PLEASE NOTE: THIS POLICY WAS UPDATED SEPTEMBER 2015
Mundipharma Pty Limited (“Mundipharma”) respects and upholds your rights to privacy protection under the Privacy Act 1988 (Cth) and the Privacy Regulations 2013 (Cth), as amended from time to time. We are required to comply with the privacy principles that regulate the handling of personal information which are the Australian Privacy Principles (“APPs”).
The purpose of this policy is to:
- Clearly communicate the personal information handling practices of Mundipharma
- Enhance the transparency of our business operations
- Give individuals a better and more complete understanding of the sort of personal information that Mundipharma holds, and the way we handle that information.
When and how do we collect and use your personal information?
Personal information is any information that can be used to identify you. Mundipharma may collect information from you including your personal information (such as name, e-mail, phone number, date of birth and postal address). The information collected will vary depending on your particular interaction with Mundipharma but will be limited to that information necessary to record and manage our interaction with you. In some cases the reason for collection of the information will be indicated when it is collected. In accordance with Australian Privacy Principle 3, we will only solicit personal information where it is reasonable necessary for our functions or activities. As a general policy, and unless indicated otherwise, Mundipharma collects information for one or more of the following purposes:
- Maintaining a record of enquiries (including medical enquiries), complaints and adverse event reports relating to Mundipharma’s products.
- In accordance with regulatory obligations, Mundipharma has a systematic process in place to collect, store and process reports of adverse events experienced by patients taking a Mundipharma product. Adverse event information may be transferred to independent but related companies of Mundipharma located in Europe and USA for the purposes of processing and reporting the adverse event to the respective health authorities as per regulatory requirements. We may also use that information to contact you in relation to your report or send you product, health or other information which we consider to be of importance.
- Sending you material on Mundipharma’s activities and products or development in pharmaceutical treatments which may be of interest to you and tailoring marketing services to suit your needs.
- Supplying you with clinical samples of Mundipharma products.
- Administering clinical trials or other research organised by Mundipharma and which you agree to participate in or be involved with.
- Administering conferences, symposia, expert panels, seminars or other meetings or events organised by Mundipharma.
- Notifying you of matters that Mundipharma may be required by law to notify you of (e.g. product recalls).
- Managing, planning and arranging meetings between you and Mundipharma’s sales representatives.
- Reporting obligations required under the Medicines Australia Code of Conduct.
- Monitoring and reviewing Mundipharma’s compliance with relevant regulations and codes of conduct in its dealings with you.
- Generating customer lists for the purposes of market research.
- If you apply to Mundipharma for employment
- Automated data collection through interaction with our website, for example:
- it is a necessary part of visiting any website, including Mundipharma’s site, that the user’s web browser provides the machine’s identity (its IP address) to the web-server, so that the server can address the reply to the correct machine. In addition, the browser type and operating system are provided; and
- browsing any website, including the Mundipharma’s website, generates a trail of the pages that are visited, and the time apparently spent displaying each page.
Mundipharma will only use personal and sensitive information for the purpose for which it was collected or as may otherwise be permitted by law.
It is our usual practice to collect personal information directly from the individual or their authorised representative.
Sometimes we collect personal information from a third party or a publicly available source, but only if an individual has consented to such collection or would reasonably expect us to collect their personal information in this way.
Mundipharma will only use personal information: for the primary purpose for which it was given to us; for purposes which are directly related to one of our business functions or activities; or, to the extent:
- indicated to you at the time of supply of the information to us;
- you consented to a secondary use or disclosure;
- you would reasonable expect it to be used at the time of supplying the information to a third party or publicly available source;
- required to provide you with a service or goods which you have requested or which relates to that good or services;
- required for the ordinary operation of our Website or our business (e.g. to send you information about our goods and services);
- required by compulsion of law or regulatory practice;
- expressly permitted under any agreement with you; or
- to lessen a serious threat to a person’s health or safety.
Do we disclose information to third parties?
We may disclose personal information to other associated companies of the Mundipharma group. We may also disclose personal information to third parties, who may be located overseas:
1. engaged by us to perform functions or provide products and services on our behalf, such as:
- distributors of our products;
- event organisers and travel agents;
- hosting, data storage or archiving service providers, payment processing and debt collection services;
- marketing, research and advertising agencies;
- fulfilment houses
that are our agents, business partners or joint venture entities or partners;
2. authorised by you to receive information held by us;
3. as part of a sale (or proposed sale) of all or part of our business.
We impose obligations on any external organisations with which we share your personal information to maintain the integrity and security of that information.
Data Transfer Abroad
Some organisations to which we disclose personal information may be located outside Australia. We will not disclose your personal information to an overseas recipient without taking such steps as are reasonable in the circumstances to ensure that the overseas recipient will not breach the Australian Privacy Principles set out in the Privacy Act 1988 (Cth). Such a disclosure could include use of an overseas data processing facility like an email server in USA.
Mundipharma may transfer your deidentified personal and health information to an associated company in USA and/or Europe for the specific purpose of reporting adverse events. We will ensure we comply with our obligations under the respective Privacy Principles with respect to that transfer.
Anonymity and Pseudonymity
Unless we are required by an Australian law or a court/tribunal order, or it is otherwise impractical to deal with individuals who have not identified themselves, all individuals have the option of not identifying themselves, or using a pseudonym, when dealing with us in relation to a particular matter.
