Website Privacy Policy
NEWPATH.ORG LTD · ABN 48 687 386 787 · ACNC Registered Charity
This policy explains how NewPath collects, uses, protects and shares your personal information, in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles. An Easy Read version is available on request.
Last updated: June 2026
Your privacy at a glance
This quick summary uses traffic light colours and plain words so it is easy for everyone to understand.
We will always
- Keep your information safe
- Ask before collecting health or disability information
- Let you see and fix your information
- Listen if you make a complaint. It will never affect your supports
We may sometimes
- Share information with the NDIA, your plan manager, or your other providers, only when needed for your supports
- Share information when the law says we must
- Send you news about our services. You can say stop at any time
We will never
- Sell, rent or trade your information
- Use your sensitive information for marketing
- Share your information without a proper reason
Overview
The purpose of this policy is to provide guidance on privacy relating to all personal information collected via the website at www.newpath.org.au, and through our related online and offline interactions with you. It applies to any individual who visits, interacts with, or provides information through NewPath's online and offline platforms, including website visitors, NDIS participants and their families, carers, nominees and guardians, referrers, volunteers, donors, and prospective staff.
NewPath (NEWPATH.ORG LTD) is an Australian registered not-for-profit organisation providing supports to people living with dementia, mental health conditions, and disability, including under the National Disability Insurance Scheme (NDIS). Our services include recovery coaching, support coordination, and NDIS application assistance.
Our legal obligations
NewPath respects your right to privacy and complies with:
- the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs);
- the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act 1988 (Cth);
- the National Disability Insurance Scheme Act 2013 (Cth) and the NDIS Code of Conduct, which require providers to respect and protect the privacy of people with disability;
- the Health Records and Information Privacy Act 2002 (NSW) in respect of health information we hold; and
- the Spam Act 2003 (Cth) and Do Not Call Register Act 2006 (Cth) in respect of our communications with you.
Personal information
The Privacy Act 1988 (Cth) defines "personal information" as information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not, and whether it is recorded in a material form or not. If the information does not disclose your identity or enable your identity to be ascertained, it will in most cases not be classified as personal information and will not be subject to this policy.
Because NewPath provides disability and health-related supports, some of the information we collect may be sensitive information, including health information, disability information, and information about your NDIS plan. We only collect sensitive information with your consent (or the consent of your authorised representative), or where otherwise permitted or required by law, and we handle it with additional care.
Collection of personal information
NewPath will, from time to time, receive and store personal information you enter onto our website, provide to us directly, or give to us in other forms (for example, by phone, email, referral forms, intake and consent forms, or in person). Depending on how you use the website and our services, this may include:
- your name, email address, phone number, postal address, and other contact information;
- demographic information, preferences, and interests;
- information you provide through our "Find Support", consultation booking, referral, and contact forms;
- where you receive or enquire about our services: health, disability, and NDIS-related information, including your NDIS participant number, plan details, goals, and support needs;
- details of your nominee, guardian, carer, or other authorised representative; and
- any other information you provide while interacting with us, including feedback, complaints, surveys, and donations.
Where it is reasonable and practicable, we collect personal information directly from you or your authorised representative. In some circumstances we may collect information from third parties such as the National Disability Insurance Agency (NDIA), plan managers, other service providers, health professionals, family members, guardians, or the Public Guardian, where this is necessary to deliver our services and is permitted by law.
You may interact with us anonymously or using a pseudonym where it is lawful and practicable to do so. However, we may not be able to provide our services to you if you do not provide the information we need.
By accessing our website and/or using our services, you consent to the collection, use, disclosure, storage, and processing of your personal information in accordance with this Privacy Policy.
How we use your personal information
NewPath may use personal information collected from you to:
- respond to enquiries, consultation bookings, and referrals;
- assess your eligibility for and deliver supports under your NDIS plan or other arrangements;
- coordinate with other providers, health professionals, and the NDIA where required for your supports;
- meet our legal, regulatory, funding, quality, safeguarding, audit, and reporting obligations, including under the NDIS Act 2013 (Cth) and the NDIS Code of Conduct;
- make you aware of new and additional services and opportunities available to you; and
- improve our services and better understand your needs.
NewPath may contact you by a variety of measures including telephone, email, SMS, or mail.
Direct marketing
By using our website, you consent to the receipt of direct marketing material, such as our newsletter. We will only use your personal information for this purpose if we collected it directly from you and it is material you would reasonably expect to receive from us.
We do not use sensitive personal information in direct marketing activity.
Every marketing communication will include a simple way to opt out, and you may opt out at any time by contacting us.
Disclosure of your personal information
We may disclose your personal information to our employees, officers, insurers, professional advisers, agents, suppliers, contractors, or subcontractors insofar as reasonably necessary for the purposes set out in this policy. Personal information is only supplied to a third party when it is required for the delivery of our services.
Depending on the services you receive, we may also disclose relevant personal information to:
- the National Disability Insurance Agency (NDIA), the NDIS Quality and Safeguards Commission, and your plan manager, where required for the delivery, funding, or oversight of your supports;
- other service providers, allied health professionals, and medical practitioners involved in your care, with your consent or as otherwise permitted by law;
- your nominee, guardian, or other authorised representative; and
- external auditors or quality assessors engaged for accreditation, certification, or NDIS registration audit purposes. Participants have the option of being involved in external audits if they wish.
