TERRYWHITE CHEMMART PRIVACY POLICY

1. INTRODUCTION

1.1 TW&CM Pty Ltd ABN 38 136 833 620 (‘TerryWhite Chemmart’, ‘we’, ‘us’ and ‘our’), recognises that your privacy is very important to you and that you have a right to control your personal information. We know that providing personal information is an act of trust and we take that seriously. Unless you give us explicit consent to act otherwise, the following policy will govern how TerryWhite Chemmart handles your personal information and safeguard your privacy.

1.2 We are committed to responsible privacy practices and to complying with the Privacy Act 1988 (Cth) (Privacy Act), including the Australian Privacy Principles (Privacy Principles) and Notifiable Data Breaches scheme contained in the Privacy Act, and where relevant, applicable state and territory health records legislation.

1.3 In addition to this Privacy Policy, we may also have specific and additional privacy provisions that apply to certain activities and promotions. In the event of any inconsistency between the provisions of this Privacy Policy and those other specific and additional provisions, the specific and additional provisions will prevail.

1.4 Where applicable, TWCM will handle personal information relying on the related bodies corporate exemption and the employee records exemption in the Privacy Act and any other applicable exemptions in other legislation.

1.5 This Privacy Policy sets out our policies on the management of personal information including how we collect personal information, the purposes for which we use this information, and to whom this information is disclosed. We may change our Privacy Policy from time to time at our discretion. At any time, the latest version of our Privacy Policy is available from our website at www.terrywhitechemmart.com.au/privacy-policy/

2. WHAT IS PERSONAL INFORMATION?

2.1 In this Privacy Policy, ‘personal information’ has the meaning set out in the Privacy Act. Essentially, personal information is information or an opinion about an individual who is reasonably identifiable.

3. HOW DO WE COLLECT YOUR PERSONAL INFORMATION?

3.1 In order to provide products and services to you and to best service your needs, we may collect personal information about you:

(a) through our websites when you deal with us online (including through our booking systems and social media pages);
(b) through our Rewards program (REWARDS) when you apply to be a member or make purchases from our Pharmacies;
(c) through the TerryWhite Chemmart Health App (Health App) when you install and use the app, including to fill scripts from our Pharmacies;
(d) through your subscription to TerryWhite Chemmart Health Benefits Package (HBP) when you subscribe and redeem benefits under that package;
(e) through our Pharmacies when you purchase products and services or fill scripts for medicines;
(f) in the course of conducting customer satisfaction and market research surveys;
(g) from our partners and service providers that we may use to provide, administer and operate our website, REWARDS, the Health App, and the HBP; and
(h) from our related companies.

3.2 We will not collect or monitor any personal information about you without your consent unless we believe it is necessary for the product and services you require or to best service your needs.

3.3 Personal information which we may collect and hold include:

(a) your name, date of birth, address including email address, and phone number (including mobile and landline phone numbers);
(b) your transactional and payment information if ordering online through our website or the Health App;
(c) details of all products and services purchased by you including medicines and dispensary items for the purpose of administering our website, REWARDS, the Health App, or the HBP;
(d) details of the products and services redeemed from your HBP, including health information to determine if the benefits under the package are suitable for you at the time of redeeming them; and
(e) information about your browser, your location, the country you are visiting from, your IP address, which pages you visit and what links you click on when you visit our website, REWARDS portal, the Health App, or social media pages.

4. FOR WHAT PURPOSE DO WE COLLECT, USE AND DISCLOSE YOUR PERSONAL INFORMATION

4.1 The purposes for which we use and disclose your personal information will depend on the circumstances in which we collect it. Whenever practical we endeavour to inform you why we are collecting your personal information, how we intend to use that information and to whom we intend to disclose it at the time we collect your personal information.

