Privacy Policy
All references to “personal information”, “sensitive information” and “health information” in this Privacy Policy have the meanings given to these terms in the Privacy Act. Unless otherwise specified, all references to “personal information” in this Privacy Policy include “sensitive information” and “health information” and all references to “sensitive information” in this Privacy Policy include “health information”.
The specific types of personal information and sensitive information we collect about you depend on how an NDIS provider, aged care provider, mental health service provider or any other healthcare service provider (collectively “care service provider”) use our products and services (including the Kernl app) performed by you as an employee, contractor, sub-contractor or volunteer or for you as a client or patient. For some specific services or where additional personal information or sensitive information not detailed in this Privacy Policy is to be collected, you will be provided with a separate Kernl privacy collection notice (“PCN”) for that service or collection. The PCN is to be read together with this Privacy Policy in relation to that service.
Where you provide us with personal information about any other individual, you warrant that you have the authority of that individual to disclose such information and that you have referred that individual to this Privacy Policy and any relevant PCN regarding how we collect, use and disclose their personal information.
By you or anyone on your behalf providing us with any of your sensitive information identified in this Privacy Policy or any PCN provided to you before or at the time of collection of your sensitive information or using any of our products or services (including the Kernl app), you acknowledge and consent to us collecting, using and disclosing that the sensitive information (i.e. as detailed in this Privacy Policy and any relevant PCN) in accordance with this Privacy Policy and/or PCN, as applicable.
Where you provide us with sensitive information about any other individual, you warrant that you have the consent of that individual to disclose such information and that you have referred that person to this Privacy Policy and any relevant PCN and that they consent to us collecting, using and disclosing their sensitive information in accordance with this Privacy Policy and any relevant PCN, until that consent is withdrawn by them notifying us in writing using the details set out in section 8 “How to contact us” below of their withdrawal of their consent to our processing of their sensitive information.
You are not required to provide us with the personal information requested. Also, you can withdraw your consent to us processing your sensitive information at any time by contacting us using our contact details set out in section 8 “How to contact us” below. However, if we do not receive your personal information or you withdraw your consent to us processing your sensitive information for the relevant purposes, we will not be able to offer the relevant services to the care service provider in respect of you as a client or patient or otherwise certain of our services or to respond to your requests or queries.
1. Types of personal information that we collect
We collect two types of information through our Services:
As noted above, the types of personal information that we collect depend on the nature of your relationship with us or a care service provider that uses any of our products or services (“CSP”).
(a) For CSPs and employees, contractors, sub-contractors or volunteers working for a CSP (including health practitioners, registered nurses, therapy practitioners and other support workers and carers) (“CSP carers”)
We collect your personal information from information or content uploaded into our system by the CSP and/or generated through your use of our products and services including the Kernl app by you on behalf of a CSP, which may include worker shift notes and reports, incident documentation, compliance or operational records, client information, billing information, user information and rostering information and the types of personal information we collect about you are as follows:
Name and contact details such as work address, phone number and email address.
Gender.
Employment information such as employer, job title and work hours/shift periods.
Username and password to access your account as part of our products and services including the Kernl app.
Details relating to your employment and professional capabilities, such as qualifications, skills, training history, work experience, performance information and mandatory checks or registrations.
Your interactions with the Kernl app or our other products or services including your IP address and voice inputs collected via your use of the Kernl app and other information managed by your device settings.
(b) For clients or patients of a CSP
We may collect your personal information such as name and contact details (e.g. phone number and email address).
We also collect the following sensitive information about you from CSPs and CSP carers:
Name and contact details such as address, phone number and email address.
The facility or place where you reside and/or the type(s) of services provided to you.
Medical records and information about your symptoms, diagnosis, test results, prescriptions, and instructions about services to be provided to you.
Information about your support requirements, including care plans, therapy plans, behaviour support plans, assessments, and records relating to the services you receive.
Gender, marital status and date of birth, emergency contact details, contact details of family members and information about your guardian, legal representative or next of kin.
Government related identifiers such as driver licence numbers and/or passport numbers.
Financial information such as bank account information and insurance details, details of payments to CSPs in respect of their services to you and financial hardship information.
(c) For visitors to our website
We collect the following types of personal information:
Name and contact details such as phone number and email address (where you provide it to us).
Employment information such as your employer (where you provide it to us).
2. How we collect your personal information
Our collection of your personal information and, for clients and patients of a CSP, sensitive information depends on the nature of your relationship with us or a CSP that uses any of our products and services including the Kernl app and the means of our collection are as follows:
(a) For CSPs and CSP carers
Directly from you when you provide us with your personal information on or as part of your interactions on the Kernl app or our other Kernl products or services or when you email, telephone or mail us.
Indirectly from the CSP or other CSP carers when they provide us with your personal information on or as part of your interactions on the Kernl app and other Kernl products and services.
(b) For clients or patients of a CSP
Directly from you when you provide us with your personal information by email, phone or mail.
