- Melrose Laboratories Pty Ltd (Melrose) is committed to responsible privacy practices and to complying with the Australian Privacy Principles (APPs) contained in the Privacy Act.
- Melrose recognizes and acknowledges that protecting the privacy of individuals’ personal information is important and required under the Privacy Act.
What is personal information
- For the purposes of this policy, “personal information” includes the information set out below under “What types of personal information does Melrose collect”.
What types of personal information does Melrose collect
- The types of personal information Melrose collects from you depend on the circumstances in which the information is collected.
- Melrose may collect contact details including your name, occupation, address, email address, phone and fax numbers and your date of birth. We may collect answers you provide to questions we ask and other information in relation to your dealings with Melrose. If you purchase products or services from us, we may also collect certain transactional information and financial details to process the transaction.
- If you are an Individual Contractor to Melrose, we may also collect information relevant to your engagement with Melrose Health including qualifications, resume, reference information from your nominated referees, tax file number, bank details, insurance details, feedback from supervisors and training records.
- Melrose may collect your personal information when you apply for a role with Melrose. Such information may include your qualifications, resume, reference information from your nominated referees, tax file number, bank details. Where you are unsuccessful in an application for a role with Melrose, Melrose may request that it retains your personal information to enable Melrose to consider you for future roles that may become available at Melrose.
- Melrose may also collect information about you when you access Melrose’s website. When you use Melrose’s websites, we may collect website usage information such as the IP address you are using, your browser version, the website that referred you to us and the next website you go to, the pages you request while visiting our websites, the date and time of those requests and the country you are in.
- In certain circumstances we are required to collect government identifiers such as tax file numbers, Medicare numbers, health service provider numbers, pension numbers and Veteran's Affairs numbers. Melrose only collects, uses and discloses such information as permitted or required by law.
- In addition to the types of personal information identified above, Melrose may collect personal information as otherwise permitted or required by law.
How does Melrose collect your personal information
- Melrose only collects personal information using lawful and fair means. Melrose will not collect personal information unless the information is reasonably necessary for one or more of Melrose’s functions or activities.
- Melrose Health collects personal information in a number of ways. The most common ways Melrose collects your personal information are:
- from publicly available sources;
- from forms which you complete and submit to us, including online forms;
- through mail correspondence, emails and other electronic means;
- from job applicants and staff members;
- from direct contact in the course of Melrose providing goods and/or services to you;
- in the course of Melrose conducting market research, including customer satisfaction surveys;
- in the course of answering a general inquiry regarding Melrose, the products and/or services Melrose provides;
- directly from you when you provide it to us or our agents or contractors;
- via our website or when you deal with us online (including through our social media pages);
- if you are an individual contractor to Melrose Health, from your employer or recruitment agency;
- from our related companies;
- from credit reporting agencies;
- Work program; from referees if you apply for a position as an Employee or Contractor with us); and
- from consumer feedback where it is possible we would likely get name and contact details. Some consumers provide fuller information such as the condition and treatment so that Melrose can help them with product advice.
- Subject to the foregoing, to the extent reasonably practicable and reasonable for us to do so, Melrose only collects personal information about an individual directly from that individual. Additionally, Melrose will only collect personal information where Melrose specifically requests that information, except in circumstances where personal information is volunteered to Melrose or is otherwise supplied to Melrose or disclosed to Melrose without Melrose asking for such information.
Dealing with Melrose anonymously or pseudonymously
In accordance with the requirements of the APPs, you have the option of not identifying yourself or of using a pseudonym when dealing with Melrose in relation to a particular matter.
However, in accordance with the APPs, the foregoing would not apply in relation to that matter if Melrose is required or authorized by or under an Australian law, or a court or a tribunal order, to deal with individuals who have identified themselves concerning that matter.
Additionally, if it is impracticable for Melrose to deal with individuals who have not identified themselves or who have used a pseudonym on a particular matter, then Melrose would not be required to provide you with the option to engage with Melrose on an anonymous or pseudonymous basis concerning that matter.
For example, if you choose to interact and deal with Melrose on an anonymous or pseudonymous basis, or if you do not provide Melrose with personal information when requested, Melrose may be unable to provide you with all of the products and/or services that you seek from Melrose.
