Privacy Policy

1. Introduction

1.1 In this Policy, Use My Super Australia, we, our or us is a reference to the business Use My Super Australia Pty Ltd (ACN 687 831 769).

1.2 Personal information is any information about you where your identity is apparent, or can reasonably be ascertained, and may include Sensitive Information (defined below). A reference to Personal Information in this policy includes Sensitive Information. 

1.3 Sensitive Information is information or an opinion about a person’s racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, sexual preferences, health or medical information or criminal records. 

2. What is this Policy about?

2.1 This Policy explains the key measures we have taken to implement the requirements of the Privacy Act 1988 (Privacy Act), the Australian Privacy Principles and where applicable, other data protection laws such as the European Union General Data Protection Regulations (GDPR). This Privacy Policy outlines the Personal Information collection practices utilised by us, how that information is collected, used and disclosed and your rights in relation to your Personal Information. 

2.2 This Policy covers Personal Information collected directly on our website (www.usemysuper.com) and via email or telephone (collectively Website) from individuals (Clients) who enquire about, access, register for, or use our services (Services). This Policy also covers Personal Information of your healthcare providers and support persons (Trusted Persons) that may be provided to us by you during the provision of the Services. 

2.3 We endorse fair information handling practices and uses of information in compliance with our obligations under the privacy laws in force in Australia from time to time. Any information provided, including identification of individuals, will be used only for the purpose(s) intended and where the intention includes confidentiality, information will be treated as such unless otherwise required by law.

2.4 This Policy represents the default position that we will take in our treatment of Personal Information. We will treat all Personal Information in a manner consistent with this Policy unless you have provided your express consent otherwise. 

2.5 If there is any inconsistency between the Privacy Act and this Policy, this Policy shall be read and interpreted to comply with the Privacy Act.

3. What Personal Information and Sensitive Information do we collect and store?

3.1 We collect the following Personal Information from you and / or Trusted Persons during the course of providing the Services to you:

- name;

- address;

- date of birth

- phone number; 

- superannuation membership details; 

- tax file number; and

- email address

3.2 We may collect the following Sensitive Information from you: health or medical information.

3.3 Personal Information will typically be collected when provided directly to us by you or your Trusted Persons:

- when you contact us or enquire about the Services, including through an online form on our Website or by email; 

- during phone calls, meetings or other communications between you and us;

- through your family members, healthcare providers and support persons, if instructed by you.

3.4 Personal Information of Trusted Persons will be collected and stored by us when it is provided to us by you as part of the Services. 

3.5 Our Website automatically collects anonymous usage data about visitors, including the URL that the visitor came from, the browser being used and the IP address. This data is utilised to improve our services and does not include any personally identifying information. 

3.6 We also reserve the right to collect anonymous usage data through other websites and online systems in order to provide our customers with a better user experience. This data does not include any personally identifying information.

3.7 'Cookies' are alphanumeric identifiers that are stored by the web browser on a computer's hard-drive that enable our system to recognise a visitor to our Website. This helps us to track basic visitor information for the purposes of optimising the design of our systems and marketing activities. 

3.8 Most web browsers automatically accept cookies and this function can be disabled by changing the browser settings of the user.

4. How do we use Personal Information?

4.1 We use Personal Information in the following ways:

- to assist us in providing the Services to you;

- for our own internal administration purposes, for example entering into employment contracts, IT support, processing payroll and recruiting new staff;

4.2 We do not pass on any Personal Information to a third party except in accordance with this Policy. 

5. Who will we disclose your Personal Information to?

5.1 We may share Personal Information with employees, service providers or entities which are fundamental to the provision of the services to you (for example medical practitioners, superannuation funds, the Australian Taxation Office, rehabilitation providers, IT providers, suppliers and our affiliates) on a need to know basis to allow the provision of the Services to you as requested by you. Access to Personal Information by these people is subject to such people protecting your Personal Information to at least the degree set out in this Policy, and such access will be revoked within a reasonable timeframe of access no longer being required. To the extent that these organisations and service providers gain access to Personal Information, their use is governed by their own privacy policies, the Privacy Act, GDPR and any other relevant law.

5.2 Other than disclosure of Personal Information to service providers (as set out above) or as required by law, our policy is that we do not give Personal Information to other organisations unless we have disclosed the use in this Policy or you have expressly consented for us to do so. 

5.3 Occasionally, we might also use Personal Information for other purposes or share Personal Information with another organisation because: 

- we believe it is necessary to protect your rights, property or personal safety; 

- we believe it is necessary to do so to prevent or help detect fraud or serious credit infringements - for example, we may share information with credit reporting agencies, law enforcement agencies and fraud prevention units; or

- we believe it is necessary to protect our interests– for example, disclosure to a Court in the event of legal action to which we are a party.

