Nidus Title
Nidus
Back to Home

Privacy Policy

Plain English Version

Last updated: 3/2/2025

1. Who we are and what NIDUS does

NIDUS is a digital wellbeing support platform.

We provide reflective tools, learning content, and supportive conversations to help people think about wellbeing challenges such as stress, fatigue, conflict, or bullying at work.

NIDUS is not a medical service, not a mental health service, and not an emergency service. It does not replace human support, healthcare professionals, or emergency services.

2. Our approach to privacy

Privacy and trust are central to NIDUS.

We are committed to handling your information in line with the Privacy Act 1988 (Cth) and the Australian Privacy Principles.

We have designed NIDUS so that:

  • we collect as little personal information as possible
  • we do not share identifiable information with employers
  • we do not use wellbeing data for surveillance or performance management
  • we progressively reduce how identifiable data is as the platform matures

3. MVP and pilot phase versus full rollout (important)

NIDUS is being developed in stages. How we handle data differs slightly between:

  • MVP and pilot programmes, and
  • V2, the full commercial rollout

What this means

We explain this clearly below.

4. MVP and pilot phase: what this means for your data

During the MVP and pilot phase, NIDUS is still learning how people use the platform so we can make it safer, clearer, and more useful.

What data we may look at

During this phase, a small internal NIDUS team may review de-identified conversation content to:

  • understand how people interact with the app
  • improve the quality and tone of responses
  • check that safety prompts and support suggestions work as intended
  • identify technical or design issues

What we do to protect you

Even in the pilot phase:

  • we do not require your real name
  • we do not collect employee ID numbers or rosters
  • we remove or mask identifying details where possible
  • access to conversation data is tightly restricted and logged
  • your employer cannot see your conversations

What we do not do

We do not:

  • monitor individuals for disciplinary purposes
  • report individual conversations to organisations
  • assess your performance or behaviour
  • contact your employer, colleagues, or family

5. V2 and full rollout: how data handling changes

As NIDUS moves into full rollout, data handling becomes more privacy-preserving by design.

In V2:

  • individual conversation content is not stored long-term
  • data is converted into themes and patterns only, such as "reports of bullying increased this month"
  • information is aggregated across groups and time periods
  • small group reporting is restricted to prevent identification

What this means

This means organisations may see trends, but never individual stories.

6. Employers and organisations

If NIDUS is provided through your workplace:

NIDUS does not support surveillance or monitoring of individuals.

  • your employer does not see your conversations
  • your employer does not know who said what
  • your employer cannot identify individual users

Any information shared with organisations is

  • aggregated
  • de-identified
  • delayed and grouped over time

7. What we collect and what we avoid

We may collect

  • your interactions with the app
  • general usage information
  • broad demographic categories where relevant

We avoid collecting

  • full names
  • exact dates of birth
  • home addresses
  • shift patterns
  • identifiable workplace details

What we encourage

We also encourage users not to share identifying details in conversations.

8. Confidentiality and its limits

Your information is treated as confidential.

However, under Australian law, there are rare situations where disclosure may be required, such as:

  • a lawful court order
  • a serious and imminent threat to life where disclosure is legally permitted

Emergency support

Because NIDUS cannot reliably identify or locate users in real time, it cannot act as an emergency response service.

If you are in immediate danger, you should contact emergency services directly.

9. How long we keep data

We keep information only for as long as necessary to:

  • operate the platform
  • improve safety and quality
  • meet legal and security requirements

Retention approach

As NIDUS matures, we reduce how long any identifiable data is retained.

10. Your choices and rights

You have the right to:

  • understand how your data is used
  • ask questions or raise concerns
  • request access to, or correction of, your information where applicable

Contact and complaints

You can contact us at [privacy contact email].

If you are not satisfied, you can lodge a complaint with the Office of the Australian Information Commissioner.

11. Why this staged approach exists

We believe it is more honest and safer to say:

  • early versions of digital wellbeing tools need observation and learning
  • long-term platforms should store as little identifiable data as possible

Why we separate MVP and V2

By separating MVP and V2 clearly, we avoid hidden practices and protect trust.

12. Changes to this policy

We may update this policy as the platform evolves.

If changes are material, we will make this clear within the app or on our website.

In one sentence

During pilots, a small team may review de-identified conversations to improve the platform; in the full version, only anonymous themes and trends remain.