Information collected through our websites
We do not collect personally-identifiable information from you, unless you provide it to us voluntarily and knowingly. This means you are under no obligation to provide personal information when visiting our websites. However, if you specifically agree to follow-up contacts by us or ask to be put on our mailing list, we may require your personal information in order to contact you from time to time.
There are some features of our websites that require you to sign up to use. If you do sign up, we use the information you supply for the purpose of providing products, product information or services you request.
When you visit any of our online resources, our metric tools may collect the following information about your visit for statistical purposes:
- server address
- top level domain name (for example .com, .gov, .au, .uk etc.)
- the date and time of your visit to the site
- the pages you accessed and documents downloaded during your visit
- the previous site you visited
- if you’ve visited our site before
- the type of browser used.
We record this data to maintain our server and improve our services. We do not use this information to personally identify anyone.
Notification of the Collection of Personal Information
If we collect personal information about an individual we will take reasonable steps to notify you of:
- our identity and contact details;
- the fact and circumstances of collection;
- whether the collection is required or authorised by law;
- the purposes of the collection;
- the consequences if personal information is not collected;
- our usual disclosures of personal information of that kind;
- whether we are likely to disclose the information to overseas recipients.
We will only use or disclose personal information to communicate directly with you to promote a good or service:
- if we collected the information directly from you, and you would reasonably expect the information to be used in this way;
- if the information was collected by a third party, or if we collected the information directly from you but and you did not reasonably expect the information to be used by us in this way we will only communicate with you if;
- you have consented to the use or disclosure for that purpose; or,
- it is impractical to obtain that consent,:
- we provide a simple way of you opting out of such communications from us;
- each communication to you will contain a prominent statement to the fact that you can complete an opt out statement; and,
- you have not previously made such an opt out request of us.
You will generally be given the opportunity to “opt out” of receiving marketing or promotional communications from us. Instructions for opting out will typically be included somewhere on the communication. You can also opt out of receiving marketing or promotional materials at any time by emailing email@example.com.
Sensitive information is subject to greater restrictions
Some personal information collected by Mundipharma is considered ‘sensitive’. Sensitive information which Mundipharma may collect includes a person’s state of health and medical history.
In accordance with Australian Privacy Principle 3, we will only collect your sensitive personal information with your consent of the individual unless such use or disclosure is required by law or to prevent a serious and imminent threat to life or health of an individual.
Our sales representatives will collect general information about you and your practice as outlined above. This may include information about your prescribing practices.
Data Quality and Security
We take steps to ensure that the personal information we collect is accurate, up to date and complete. These steps include maintaining and updating personal information when we are advised by individuals that their personal information has changed, and at other times when necessary.
We will take all reasonable steps to maintain the security and integrity of your personal information including the use of computer access passwords, lock-up cabinets, privacy policies & procedures and firewalls.
Links and Third Party Platforms
Websites operated by Mundipharma may contain links to other sites operated by third parties. Mundipharma makes no representations or warranties as to the privacy practices of any third-party site and is not responsible for the Privacy Policies of other sites.
Information collected through Employment Applications
In processing applications for employment, Mundipharma collects resumes, references, certificates of graduation and qualification and other personal information about candidates. All applications for employment that we receive are stored in our Human Resources Division. A member of our Human Resources team will review your application. Alternatively, we may provide your application to a recruitment agency or contractor who assists in reviewing applications that we receive.
Resumes sent to Mundipharma as part of an application for an advertised position, or sent generally to ascertain whether any positions are available, will be used to match applicants with available opportunities. If we consider that your application may be suitable to our current requirements, we, or a party acting on our behalf, will contact you to request that you attend an interview. We may also ask you to provide us with contact information for individuals who will act as professional and personal referees. We may contact these individuals and ask them questions we feel are relevant to your possible employment with us. We may contact you again to request that you attend further interviews or to inform you of whether we are able to offer you a position with us.
If your application is not suitable to our current requirements, but we feel that there may be a position in the future for you with us, we will a keep a record of your application and may contact you again if a suitable position becomes available.
How you can access, correct and complain about your personal information
You can always seek access to your personal information and ask us to correct or delete any inaccurate, incomplete or out of date information. Contact firstname.lastname@example.org if you want access to, or want to correct, or make a complaint in relation to the personal information we hold about you. One of our representatives will contact you in relation to your request or complaint.
We are required to take reasonable steps to correct information we hold, to ensure it is accurate, up to date, relevant and not misleading, having regard for the purposes for which it is held.
We are required to take reasonable steps to correct faulty information:
- where we are satisfied , independently of any request, that the personal information we hold is faulty; or,
- where an individual requests we correct their personal information.
In accordance with Australian Privacy Principle 13 we will, as a minimum, fully conform to the following procedural requirements:
- upon request from an individual whose personal information has been corrected, take reasonable steps to notify other organisations of the correction made to the personal information that was otherwise provided to that other entity;
- give a written notice to an individual when a correction request is refused, including reasons for refusal and the complaint mechanism available to the individual
- upon request by an individual whose complaint request has been refused, take reasonable steps to associate a statement with the personal information that the individual believes to be inaccurate, out-of-date, incomplete, irrelevant or misleading
- respond in a timely manner to an individual’s request to correct personal information or to associate a statement with the information
- not charge an individual for making a request to correct personal information or associate a statement, or for making a correction or associating a statement.
Last updated: September 2015