Further, Melrose reserves the right to verify your identity as part of Melrose’s response to a request to access and/or correct personal information Melrose holds about you, or as part of Melrose’s complaints-handling process.
If Melrose is unable to verify your identity, or if you continue to engage with Melrose in an anonymous or pseudonymous basis, then Melrose may be unable to satisfy your request or to complete its complaints-handling process.
For what purposes does Melrose collect, use and disclose your personal information
- The purposes for which we use and disclose your personal information will depend on the circumstances in which we collect it. Whenever practical Melrose will take reasonable steps to inform you why Melrose is collecting your personal information, how Melrose intends to use that information and to whom Melrose intends to disclose it at the time we collect your personal information.
- Melrose may use or disclose your personal information:
- for the purposes for which Melrose collected it (and certain secondary purposes where permitted by law); - for other purposes to which you have consented; and - as otherwise authorised or required by law.
- In general Melrose collects, uses and discloses your personal information so that we can do business together and for purposes connected with our business operations such as Melrose providing you with information useful to your needs.
- Some of the specific purposes for which Melrose collects, uses and discloses personal information are:
- to respond to you if you have requested information (including via our websites or via an email or other correspondence you send to us);
- to provide goods or services to you or to receive goods or services from you;
- to process transactions and to administer customer accounts;
- to administer and manage services, including charging, billing and collecting debts;
- to enable you to participate in any research or marketing or competitions or similar programs that Melrose conducts from time to time;
- to improve products and services and keep you up to date on such improvements;
- to understand Melrose’s customers better and help improve Melrose’s products and services;
- to allow performance reporting and benchmarking of our business, if applicable;
- to contact you (directly or through Melrose’s service providers) to obtain your feedback, to find out your level of satisfaction with our products and services and for other market research activities;
- to verify your identity;
- to enable and manage all Melrose's contracts, including Melrose's supplier, contractor or consultant relationships;
- to address any issues or complaints that we or you have regarding our relationship;
- to directly market Melrose’s products and services to current and prospective customers (including through direct mail and direct email to current and to prospective customers), provided that such recipients have not opted out of receiving such communications from Melrose; and
- to contact you regarding the above, including via electronic messaging such as SMS and email, by mail, by phone, by fax or in any other lawful manner.
- Melrose may also use and/or disclose personal information it collects about an individual for one or more of the following purposes:
- assessing an opportunity to provide Melrose’s products and services to a current or prospective customer;
- to comply with Melrose’s obligations with any law or statute that binds Melrose;
- to comply with Melrose’s obligations under a contract into which Melrose has entered;
- to assess the suitability of an individual applying for a job with Melrose; and
- to assess and to manage the supply of goods and/or services to Melrose by a contractor or service provider.
What happens if you don't provide personal information
- Generally, you have no obligation to provide any personal information requested by us. However, if you choose to withhold requested personal information, we may not be able to provide you with products and services that depend on the collection of that information.
- Individuals while seeking employment with Melrose Health, who fail to provide any lawfully requested personal information, may experience delays in the consideration of their application for employment or it may result in their application for employment being unsuccessful.
To whom does Melrose disclose personal information
- Generally, Melrose will use its reasonable endeavours to disclose de-identified information to third parties. However, Melrose may disclose personal information it collects to third parties but only on an as-needs basis and in order to facilitate the fulfilment of one or more purposes for which the information was collected, or any secondary purpose related to the primary purpose for which Melrose may be permitted to disclose such information by law.
- This may include disclosing your personal information to the following types of third parties:
- We may disclose your personal information to third parties in connection with the purposes described in section 5.
