Mayne Pharma is committed to the right to protecting the privacy of personal information in accordance with Australian privacy laws including the Privacy Act 1988 (Cth) and the Australian Privacy Principles in the Act and applicable State and/or Territory health records legislation.
This policy outlines how and the purposes for which Mayne Pharma Group Limited and its Australian subsidiaries, Mayne Pharma International Pty Ltd, Mayne Products Pty Ltd and Mayne Pharma Ventures Pty Ltd (Mayne Pharma) will collect, use, store and disclose personal information. It also outlines the rights of individuals to access the information we hold and to update or correct the information and the process followed to handle complaints.
Personal information will only be used for the purposes set out in this policy unless Mayne Pharma is required by law to disclose specific information about an individual.
We collect personal information from and/or about:
- our customers
- our suppliers
- health professionals
- business contacts
- contractors and agents
- applicants for employment
An organisation collects personal information if it gathers, acquires or obtains personal information from any source and by any means (including generating it from other data it holds) and holds it in a record or a generally available publication including in hard copy on a device or database.
Is information or an opinion (whether true or not or recorded in a material form or not) about an identified individual or an individual who is reasonably identifiable. It may range from the sensitive (for example, medical history or health information) to the everyday (for example, address and phone number). It includes the opinions of others about an individual’s work performance (whether true or not), work experience and qualifications, aptitude test results and other information obtained by Mayne Pharma in connection with possible work placements or recruitment.
(a) information or an opinion about an individual’s: (i) racial or ethnic origin; or (ii) political opinions; or (iii) membership of a political association, religious beliefs or affiliations, or philosophical beliefs; or (vi) membership of a professional or trade association or trade union; or (viii) sexual orientation or practices; or (ix) criminal record, that is also personal information; or
(b) health information about an individual; or (c) genetic information about an individual that is not otherwise health information; or (d) biometric information that is to be used for the purpose of automated biometric verification or biometric identification; or (e) biometric templates.
Dealing with us anonymously
Individuals may deal with us anonymously or use a pseudonym (e.g. when enquiring about our products and services generally) unless we are required or authorised by an Australian law or court/tribunal order to only deal with someone who has identified themselves or it would be impracticable for us to deal with an individual who has not identified themselves or who is using a pseudonym.
Collecting Personal Information
Why do we collect personal information?
Mayne Pharma will collect personal information if it is reasonably necessary for the purpose of carrying out the functions and activities of its business including to:
- develop, manufacture, import, distribute, sell and promote pharmaceutical products and services;
- direct marketing communications to customers;
- undertake research and development;
- administer and manage its business such as paying invoices and travel arrangements;
- handle customer inquiries and complaints;
- comply with regulatory requirements; and
- assess job applicants.
What personal information do we collect?
The personal information collected by Mayne Pharma may include an individual's:
- current and previous address (postal and email)
- telephone and mobile number
- date of birth
- passport numbers and membership numbers
- health information
- career and education history
- results from personality, aptitude or psychometric testing
How do we collect personal information?
We will, if reasonable and practicable to do so, collect personal information directly from the individual concerned. This may take place when the individual fills out documents such as an application form (physical form or on our websites) or when the individual gives us personal information in person, over the telephone or through our website.
We may use analytics tools (including from third party technologies) to collect non-personal information in the form of various usage and user metrics about online customers and users. These tools collect and analyse certain types of information, including cookies, IP addresses, device and software identifiers, referring and exit URLs, onsite behaviour and usage information, feature use metrics and statistics, usage and purchase history, and other similar information.
We may permit certain third party companies to help us to tailor advertising that we think may be of interest to online customers based on their use of our websites and/or online services and to otherwise collect and use data about their use of our websites and/or online services. This allows us to make special offers and continue to market our products and services to those who have shown interest in our products and services.
Collection from third parties
In certain circumstances, we will collect personal information from third parties. For example, we may need to collect personal information from:
- an individual's health service provider
- an individual's employer or former employer
- an individual providing any feedback on performance whether positive or negative
- an individual making a complaint regarding an individual in the workplace
- organisations undertaking medical, personality, aptitude or psychometric tests in which an individual participates
- information received about any investigation, litigation, registration or professional disciplinary matter, criminal matter, inquest or inquiry in which an individual is involved;
- an individual's representatives (e.g. authorised representatives or legal advisers)
- publicly available sources of information
- an organisation identified below as organisation to whom we disclose personal information (see 'Disclosing personal information')
- the use of “cookies” on our websites
Collecting sensitive information
Unless we have consent, we will not collect sensitive information about an individual. Consent means voluntary agreement (express or implied), that is current and specific, by an individual with the capacity to understand and communicate their consent, having been adequately informed of the matter they are agreeing to (eg. act, practice or purpose).
We may collect health information about consumers in the course of our complaints handling processes, or about consultants or contractors working at our premises.
This is subject to some exceptions including if:
- the information is health information and it is necessary to provide a health service; and/or
- the collection is required or authorised by an Australian law or court/tribunal order; a permitted general situation as defined in the Privacy Act exists.
Consequences of not providing personal information
Failing to provide Mayne Pharma with certain personal information means that, potentially, we may not be able to provide the relevant product or service to the individual concerned or not be able to adequately deal with complaints. It may also affect our ability to properly consider the suitability of a job applicant or labour hire.
