"Personal information" is information or opinion (in recorded form or otherwise) about an identified, or reasonably identifiable, individual.
"Sensitive information" is a type of personal information that is given more protection. It includes health, genetic and biometric information, as well as information about professional or trade association membership.
We put privacy at the centre of our business
NostraData collects data about the purchases of customers of our member pharmacies and reports that information to our member pharmacies and other clients. This information helps our clients to understand the markets in which they operate.
Although we collect a lot of information about individuals, and in particular, about the medications and other items that customers purchase from pharmacies, we go to great lengths to ensure that the information that we collect is both deidentified, and not reidentifiable. Because we only collect deidentified, non-reidentifiable information, our clients cannot use the information we provide to identify anyone either.
What types of personal information do we collect?
As stated above, we collect almost no personal information. That is, while we collect a lot of information about a lot of individuals, we collect that information in a form that is both deidentified and non-reidentifiable.
The only personal information we collect is information about our business associates to enable them to use our products and us to have a relationship with them.
- We collect:
- the names of staff members of our clients, to enable those staff members to login to our systems, and
- the names and other relevant details of our business contacts.
For what purposes do we handle your personal information?
We collect, hold, use and disclose the personal information that we collect about you:
- to contact you;
- to deliver products and services to you
- to administer and manage transactions
- to maintain our business records
- to provide you with information about products and services that may be of interest to you
- to conduct market research
- to obtain services that assist us to run our business, including obtaining professional advice
- for any purpose required or permitted by law
- for any purpose you would otherwise reasonably expect
- for any purpose disclosed to you and to which you have consented, and
- otherwise to run our business.
Disclosing your personal information
We may disclose your personal information to third parties, such as our related companies, business partners, our professional advisers (such as lawyers, accountants or auditors) and our external service providers (such as mailing houses, debt collectors and information technology service providers).
We do not routinely disclose personal information overseas.
Security of your personal information
We hold personal information in both paper-based and electronic files. We seek to ensure that your personal information is protected from:
- misuse, interference and loss; and
- unauthorised access, modification and disclosure.
The personal information that we hold about you is treated as confidential and only accessed when necessary. When we no longer require your personal information, including when we are no longer required by law to keep records relating to you, we destroy or de-identify it.
Accessing your personal information
You may request access to the personal information that we hold about you by contacting us on the contact details set out below. We will deal with your request for access promptly. If we refuse access to your personal information, we will provide you with a written notice which sets out the reasons for our refusal.
We may recover the reasonable costs (if any) that we incur in responding to a request for access to your personal information.
Correcting your personal information
We seek to ensure that the personal information that we collect is accurate, up-to-date and complete and, in the case of our use or disclosure of that information, relevant as well. If you believe that any information that we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, you can ask us to correct your personal information accordingly. You may make such a request by contacting us on the contact details set out below. We will deal with your request to correct your personal information promptly.
We are not obliged to correct your personal information. If we refuse to correct any of your personal information following your request, we will give you a written notice which sets out the reasons for our refusal.
We may use your personal information to provide you with information about products and services which we think may be of interest to you. You may opt out of receiving marketing communications from us at any time if you no longer which to receive this information. In order to do so, simply contact us on the contact details set out below and request that we no longer send marketing communications to you.
Questions and complaints
If you have any questions, or if you believe that we have not complied with our obligations under the Privacy Act (and, in particular, the APPs), or if you believe that the personal information that we hold about you has been compromised in any way, please contact us on the contact details set out below. We will respond to any question or complaint as soon as possible. If you are dissatisfied with our response, you may direct your complaint to the Office of the Australian Information Commissioner by email at email@example.com or by telephone on 1300 363 992.
Level 1, 1-9 Derrick Street, Kew, VIC, 3121, Australia
Tel: +61 3 9853 9943