- Melrose’s related companies, such as Orchard Pty Ltd;
- Melrose’s agents, suppliers, contractors and other third parties that provide goods and services to Melrose (including suppliers, marketing agencies, data analysis specialists, data processing organisations, billing and debt recovery providers, website and data hosting providers and other IT suppliers) in order to enable them to provide products and/or services to Melrose which may directly or indirectly benefit the individual from whom Melrose collected the information;
- Melrose’s customers, where Melrose is required to disclose personal information under contracts entered into with any of Melrose’s customers;
- Melrose’s accountants, insurers, lawyers, auditors and other professional advisers;
- government and regulatory authorities, courts, tribunals and other bodies as required or authorised by law;
- any third parties to whom you have directed or permitted us to disclose your personal information (e.g. referees);
- in the event that Melrose or its business and assets may be acquired or considered for acquisition by a third party, that third party and its advisors;
- carefully selected third parties with whom Melrose has data sharing arrangements;
- third parties that require the information for law enforcement or to prevent a serious threat to public safety; and - otherwise as permitted or required by law.
- Where we disclose your personal information to third parties we will use take reasonable steps to ensure that such third parties only use your personal information as reasonably required for the purpose we disclosed it to them and in a manner consistent with the APPs.
- If you post information to public parts of Melrose’s websites or to its social media pages, you acknowledge that such information (including if it includes your personal information) may be available to be viewed by the public. You should use discretion in deciding what information you upload to such sites.
- Without limiting the foregoing, we Melrose may disclose personal information about an individual when required by law or court order, or other governmental order or process to disclose, where Melrose believes in good faith that the law compels Melrose to disclose the information.
- Melrose may disclose personal information of an individual where Melrose considers (in good faith) that it is reasonably necessary for Melrose to do so in order to identify, contact or bring legal action against an individual whom Melrose suspects or knows is causing harm to Melrose, its business or operations.
Disclosure of information outside the State/Territory/Nation of collection
- Some recipients of information Melrose discloses from time to time may be located outside Australia. The countries in which such third parties are located will depend on the circumstances. For example, we may disclose personal information to our related companies overseas and to our overseas service providers.
- In the ordinary course of business we may transfer to, or store personal information at, overseas parties (for example, offshore data centres located in the US and Asia). All transfer of information is encrypted, and Melrose takes reasonable commercial technical measures to ensure data security using contemporary storage and cryptographic techniques. Melrose ensures processes are in place to ensure information is only shared with parties with a legitimate requirement to carry out services outlined in this policy.
- Except in some cases where we may rely on an exception under the Privacy Act or other law, we will take reasonable steps to ensure that such overseas recipients do not breach the APPs in relation to such information.
Use or disclosure of personal information for the purpose of direct marketing
Melrose reserves the right to use and disclose your personal information for the purpose of direct marketing to you where:
- you have consented to us doing so;
- where Melrose collected your personal information directly from you, in circumstances where you would reasonably expect us to use and/or disclose your personal information for the purpose of direct marketing or
- it is otherwise permitted by law.
Direct marketing involves communicating directly with you for the purpose of promoting goods or services to you and to provide you with special offers. Direct marketing can be delivered by a range of methods including mail, fax, telephone, email or SMS. You can unsubscribe from our direct marketing, or change your contact preferences, by exercising the opt-out mechanism included with each direct marketing communication or through contacting us (see section 15).
In directly marketing Melrose’s products and services to you, Melrose will comply with other laws relevant to marketing, including the Spam Act 2003(Cth), the Do Not Call Register Act 2006(Cth) and the Competition and Consumer Act 2010(Cth) (including the Australian Consumer Law).
All direct marketing communications which Melrose may send will include an easy opt-out mechanism if at any time you wish to stop receiving direct marketing communications from Melrose.
How does Melrose protect personal information
- Melrose will take reasonable steps to keep any personal information we hold about you secure from misuse, interference and loss, and from unauthorized access, modification and disclosure. Please notify us immediately if you become aware of any breach of security.
- Melrose regularly reviews and updates its physical and data security measures in light of current technologies and threats. Unfortunately, no data transmission over the Internet or over mobile data and communications services can be guaranteed to be totally secure.
- In addition, Melrose’s employees and contractors who provide services to Melrose or who have access to personal information Melrose collects and holds are obliged to respect the privacy of any personal information Melrose holds.
- Melrose does everything reasonably within its power and control to prevent unauthorized use or disclosure of personal information Melrose collects and holds.
- However, to the maximum extent permitted by law, Melrose is not responsible for events arising from unauthorized use of or access to personal information except to the extent that such unauthorized use or access is as a result of Melrose’s failure to comply with its legal obligations concerning the steps taken to secure the personal information Melrose collects and holds.
