LifeHealthcare Group Privacy Policy

POL 1103-1
Last Updated: November 2021

About this Policy

LifeHealthcare Distribution Pty Limited (ABN 30 117 449 911) its affiliates and related bodies corporate in Australia, “LifeHealthcare”, “LifeHealthcare Group”, “LHC”, “we”, “our” have adopted the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) (Privacy Law). The APPs govern the way in which we collect, use, disclose, store, secure and dispose of your Personal Information.

A copy of the APPs may be obtained from the website of The Office of the Australian Information Commissioner at www.aoic.gov.au.

By providing your Personal Information to us, you agree that we may collect, use and disclose that information in accordance with this Privacy Policy.

What Personal Information do we collect?

Personal Information is information or an opinion in relation to an individual who can be identified by us. The Personal Information we collect may include your name, date of birth, phone number, email address, street address, bank account details, credit card details, your treating health practitioner, the hospitals or other institutions at which you work or where you may be treated, the entity you work for and your position there, any applicable practicing registration and licensing, your employer or business representative’s contact information.  In some circumstances, the Personal Information that we collect may include Sensitive Information.  Sensitive Information is any information or opinion about such things as an individual’s racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record, biometric data or health information. We may collect Sensitive Information where it is reasonably necessary to provide you with a specific product or service or required for the design, manufacture or supply of our products, including where your health information is required for the specifications of a medical device to be provided for you.  We may also collect Sensitive Information when you apply for employment with us or your services are provided to us.

The Personal Information that we collect about you will depend on why you are interacting with us and, if applicable, the products or services that you acquire, or enquire about. If you do not allow us to collect all of the Personal Information we reasonably request, we may not be able to deliver the products or services you require or process any other request or enquiry.

Throughout the life of any product or service you acquire, we may also collect and hold additional Personal Information about you. This may include but not be limited to, any Personal Information comprised in transactional records, records of enquiries or complaints you make and, if you make a product claim, the collation of additional information to assess the claim.

If you apply for employment with us, we may collect additional Personal Information in relation to you including your educational and employment history and information provided by your referees.

Where you are employed by us we may collect additional Personal Information from you in the course of your employment with us which may include Sensitive Information including health information.  Once collected, this Personal Information is likely to form part of your employment records and, as such, will not be protected by the APPs.  We will however take reasonable commercial steps to keep that information secure.   We may also require health information from any individuals attending our premises including immunisation status and/or Covid-19 test results.

How do we collect and hold Personal Information?

We will collect your Personal Information directly from you, whether in person, on the phone or electronically, when you voluntarily and knowingly provide it to us, or indirectly from a third party for uses relating to the supply or use of our products or services, our educational activities and marketing events or information.

Circumstances where your Personal Information will be collected directly from you include where:

  • you order or purchase a product or service as a healthcare provider or consumer;
  • you order or purchase a product or service on behalf of your employer or for the use by a healthcare provider;
  • you subscribe to a mailing list for educational and/or marketing material;
  • you register for a seminar, webinar, conference or other educational event;
  • you seek to provide goods or services to us;
  • you contact us regarding one of our products, services or any other matter;
  • apply for, register your interest in, or enquire about a product or service;
  • visit any Lifehealthcare or product website or social medial platform;
  • provide us with feedback or make a complaint; or
  • talk to us, or do business with us.

Circumstances where your Personal Information will be collected from a third party include where:

  • a health practitioner or a healthcare provider orders a product or service specifically for you (patient);
  • you are seeking employment and a recruiter or referee provides us with your Personal Information;
  • your Personal Information is provided to us by a labour hire company or other provider of contracted services;
  • your Personal information is obtained from media and publications or other publicly available sources or cookies;
  • your Personal Information is provided to us by the organiser of an educational event that we sponsor or support;
  • your health practitioner reports to us on how you have responded to the use of one of our products or services;
  • you are represented by a third party, for example, your legal adviser, insurance advisor, guardian, trustee, or attorney;
  • you complete an online form or survey provided by a third party on our behalf;
  • other organisations, who jointly with us, provide products or services to you or with whom we partner to provide products or services to you;
  • you comment publicly over Instagram, LinkedIn or any other social media platform that we use); and
  • your Personal Information is publicly available, such as on public registers.

