our service providers that have data servers located overseas.
7 How do you make complaints and access and correct your personal information?
7.1 It is important that the information we hold about you is up-to-date. You should contact us if your personal information changes or is incorrect.
Access to information and correcting personal information
7.2 You may request access to the personal information held by us or ask us for your personal information to be corrected by using the contact details in this section.
7.3 We will grant you access to your personal information as soon as possible, subject to the request circumstances.
7.4 In keeping with our commitment to protect the privacy of personal information, we may not disclose personal information to you without proof of identity.
7.5 We may deny access to personal information if:
(a) the request is unreasonable;
(b) providing access would have an unreasonable impact on the privacy of another person;
(c) providing access would pose a serious and imminent threat to the life or health of any person; or
(d) there are other legal grounds to deny the request.
7.6 We may charge a fee for reasonable costs incurred in responding to an access request. The fee (if any) will be disclosed prior to it being levied.
7.7 If the personal information we hold is not accurate, complete and up-to-date, we will take reasonable steps to correct it where it is appropriate to do so.
Complaints
7.8 If you would like to complain about an interference with your privacy, then you must follow the following process:
(a) The complaint must first be made to us in writing, using the contact details in this section. We will have a reasonable time to respond to the complaint.
(b) If the privacy issue cannot be resolved, you may take your complaint to the Office of the Australian Information Commissioner.
Who to contact
7.9 A person may make a complaint or request to access or correct personal information about them held by us. Such a request must be made in writing to the following address: help@earni.au
8 Changes to the policy
8.1 We may update, modify or remove this policy at any time without prior notice.
8.2 This policy is effective 15/07/2025. If you have any comments on the policy, please contact the Privacy Officer with the contact details in section 7 of this policy.