4.2 We collect and use personal information about you for the following purposes:

(a) to provide products and services to you through our website, through the Health App, or as part of the HBP;
(b) to provide a more personalised experience on our website and to improve our products and services and keep you up to date on such improvements;
(c) to administer and operate REWARDS;
(d) to market products and services to you based on your activity;
(e) to assist our Pharmacies or other health professionals to provide you with certain products and services (e.g. health services).
(f) to administer and manage services, including charging, billing and collecting fees;
(g) to analyse customer demographics, health, prescription, adherence, and purchasing trends so that we can tailor our products and services;
(h) to improve the quality of our website, REWARDS portal, the Health App, and social media presence;
(i) to respond to you if you have requested information (including via our websites or via an email or other correspondence you send to us) and to address any issues or complaints that you have regarding our relationship;
(j) to obtain your feedback (directly or through our service providers), to find out your level of satisfaction with our products and services and for other market research activities; and
(k) to contact you regarding the above, including via electronic messaging such as SMS and email, by mail, by phone, by fax or in any other lawful manner.

4.3 We may disclose your personal information to third parties in connection with the purposes described above. This may include sharing your personal information with:

(a) our related companies;
(b) our Pharmacies and other health professionals (such as your doctor, pharmacist or hospital), in connection with providing health-related products and services to you or as otherwise required or authorised by law;
(c) specific Third Parties detailed below, to administer and operate our website, REWARDS, the Health App, or the HBP;
(d) other partners that may facilitate the registering of customer to REWARDS, the Health App or the HBP. We may provide to these partners your personal information (excluding your purchases or health information) for reporting and reconciliation purposes; and
(e) other service providers that may provide products and services to us including suppliers, marketing agencies, data analysis specialists, data processing organisations, billing and debt recovery providers, website and data hosting providers, REWARDS administrators and other IT suppliers.

4.4 We may disclose to, and utilise the services of Pharmacies, Intellipharm Pty Ltd, Go Bookings Pty Ltd, 1stGroup Limited, Oracle Corporation Australia Pty Limited, and MedAdvisor International Pty Ltd (Third Party) to do any of the following in relation to sensitive information collected from the administration and operation of our website, REWARDS, the Health App and the HBP:

(a) collect, store and provide to us or our Pharmacy, your personal information including sensitive information;
(b) analyse customer demographics, health, prescription, adherence, and purchasing trends; and
(c) provide targeted marketing of products and services based on your activity.

4.5 The information collected and stored by our Third Parties may be disclosed back to us and to our Pharmacies that you obtain products and services from.

4.6 We will take reasonable steps to ensure that our Pharmacies, Third Parties, our partners, and other service providers only use your personal information as reasonably required for the purpose we disclosed it to them and in a manner consistent with the Privacy Act and Privacy Principles and where commercially practical include suitable privacy and confidentiality clauses in our agreement with them.

4.7 We will not otherwise disclose your personal information to other companies without your consent.

4.8 If you post information to public parts of our websites or to our social media pages, you acknowledge that such information (including your personal information) may be available to be viewed by the public. You should use discretion in deciding what information you upload to such sites.

5. WHAT HAPPENS IF YOU DON’T PROVIDE PERSONAL INFORMATION?

5.1 If you do not provide us with certain information about yourself, we may be unable to provide a product or service to you. Please let us know if you have any concerns about providing personal information so that we can explain why we are collecting it and tell you about our privacy policy and information management practices.

6. DISCLOSURE OF INFORMATION OUTSIDE THE STATE/TERRITORY OF COLLECTION

6.1 Some of the third parties to whom we disclose personal information may be located outside the state or territory in which the information was collected or outside Australia. The state/territories and countries in which such third parties are located will depend on the circumstances. For example, we may disclose personal information to our related companies overseas and to our overseas service providers.

6.2 In the ordinary course of business, we commonly disclose personal information to third parties (for example, offshore data centres located in New Zealand and USA).

6.3 Except in some cases where we may rely on an exception under the Privacy Act or other law, we will take reasonable steps to ensure that such overseas recipients do not breach the Privacy Principles in relation to such information.

7. HOW DO WE PROTECT PERSONAL INFORMATION?

7.1 TWCM will take reasonable steps to keep any personal information we hold about you secure. Please notify us immediately if you become aware of any breach of security.

