Privacy Policy

Privacy Policy

At Xlerate Pty Ltd (Xlerate hereafter), we are committed to protect your privacy as a customer and an online visitor to our website. Company is devoted to manage personal information in an open and transparent way, protecting the privacy and rights of individuals, and meeting our privacy obligations.
In line with our values, Xlerate respects and upholds an individual’s rights in relation to all personal or sensitive information it collects, holds, and administers in the process of providing its services.
Following sections set out how we collect, use, disclose and manage your personal or sensitive information. These commitments are undertaken to comply with Australia Privacy Principles (APPS) prescribed in the Privacy Act 1998 (Cth). Please read our privacy policy below carefully.

What Personal information we collect

According to the Privacy Act 1988 (Cth) personal information is generally considered to be information or an opinion from which your identity is apparent or can be reasonable ascertained. The types of information we may collect include:
  • Information about your Plan, Providers and Authorisation Representatives (If any);
  • name, address (e.g. residential and mailing address) and contact details (e.g. phone and email);
  • information about your identity (e.g. date of birth, country of birth, passport details, visa details and drivers’ licence);
  • information about your personal circumstances (e.g. age, gender, marital status and occupation);
  • information about your financial affairs (e.g. payment details, bank account details, and information about business and financial interests);
  • information about your employment (e.g. employment, work history and salary and the name and address of your employer); and
  • government identification.

What Type of Sensitive Information We Collect

Xlerate may also collect or hold a range of sensitive information about you. The types of sensitive information we may collect include; information about your health, racial or ethnic origin, health information or biometric information.
We may have to collect such sensitive information with your prior consent if the information is required to provide you with a specific product or service or where required by law. If we collect sensitive information from a third party, we will also obtain your prior consent.
When you visit our websites, we may collect statistics on the number, date and time of your visit, the number of pages viewed and the way you navigate through our sites.
When you call us, we may collect statistics on the number, date and time of your call and the way you navigated through our Interactive Voice Response (IVR) system. We may also monitor and/or record in and out bound calls for training, QA, verification, substantiation and taxation purposes.

Reason why we collect your personal and sensitive information

Xlerate will only collect sensitive information if you consent and it is reasonably necessary for, or directly related to, one or more of our functions or activities related to the provision of our services or products to you unless it is required or authorised by a law, or because we are forced to obey with a court or tribunal order.
Your personal and sensitive information might be used and disclosed for the purposes of the administration of your NDIS funds, coordination of your disability supports, liaising with your support providers and Local Area Co coordinators, and with the National Disability Insurance Agency (NDIA).
From time-to-time, we may also collect and use your sensitive information for the purpose of internet-based marketing including targeted online advertising and online behavioural marketing.
We may collect personal or sensitive information to assess, investigate and respond to any allegation of abuse, assault, or neglect of customers and, where necessary, to provide the required reports to the relevant regulatory authorities, including mandatory reporting to the NDIS Quality & Safeguards Commission (NDIS Commission).
Xlerate will ensure that each participant understands what personal information will be collected and informed of the reason for the collection.

How we collect your personal and sensitive information

Xlerate will only collect personal or sensitive information where it is reasonable and practical to do so, and we will always collect personal or sensitive information directly from you or your legal representatives.
How we collect your personal information will depend on what mode of communication you choose to interact with us. A classic example would be that we may collect it through your access and use of our website(s), during your conversations with our representatives or from application forms you complete online.
There may be instances when we may need to collect your personal information from third parties, with or without your direct involvement but we will obtain your prior consent if we may need to obtain your sensitive information from third parties. Depending on the products or services you request or receive, the third parties from whom we may collect personal information from include your employer, market research organisations, third party brokers and agents, government agencies, your nominated representatives and advisers and other organisations who, jointly with us, provide products or services to you. These third parties may include local area coordinators, support coordinators, medical practitioners, and health and disability support providers.