- Additionally, in accordance with Melrose’s statutory obligations, it will take reasonable steps to destroy or to de-identify personal information when the information is no longer required for the purpose(s) for which the information as collected.
- Where Melrose destroys or de-identifies personal information, Melrose will endeavor to do so via a secure means.
Accuracy of the personal information we hold
- Melrose will take reasonable steps to maintain your personal information as accurately as reasonably possible. However, Melrose relies on the accuracy of personal information as provided to us both directly (from you) and indirectly.
- You may contact us if the personal information we hold about you is incorrect or to notify us of a change in your personal information. Our contact details are set out below.
- Corrections will be made to any incorrect information or, in the event of a correction being refused, a reason will be provided.
- Where information about an individual is corrected, and the information has previously been disclosed to third parties, Melrose will take reasonable steps to notify third parties of the correction.
Links, cookies and use of Melrose Health websites and applications
- Melrose uses "cookies" and similar technology on its websites and in other technology applications. The use of such technologies is an industry standard, and helps us monitor the effectiveness of our advertising and how visitors use our websites/applications. We use such technologies to generate statistics, measure your activity, improve the usefulness of our websites/applications and to enhance the customer experience.
How can you access and correct personal information Melrose Health holds about you
- You may seek access to personal information which Melrose holds about you by contacting us as described below.
- Melrose will provide access to that information in accordance with the APPs, subject to certain exemptions which may apply. As noted above, Melrose reserves the right to require that the person requesting access provide suitable identification (to ensure that Melrose does not inadvertently release or disclose personal information to an individual not entitled to access such information) and where permitted by law Melrose may charge a reasonable fee to cover Melrose’s costs incurred in providing access to your personal information.
- Further, Melrose reserves the right to redact information it makes available in response to an access request, to protect the privacy of other individuals.
- From to time, Melrose may refuse to provide access to the information held about an individual, in accordance with the APPs. Where Melrose refuses access, Melrose will explain the reasons for refusal in writing and provide details in relation to the relevant complaint process.
- As noted above, Melrose takes reasonable steps to ensure that the information Melrose collects, holds, uses and discloses about an individual is complete, up-to-date and accurate. However, if at any time you believe or become aware that any personal information we hold about you is incorrect or if you wish to update your information, you have the right to request that Melrose amends or updates such information. If Melrose refuses the correction request, Melrose will provide written reasons and information about the complaints process should you not be satisfied with Melrose’s resaons.
Queries, comments and complaints about our handling of personal information
- When contacting Melrose please provide as much detail as possible in relation to your question, comment or complaint.
- Melrose will promptly acknowledge receipt of your complaint and Melrose will endeavor to deal with your complaint and to provide you with a response within a reasonable time period following Melrose’s receipt of your complaint (generally within 30 days of receipt).
- Where the complaint requires a more detailed investigation, it may take longer to resolve. If this is the case, then Melrose will endeavor to provide you with progress reports.
- Melrose will take any privacy complaint seriously and any complaint will be assessed by an appropriate person with the aim of resolving any issue in a timely and efficient manner. We request that you co-operate with Melrose during this process and provide us with any relevant information that Melrose may need.
- Melrose reserves the right to verify your identity and to seek (where appropriate) further information from you in connection with your complaint.
- Where required by law, Melrose will provide its determination on your complaint to you in writing.
- Please note that, in accordance with the APPs, Melrose reserves the right to refuse to investigate or to otherwise deal with a complaint if Melrose considers your complaint to be vexatious or frivolous, or as otherwise permitted by law.
- If you are not satisfied with the outcome of our assessment of your complaint, you may wish to contact the Office of the Australian Information Commissioner or other relevant regulators at http://www.oaic.gov.au/.
How can you contact Melrose?
- Please address all privacy complaints and requests to update or access information to:- Attention: Melrose Health Customer Service 16-18 Lionel Road, Mount Waverley, VIC Australia 3149 OR email: firstname.lastname@example.org. Any requests to access, update or correct your health information should be made in writing.
- To unsubscribe from our direct marketing, you can also contact us at email@example.com and set out the contact details that you no longer want used for direct marketing.