If we receive Personal Information about you that we do not request directly from you or from another party, we will decide whether we could have collected the information in accordance with this Privacy Policy and applicable Privacy Law. If we decide that we could have collected the information in accordance with this Privacy Policy and applicable Privacy Law, we will keep the information and handle it in accordance with this Privacy Policy and applicable Privacy Law. If we decide that we could not have collected the Personal Information in accordance with this Privacy Policy and applicable Privacy Law, we will destroy or de-identify the information if it is lawful and reasonable to do so.

Each time you visit our websites or social medial platforms, we may collect information about you which may include Personal Information (which we will generally de-identify) and may include the following:

  • the date and time of visits;
  • the pages viewed and your browsing behaviour;
  • how you navigate through the site and interact with pages (including fields completed in forms and media posts;
  • general location information;
  • information about the device used to visit our website (including your tablet or mobile device) such as device IDs; and
  • IP addresses. Your IP Address is a number that is automatically assigned to the device that you are using by your Internet Service Provider.

Where reasonable and practicable to do so, we will collect your Personal Information only from you. When we collect Personal Information we will, where appropriate and where possible, explain to you why we are collecting the information and how we plan to use it.

Much of the information we hold about you will be stored electronically. We store some of your information in secure data centres that are located in Australia or in other secure data centres of our contracted service providers (including cloud storage providers), and some of these data centres may be located outside Australia. Some information we hold about you may also be stored in paper files.

Use of Cookies

We collect information using cookies when you use our websites or social media platforms. Cookies are small pieces of information stored on your hard drive or in memory. One of the reasons for using cookies is to offer you increased security. They can also record information about your visit to our websites, allowing us to remember you the next time you visit and provide a more meaningful experience.

We may also collect information from third party websites, applications or platforms containing our interactive content or that interface with our own websites and forms.

Use and Disclosure of Personal Information

The main reason we collect, use, hold and disclose Personal Information is to provide you with products and services (including where applicable, third party products and services) and to help us run our business.

By using our website, purchasing our products or services, attending our events or otherwise communicating with us, you acknowledge and consent to the use and disclosure of your Personal Information in circumstances that are:

  • set out in this Privacy Policy;
  • expressly consented to by you or reasonably inferred from the circumstances;
  • explained to you at the time the information is collected from you; or
  • required or permitted by law.

We may use the Personal Information that you give us to:

  • check whether you are eligible for the product or service;
  • supply you with a medical device purchased by you or on your behalf;
  • contact you for information relating to a medical device purchased by you or on your behalf;
  • provide you with information about a product or service you have purchased, or which has been purchased on your behalf;
  • provide any educational and marketing information you may agree to receive;
  • provide educational services requested by you or, that you may be invited to including seminars, webinars and conferences;
  • consider and respond to any proposal or offer you may provide to us, including an application of employment;
  • consider any proposal to use your personal services;
  • respond to any question, request or complaint received from you or your healthcare practitioner;
  • help us develop insights and conduct data analysis to improve the delivery of products, services, enhance our customer relationships and to effectively manage risks;
  • understand your interests and preferences so we can tailor our digital content;
  • for any other purposes to which you have consented to; or
  • for any other purposes required or authorised by law or a court/tribunal order or by a regulatory body.

We may also use your Personal Information for secondary purposes closely related to the primary purpose for which it was collected, in circumstances where you would reasonably expect such use or disclosure.