7.2 Our website, the REWARDS portal and the Health App are secure and controlled environments whilst you are logged into your account. This includes the use of SSL/https 128-bit encryption whenever sensitive information is transferred across the internet. It also includes minimum requirements for password strength.

7.3 Except to the extent liability cannot be excluded due to the operation of statute, we exclude all liability (including in negligence) for the consequences of any unauthorised access to, disclosure of, misuse of or loss or corruption of your personal information. Nothing in this Privacy Policy restricts, excludes or modifies or purports to restrict, exclude or modify any statutory consumer rights under any applicable law including the Competition and Consumer Act 2010 (Cth).

8. ACCURACY OF THE PERSONAL INFORMATION WE HOLD

8.1 We try to maintain your personal information as accurately as reasonably possible. We rely on the accuracy of personal information as provided to us both directly (from you) and indirectly.

8.2 You can amend the personal information you have provided through:

(a) REWARDS, by contacting the Helpdesk on 1800 653 662 or loyalty@twcmhealth.com; and

(b) Health App, by emailing privacy@medadvisor.com.au.

8.3 You may also contact us if the personal information we hold about you is incorrect or to notify us of a change in your personal information. Our contact details are set out in section 12 of this Privacy Policy.

9. LINKS, COOKIES AND USE OF TWCM WEBSITES AND APPLICATIONS

9.1 When you visit our website without an account, we may record anonymous information which tells us about visitors to our website but not the identity of those visitors. For example, we may collect information about the date, time and duration of those visits and which pages of our website are being commonly accessed.

9.2 Our websites may contain links to other sites. This Privacy Policy applies to our websites and not any linked sites which are not operated or controlled by us. We encourage you to read the privacy policy of each website that collects your personal information.

9.3 We use ‘cookies’ and similar technology on its websites and in other technology applications. The use of such technologies is an industry standard and helps us monitor the effectiveness of our advertising and how visitors use our websites/applications. We use such technologies to generate statistics, measure your activity, improve the usefulness of our websites/applications and to enhance the ‘customer’ experience.

9.4 If you prefer not to receive cookies you can adjust your Internet browser to refuse cookies or to warn you when cookies are being used. However, our websites may not function properly or optimally if cookies have been turned off.

9.5 When you visit our website, social media pages or other digital presences, we may track anonymous information which tells us about your online behaviour, but not your identity.

10. HOW CAN YOU ACCESS AND CORRECT PERSONAL INFORMATION WE HOLD ABOUT YOU?

10.1 You may seek access to personal information which we holds about you by contacting us as described in section 12 of this Privacy Policy. We will provide access to that information in accordance with the Privacy Act and health records legislation, subject to certain exemptions which may apply. We may require that the person requesting access provide suitable identification and where permitted by law we may charge an administration fee for granting access to your personal information.

10.2 If you become aware that any personal information we hold about you is incorrect or if you wish to update your information, please follow the process in section 8 or contact us (see section 12 of this Privacy Policy).

11. QUERIES, COMMENTS AND COMPLAINTS ABOUT OUR HANDLING OF PERSONAL INFORMATION

11.1 If you have any questions, comments or complaints about our collection, use or disclosure of personal information, or if you believe that we have not complied with this Privacy Policy, the Privacy Act or applicable health records legislation, please contact us (see section 12 of this Privacy Policy).

11.2 When contacting us please provide as much detail as possible in relation to your question, comment or complaint.

11.3 TWCM will take any privacy complaint seriously and any complaint will be assessed by an appropriate person with the aim of resolving any issue in a timely and efficient manner. We request that you cooperate with us during this process and provide us with any relevant information that we may need.

11.4 If you are not satisfied with the outcome of our assessment of your complaint, you may wish to contact the Office of the Australian Information Commissioner (click here for information) or other relevant regulators.

12. HOW CAN YOU CONTACT US?

12.1 Please address all privacy complaints and requests to update or access information to:
Attention: Privacy Officer TW&CM Pty Ltd
Ground Floor, 50 Park Road,
Milton, QLD 4069

Or

reception@twcmhealth.com.au

12.2 Any requests to access, update or correct your personal information should be made in writing.