Privacy Policy

Neon Healthcare Pty Limited (ACN 570 586 526) (“Neon Healthcare“) knows that you care about your personal data and how it is used. We respect your privacy and are committed to protecting your personal data. We want you to trust that we use your personal data carefully. This Privacy Policy will:

• Understanding Our Processes: help you understand how and why we collect and look after your personal data;
• Your Rights: tell you about your privacy rights and how the law protects you; and
• Cookies: Explain how and why cookies (and other similar technologies) are used on our website and how we protect and control any personal data provided to or collected by us via cookies and other tracking technologies.

Neon Healthcare acts as the data controller for personal data.

1. Introduction:

Personal Data: We are committed to safeguarding the privacy of your personal data in accordance with all applicable laws and regulations. We will, in Australia, protect your rights in accordance with the provisions of Australian Privacy Principles set out in the Privacy Act 1988 (Cth) (“APP”).

Personal data means any information that can be used to identify directly or indirectly a specific individual and can include:

• Name;
• Email address;
• Country of residence;
• Address;
• Telephone number;
• Occupation (for example, if you are a Healthcare Professional seeking information about our products);
• Technical information about your device, such as your IP address, device type, device and advertising identifiers, browser type and version, and other standard server log information; and
• Other personal data you choose to provide to us.

Collection of Data: We may, as described in Section 2 below, collect personal data through this website, the completion of an online form, through the receipt of an email or other electronic communication, including telephone calls, or in any other way in which we collect personal data, whether or not by automated means.  It also applies to our marketing content, including offers and advertisements for our products and services, which we (or a service provider acting on our behalf) may send to you on third-party websites, platforms and applications based on your site usage information.

Other Personal Data Collected: This Privacy Policy does not cover how we process the personal data from our employees, consultants or other members of staff or which may be shared with us by healthcare professionals in accordance with the requirements of relevant pharmacology laws and regulations. Such personal data, as described in more detail in Section 2 below, is subject to other more specified privacy policies issued or provided by us to the relevant persons.

Telephone Calls and Emails: Incoming telephone calls to us will always begin with a message directing the caller to this Privacy Policy on our website and all outgoing emails from us will also provide the recipient with a link to this Privacy Note ensuring that they are aware of the terms on which we process personal data.

Role of Data Controller: This policy applies where we are acting as a data controller with respect to the personal data we collect; in other words, where we determine the purposes and means of the processing of that personal data.

Use of Cookies: We use cookies on our website. Insofar as those cookies are not strictly necessary for the provision of our website, we will ask you to consent to our use of cookies when you first visit our website.

Definitions: In this Privacy Policy, “we,” “us” and “our” refer to Neon Healthcare Pty Limited (ACN 570 586 526). For more information about us, please see Section 16.

2. How we collect and use your Personal Data:

Introduction:  In this Section 2, we have set out:

• General Categories of Personal Data: the general categories of personal data that we may collect and process;
• Specific Categories of Personal Data: in the case of personal data that we did not obtain directly from you, the source and specific categories of that personal data;
• Purposes for Processing: the purposes for which we may collect and process personal data; and
• Legal Bases of Processing: the legal bases of the collecting and processing of personal data.

Overarching Principles and Consent:

• Limited Purposes: We collect, process and disclose your personal data only for specific and limited purposes. For example, to process payments, to assess and manage any complaints, to develop and improve our products, services, communication methods and the functionality of our website.

• Consent:  We process almost all of the personal data we receive on the basis that consent has been given by the individual providing such personal data. You give consent either by a statement or positive action. Accessing, for example, our website, is a form of consent as it demonstrates that by using our website you have accepted the terms on which we process any personal data, which you may provide to us.

Other Legal Bases for Collecting and Processing:

The other legal bases under which we may, in the future, collect and process personal data are described below.

• Profiling: We may, in the future, also create profiles by analysing the information about your online surfing, searching and interests and your interactions with our communications.

• Automated Processing: We may, also in the future collect or process, your personal data using automated means. An automated decision is a decision which is made solely by automatic means, where no humans participate in the decision-making process related to your personal data.

If we undertake any Profiling or Automated Processing of Personal Data in the future, then we will ensure that you will be notified through this, and any other Privacy Policies which we are required to provide in accordance with the APP and any applicable laws and regulations in any other applicable jurisdiction.

Processing Particular Categories of Personal Data:

The remainder of this Section describes how we collect and process particular categories of personal data.

