Security and privacy.
Security for your personal information.
At Leap in! we:
- Have obtained and maintained the globally recognised information security accreditation ISO 27001:2022
- Educate our crew about their obligations to protect your personal information
- Our crew members require complex, rotated passwords and multi-factor authentication to access our systems on work encrypted and secured devices.
- Monitor and protect systems with internal controls and through work with external agencies to prevent and detect any cyber security incidents and unauthorised access to our systems
- Require monitoring and mandatory data breach notification from any solution partners, including our infrastructure providers
- When we transmit data between our Leap in! app and other parts of our platform, we use AES-256128-bit AES encryption, protected through the use of the 128-bit Transport Layer Security (TLS) 1.2 (as a minimum) protocol. (this is a similar level of protection used by Amazon and Google for their services)
- Beyond the copy on your own device, all personally identifiable information is stored securely
- When information we hold is identified as no longer needed to deliver services to you, we ensure it is effectively and securely destroyed, deleted or de-identified.
For more information on your personal information see our Privacy Policy.
Privacy Policy
We respect your privacy.
Leap in! respects your right to privacy and we understand that you want to know about how we manage the confidentiality and security of the information you might provide in the course of your dealings with us. We take your privacy very seriously and are committed to safeguarding the privacy of our all of our members, partners, app users and website visitors and developing technology that gives you the most powerful and safe online experience.
An important part of our commitment to proactively ensuring your privacy, is our strict adherence to the Australian Privacy Principles contained in the Privacy Act 1988 (Cth). This policy sets out how we collect and treat your personal information. Detailed information on the Australian Privacy Principles can be accessed through the Office of the Australian Information Commissioner website.
The information contained in this policy applies to the Leap in! app and website and governs collection, storage, use and disclosure of personal information. By providing personal information to us and using the Leap in! app and website, you consent to the collection, storage, use and disclosure of your personal information in accordance with this Privacy Policy and any other arrangements that apply between us.
How we collect your personal information.
Personal information is information we hold that is identifiable as being about you.
We collect personal information from you in a variety of ways, including when you interact with us electronically or in person, when you access our app or website and when we provide our services to you.
In order to access the Leap in! app and establish an Account, users will be asked to provide
- their first name, preferred name and surname
- an email address (which need not make any reference to the user’s actual name)
- select an eight-character password
Security for your personal information.
We,
- Have obtained and maintained the globally recognised information security accreditation ISO 27001:2022
- Educate our crew about their obligations to protect your personal information
- Our crew members require complex, rotated passwords and multi-factor authentication to access our systems on work encrypted and secured devices.
- Monitor and protect systems with internal controls and through work with external agencies to prevent and detect any cyber security incidents and unauthorised access to our systems
- Require monitoring and mandatory data breach notification from any solution partners, including our infrastructure providers
- When we transmit data between our Leap in! app and other parts of our platform, we use AES-256128-bit AES encryption, protected through the use of the 128-bit Transport Layer Security (TLS) 1.2 (as a minimum) protocol. (this is a similar level of protection used by Amazon and Google for their services)
- Beyond the copy on your own device, all personally identifiable information is stored securely
- When information we hold is identified as no longer needed to deliver services to you, we ensure it is effectively and securely destroyed, deleted or de-identified.
Once you have signed up to the Leap in! app and established an Account, this information may be used to send information, provide updates and process your product or service order.
As part of the Leap in! Plan Ready service, we also collect additional information including but not limited to your date of birth, telephone number, address, disability type, life-stage, support crew, current supports and provider details and your goals in preparation for your NDIS planning meeting or review meeting. If you engage Leap in! as your Plan Manager, with your permission we will access your NDIS plan and associated financial and service delivery details (including information about a health service provided, or to be provided to you) in order to provide you with open, transparent and consultative plan management services.
We may also collect information when you provide feedback, when you provide other information about your personal or business affairs, change your content or email preference, respond to surveys and/or promotions, or communicate with our Leap in! crew. In order to improve our service to you, we also record information about how you use our services, including the websites, apps and when you contact us. In order to provide you with claims processing services we record all claims and invoices sent to Leap in! for processing on your behalf.
The information Leap in! collects from you or about your use of the Leap in! service is dependent on how you access and use the facilities we offer. The NDIA requires us to maintain certain classes of data for seven years for quality and audit purposes.