5.4 In the event that our business is sold by us, the data, including your Personal Information may be transferred to the purchasing entity which would be bound to comply with the Privacy Act in relation to the access, storage and use of your Personal Information. Further, in circumstances where we are merged with another entity, the data, including your Personal Information, may be transferred to that entity, which would be bound to comply with the Privacy Act in relation to the access, storage and use of your Personal Information. Your Personal Information would not be disclosed to a buyer in either circumstance, other than as a part of the transfer of all data related to the Website to that buyer.

6. How do we maintain confidentiality and Data Security?

6.1 All Personal Information collected is stored on secure hard drives and cloud-based Servers run by Amazon Web Services

6.2 We take all reasonable steps to manage data stored by us to ensure data security and to prevent the loss, misuse or alteration of Personal Information.  Despite the above, we are not responsible for any third-party access to Personal Information as a result of:

- interception while it is in transit over the internet;

- an unpatched vulnerability, a zero-day vulnerability, or an attack within 48 hours of a vendor releasing a patch or update; or

- spyware or viruses on the device (such as a computer or phone) from which you access our Website or otherwise contact us.

6.3 We are also not responsible for any losses, expenses, damages and costs, including legal fees, resulting from such third-party access.

6.4 If we have reasonable grounds to believe that your Personal Information that we hold may be subject to unauthorised access or disclosure (eligible data breach), we will investigate and assess the suspected eligible data breach to determine whether the eligible data breach is likely to result in serious harm to you (Notifiable Data Breach). If a Notifiable Data Breach occurs, then we will notify you and the Australian Information Commissioner as soon as practicable after we become aware of the Notifiable Data Breach in accordance with our obligations under the Privacy Act. We will comply in every way with our obligations under Part IIIC – “notification of eligible data breaches” of the Privacy Act. 

7. How do we retain and dispose of Personal Information?

7.1 We will retain Personal Information for as long as is required for us to fulfil the purposes for which the Personal Information was collected, including where applicable to provide you with the Services and to comply with legal requirements. 

7.2 If we no longer require Personal Information for any purpose, including legal purposes, we will take reasonable steps to securely destroy or permanently de-identify the Personal Information. 

8. How can you access your Personal Information?

8.1 You can access the Personal Information held about you at any time by contacting our Privacy Officer. 

8.2 We will always endeavour to meet requests for access. However, in some circumstances we may decline a request for access. This includes the following circumstances: 

- we no longer hold or use the information; 

- providing access would have an unreasonable impact on the privacy of other persons; 

- the request is frivolous or vexatious; 

- the information relates to existing or anticipated legal proceedings and would not normally be disclosed as part of those proceedings; 

- providing access would be unlawful; 

- providing access would be likely to prejudice the detection, prevention, investigation and prosecution of possible unlawful activity; or

- the information would reveal our commercially sensitive information.

8.3 If we decline a request for access, we will provide reasons for our decision when we respond to the request. 

8.4 We reserve the right to charge you a reasonable fee for access to your Personal Information. These charges will be limited to the cost of recouping our expenses for providing you with your Personal Information, such as document retrieval, photocopying, labour and delivery.

8.5 Despite anything contained in this Policy to the contrary, if the Freedom of Information Act 1982 applies to a person on whose behalf we hold Personal Information, the access and correction requirements in the Privacy Act operate alongside and do not replace other informal or legal procedures by which an individual can be provided access to, or correction of, their Personal Information. 

9. How can you change or delete your Personal Information? 

9. 1We will take reasonable steps to ensure that Personal Information is accurate, complete and up-to-date at the time of collecting the Personal Information from you, using or disclosing the Personal Information, or during other interactions with you or suppliers in accordance with this Policy. 

9.2 If you believe that any Personal Information that we hold about you is inaccurate, incomplete or out-of-date, you may contact our Privacy Officer. 

9.3 We will do our best to correct any Personal Information that is inaccurate, incomplete or out-of-date or dispose of it in accordance with this Policy. 

10. Who can you contact about the Privacy Policy?

10.1 If you have any further queries relating to our Privacy Policy, please contact our Privacy Officer. If we become aware of any ongoing concerns or problems with your Personal Information, we will take these issues seriously and work to address these concerns. 

10.2 If you have a complaint in relation to the way your Personal Information has been handled by us, the complaint should be made in writing to our Privacy Officer in the first instance. We will investigate the complaint and prepare a response to you in writing within a reasonable period of time.

10.3 Our Privacy Officer can be contacted by email: [email protected]

10.4 From time to time, our policies will be reviewed and may be revised. We reserve the right to change this Policy at any time.

This Privacy Policy was last updated in March 2026.