• Usage Data: We may collect and process data about your use of our website and services (“usage data “). The usage data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use. The source of the usage data is our Google analytics or other tracking system. This usage data may be processed for the purposes of analysing the use of the website and services. The legal basis for this processing is consent.

• Enquiry Data: We may collect and process information contained in any enquiry you submit to us regarding services (“enquiry data “). The enquiry data may be collected and processed for the purposes of offering, marketing and selling relevant services to you. The legal basis for this processing is consent.

• Customer Relationship Data: We may collect and process information relating to our customer relationships, including customer contact information (“customer relationship data “). The customer relationship data may include your name, your contact details, and information contained in communications between us and you. The sources of our customer relationship data are our customers. The customer relationship data may be processed for the purposes of managing our relationships with customers, communicating with customers, keeping records of those communications and promoting our products and services to customers. The legal basis for this processing is consent.

• Supplier and Contractor Relationship Data: We may collect and process information relating to our supplier and contractor relationships, including contact information (“Supplier and Contractor relationship data “). The Supplier and Contractor relationship data may include your name, your contact details, and information contained in communications between us and you. The sources of our Supplier and Contractor relationship data are our suppliers and contractors. The Supplier and Contractor relationship data may be processed for the purposes of managing our relationships with suppliers and contractors, communicating with suppliers and contractors for the purpose of our business and keeping records of those communications. The legal basis for this processing is consent.

• Sensitive Personal Data: Certain categories of personal data, such as race, ethnicity, religion, political opinions, membership of a political association, sexual orientation, criminal record, health, sexuality or biometric data are classified as either “sensitive information” or “special categories of data” and benefit from additional protection by law. We limit the circumstances where we collect and process these special categories of data to essentially personal data from our employees, consultants or other members of staff and in respect of enquiries relating to our own medicinal products from patients or their representatives or healthcare professionals. We will only collect and disclose sensitive information and special categories of data with your consent.

We use information provided for medical enquiries only to respond to those specific enquiries and, if applicable, to provide you with additional guidance (for example, to inform you of your right to submit an adverse event report).

By providing us with your sensitive personal data, you consent to us processing this data for the purposes set out in this Privacy Policy or any other specified Privacy Policy provided by us to you. The legal basis for this processing is consent.

• Correspondence Data: We may process information contained in or relating to any communication that you send to us (“correspondence data “). The correspondence data may include the communication content and metadata associated with the communication. The correspondence data may be processed for the purposes of communicating with you and record-keeping. The legal basis for this processing is our legitimate interests, namely the proper administration of our website and business and communications with users. The legal basis for this processing is consent.

• Legitimate Interests Processing: We may process any of your personal data identified in this policy where necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure. The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights and the legal rights of others.

• Reasons for Legitimate Interests Processing: We may process any of your personal data identified in this policy where necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, or obtaining professional advice. The legal basis for this processing is our legitimate interests, namely the proper protection of our business against risks.

• Legal Obligation and Vital Interests Processing: In addition to the specific purposes for which we may process your personal data set out in this Section 2, we may also process any of your personal data where such processing is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person. The legal basis for this processing is legal compliance and vital interests.

Prohibition on the Supply of Other Persons’ Personal Data: Please do not supply any other person’s personal data to us unless we prompt or ask you to do so.

Deal with us anonymously

You have the right to deal with us anonymously or using an alias. However, this does not apply where it is impractical to do so, or where we are required or authorised by law to deal with you only if you disclose your identity. For example, we will not be able to provide you with our goods or services without personal data without your name, address or payment details.

3. Providing your Personal Data to Third Parties:

Disclosure within Neon Healthcare: We may disclose your personal data to any staff member of Neon Healthcare as far as reasonably necessary for the performance of his/her role within Neon Healthcare and on the legal bases, which are described in this Privacy Policy.

Insurers and/or Professional Advisers: We may disclose your personal data to our insurers and/or professional advisers insofar as reasonably necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, obtaining professional advice, or the establishment, exercise or defence of legal claims, whether in court or tribunal proceedings or in an administrative or out-of-court procedure.

Suppliers and Contractors: We may disclose your Personal Data to our suppliers or contractors as far as reasonably necessary for business purposes.

Legal Obligation and Vital Interests: In addition to the specific disclosures of personal data set out in this Section 3, we may disclose your personal data where such disclosure is necessary for compliance with a legal obligation to which Neon Healthcare is subject, or in order to protect your vital interests or the vital interests of another natural person. We may also disclose your personal data where such disclosure is necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.

