RxTro Pty Ltd ACN 620 032 046 (referred to in this document as we, us or our) recognises that your privacy is very important and we are committed to protecting the personal information we collect from you. The Privacy Act 1988 (Cth) (Privacy Act), and the Australian Privacy Principles govern the way in which we must manage your personal information and this policy sets out how we collect, use, disclose and otherwise manage personal information about you.
Types of information collected
We may collect and hold personal information about you, that is, information that can identify you, and is relevant to providing you with the services you are seeking.
The information we typically collect and hold includes:
- Your name, business address, business telephone number(s) and email address
- Dealings with us in respect of general business relationships
- Work, professional and employment references, reports and assessments
- Information from public domain websites
- Information obtained when you access our website
- Information obtained when you access our customer portal
- Your name, practice location, business telephone number(s) and email address
- Professional credentials and other details, including AHPRA numbers and College CPD number, years in practice
- Practice specialty including areas of interest
- Treatment site affiliation (hospital) and contact information
- Membership of professional associations
- Practice and/or business information
- Information from public domain websites
- Information obtained when you access our website
- Survey and demographic information
- Survey and aggregate clinical practice information (e.g. number and type of patients treated)
- Sales data from IMS, wholesalers, or a Pharmacy point-of-sale system.
The types of Personal Information we collect from job applicants, including contractors, may include:
- Employment history
- Education and Qualifications
- Information relating to credentialing of health professionals
- Opinions about suitability for employment from referees and previous employers
- Taxation, superannuation and banking details
- Information from public domain and social media websites
- Residential address
- Copies of Identification documents – drivers licence and/or passport
- Name and contact information for next of kin
Applicants for employment and/or contract roles have the right to not disclose Personal Information, however we may not be able to assess suitability for employment if we don’t receive all necessary information. We will only disclose the Personal Information of job applicants to third parties with the consent of the job applicant, or as otherwise permitted in limited circumstances by law.
Once a position has been filled, all applications received by us are filed and kept by the recruitment manager in the human resources team.
Purpose of collection
The personal information that we collect and hold about you, depends on your interaction with us. Generally, we will collect, use and hold your personal information for the purposes of:
- providing services to you or someone else you know;
- facilitating contact between you and other users of our website who request your details;
- providing you with information about other services that we, our related entities and other organisations that we have affiliations with, offer that may be of interest to you;
- facilitating our internal business operations, including the fulfilment of any legal requirements;
- assessing your suitability for employment with us or for entry into a contractual services arrangement; or
- analysing our services and customer needs with a view to developing new or improved services.
Method of collection
Personal information will generally be collected directly from you through the use of any of our standard forms, over the internet, via email, or through a telephone conversation with you. There may, however, be some instances where personal information about you will be collected indirectly because it is unreasonable or impractical to collect personal information directly from you. We will usually notify you about these instances in advance, or where that is not possible, as soon as reasonably practicable after the information has been collected.
Use of Information
RxTro customer portal
- Your name, practice name, doctor’s names and practice contact details will be available to third party users of our customer portal
- Information relating to your availability to meet with third party company representatives will be communicated to third party users of our customer portal
- Third party representative names, contact information and the companies they represent will be provided to medical practices and healthcare professionals with whom you have set up meetings
Customer Relationship Management (CRM) Software
- Information relating to healthcare professionals and third parties with which we conduct business will be held on our customer relationship management (CRM) software platform. This information will be accessed and used in the ordinary course of conducting business, including but not limited to communicating with you, order processing and fulfilment, accounting, responding to enquiries or complaints.
- Information relating to third parties with which we conduct business will be used to facilitate the provision of products and services to us.
- Where healthcare professionals or other customers have opted in via completion of a consent form, or request via email, we may use your information to communicate with you in the future about programmes or events which may be of interest to you.
- Information will also be aggregated and used on a de-identified basis for business intelligence/market insights.
We may disclose information about you in the course of any of the uses described above, including to related businesses and third-party service providers for routine business purposes such as order delivery, marketing, hosting, data processing and validation, data storage or archiving, printing and mailing. We will use only reputable service providers and will ensure that we enter into appropriate contractual provisions with service providers to safeguard your privacy.
Should we now or in the future use a third-party Customer Database Provider to supply it with a syndicated database of healthcare professionals and their practices, we will be required to keep the database updated and may disclose some information about healthcare professionals and their practices to its Customer Database Provider. This information will be limited to professional information about healthcare professionals and their practices. The information is used for commercial purposes and the Customer Database Provider makes that information available to all parties who also have access to its database.
Should we in the future buy or sell (or propose to buy or sell) all or part of our business, we may disclose your Personal Information to a third party, as customer information is generally regarded as a business asset.
We will otherwise only disclose Personal Information about you to a third party where required by law.
Failure to provide information
If the personal information you provide to us is incomplete or inaccurate, we may be unable to provide you, or someone else you know, with the services you, or they, are seeking.
If you access our website, we may collect additional personal information about you in the form of your IP address and domain name.
Our website may contain links to other websites. We are not responsible for the privacy practices of linked websites and linked websites are not subject to our privacy policies and procedures.
Use and disclosure
Generally, we only use or disclose personal information about you for the purposes for which it was collected (as set out above). We may disclose personal information about you to:
- our related entities and other organisations with whom we have affiliations so that those organisations may provide you with information about services and various promotions; and
- other users of our website that may request your details for the purposes of contacting you.
We store your personal information in different ways, including in paper and in electronic form. The security of your personal information is important to us. We will follow the procedures in our Information Security and Data Management Policy to ensure that we take all appropriate measures to manage your personal information so that it is stored safely and protected from misuse, loss, unauthorised access, modification or disclosure, including electronic and physical security measures. In the event of an information security breach, we will follow the requirements of the Privacy Act to determine whether an Eligible Data Breach has occurred.
If an Eligible Data Breach has occurred, we may report the data breach to third parties such as:
• Our financial services provider
• police or law enforcement bodies
• the Australian Securities & Investments Commission (ASIC)
• the Australian Taxation Office (ATO)
• the Australian Transaction Reports and Analysis Centre (AUSTRAC)
• the Australian Cyber Security Centre (ACSC)
• the Australian Digital Health Agency (ADHA)
• the Department of Health
• State or Territory Privacy and Information Commissioners
• professional associations and regulatory bodies
• insurance providers.
We will contact you if you have been personally impacted by an Eligible Data Breach.
You may access the personal information we hold about you, upon making a written request. We will try to acknowledge your request within 14 days of its receipt, and to provide you with access to the information requested within 30 days. We may charge you a reasonable fee for processing your request.
We may decline a request for access to personal information in circumstances prescribed by the Privacy Act.
If, upon receiving access to your personal information or at any other time, you believe the personal information we hold about you is inaccurate, incomplete or out of date, please notify us immediately. We will take reasonable steps to correct the information so that it is accurate, complete and up to date.
You may notify us at any time if you do not wish us to retain your Personal Information. We will comply with all such requests wherever practicable and lawful.
Email address: firstname.lastname@example.org
For more information about privacy in general, you can visit the federal privacy commissioner's website at www.privacy.gov.au.
PRIVACY COLLECTION STATEMENT
The purpose of this statement is to advise you that RxTro Pty Ltd ACN 620 032 046 (we, us or our) may collect, use and disclose various personal information about you, for the purposes of providing services to you, disclosing your details to other users of our website that may request your details for the purposes of contacting you, facilitating our internal business operations, including the fulfilment of any legal and regulatory requirements and providing you with information about us and the services that we offer.
If the personal information you provide is incomplete or inaccurate, we may not be able to provide you with the services that you are seeking.