We may disclose Personal Information that we collect from you to a third party as follows:

  • to meet the purpose for which it was collected, such as to disclose it to manufacturers and suppliers for the design, manufacture and/or supply of a medical device;
  • if we have your consent to disclose the information;
  • if we are required or permitted by law to disclose the information, including for example to comply with a court subpoena;
  • to provide products or services related to those that we have agreed to provide to you, for example, catering services at a seminar or conference; or
  • to enable us and the relevant manufacturer or supplier, to deal with any concern, issue or complaint you or your healthcare practitioner have raised with us, including a complaint about a medical device.

Where we have de-identify the information if it is lawful and reasonable to do so, this Privacy Policy will generally not apply to our use of de-identified information. However, we will continue to safeguard this de-identified information. Where we use de-identified information together with other information (including Personal Information) and in doing so, we are able to identify you, that information will be treated as Personal Information in accordance with this Privacy Policy and applicable Privacy Laws.

We may use or disclose your information to comply with our legislative or regulatory requirements in any jurisdiction and to prevent fraud, criminal or other activity that may cause you, us or others harm including in relation to our products or services.

Generally, we use contracted service providers to help us in our business activities. For example, they may help us provide you with products and services, deliver technology or other support for our business systems, refer us to new customers, or assist us with marketing and data analysis. These organisations may include:

  • our agents, contractors and contracted service; providers (for example, mailing houses, technology service providers and cloud storage providers);
  • authorised representatives who sell or arrange products and services on our behalf;
  • insurers and health care providers;
  • payment systems operators (for example, merchants receiving card payments);
  • other organisations, who jointly with us, provide products or services to you, or with whom we partner to provide products and services to you;
  • debt collectors;
  • professional advisors such as our financial advisers, legal advisers and auditors;
  • your representatives (including your legal adviser, accountant, mortgage broker, financial adviser, executor, administrator, guardian, trustee, or attorney);
  • fraud bureaus or other organisations to identify, investigate or prevent fraud or other misconduct;
  • external dispute resolution schemes; and
  • regulatory bodies, government agencies and law enforcement bodies in any jurisdiction.

Where your Sensitive Information is collected, it will only be used and disclosed by us for:

  • the primary purpose for which it was obtained;
  • a secondary purpose that is directly related to the primary purpose;
  • as disclosed in this Privacy Policy or otherwise with your consent; or
  • where required by law.

For example, we may use and disclose health information about you to process a claim under a product warranty or to assess a product related claim, including a complaint, or verify your identity or authorise transactions.

Disclosure of Personal Information interstate and overseas

You acknowledge and agree that your Personal Information may be transferred and stored in all states and territories of Australia, where that information is held securely in accordance with this Privacy Policy and the Australian Privacy Principles. We may disclose your Personal Information to a cloud services provider that stores our data outside of Australia.  In such circumstances, we will take reasonable steps, before disclosing your Personal Information overseas, to ensure that the overseas recipient does not breach the APPs in relation to that information.

Direct marketing

We may use your Personal Information to directly offer you products and services we believe may be of interest and value to you but we will not do so if you tell us not to. These products and services may be offered by a member of the LifeHealthcare Group or one of its preferred suppliers. We may offer you products and services by various means, including by mail, telephone, email, SMS or other electronic means, such as through social media or targeted advertising through LifeHealthcare Group or non-LifeHealthcare Group websites or through our online purchasing service.

When we market products and services to you, we will comply with applicable Privacy Law to obtain your consent if required.

We may also disclose your Personal Information to companies outside the LifeHealthcare Group who assist us to market products and services to you. If you do not want to receive direct marketing offers from us or our affiliates or service providers, please contact us using the contact details below or opt-out facility provided to you.

Anonymity

In most circumstances, LifeHealthcare Group does not require Personal Information for you to gain access to our website and in some circumstances you may choose not to identify yourself or use a pseudonym when providing your Personal Information to us. However LifeHealthcare Group may require your Personal Information in some other circumstances. For example, if you are a healthcare practitioner or healthcare provider, we require your Personal Information to verify your identity before we provide you with access to our website. Our ability to provide our products or services to you or process any request or complaint by you may be adversely affected if you do not give us the requested Personal Information, or if the information you give us is incomplete or inaccurate.