We take the security of this information very seriously and are committed to ensuring that the information you provide to us is secure. In order to prevent unauthorised access or disclosure, we have put in place physical, electronic and managerial procedures to safeguard and secure information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.
Unfortunately, no data transmission over the Internet can be guaranteed as entirely secure. We will use reasonable endeavours to keep information and materials in the Leap in! Service secure and confidential. Once we have received your information, we take reasonable steps to preserve the electronic and physical security of this information in accordance with the Leap in! Terms of Use and this Privacy Policy.
You control the access to your personal information.
Leap in! is a multi-party information sharing platform designed to capture the information required for an NDIS planning or review meeting and to facilitate a connected and optimised experience between Members and supports and service providers.
After creating an Account, a Member creates a Leap in! profile. As part of their profile a Member can add a person to their Crew and determine the level of access this Crew member can have to their personal information. The access levels are:
- No access
- Access to individual areas at specific levels:
- My profile – No access | Read only | Access to edit
- My documents – No access | Read only | Access to edit
- My finances – No access | Read only | Access to edit
- Full access and allow the person to make decisions on my behalf
If full access is provided and the person is deemed to be a Decision Maker, Leap in! may contact this person about the Member’s account and this person can invite other people to have access to the Member’s account. A full access Crew member may also receive Leap in! notifications on behalf of or in conjunction with the Member.
Use of your personal information.
We may use personal information collected from you to provide you with information, updates and our services. We may also make you aware of new and additional products, services and opportunities available to you. We may use your personal information to improve our products and services and better understand your needs.
In order to provide you with improved products or services we may disclose your information to Leap in! subsidiaries or group companies as may exist at that time, provided they maintain at least the same level of privacy and security controls.
Except as specifically set out in this Privacy Policy, we will not sell or disclose your personal information to any other person or use your personal information for any other purpose without your prior consent, unless authorised or required by law. Generally, we will only use and disclose your personal information for the following purposes:
- To comply with our obligations to the NDIS
- To provide you with information you request about us or the products or services we offer through the Leap in! service
- To provide information to persons expressly authorised by you
- To manage the Leap in! service (including your Account)
- To provide products or services you request from time to time
- To determine and notify you of what products or services (including third-party products and services) we consider are likely to be of most interest to you
- To process and obtain payment for any products or services you order from us through the Leap in! service
- To understand how you use the Leap in! service and to help us improve the Leap in! service, our marketing and the way we do business
- If necessary, to verify your identity, and
- To contact you for direct marketing and promotional purposes including providing you with information about new products or services, events and special offers, unless you tell us that you do not wish to receive this type of information.
We may use your data and any personal information which you have provided us to enhance the service we are providing you. Leap in! may use anonymous and aggregated data from our customers and disclose this in a non-personally identifiable manner to third parties, including but not limited to:
- Advertisers and other third parties for their marketing and promotional purposes such as how many users clicked on their advertisement
- Users of the Leap in! service in order to provide them benchmarks for comparing themselves against the broader Leap in! community
We may contact you by a variety of measures including, but not limited to telephone, email, video calls, SMS or mail.
Leap in! takes all reasonable steps to allow you control over your data. You may cancel your Account by emailing us at any time at feedback@leapin.com.au. Your Account will be disconnected immediately and we will disconnect any connection with your Account information we have established. Leap in! reserves the right to use any aggregated and anonymous data derived from your utilisation of the service to this point. This data cannot identify you in any way. Leap in! is required by the NDIA to maintain copies of certain classes of personally identifying data for seven years for quality and audit purposes.
Disclosure of your personal information.
We may from time to time need to disclose personal information to comply with a legal requirement, such as a law, regulation, court order, subpoena, warrant, in the course of a legal proceeding or in response to a law enforcement agency request.
We may also use your personal information to protect the copyright, trademarks, legal rights, property or safety of Leap in!, www.leapin.com.au, its customers or third parties.
Leap in! may disclose your personal information to third parties in order to allow them to provide the goods and/or services you have requested and to government agencies who provide funding for those goods and/or services. Third parties may employ staff located outside Australia.
