Last updated: 7 April 2026
Aria Care Pty Ltd ('Aria', 'we', 'us') is committed to protecting the privacy of personal information in accordance with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). This policy explains how we collect, use, and protect information provided by disability support providers and their staff using our platform.
We collect organisation and staff account information (name, email, ABN), participant information entered by providers (name, NDIS number, date of birth, diagnoses, support notes), usage data and technical logs, and billing information processed securely through Stripe. We do not store credit card details directly.
Participant health and disability information is sensitive information under the Privacy Act. We only collect it as entered by authorised support providers, store it encrypted in Australian data centres, and never use it for any purpose other than providing our platform services to the provider who entered it.
All data is stored in Australian data centres via Supabase (hosted on AWS ap-southeast-2, Sydney). Data is encrypted in transit (TLS 1.3) and at rest (AES-256). We implement row-level security ensuring each provider can only access their own organisation's data. We conduct regular security reviews.
We use your data to provide the Aria platform services, generate AI-assisted documents using the content you provide, send service notifications and product updates (with ability to unsubscribe), and improve our services. We never sell data to third parties or use participant data for advertising.
When you use AI features, session transcripts and participant context are sent to OpenAI or Anthropic's APIs for processing. This data is processed under our enterprise agreements with these providers and is not used to train their models. We recommend not including unnecessary identifying information in voice memos.
You may request access to, correction of, or deletion of your personal information by contacting privacy@aria.care. We will respond within 30 days. Providers may delete participant data at any time from within the platform.
For privacy enquiries, contact: privacy@aria.care | Aria Care Pty Ltd, Australia.