Security of Personal Information

Your Personal Information is stored in a manner that reasonably protects it from misuse and loss and from unauthorised access, modification or disclosure. We use a range of physical, electronic and other security measures to protect the security, confidentiality and integrity of the Personal Information we hold. For example:

  • access to our information systems is controlled through identity and access management controls;
  • employees and our contracted service providers are required to keep information secure;
  • all employees are required to complete training about privacy and information security; and
  • we monitor and review our compliance with the Privacy Law.

Unfortunately, no data transmission over the Internet, data storage system or security system can be guaranteed or is impenetrable and no company, including us, can fully eliminate security risks associated with Personal Information or electronic databases. LifeHealthcare also cannot guarantee that the information you supply will not be intercepted while being transmitted over the internet. Accordingly, any Personal Information or other information which you transmit to us is transmitted at your own risk. If you have reason to believe that your interaction with us is no longer secure for example, if you feel that the security of any information you have with us has been compromised, please immediately contact us (see Privacy Policy Complaints and Enquiries section below).

When your Personal Information is no longer needed for the purpose for which it was obtained, or for legal record-keeping purposes, we will take reasonable steps to destroy or permanently de-identify your Personal Information. Some of the Personal Information we collect is or will be stored and be kept by us for a minimum of 15 years.

Access to your Personal Information

It is important to us that your Personal Information is up to date. You may access the Personal Information we hold about you and to update and/or correct it, subject to certain exceptions. For example, we are not required to give you access to your Personal Information where giving you access would pose a serious threat to any person’s life, health or safety, or to public health or safety, where giving access would be unlawful, where giving access would have an unreasonable impact on other people’s privacy or where we reasonably conclude your request is frivolous or vexatious.

We will take reasonable steps to make sure that your Personal Information is accurate, complete and up to date. If you find that the information we have is not up to date or is inaccurate, please advise us as soon as practicable so we can update our records and ensure we can continue to provide quality products and services to you.

Any requests for access to, or correction of, your Personal Information should be made directly by contacting us using the details provided below. In order to protect your Personal Information, we may require identification from you before releasing the requested information. In some limited circumstances, there may be a reasonable charge for giving you access to your Personal Information. This charge covers such things as locating the information and supplying it to you. If possible, we will tell you the reasons for the charge, the likely amount of the charge and any options to minimise the charge when you make a request to access your Personal Information.

If we refuse to give you access to or to correct your Personal Information, we will give you a notice explaining our reasons except where it would be unreasonable to do so. If we refuse your request to correct your Personal Information, you also have the right to request that a statement be associated with your Personal Information noting that you disagree with its accuracy. If we refuse your request to access or correct your Personal Information, we will also provide you with information on how you can complain about the refusal.

Policy Updates

Any changes to this Privacy Policy will be posted on our website at www.lifehealthcare.com.au. Unless stated otherwise, changes will be effective immediately upon being placed on the website. Your continued use of the website, social media sites or ongoing dealings with us, following such amendments being placed on the website will represent an agreement by you to be bound by the Privacy Policy as amended.

Privacy Policy Complaints and Enquiries

If you have any queries or complaints about our Privacy Policy, please contact us first by using the contact details provided below:

LifeHealthcare Distribution Pty Limited

Level 8, 15 Talavera Road,

North Ryde NSW 2113

Telephone: 1800 060 168

Email: privacy@lifehealthcare.com.au

Online: https://www.lifehealthcare.com.au/contact-us/ using our secure feedback form to provide feedback, share your suggestion, provide a complaint or compliment.

We will consider and respond to any complaint notified to us within a reasonable time.

Complaints to the Australian Information Commissioner

In case of dissatisfaction with a response from us you may decide to contact the Australian Information Commissioner:

Office of the Australian Information Commissioner

Sydney NSW 2001

Telephone: 1300 363 992

Email: enquiries@oaic.gov.au