Last Updated: January 2026
Kelpcare (“we”, “our”, “us”) is a mobile and web application developed to support NDIS service providers, aged care organisations, and their employees in managing client service requests, job allocations, and timesheets. We are committed to protecting your privacy in accordance with the Privacy Act 1988, the Australian Privacy Principles, and NDIS data handling standards.
This policy applies across the Kelpcare website. It only covers information collected through the Kelpcare website and not information that we collect offline, through other websites, or through our subscription services. Kelpcare will use data from subscription services in accordance with the contractual agreement(s) between Kelpcare and that customer.
This policy explains the practices Kelpcare uses regarding the collection, storage, use, and disclosure of data when your organisation uses our website, and the choices you have associated with that data. By using our website, you agree to the collection and use of data in accordance with this policy.
When using our website or app, you may provide us with personally identifiable data (“Personal Data”). Personal Data may include, but is not limited to:
You can opt out of providing personal data by not entering it when asked, except where it is required to use certain features.
Sensitive Information is defined in the Privacy Act to include information about such things as an individual’s racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record, or health information. Kelpcare does not expect to be collecting sensitive information through the website. Kelpcare does not collect or store sensitive health or medical information of NDIS participants via the public website.
When you access our website, we may automatically collect certain data. Usage data may include, but is not limited to:
We use cookies on our website that hold certain activity data. Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Kelpcare does not use cookies to store confidential user or session information.
You can instruct your browser to refuse all cookies. However, if you do not accept cookies, some features of our website may not function correctly.
When using our website, we may utilise third‑party applications not owned or controlled by us that collect anonymised data for their own purposes or to provide to Kelpcare.
Our website may also contain links to other websites not owned or controlled by us. These links are for your convenience only and do not constitute an endorsement by us. Kelpcare is not responsible for the privacy practices of other websites, and we encourage users to review the privacy policies of such sites.
Kelpcare uses collected data to:
We do not sell, rent, or trade personal information to third parties.
We will only disclose your personal data to regulators, law enforcement bodies, government agencies, courts, or other third parties where we believe it is necessary to comply with applicable laws or regulations, or to exercise, establish, or defend our legal rights. Where possible and appropriate, we will notify you of this type of disclosure.
We may engage other third‑party organisations to facilitate the provision of our service or to assist in analysing how our website and services are used. These parties may access anonymised data and will not have access to Personal Data unless we have your consent or it is otherwise permitted by law.
All data is stored securely on servers managed by or for Kelpcare. Access is restricted to authorised users within your organisation and Kelpcare. We implement reasonable technical and organisational measures to protect your data from unauthorised access, alteration, or disclosure. However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.
The length of time we keep Personal Data depends on what it is and whether we have an ongoing business need to retain it. We retain Personal Data for as long as we have a relationship with you. After that period, we may delete or destroy all copies of Personal Data in our systems or otherwise in our possession or control, unless legally prohibited.
The Privacy Amendment (Notifiable Data Breaches) Act 2017 establishes the Notifiable Data Breaches (NDB) Scheme in Australia. The NDB Scheme requires organisations to notify individuals whose personal data is involved in a data breach that is likely to result in serious harm. Kelpcare will manage all data breaches in accordance with the NDB.
If a suspected or known data breach occurs, we will initially respond and work with the affected area to contain further access to the data. We will then determine whether serious harm is likely. If serious harm is likely, we will promptly notify your organisation and outline the actions being undertaken to limit or mitigate potential harm. Kelpcare will review the incident to determine the cause of the breach and revise internal policies, procedures, or technical implementations to prevent recurrence.
You may request access to the Personal Information we hold about you and request that it be updated or corrected, subject to certain exceptions. If you wish to access your Personal Information, please contact us in writing. Kelpcare will not charge any fee for your access request but may charge an administrative fee for providing a copy of your Personal Information. To protect your Personal Information, we may require identification from you before releasing the requested information.
By using the Kelpcare website or app, you consent to the collection and use of your information as described in this Privacy Policy. If you do not agree with this policy, please discontinue use and contact your administrator or Kelpcare Support.
We may update our Privacy Policy from time to time. Any changes will be posted on this page, and the “Last Updated” date will be revised accordingly. We encourage you to review this page periodically for any changes.
If you have any questions about this policy, wish to make a privacy enquiry or complaint, or request access to your personal data, please contact us at:
Email: support@kelpcare.com
By logging into and using Kelpcare, you consent to:
Kelpcare is committed to protecting your privacy and handling your data responsibly in accordance with Australian Privacy Principles and NDIS data standards.