We may need to disclose personal information to comply with a legal requirement, such as a law, regulation, court or tribunal order, subpoena, or warrant, in the course of a legal proceeding, or in response to a law enforcement agency request. We may also disclose personal information where necessary to lessen or prevent a serious threat to the life, health, or safety of any individual, or as required by mandatory reporting obligations.
We do not sell, rent, or trade your personal information to any third party.
If there is a change of control in our organisation or a transfer of our operations or assets, we reserve the right to transfer, to the extent permissible at law, our user databases, together with any personal information contained in those databases. Any such information would be disclosed in good faith and under an agreement to maintain confidentiality. Where we disclose your personal information to third parties, we will request that the third party follow this policy regarding the handling of your personal information.
Security and retention
NewPath is committed to ensuring that the information you provide to us is secure. To prevent unauthorised access or disclosure, we have put in place suitable physical, electronic, and managerial procedures to safeguard and secure information and protect it from misuse, interference, loss, and unauthorised access, modification, and disclosure.
The transmission and exchange of information over the internet is carried out at your own risk. Although we take measures to safeguard against unauthorised disclosures, we cannot guarantee the security of information you transmit to us or receive from us. An intentional breach of this policy by a NewPath worker will result in disciplinary action up to and including termination of employment or engagement.
We retain personal information only for as long as it is needed for the purposes for which it was collected, or as required by law. When personal information is no longer required, we take reasonable steps to destroy or de-identify it securely.
Our website, cookies, and third party sites
We collect some information automatically when you visit our website (https://newpath.org.au/). This may include your IP address, device type, the webpage you visited before coming to our website, the pages you visit and for how long, links you click, and identifiers associated with your device. Where analytics tools such as Google Analytics are used, this information helps us understand how users interact with the website to create a better user experience. It is generally aggregated and does not personally identify you.
We may from time to time use cookies. Cookies are very small files which a website uses to identify you when you come back to the site and to store details about your use of the site. They are not malicious programs. Most browsers automatically accept cookies, but you can reject them in your browser settings. This may prevent you from taking full advantage of our website. Cookies may also be used to serve relevant ads through third party services, on this website or other websites you visit.
Our site may have links to other websites not owned or controlled by us. These links are for your convenience only and do not constitute sponsorship, endorsement, or approval. NewPath is not responsible for the privacy practices of other websites. Please read the privacy statements of every website you visit that collects personal information.
Access and correction: your rights
Australian Privacy Principle 12 permits you to obtain access to the personal information we hold about you in certain circumstances, and Australian Privacy Principle 13 allows you to correct inaccurate personal information subject to certain exceptions. To make a request, contact us using the details below. We will respond within a reasonable period. There is no charge for making a request, although a reasonable administrative fee may apply to providing access in some circumstances. If we refuse a request, we will give you written reasons and information about how you can complain about the refusal.
Overseas transfer
Your personal information may be transferred or stored overseas, including through cloud-based software and IT service providers. It is not possible to identify every country to which it may be sent. If your information is sent to a country with data protection laws at least substantially similar to the Australian Privacy Principles, and where enforcement mechanisms are available to you, we will not be liable for a breach of the APPs if your information is mishandled in that jurisdiction. If it is transferred to a jurisdiction without comparable protections, we will take reasonable steps to secure a contractual commitment from the recipient to handle your information in accordance with the Australian Privacy Principles.
Notifiable data breaches
NewPath complies with the Notifiable Data Breaches (NDB) scheme under the Privacy Act 1988 (Cth). If a data breach occurs that is likely to result in serious harm to any individuals whose personal information is involved, we will notify the affected individuals and the Office of the Australian Information Commissioner as required by law, and take prompt steps to contain and remediate the breach.
Complaints about privacy
If you have a complaint about how we maintain the privacy of your personal information, please contact us using the details below. All complaints will be considered by NewPath's management and we may seek further information from you to clarify your concerns. If we agree that your complaint is well founded, we will, in consultation with you, take appropriate steps to rectify the problem.
If you remain dissatisfied with the outcome, you may refer the matter to:
- the Office of the Australian Information Commissioner (OAIC): www.oaic.gov.au or 1300 363 992; or
- for NDIS participants, the NDIS Quality and Safeguards Commission: www.ndiscommission.gov.au or 1800 035 544.
Making a complaint will never affect the services and supports you receive from NewPath.
Contact us
If you have any questions about this policy, or wish to make an access, correction, or complaint request:
Newpath (NEWPATH.ORG LTD)
Email: info@newpath.org.au
Phone: 0414 974 068
Post: PO Box 643, Riverstone NSW 2765
An Easy Read version of this policy is available. Please ask us and we will provide it.
Changes to this policy
Date updated: June 2026.
NewPath reserves the right to modify this policy in whole or in part, at any time. Any changes will be published on this page, and the current version will always be available at www.newpath.org.au.
NewPath acknowledges the Traditional Owners of Country throughout Australia and recognises their continuing connection to land, waters and culture. We pay our respects to their Elders past, present and emerging.
Questions about your privacy?
Talk to a real person. We're happy to explain anything in this policy in plain words.