Privacy Policy

Last updated: June 2026

1. Introduction

Montessori Care Pty Ltd (ABN 60 633 980 140), trading as Montessori Care (“Montessori Care”, “we”, “us”, “our”), is committed to protecting the privacy of our clients, their families, our staff, website visitors, and all other individuals whose personal information we collect. We are a Registered NDIS Provider (Provider Number 4050113257) and a Support at Home provider, and we handle personal information in accordance with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), the Aged Care Act 1997, the National Disability Insurance Scheme Act 2013, the My Health Records Act 2012, and all other applicable Australian privacy laws.

This policy explains what information we collect, how we use it, who we share it with, how it is stored, and your rights in relation to it.

A copy of the Australian Privacy Principles can be obtained from the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

2. Who we are

Montessori Care Pty Ltd is a Registered NDIS Provider and Support at Home provider delivering in-home aged care, disability support, and allied health services across Sydney, the Central Coast, and the South Coast of NSW.

  • ABN: 60 633 980 140
  • NDIS Provider Number: 4050113257
  • Email: admin@montessoricare.com.au
  • Phone: 1300 918 000

3. What information we collect

We collect the following categories of information:

Personal information — your name, date of birth, address, contact details, next-of-kin and emergency contact details, Medicare number, pension or DVA number, NDIS participant number, and government identifiers where required for service delivery and reporting.

Sensitive information (including health information) — medical history, current health conditions, medications, allergies, disability information, mental health information, GP and specialist details, care plans, allied health assessments, incident records, and other clinical notes necessary to deliver safe care.

Financial information — billing address, payment details, NDIS plan details, Support at Home funding details, and means assessment information where applicable.

Employment-related information (for staff and applicants) — qualifications, certifications, NDIS Worker Screening Check, Police Check, Working with Children Check, references, banking and superannuation details, and right-to-work documentation.

Website and technical information — IP address, browser type, device information, pages visited, referring URLs, and cookie data (see Sections 9 and 10 below).

4. How we collect information

We collect information directly from you wherever practical, including through:

  • Service enquiries by phone, email, or our website contact and intake forms
  • Initial assessments and care planning conversations
  • Service Agreements and ongoing service delivery
  • Job applications and employment onboarding
  • Cookies and analytics tools when you visit our website

In some cases we may collect information from third parties, including referring GPs, hospitals, family members or authorised representatives, the NDIA, My Aged Care, allied health professionals, and government departments — only where you have consented or where the law permits.

5. Why we collect and use your information

We collect and use personal information for the following purposes:

  • Assessing your eligibility and care needs
  • Developing, delivering, and reviewing your care plan
  • Coordinating services with allied health professionals, GPs, and other providers
  • Invoicing, billing, and processing payments
  • Claiming funding through the NDIS, Support at Home, or other government programs
  • Meeting our reporting obligations to the Aged Care Quality and Safety Commission, the NDIS Quality and Safeguards Commission, the NDIA, the Department of Health and Aged Care, and other regulators
  • Recruiting, screening, and managing staff
  • Responding to enquiries, feedback, and complaints
  • Improving our services and conducting internal training and quality reviews
  • Communicating with you about your care, including via SMS and email
  • Marketing purposes — only with your consent, and you may opt out at any time
  • Meeting other legal obligations, including responding to subpoenas and court orders

6. Who we share your information with

We may disclose your personal information to:

  • Our employees, contractors, and care workers who need it to deliver your care
  • Allied health professionals, GPs, hospitals, and other healthcare providers involved in your care
  • The NDIA, My Aged Care, the Department of Health and Aged Care, and other government agencies as required by law or your funding arrangements
  • The Aged Care Quality and Safety Commission and the NDIS Quality and Safeguards Commission for compliance and reporting
  • Our service providers, including IT systems, payroll, accounting, insurance, and professional advisors, all of whom are bound by confidentiality obligations
  • Your authorised representative, family members, or nominee — where you have consented
  • Law enforcement or regulatory authorities where required or permitted by law

We do not sell your personal information to any third party.