Processing Personal Data outside Australia: Your personal data may also be shared with third parties engaged by us outside Australia, including but not limited to:

• disclosure to a member of the Neon Healthcare Group who are overseas;
• disclosure to our staffs or affiliated entities, and IT support persons who are overseas;
• transfer and store on a “cloud” server which is physically situated outside Australia and managed by third party supplier. 

The recipient of the personal data will be subject to either:

• Adequate Protection: a law, or binding scheme, that has the effect of protecting the information in a way that, overall, is at least substantially similar to the way the APPs protect the information; or

• Contractual Protections: agreements based on the standard contractual clauses to ensure that the information is protected in the same way that it would be if it were processed within Australia, unless you have provided us with explicit consent for such processing.

4. Retaining and Deleting Personal Data:

Data Retention Policies and Procedure: This Section 4 sets out our data retention policies and procedure, which are designed to help ensure that Neon Healthcare complies with its legal obligations in relation to the retention and deletion of personal data.

Retention No Longer than Necessary: Personal data that we process for any purpose or purposes shall not be kept for any longer than is necessary for that purpose or those purposes.

Standard Retention Period: We will retain your personal data, for a maximum period of ten years, subject to the following provisions.

Derogation from the Standard Retention Period: In some cases, a shorter Retention Period may apply to your personal data which we will determine on the specific circumstances in which we receive and process the personal data.

Extended Periods of Retention: We may have to retain your personal data for longer than the Standard Retention Period where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person. However, we will still only retain such personal data for no longer than is necessary for the relevant purpose or purposes.

5. Security of Personal Data:

Technical and Organisational Precautions: Neon Healthcare takes the security of your personal data very seriously. We will take appropriate technical and organisational precautions to secure your personal data and to prevent the loss, misuse or alteration of your personal data.

Security Measures:  Our measures, taking into account, for example, the technological and regulatory protections and guidelines, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for your rights, include implementing appropriate access controls and information security capabilities to protect our IT environment and ensuring we encrypt, pseudonymise and anonymise personal data, wherever possible.

Data Transmission: You acknowledge that the transmission of data over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet, including by email.

6. Amendments:

Changing our Policy: We may update this Privacy Policy from time to time to reflect feedback and changes in our products and services by publishing a new version on our website. When we post changes to this Privacy Policy, we will revise the “last updated” date at the bottom of this Privacy Policy.

Verification of Any Changes to the Privacy Policy: You should check this page occasionally to ensure you are happy with any changes to this Privacy Policy.

Notification of Changes by Neon Healthcare: If the changes are significant, we will provide a more prominent notice (including, for certain services, email notification of the Privacy Policy changes).

Changes in Rights under this Privacy Policy: We will not reduce your rights under this Privacy Policy without your consent.

Prior Versions of this Privacy Policy: We will also keep prior versions of this Privacy Policy in an archive for your review.

7. Your Rights:

Introduction:

Overview of the Rights of a Data Subject: In this Section 7, we have summarised the data protection rights that you have under the APP. Some of the rights are complex, and not all of the details have been included in our summaries. Accordingly, you should read:

• APP: the relevant laws and regulations comprising the Australian Privacy Principles; and

• Regulatory Guidance: the guidance from the relevant regulatory authorities for a fuller explanation of these rights. For Australia, the regulator is the Office of the Australian Information Commissioner, whose website can be found at https://www.oaic.gov.au/.

Principal Rights: Your principal rights under APP are:

• request access to your personal information held by us;

• seek correction of your personal information held by us; and

• make a complaint with respect to the handling of your personal information.

The Principal Rights described in more detail:

• Right of Access: Australian Privacy Principles give you a general right to access your personal data. This includes your health information. We will give you access to your personal information when you request it, except where we have a valid reason to refuse your request. You don’t have a right under APP to access other kinds of information, such as commercial information.

• Right of Correction: Australian Privacy Principles give you the right to correct the personal data we hold about you if it is: inaccurate, out of date, incomplete, irrelevant, or misleading. We will respond to a request to correct your personal information within a reasonable period. We may refuse to correct your personal information if doing so would be unreasonable.

• Complaint: If you have any questions or concerns about your personal information which we collect, hold, use or disclose, or if you believe your privacy rights have been violated, you may file a complaint with us by notifying us via the above contact details of your complaint. We will investigate your complaint and determine whether a breach has occurred and what action to take. If you remain dissatisfied, you can also refer your matter to the Office of the Australian Information Commissioner via www.oaic.gov.au or phone:1300 343 992.

