FluxFrontier
Back to Home

Privacy Policy

Australian Data Sovereignty & NDIS Governance Standards.

Last Updated: January 1, 2026NDIS Compliance Grade

Data Residency

100% Australian hosted in AWS Sydney region. No US cloud storage.

Audit Trails

Cryptographically-signed logs via Portkey (SOC 2). Immutable evidence.

Encryption

AES-256 at rest and TLS 1.3 in transit. Enterprise-grade security.

1. The Strategic Mandate

FluxFrontier (operating under Flux Frontier Pty Ltd, ABN 13 690 569 423) is a Governance Orchestration Platform designed specifically for the Australian NDIS sector. We recognize that in a post-NDIS Amendment Bill 2025 landscape, data privacy is not just an administrative burden—it is an existential survival requirement for Directors and Providers.

We collect and manage your data in strict accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), with additional safeguards tailored for high-risk regulated care environments.

2. Australian Data Sovereignty

Domestic Residency Guarantee

FluxFrontier guarantees that all sensitive Participant PII, incident descriptions, and clinical notes are stored and processed within the AWS Sydney (ap-southeast-2) region. We do not utilize US-based data centers for persistent storage. This ensures that your regulatory data remains within Australian jurisdiction at all times.

3. NDIS-Specific Data Collection

Our "System of Intelligence" processes vertical-specific data required to satisfy NDIS Quality and Safeguards Commission requirements, including:

  • Incident Data: Witness accounts, injury descriptions, and risk assessments.
  • Governance Data: Approval timestamps, reasoning logs, and Director sign-offs.
  • Financial Data: NDIS billing CSVs, claim IDs, and remittance files.
  • Clinical Data: Progress notes and Behavior Support Plans (BSPs).

4. AI Processing & Portkey Audit Logs

We utilize Large Language Models (specifically Claude 3.5 Sonnet) to analyze unstructured incident reports. To protect the integrity of this process:

  • Immutable Evidence: Every interaction with our AI engine is logged via Portkey, an enterprise-grade gateway. These logs include the exact reasoning the AI used to propose a classification.
  • SOC 2 Compliance: Our logging infrastructure is SOC 2 certified, ensuring that audit trails cannot be altered or deleted.
  • No Model Training: We do not allow our providers (Anthropic/AWS) to train their generic models on your sensitive NDIS data. Your data is used solely for the inference required to provide the Service.

5. Data Retention & Immutability

Under the NDIS Act, certain records must be retained for 7 years. FluxFrontier provides the tools to maintain these records in an "Audit-Ready" state.

If you choose to terminate your service, you may export your complete, cryptographically-signed audit trail for your own compliance archive before we delete the data from our active production systems.

6. Contact Governance

Requests for data access, correction, or audit trail exports should be directed to our Governance Team:

Email: governance@fluxfrontier.com.auReference: Privacy Inquiry

© 2026 Flux Frontier Pty Ltd. Built for Australian Regulated Care.