7. Sensitive and health information

We treat health and sensitive information with additional care. We will only collect, use, or disclose it:

  • With your consent, or the consent of your authorised representative
  • For the primary purpose of providing care, or for a directly related secondary purpose you would reasonably expect
  • Where required or authorised by law
  • To lessen or prevent a serious threat to life, health, or safety

8. Data storage and security

Your information is stored in secure electronic and physical systems. Electronic records are held in cloud-based platforms hosted within Australia where reasonably practicable, with access restricted to authorised personnel and protected by encryption, multi-factor authentication, and regular security reviews. Paper records are stored in locked premises.

We take reasonable steps to protect your information from misuse, interference, loss, unauthorised access, modification, or disclosure. However, no method of electronic transmission or storage is 100% secure.

9. Cookies and website analytics

Our website uses cookies and similar tracking technologies to improve your browsing experience, understand how visitors use our site, and support marketing. We use CookieYes to manage your cookie consent — when you first visit our site, you will see a banner allowing you to accept, reject, or customise the categories of cookies you allow.

The categories of cookies we may use include:

  • Necessary cookies — required for the website to function and cannot be switched off
  • Functional cookies — remember your preferences and choices
  • Analytics cookies — including Google Analytics and Microsoft Clarity, to understand how visitors use our site
  • Marketing cookies — used to deliver relevant advertising and measure campaign performance

You can change your preferences at any time using the cookie settings link in our website footer, or by clearing your browser cookies. You can also disable cookies through your browser settings, though parts of the website may not function properly as a result.

10. Microsoft Clarity

We partner with Microsoft Clarity and Microsoft Advertising to capture how you use and interact with our website through behavioral metrics, heatmaps, and session replay to improve and market our products/services. Website usage data is captured using first and third-party cookies and other tracking technologies to determine the popularity of products/services and online activity. Additionally, we use this information for site optimization, fraud/security purposes, and advertising. For more information about how Microsoft collects and uses your data, visit the Microsoft Privacy Statement.

11. Data retention

We retain personal information only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Specifically:

  • Client care records are retained for at least 7 years after the end of services, in line with Aged Care and NDIS record-keeping requirements (and longer for clients who were minors at the time of service)
  • Financial records are retained for at least 7 years
  • Employment records are retained for at least 7 years after the end of employment
  • Website enquiry data is retained for up to 2 years unless converted into an active client record

When information is no longer required, it is securely destroyed or de-identified.

12. Your rights

Under the Privacy Act 1988, you have the right to:

  • Access the personal information we hold about you
  • Correct any information that is inaccurate, out-of-date, incomplete, or misleading
  • Withdraw consent for the use of your information for marketing or other non-essential purposes
  • Make a complaint if you believe we have breached your privacy

To exercise any of these rights, please contact us at admin@montessoricare.com.au. We may ask for proof of identity before processing your request. Most requests are handled free of charge, though a reasonable fee may apply to access requests involving significant time or cost — we will let you know in advance.

In limited circumstances, the Privacy Act allows us to refuse access. If we do, we will provide written reasons and explain how you can challenge our decision.

13. Data breach notification

We have a Data Breach Response Plan in place. If a data breach occurs that is likely to result in serious harm to you, we will notify you and the Office of the Australian Information Commissioner (OAIC) as required under the Notifiable Data Breaches scheme.

14. Complaints

If you believe we have mishandled your personal information, please contact us first so we can investigate and respond. You can contact our Privacy Officer at admin@montessoricare.com.au or on 1300 918 000. We will acknowledge your complaint within 7 days and aim to resolve it within 30 days.

If you are not satisfied with our response, you can lodge a complaint with:

Office of the Australian Information Commissioner (OAIC)

  • Phone: 1300 363 992
  • Website: oaic.gov.au

For complaints about your care specifically, you can also contact:

  • Aged Care Quality and Safety Commission — 1800 951 822
  • NDIS Quality and Safeguards Commission — 1800 035 544

15. Contact us

For any questions about this Privacy Policy or how we handle your information:

Montessori Care Pty Ltd

  • ABN: 60 633 980 140
  • NDIS Provider Number: 4050113257
  • Email: admin@montessoricare.com.au
  • Phone: 1300 918 000
  • Website: www.montessoricare.com.au

16. Updates to this policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The most current version will always be available on our website, with the “Last updated” date shown at the top.

Get in Touch
Facebook-f Instagram Linkedin-in Youtube Tiktok