Disclosing your personal and sensitive information

Without your prior consent, Xlerate will not give your personal information to government agencies, other organisations, or anyone except where following exceptions applies:
  • if your personal and sensitive information is formally requested by NDIA or the NDIS Commission, regulatory bodies, government agencies and law enforcement bodies;
  • if it is our fiduciary obligation to disclose or where we have been authorised or enforced to, such as by an Australian law, or court or tribunal order to share;
  • you would rationally expect us to use the information for that other purpose;
  • we realistically believe that it is essential to reduce or prevent a serious threat to the life, health or safety of any individual, or to public health or safety; or
  • we have reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to our tasks or activities has been, is being or may be engaged in, and we reasonably believe that it is indispensable for us to take proper action in relation to the matter.
You recognise that in case the assets and/or operations of our business whole or partial are sold to another party, our records of personal and sensitive information may be transferred to that party as part of the transaction.

Repercussions on not allowing us to collect your information

You have the right not to share your personal and/or sensitive information. However in that case we need to limit our scope of service or even apologise to serve you. In some instances you may not be able to get your preferred web settings tailored to your information or your requested products or services may not be delivered to you to the same standard or you may not be able to get required information about products and services you may want.

Marketing our products and services to you

Your personalised information will assist us to offer you products or services that might be of interest to you. You can unsubscribe auto emails or notify us at any time if you no longer interested to receive marketing communications from us.
Xlerate has a policy to not sell personal or sensitive information to other organisations to allow them to do this as well.

Protection of Your Personal And Sensitive Information

We take reasonable steps to ensure your personal and sensitive information is protected from misuse and loss and from unauthorised access, modification or disclosure. We may hold your information in either electronic or hard copy form. We take all appropriate steps to ensure that any personal and sensitive information is destroyed or de-identified when no longer needed by us or as required by law.
We safeguard our IT systems against unauthorised access and ensure that paper-based files are secured. We also ensure that access to your personal or sensitive information within our systems is limited to staff who need to have access to do their work, and to people that you have authorised access to the information available on your Dashboard.
If a data breach occurs, such as if personal or sensitive information that we hold is subject to unauthorised loss, use or disclosure, we will respond in line with the Office of the Australian Information Commissioner’s data breach notification process. We will aim to provide timely advice to you to mitigate any potential harm or loss, financial or otherwise, that could result from the breach.
When browsing our websites, you acknowledge that the internet is not always a secure environment and that the computer and network you use contribute to the overall level of effective protection in place. You further acknowledge that any transmission of information over the internet is out of our control before it reaches our system. Only once we receive your transmission, we can take reasonable steps to ensure its security.To protect your information online, we ask that you observe the security requirements relating to the protection of your user identification number and/or password used to access your online account. We suggest that you should:
  • change your credentials as soon as you access to our website(s) first time after setting up your login details;
  • ensure that your login details given to you are kept securely;
  • permanently destroy any correspondence (including any email) containing your password;
  • memorise your login details and related password;
  • not disclose your login details to anyone; in case if you suspect that your details are exposed immediately telephone us so the potential breach can be controlled if practical by initiating preventive measures.

Links to other websites

In case our website(s) contains hyperlinks to other site(s) owned by different organisations, we encourage you to read each website’s privacy policies before providing any personal or sensitive information. We do not claim any affiliation with such websites which are not clearly identified as our own and do not take any responsibility for their content.

Accessing or Correcting Your Information

You have a right to access personal or sensitive information we hold about you. You also have a right under the Privacy Act to request corrections to any personal or sensitive information that we hold about you if you think the information is inaccurate, out-of-date, incomplete, irrelevant or misleading. The type of information you request will determine the length of time we take to respond. We will generally respond using the same communication method by which your request was originally made.
If you believe that personal information or sensitive information that we hold about you is out-of-date, incomplete, inaccurate, irrelevant or misleading, then you may request in writing and we will make necessary changes. This may include instances where you want copies of material or access to archived information or if the nature of your application makes it necessary for us to retain a record of your request beyond the mandatory data retention time.
In some situations Xlerate may suggest that you make your request for personal information under the Freedom of Information Act 1982 (the FOI Act).
This is because:
  • an FOI access request can relate to any document in our possession and is not limited to personal information;
  • the FOI Act contains a consultation process for dealing with requests for documents that contain personal or business information about another person; and
  • you can complain to the Australian Information Commissioner about what we do under the FOI Act
  • if you are refused access under the FOI Act you have a right to apply for internal review or Information Commissioner review of the access refusal decision.
Find out more information about how to make a request under the FOI Act on the Australian Freedom of Information webpage: You can also make a request by emailing
Generally we will not charge you to access your personal information. However, there may be a cost involved for us to process a request under the FOI Act that goes beyond a typical request for personal information. In that case, you will need to pay us in advance.
To make an enquiry about our compliance with the privacy laws, our privacy policy, or to access or correct the personal information we hold about you, please feel free to contact us though one of the means mentioned on the website.
We are entitled to refuse you access to your information in certain circumstances. For example, you may not be able to access information that would reveal information about another person, is commercially sensitive material or we are prevented by law from disclosing. If this happens, we will provide you with a reason for the refusal. If you have any questions regarding this policy or any concerns regarding our treatment of your personal information, we invite you to contact us.