8. Third-Party Websites:

Hyperlinks: Our website includes hyperlinks to, and details of, third party websites.

No Responsibility etc. for Third Parties: We have no control over, and are not responsible for, the privacy policies and practices of third parties.

9. Personal Data of Children:

Target of Our Website: Our website and services are targeted at persons over the age of 18.

Deletion of Data: If we have reason to believe that we hold personal data of a person under the age of 18 in our databases, we will delete that personal data unless:

• Adverse Event Reporting: it relates to an Adverse Event Reporting (which is the process of the documentation and evaluation of undesirable experience associated with the use of medical products or treatments) in which case we are legally obliged to retain the relevant personal data; or

• Exercise of Rights: the personal data relates to the exercise of the rights described in this Privacy Policy by a person under the age of 18.

10. Access and Correction:

Access and Correction of Personal Data:  You have the right to access or correct your personal information, with limited exceptions. We may decline your request to access or correct your personal data in certain circumstances in accordance with the Australian Privacy Principles. Please let us know if the personal information that we hold about you needs to be corrected or updated by using contact details in either Section 7 or 16.

11. Acting as a Data Processor:

Data Processor: In respect of personal data provided to us, we act as a data controller and processor.

12. About Cookies:

Introduction: We use technology on our website to collect information that helps us enhance your experience and our products and services. The cookies that we use at Neon Healthcare allow our website to work and help us to understand what information is most useful to the visitors to our website. Please take a moment to familiarise yourself with our cookie practices and let us know if you have any questions by sending us an email.

What is a Cookie:  Cookies, pixel tags and similar technologies (collectively ‘cookies’) are files containing small amounts of information which are downloaded to any internet enabled device – such as your computer, smartphone or tablet – when you visit a website. Cookies are then sent back to the originating website on each subsequent visit, or to another website that recognises that cookie. Cookies do lots of different and useful jobs, such as remembering your preferences, generally improving your online experience, and helping us to offer you the best product and services.

Storing Personal Information: Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.

13. Cookies that we use:

Purposes for Using Cookies: We use cookies for the following purposes:

• Authentication – we use cookies to identify you when you visit our website and as you navigate our website;

• Personalisation – we use cookies to store information about your preferences;

• Security – we use cookies as an element of the security measures to protect our website and services generally;

• Analysis – we use cookies to help us to analyse the use and performance of our website and services; and

• Cookie Consent – we use cookies to store your preferences in relation to the use of cookies more generally.

14. Cookies used by our Service Providers:

Cookies from Service Providers: Our service providers use cookies, and those cookies may be stored on your computer when you visit our website.

Analysis of the Neon Healthcare Website: We use Google Analytics to analyse the use of our website. Google Analytics gathers information about website use by means of cookies. The information gathered relating to our website is used to create reports about the use of our website. Google’s privacy policy is available at: https://policies.google.com/privacy.

User-Interactions Measurements: We use Google Analytics to measure user-interactions on website. No personal data is collected, and users can not be identified. This service uses cookies for measure how users interact with website content.

You can view the privacy policy of this service provider at:

https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage.

15. Managing Cookies:

Refusing to Accept or Deleting Cookies: Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links:

• https://support.google.com/chrome/answer/95647(Chrome);
• https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences(Firefox);
• https://help.opera.com/en/latest/web-preferences/#cookies(Opera);
• https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies(Internet Explorer);
• https://support.apple.com/en-gb/guide/safari/sfri11471/mac(Safari); and
• https://support.microsoft.com/en-us/windows/microsoft-edge-browsing-data-and-privacy-bb8174ba-9d73-dcf2-9b4a-c582b4e640dd(Edge).

Negative Impact: Blocking all cookies will have a negative impact upon the usability of many websites.

Consequences on Blocking Cookies:  If you block cookies, you will not be able to use all the features on our website.

16. Our details:

Operator of Website: This website is owned and operated by Neon Healthcare.

For further information on our privacy policy, or for questions on information that we may have collected from you, or should you wish to have your name removed from our mailing list, or if you wish to access or correct any of your personal information that we may be in possession of, please contact us by either of the following methods and we will be happy to review, update or change your record status as appropriate:

• Post: by post, to:

Neon Healthcare PTY Limited
Suite 20.01
Castlereagh Street
Sydney
NSW 2000
Australia

• Telephone: by telephone to:

+ 61 (0)[272 558 455]; and

• Email: by email, using the following email address:

office@neonhealthcare.com.au.