If there is a change of control in our business or a sale or transfer of business assets, we reserve the right to transfer to the extent permissible at law our user databases, together with any personal information and non-personal information contained in those databases. This information may be disclosed to a potential purchaser under an agreement to maintain confidentiality. We would seek to only disclose information in good faith and where required by any of the above circumstances.
By providing us with personal information, you consent to the terms of this Privacy Policy and the types of disclosure covered by this Policy. Where we disclose your personal information to third parties, we will request that the third party follow this Policy regarding handling your personal information.
You can access your personal information held by Leap in!
Leap in! seeks to ensure that the information it holds about you is accurate, up-to-date, complete and relevant. If you learn that personal information that Leap in! holds about you is inaccurate, not up-to-date, incomplete, irrelevant or misleading you should contact Leap in! so we can promptly correct it.
If you wish to see what information Leap in! holds about you, you can check your Account on the Leap in! app. This will contain the primary information that Leap in! maintains about you. If you think that we may have additional personal information, you can ask to access that information, please email us at feedback@leapin.com.au.
Sometimes we may not be able to provide you with access to all of your personal information and if this is the case, we will tell you why. We may also need to verify your identity when you request your personal information.
Complaints about privacy.
If you have any complaints about our privacy practices, please send us details of your complaint addressed to the CEO, Leap in! Australia, GPO Box 1744, Brisbane Q 4001 or via feedback@leapin.com.au. We will investigate the complaint and provide you with a written response (which could include email) as soon as we can and normally within 30 days from the date you first contacted us.
Changes to our Privacy Policy.
Please be aware that we may change this Privacy Policy in the future. We may modify this policy at any time, in our sole discretion and all modifications will be effective immediately upon our posting of the modifications on our website. Please check back from time to time to review our Privacy Policy.
Direct communications from Leap in!
When you register to use the Leap in! service you provide your consent to Leap in! for Leap in! to send direct communications to you, including notifications and direct marketing communications. You may opt out of marketing communications if that is your wish. You can opt in or out of receiving direct marketing communications from Leap in! by sending a request to feedback@leapin.com.au. There are however, certain forms of essential correspondence users cannot opt out of receiving, which include correspondence relating to confirmation of your registration with the Leap in! app, notifications of changes to this Privacy Policy or anything else we are required or authorised to send you in accordance with Australian law.
Your digital footprint.
When you visit our Leap in! app and websites (www.leapin.com.au) we may collect certain information such as browser type, operating system, website visited immediately before coming to our site, etc. This information is used in an aggregated manner to analyse how people use our app and websites, such that we can improve our service.
Cookies.
We use “cookies” in order to provide you with the best online experience possible and to identify you on return visits. Cookies are very small files which are sent and stored in your web browser on your device’s hard drive. Leap in! may access these to understand more about your preferences in order to deliver a more relevant experience. Most web browsers automatically accept cookies but you can choose to reject cookies by changing your browser settings.
Our website may from time to time use cookies to analyses website traffic. In addition, cookies may be used to serve relevant ads to website visitors through third-party services such as Google Adwords. These ads may appear on this website or other websites you visit.
Third-party sites.
The Leap in! app may contain links to other websites operated by third parties. Leap in! does not recommend or endorse those other websites or the products and services provided on those sites. Leap in! is not responsible for the condition or content of those websites as Leap in! does not have control over those websites. Leap in! makes no representations about the accuracy of any information contained on any other websites and is not responsible for any loss arising directly or indirectly from you using, assessing or attempting to access those websites.
Advertising.
Some of the Leap in! service may display advertisements and promotions and you hereby agree that Leap in! may place such advertising and promotions on the Leap in! app or website or on, about or in conjunction with your content. The manner, mode and extent of such advertising and promotions are subject to change without specific notice.
Our commitment to a better digital experience.
Leap in! is committed to providing you with a better online experience and more personalised services and endeavour to do so as technology evolves and new products become available.
It will be necessary for our Privacy Policy to change from time to time to account for further developments of the Leap in! service offering and we will provide you with reasonable notice of any significant changes.
This Privacy Policy, and any terms and definitions in it, should be read in conjunction with the Leap in! Terms of Use (also available in hardcopy on request). If any part of this Privacy Policy is inconsistent with any term set out in the Leap in! Terms of Use, the terms of this Privacy Policy will prevail to the extent of the inconsistency.