A cookie is a small file placed in your web browser that collects information about your web browsing behaviour. Use of cookies allows a website to tailor its configuration to your needs and preferences. Cookies do not access information stored on your computer or any Personal Data (e.g. name, address, email address or telephone number). Most web browsers automatically accept cookies but you can choose to reject cookies by changing your browser settings. This may, however, prevent you from taking full advantage of our website.
We may collect personal information about you using cookies. When you access our website, we may send a “cookie” (which is a small summary file containing a unique ID number) to your computer. This enables us to recognise your computer and greet you each time you visit our website without bothering you with a request to register. It also enables us to keep track of products or services you view so that we can send you news about those products or services.
We also use cookies to measure traffic patterns, to determine which areas of our website have been visited and to measure transaction patterns in the aggregate. We use this to research our users’ habits so that we can improve our online products and services. Our cookies do not collect personal information. If you do not wish to receive cookies, you can set your browser so that your computer does not accept them.
We may log IP addresses (that is, the electronic addresses of computers connected to the internet) to analyse trends, administer the website, track users’ movements, and gather broad demographic information.

Do we disclose your personal information to anyone outside of Australia?

We may need to provide your personal information to an overseas recipient as part of our work. Wherever appropriate, we will ensure that we either have your consent or that your personal information is not identifiable.
In some cases, this will not be possible or appropriate, such as when our administrative functions require that we become involved in a law enforcement matter such as a criminal investigation. We may also disclose your personal information to recipients overseas under international agreements that relate to information between Australia and other countries.
If we are unable to seek your consent to provide your personal information to an overseas recipient, or it is impractical to do so, we will only provide your personal information to an overseas recipient if we can do so under the Privacy Act.
To provide our services to our customers we may engage other Service Providers to perform certain functions. These functions may involve the hosting or accessing of personal information by the Service Provider outside Australia.


Though we always try our best to keep our stakeholders happy but we understand few things might bother you. If you have any questions, concerns or have a complaint about how we have handled your personal or sensitive information or you believe there is a possible breach, please contact us using the details mentioned on our website.
We will endeavour to respond to your complaint in accordance with our Feedback and Complaints Policy and Procedure. You can obtain the copy by contacting us.

Our contact details are:


Mail: Personal Relations


PO Box 132

Coburg VIC 3058

Phone: 1300 110 147

In case if you are still not satisfied with actions we have taken, you may also make a complaint to the Office of the Australian Information Commissioner on 1300 363 992 or visit or, you can contact the NDIS Commission on 1800 035 544 or visit

Policy Review

We reserve the right to change, modify or update this Privacy Policy from time to time, without notifying you, by posting an updated version on our website. The updated version will take effect immediately upon posting.

Legislation, Standards and Agreements

Xlerate commit to adhering to various Legislation, Standards and Agreements. These include, but are not limited to, the following:
  • Privacy Act 1988 (Cth)
  • National Disability Insurance Scheme Act 2013 (Cth)
  • Anti-Money Laundering Counter-Terrorism Financing Act 2006 (Cth).
  • Freedom of Information Act 1982
  • Health Records Act 2012
  • National Disability Practice Standards
  • NDIS Quality & Safeguarding Framework
  • NDIS Code of Conduct