Privacy Policy
MyConsumables ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application (the "App"). This App facilitates the ordering and delivery of consumable products for participants in the National Disability Insurance Scheme (NDIS) and Home Care Package (HCP) programs.
Please read this Privacy Policy carefully. By using the App, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the App.
Information We Collect
Personal Information
We collect personal information that you voluntarily provide to us when you:
Register for an account
Use the App's features and services
Contact customer support
Participate in surveys or provide feedback
The personal information we collect includes:
Account Information: First name, last name, email address, phone number, date of birth, username, and password
NDIS/HCP Program Information: NDIS number, plan type (self-managed, plan-managed, or agency-managed), plan manager name and email, NDIS email, agency start and end dates, annual budget, current balance, pending balance, previous balance, budget thresholds, HCP provider name and email
Address Information: Residential address (street address, apartment/unit, suburb, state, postcode) and delivery address
Payment Information: Payment method details (processed securely through our payment processor Stripe)
Order Information: Order history, product preferences, delivery preferences, and shopping cart contents
Identity Verification: Information required to verify your identity and eligibility for NDIS/HCP programs
Support Requests: Contact details, severity level, and description of issues when you contact customer support
Automatically Collected Information
When you use the App, we automatically collect certain information about your device and usage:
Device Information: Device type, operating system and version, unique device identifiers, mobile network information
Usage Data: App features accessed, time and date of access, app crashes and performance data
Location Data: Real-time GPS location data (with your permission) for:
Delivery route navigation and tracking
Showing nearby suppliers
Optimizing delivery routes
Providing turn-by-turn directions for drivers
Push Notification Tokens: Device tokens to send you notifications about orders, deliveries, and account updates
Information from Third Parties
We may receive information about you from third parties, including:
Authentication Providers: When you sign in with Google or other third-party authentication services
Payment Processors: Transaction and payment verification information from Stripe
Coordinators and Care Providers: Your authorized coordinators or healthcare providers may provide or update your information
How We Use Your Information
Service Delivery
Create and manage your account
Process and fulfill your orders
Facilitate delivery of products to your specified address
Provide customer support and respond to your inquiries
Send transactional notifications about your orders, deliveries, and account
Verify your eligibility for NDIS/HCP programs
App Functionality
Enable location-based services for delivery tracking and navigation
Remember your preferences and settings
Provide personalized product recommendations
Manage your budget and balance information
Coordinate with your plan managers, care coordinators, or healthcare providers
Communication
Send you order confirmations, delivery updates, and service-related notifications
Alert you about low budget balances (if enabled)
Notify you of important changes to our services or policies
Respond to your customer support requests
Improvement and Analytics
Analyze app usage patterns to improve functionality
Monitor and analyze trends to enhance user experience
Detect, prevent, and address technical issues
Develop new features and services
Legal and Safety
Comply with legal obligations and regulatory requirements
Protect against fraud, unauthorized transactions, and other illegal activities
Enforce our terms of service and protect our legal rights
Ensure the safety and security of our users and services
How We Share Your Information
We do not sell your personal information. We may share your information in the following circumstances:
With Your Consent
We share your information when you explicitly consent or direct us to do so.
Service Providers and Business Partners
We share information with trusted third-party service providers who assist us in operating the App and providing services:
Cloud Infrastructure: Amazon Web Services (AWS) for hosting, database, and backend services
Authentication: AWS Cognito for secure account authentication and management
Payment Processing: Stripe for secure payment processing
Mapping and Navigation: Mapbox for maps, navigation, and location services
Push Notifications: Firebase Cloud Messaging and Expo for sending notifications
Analytics and Performance: Expo for app performance monitoring and crash reporting
These service providers have access to your information only to perform specific tasks on our behalf and are obligated to protect your information.
Suppliers and Delivery Partners
We share relevant information with:
Suppliers: Your name, delivery address, phone number, and order details to fulfill your orders
Delivery Drivers: Your name, delivery address, and phone number to facilitate delivery
Coordinators and Care Providers
With your authorization, we share information with:
Plan Managers: NDIS balance, order details, and budget information
Healthcare Coordinators: Order information and program details for order approval and coordination
Care Providers: Relevant information needed to coordinate your care
Legal Requirements
We may disclose your information if required by law or in response to:
Legal processes (subpoenas, court orders, legal proceedings)
Requests from government or regulatory authorities
Protection of our rights, property, or safety
Investigation of fraud or security issues
Enforcement of our terms of service
Business Transfers
If we are involved in a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and the choices you may have.
Data Security
We implement appropriate technical and organizational security measures to protect your information against unauthorized access, alteration, disclosure, or destruction. These measures include:
Encryption: Data in transit is encrypted using SSL/TLS protocols, and sensitive data at rest is encrypted
Access Controls: Strict access controls and authentication mechanisms limit who can access your information
Secure Infrastructure: Use of AWS cloud infrastructure with industry-standard security practices
Regular Security Audits: Periodic security assessments and vulnerability testing
Secure Authentication: AWS Cognito for secure user authentication with password hashing
However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.