Indirectly from the CSP and CSP carers who provide services to you when they provide us with your personal information and sensitive information on or as part of their use of the Kernl app and other Kernl products and services.
(c) For visitors to our website
Directly from you when you provide us with your personal information to receive marketing and promotional materials.
3. Why we collect your personal information
The purposes for which we collect, use and disclose your personal information and, for clients or patients of a CSP, your sensitive information depend on the nature of our relationship with you and include:
(a) For CSPs and CSP carers
To provide our products and services to the CSP for your use in providing care to clients and patients of that CSP. For example, to assist you to prepare and manage notes, reports, records and other documents or information to support your care of and provision of services to, on behalf of the CSP, the CSP’s clients and patients and to manage the operations and perform other functions of the CSP.
To administer your account with us, action the instructions we receive from the CSP for which you work in relation to your account and provide technical support.
To monitor and analyse your and the CSP’s use and the performance, reliability and security of our products, services, platforms and systems including the accuracy, reliability and safety of outputs generated by the AI models that we use.
To maintain and improve our products, services, platform and systems, enhance user experiences and develop new products and services.
To promote our products, services and platforms including direct marketing to you.
To respond to your queries, requests and complaints.
(b) For clients or patients of a CSP
To provide our products and services to the CSP of which you are a client or patient and their CSP carers to enable them to use our products and services to assist them to provide care services to you including to prepare and manage notes, reports, records and other documents or information and to fulfil their compliance obligations, manage their operations and perform other functions.
To respond to your queries, requests and complaints.
(c) For visitors to our website
To contact you about products and services that may be of interest to you and conduct marketing activities.
To measure our website’s effectiveness and usage.
To respond to your queries, requests and complaints.
4. Disclosure of your personal information
For the purposes noted in section 3 “Why we collect your personal information” above, we may disclose your personal information and, for clients or patients of a CSP, sensitive information to the following entities:
(a) For CSPs and CSP carers
CSPs for which you work.
Third-party providers that provide AI processing services, data storage or processing services, services that manage or improve our information systems, software, applications or platforms and legal or other consulting services for us.
As required or authorised by law.
(b) For clients or patients of a CSP
CSPs which provide you services.
Third-party providers that provide data storage or processing services, services that manage or improve our information systems, software, applications or platforms and legal or other consulting services for us.
As required or authorised by law.
(c) For visitors to our website
Third-party providers that provide data storage or processing services, services that manage or improve our information systems, software, applications or platforms and legal or other consulting services for us.
As required or authorised by law.
For all of the disclosures noted above, we do not disclose your personal information to any third party overseas.
5. Security of your personal information
We take reasonable steps in the circumstances to protect your personal information from misuse, interference, loss, unauthorised access, modification and disclosure.
6. Access and correction of your personal information
You have a right to ask us for access to and to seek correction of personal information that we hold about you. For CSP carers and clients or patients of a CSP, we recommend that you first request the relevant CSP to access or correct your personal information. If the CSP cannot assist you then please contact us using the details set out in section 8 “How to contact us” below. However, we note that we do not hold all of your personal information about you collected by the CSP. For visitors to our website and any other individuals, to request access and correction of the personal information we hold about you, please contact us using the details set out in section 8 “How to contact us” below.
As regards any access request, once we have verified your identity and subject to any applicable exceptions, we will provide you with the personal information about you that you have requested in accordance with the Privacy Act.
If you believe that we are holding incorrect, out-of-date, incomplete, irrelevant or misleading personal information about you, you may request to us to correct it. Once we have verified your identity and subject to any exceptions, where we are satisfied that your personal information is incorrect, out-of-date, incomplete, irrelevant or misleading, we will take such steps as are reasonable in the circumstances to correct that personal information.
7. Complaint regarding how we handle your personal information
Please contact us using the details set out in section 8 “How to contact us” below and provide us with reasonable details for us to understand your complaint if you have a complaint about how we handle your personal information or believe we have breached this Privacy Policy, a PCN or the Privacy Act.
We will investigate your complaint and attempt to resolve it. If we cannot resolve your complaint to your satisfaction, you may submit your complaint online (here) to the Office of the Australian Information Commissioner or by standard post or registered mail to GPO Box 5288, Sydney NSW 2001 or by fax to +61 2 6123 5145.
8. How to contact us
Please contact us using any of the following means if you wish to access or correct personal information that we hold about you, wish to withdraw your consent to our processing of your sensitive information or if you have a query or complaint about our privacy practices:
By email: hello@kernl.com.au
By mail: PO Box 170, Willoughby NSW 2068
9. Changes to our Privacy Policy
In the event that this Privacy Policy is amended or modified in the future the revised version will be available on our website. If any changes are significant or substantial we will let you know on our website and/or when you next log into your account.
Your continued use of the Kernl app or our other products and services, visiting to our website or provision of personal information by you or on your behalf to us after our notice that the Privacy Policy has been revised will be deemed to be your notification of and, in the case of sensitive information, your consent to the revised Privacy Policy.
This Privacy Policy was last updated on 11 December 2025.