zentir Pty Ltd (zentir) is a business that partners with various organisations and businesses to communicate information through a variety of platforms. Some of this information is of a medical or scientific nature and may from time to time require the collection of personal information.
What is personal information?
The term ‘personal information’ has the meaning given to it in the Privacy Act, which, in general terms, is any information about an individual, or an opinion about an individual, that could be used to identify an individual. This may include an individual’s name, address, telephone number or email address. If the information we collect identifies an individual, or an individual is reasonably identifiable from it, the information will be considered personal information.
For the purposes of this policy, no distinction has been made between the handling of personal information and sensitive information (as that term is defined in the Act); therefore, all information will be referred to as ‘personal information’ throughout this document.
What personal information do we collect and hold?
zentir may collect the following types of personal information:
- Name, address, telephone number or email address;
- Age or date of birth;
- Profession, occupation or job title;
- The names of health service providers or specialists to whom you are referred;
- Current medications or treatments;
- Information relevant to medical care, that may be relevant to the program or service you are registering for, including but not limited to personal medical history, and family medical history (where clinically relevant);
We may also collect some information that is not personal information because it does not identify you or anyone else. For example, we may collect anonymous answers to surveys or aggregated information about how users use websites we administer.
If we need to collect sensitive information (such as your ethnic background), we will not collect that information unless we have first obtained your consent.
How do we collect your personal information?
We collect your personal information directly from you when you register in a program, with a service or on a website that we administer.
For what purposes do we collect, hold, use and disclose your personal information?
We collect personal information so that we can perform our business activities and functions, and provide the best possible quality of service.
We collect, hold, use and disclose your personal information for the following purposes:
- to provide you access to a program or service that we administer that you choose to register with;
- to comply with any law, rule, regulation, lawful and binding determination, decision or direction of a regulator, or in co-operation with any governmental authority of any country, resolve any disputes that we may have and enforce our agreements with third parties;
- for administrative and billing purposes;
- to process and respond to any complaint made by you;
- to conduct business processing functions including providing personal information to our related bodies corporate, contractors, service providers or other third parties;
- to meet obligations of notification to our insurers, sponsoring pharmaceutical companies, health regulatory authorities.
What happens if we can’t collect your personal information?
If you do not provide us with the personal information described above we may not be able to provide you with access to the requested program or service, either to the same standard or at all;
To whom may we disclose your information?
We may disclose your personal information to:
- our employees, program facilitators and organisations, related bodies, contractors or service providers, for the purposes of operation of our business, fulfilling requests by you, and to otherwise provide products and services to you including, without limitation, web hosting providers, IT systems administrators, mailing houses, couriers, payment processors, data entry service providers, electronic network administrators, debt collectors, and professional advisors such as accountants, solicitors, business advisors and consultants;
- suppliers and other third parties with whom we have commercial relationships, for business, marketing, and related purposes;
- anyone to whom our assets or businesses (or any part of them) are transferred;
- any organisation or person for any authorised purpose with your express consent; and other persons, including government agencies, regulatory bodies, and law enforcement agencies, or as required, authorised or permitted by law.
How can an individual access and correct their personal information?
An individual may request access to any personal information we hold about them at any time by contacting us. Where we hold information that an individual is entitled to access, we will try to provide suitable means of accessing it (for example, by emailing it to you). We may charge a fee to cover our administrative and other reasonable costs in providing the information and, if so, the fees will be as advised from time to time. We will not charge for simply making the request and will not charge for making any corrections to personal information. There may be instances where we cannot grant access to the personal information we hold; however, we will only do so in accordance with our rights and obligations under the Privacy Act. For example, we may need to refuse access if granting access would interfere with the privacy of others or if it would result in a breach of confidentiality. If that happens, we will provide written reasons for any refusal.
If an individual believes that personal information held about you is incorrect, incomplete or inaccurate, then individuals may send us a written request to amend it, including the basis on which amendment is requested. We will consider if the information requires amendment. If we do not agree that there are grounds for amendment then we will add a note to the personal information stating that the individual disagrees with it.
What is the process for complaining about a breach of privacy?
If an individual believes that their privacy has been breached, the individual should contact us in accordance with the arrangements set out below and provide details of the incident so that we can investigate it. Our procedure for investigating and dealing with privacy breaches is for the incident to be investigated by our Privacy Officer.
We take reasonable steps to ensure personal information is protected from misuse and loss and from unauthorised access, modification or disclosure. We may hold information in either electronic or hard copy form. Personal information is destroyed or de-identified when no longer needed.
As our website is linked to the internet, and the internet is inherently insecure, we cannot provide any assurance regarding the security of transmission of information communicated to us online. We also cannot guarantee that the information supplied will not be intercepted while being transmitted over the internet. Accordingly, any personal information or other information which is transmitted to us online is transmitted at an individual’s own risk.
30c Gibbens St
Camperdown NSW 2050
We will treat requests or complaints confidentially. We will contact individuals within a reasonable time after receipt of a complaint to discuss concerns and outline options regarding how they may be resolved. We will aim to ensure that concerns or a complaint is resolved in a timely and appropriate manner.