Data Retention
We retain your personal information for as long as necessary to:
Provide our services and fulfill transactions
Comply with legal obligations (tax, accounting, regulatory requirements)
Resolve disputes and enforce our agreements
Maintain security and prevent fraud
When you delete your account, we will delete or anonymize your personal information within a reasonable timeframe, except where we are required to retain it for legal purposes. Some information may be retained in backup systems for a limited period.
Your Rights and Choices
Depending on your location, you may have the following rights regarding your personal information:
Access and Portability
Request access to the personal information we hold about you
Request a copy of your information in a portable format
Correction and Updates
Update or correct your personal information through the App's profile settings
Request correction of inaccurate or incomplete information
Deletion
Request deletion of your account and associated personal information through the App or by contacting us
Note that some information may be retained for legal or legitimate business purposes
Data Restrictions
Object to or restrict certain processing of your information
Withdraw consent where processing is based on consent
Location Services
Enable or disable location services through your device settings
Note that disabling location services may limit certain App features (delivery tracking, navigation)
Notifications
Manage push notification preferences through the App settings or your device settings
You may still receive transactional notifications about your orders
Marketing Communications
Opt out of promotional emails by following the unsubscribe link in any marketing email
Note that you cannot opt out of service-related communications
To exercise these rights, please contact us at:
Support Email: support@myconsumables.com.au
In-App: Through the Customer Support feature in the Profile section
We will respond to your request within 30 days. Some requests may require identity verification.
Children's Privacy
The App is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you believe we have inadvertently collected information from a child under 18, please contact us immediately, and we will take steps to delete such information.
Location Services
The App uses location services to provide:
Real-time delivery tracking
Turn-by-turn navigation for delivery drivers
Location-based supplier recommendations
Route optimization
Permissions Required
Foreground Location: Used when the app is active to show your current location and provide navigation
Background Location: Used by delivery drivers to continue tracking deliveries when the app is in the background
You can control location permissions through your device settings. Disabling location services will limit delivery tracking and navigation features.
Location Data Usage
Location data is used only for the purposes described above
Location data is not sold to third parties
Location data is retained only as long as necessary for service delivery
Third-Party Services
The App integrates with third-party services that have their own privacy policies:
AWS (Amazon Web Services): https://aws.amazon.com/privacy/
Stripe: https://stripe.com/privacy
Mapbox: https://www.mapbox.com/privacy/
Firebase/Google: https://policies.google.com/privacy
Expo: https://expo.dev/privacy
We encourage you to review the privacy policies of these third-party services. We are not responsible for the privacy practices of these third parties.
International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from the laws of your country.
We ensure appropriate safeguards are in place to protect your information when it is transferred internationally, including:
Standard contractual clauses
Ensuring third-party service providers comply with applicable data protection frameworks
Implementing technical and organizational security measures
NDIS and Health Information
We recognize that NDIS and health-related information is sensitive. We handle this information with particular care:
Purpose Limitation: NDIS/HCP information is used solely for program verification, order fulfillment, and coordination with your authorized providers
Access Restrictions: Strict access controls limit who can view sensitive health information
Confidentiality: We maintain the confidentiality of your NDIS/HCP information in accordance with applicable privacy laws
No Unauthorized Disclosure: We do not share your health information except as described in this policy or as authorized by you
Cookies and Similar Technologies
The App may use cookies and similar tracking technologies to enhance functionality:
Session Management: Maintain your login session
Preferences: Remember your settings and preferences
Analytics: Understand how you use the App
Performance: Monitor app performance and crashes
You can manage tracking preferences through your device settings, though this may affect App functionality.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:
Updating the "Last Updated" date at the top of this policy
Sending a notification through the App or via email
Displaying a prominent notice in the App
Your continued use of the App after such changes constitutes acceptance of the updated Privacy Policy. We encourage you to review this policy periodically.
Contact Us
MyConsumables
Support Email:
Website:
In-App Contact:
Customer Support feature in Profile section
Address:
23 Station Lane, Lochinvar, NSW 2321, Australia
We will investigate and attempt to resolve complaints and disputes regarding use and disclosure of personal information in accordance with this Privacy Policy and applicable privacy laws.
Australian Privacy Principles
For Australian residents, we comply with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth). This includes:
Transparent handling of personal information
Individual rights to access and correct information
Secure storage and transfer of information
Purpose limitation and data minimization
If you are not satisfied with our response to your privacy concern, you may contact the Office of the Australian Information Commissioner (OAIC):
Website: https://www.oaic.gov.au
Phone: 1300 363 992
Email: enquiries@oaic.gov.au
Consent
By using the MyConsumables App, you consent to:
The collection, use, and disclosure of your information as described in this Privacy Policy
The transfer of your information to third-party service providers as described
The use of location services as described (when you enable location permissions)
The processing of your NDIS/HCP information for service delivery purposes
You may withdraw your consent at any time by discontinuing use of the App and requesting deletion of your account, subject to any legal obligations we have to retain certain information.
This Privacy Policy is effective as of the Last Updated date above.
If you do not agree with this Privacy Policy, please do not use the App.