Disclosing personal information
In line with modern business practices and to meet individuals' specific needs, we may disclose personal information to the organisations described below.
The relevant organisations include:
- contractors to whom we have outsourced some of our functions (eg. product complaints handling and marketing)
- our advisers (including our accountants, auditors and lawyers)
- government and regulatory authorities in Australia or overseas
- organisations if required or authorised by or under and Australian law or court/tribunal order
- organisations involved in a transfer or sale or our assets or business
- organisations involved in managing our corporate risk
- organisations involved in maintaining, reviewing and developing our business systems and websites, procedures and infrastructure including testing or upgrading our computer systems
- organisations involved in managing, validating or administering an individual’s application, employment or engagement such as third party suppliers, assessment agencies, organisations providing education and training, professional associations and counsellors
- organisations involved in the payments system including financial institutions, merchants and payment organisations
- our related companies including those located in the USA
- an individual's representatives (e.g. their authorised personal representatives or their legal advisers)
Because we operate throughout Australia and overseas, some disclosures may occur outside the Australian state or territory in which an individual is resident including overseas. Overseas recipients to whom we may potentially disclose personal information are located in the USA, Europe, Asia and New Zealand.
Using government identifiers
In certain circumstances we are required to collect government identifiers such as passport numbers. We do not adopt these as our own and we will only use them where it is reasonably necessary to verify the identity of an individual for the purposes of our activities and functions.
Marketing our products and services and opting out
We may use and disclose personal information for the purposes of informing individuals about:
- Mayne Pharma products and services that may be of interest and suit their requirements; and
- promotions or other opportunities in which they may be interested
When we send direct marketing we will tell individuals how they can stop receiving further direct marketing communications from us.
If you wish to stop receiving direct marketing communications from us by any means or at all please let us know by contacting us on the details below.
Storing personal information
We store personal information in different ways, including hardcopy and electronic form. The security of personal information is important to us and we take reasonable steps to protect it from misuse, interference or loss and from unauthorised access, modification or disclosure. Some of the ways we do this include:
- requiring our staff to be trained in all relevant policies and procedures regarding their rights and responsibilities in maintaining confidentiality
- implementing document storage security policies
- imposing security measures for access to our computer systems
- providing a discrete environment for confidential discussions
- only allowing access to personal information where the individual seeking access has satisfied our identification requirements and
- ensuring there is access control into our buildings
Personal information that is no longer required for any purpose for which it may be used or disclosed under the Australian Privacy Principles and is not otherwise contained in a Commonwealth record or is required to be retained by an Australian law or court/tribunal order, will be destroyed or permanently de-identified.
Keeping personal information accurate and up to date
We take all reasonable steps to ensure that the personal information we collect is accurate, complete and up to date and also, when we use and disclose it, that it is relevant. We also rely on the accuracy of the information provided to us. We therefore suggest that individuals:
- let us know if there are any errors in their personal information; and
- keep us up to date with changes to their personal information (e.g. their name and address).
Individuals may do this by mail or email (see our contact details below)
If we are satisfied that the personal information we hold, is inaccurate, incomplete, out of date, irrelevant or misleading or we are asked by an individual to correct their information, we will take reasonable steps to ensure it is corrected.
A request to amend or delete personal information may be refused in certain circumstances. If the request is refused, Mayne Pharma will provide written notification of this decision and our reasons and how the individual may complain, and, if requested, it will be noted with the individual’s personal information that its accuracy has been disputed.
Accessing personal information
Individuals have a right to access their personal information, subject to the exceptions provided by the Privacy Act. Giving access may include allowing an individual to inspect personal information or giving a copy of it to them or showing it to them in some other form.
Individuals can contact us on the details below to seek access to their information and to obtain a form which we would usually ask them to complete to request access. We may charge a fee for collating and providing access to personal information. Where access is granted, it will be within 14 days of receipt of a request or earlier if appropriate in the circumstances. We will need the individual to verify their identity before we can give access.
If access to some or all of the information is refused, or we cannot give access in the manner requested, then we will take reasonable steps to give access in a way that meeds our needs and the individual's needs which may include the use of a mutually agreed intermediary. However if we refuse access, Mayne Pharma will notify the individual in writing and provide the reasons for this decision and will explain how the individual can complain if they are not satisfied with the decision.
We may need you to put your complaint in writing and verify your identity. We will provide written acknowledgement of your complaint and will conduct an investigation. We will aim to complete the investigation within 30 days of the complaint and will advise you of the outcome accordingly.
If you are not satisfied that we have resolved your complaint then you may complain to the Office of the Australian Information Commissioner (OAIC) on telephone number 1300 363 992, or visiting the OAIC website at http://www.oaic.gov.au/, or in writing to:
OAIC GPO Box 5218Sydney NSW 1042
If you would like more information about privacy in general, please refer to the OAIC's website at http://www.oaic.gov.au/
Individuals may ask any questions about privacy and the way we manage personal information or obtain a form requesting access to personal information by:
- writing to Privacy Officer, Mayne Pharma, 1538 Main North Road, Salisbury South, SA, 5106, Australia or
- emailing us at firstname.lastname@example.org or
- calling us on 08 8209 2675