We are bound by the Privacy Act 1988 (Cth) (the “Privacy Act”), the Australian Privacy Principles (“APPs”), and applicable State and Territory based health records legislation. The APPs regulate the manner in which Personal Information is handled throughout its life cycle, from collection to use and disclosure, storage, accessibility and disposal.
Health Information includes information or an opinion about:
(i) the health or a disability (at any time) of an individual; or
(ii) an individual’s expressed wishes about the future provision of health services to him or her; or
(iii) a health service provided, or to be provided, to an individual; that is also Personal Information. An example of Health Information is information contained in a patient’s hospital records or information about a person’s allergy or vitamin deficiency.
Personal Information means any information or an opinion, in any form and whether true or not, about an identified individual, or an individual who is reasonably identifiable to us.
Privacy Officer means the person whose details are set out below, and who can be contacted in relation to any enquiries, complaints, or access and correction requests in connection with this policy.
Sensitive Information is a subset of Personal Information that is given a higher level of protection by law because of its sensitive nature and includes Health Information and information about a persons’ race, ethnic origin, political opinions, membership of political, professional or trade associations, religious or philosophical beliefs, sexual orientation and criminal history.
We will only collect Sensitive Information if the individual has consented to its collection or if the collection is otherwise permitted under the Privacy Act.
Collection of your Personal Information
The types of Personal Information we may collect about you through the website or when you contact us via email or telephone, including through the product enquiry line we offer, includes your name, gender, date of birth, email address(es), residential, business/profession and postal address(es), contact telephone numbers and facsimile numbers, Health Information (for example any medical condition or adverse events you tell us about, or your use of our products), government related identifiers, any comments or suggestions about our products and other information that may be relevant in our dealings with you. More specifically, depending on the type of relationship we have with you, we may collect the following:
From a doctor or pharmacist:
- Name, profession, business address and other contact information;
- Any comments or suggestions regarding our products;
- Details gathered during calls made by our sales representatives to ensure we provide a personalised service;
- Statistical details regarding prescriptions given or filled;
- Details of samples requested from us; and
- (For pharmacists) financial information required for purchases of our products.
From an individual consumer: Name and contact details; and
- Any Personal Information provided to us which is relevant to a query or complaint. This may include Health Information provided pursuant to an individual’s express consent.
From a job applicant:
- Name and contact details;
- Qualifications and employment history;
- Health Information (if a medical examination is required);
- The results of a criminal record check (if a criminal record check is required);
- Whether the applicant is an Australian citizen or permanent resident and if not, their visa type; and
- Whether the applicant holds a current driver’s licence.
From a member of a patient support program:
- Name and contact details;
- Website account user login details;
- Date of birth;
- Biometric information; and
- Role (e.g. patient, parent/carer, school or pharmacist).
From clinical trial participants:
- Allergies, disease type or condition;
- Medical history;
- Test and trial results;
- Biometric and genetic information (including samples);
- Name of doctor or treating physician; and
- Family history
We only collect information that is reasonably necessary for our activities listed below. We will usually collect Personal Information direct from you, unless it is not reasonable or practical to do so, or you have consented to us obtaining the information from a third party, such as a doctor or pharmacist.
Use and disclosure of your Personal Information
We use Personal Information to:
- Efficiently administer, manage and deliver our products and/or services including through our website;
- Provide information about other products and/or services that may be of benefit;
- Respond to any queries, complaints or adverse event reports made through this website or via a product enquiry line;
- Statistically analyse the distribution of our products;
- Facilitate our internal business operations, including fulfilment of any legal requirements (for example, submitting suspected Adverse Drug Reaction(s) to the Office of Product Review (“OPR”) in compliance with the Therapeutic Goods Administration requirements or where legally required by law enforcement agencies or government auditors;
- Conduct clinical trials, with consent of participants; and
- Conduct research in a de-identified manner relevant to public health and/or safety, to compile and analyse statistics relevant to public health, all in a manner permitted by Australian law, where the information provided is Health Information.
We may disclose your Personal Information:
- To our related entities;
- To our agents, contractors or third party service providers that provide financial, legal, administrative or other services in connection with the operation of our business, for example mailing houses, software developers, IT maintenance providers and solicitors, or together with the sale or transfer of one of our products or services to another person or entity (to enable continuity of supply of that product or service);
- Where acting in good faith, we believe that the law requires or permits us to do so (e.g., to law enforcement agencies, OPR or government auditors); or
- With your consent, including to an authorised person or their health service provider.
We share Personal Information with Mylan N.V. based in the Netherlands and UK and its affiliates. These affiliates include Mylan Inc., which serves as our corporate headquarters and is based in the United States. They may be in countries which may not take steps to ensure that the Personal Information that we disclose to those countries is handled in accordance with the APPs. However, we take steps to ensure that Personal Information is transferred, stored and processed in a secure manner, and that your privacy rights are respected in a manner that is consistent with APPs.
Direct marketing and opting out
We may, after obtaining express prior consent or in appropriate circumstances via the contact details provided such as email, SMS or phone, inferred consent, use and disclose information, including Personal Information, to communicate with you about its current or new products and services that it considers may be useful or relevant to you. We do not rent, sell or share Personal Information about individuals with other people or non-affiliated companies for their direct marketing purposes. If you do not wish to receive direct marketing from us in the future, you may opt out of receiving such communications at any time by following the opt out instructions set out in the relevant communication or by contacting the Privacy Officer using the details set out below.
Data quality and security
We take reasonable steps to protect your Personal Information from misuse, loss, unauthorised access, modification or disclosure.
Personal Information is stored securely whether in an electronic or physical form. For example, only staff needing access to the information are allowed access. Personal Information is stored in secured premises or in electronic databases requiring logins and passwords. Personal Information will be permanently de-identified or destroyed if it is no longer required for any purpose for which we collect it as described in this policy or for which we may otherwise use or disclose it, or when we are no longer required to keep it. Some information, particularly Health Information, must be kept for a number of years to comply with legal requirements, such as health records legislation.
Anonymity and pseudonymity
When dealing with us, you may choose not to identify yourself, use a pseudonym, or not provide us with some or all of your Personal Information. However, in any of these situations, such elections may affect our ability to provide the products, services, information or assistance requested. Where you elect to use a pseudonym, or to use this website anonymously, we may subsequently contact you and request details of your true identity if we need them to fulfil any legal requirements.
Access to and correction of your Personal Information
We try to ensure that all the Personal Information about an individual that we collect, hold, use or disclose, is relevant, accurate, complete and current. You must promptly notify us if there are any changes to your Personal Information
We may need to verify your identity before giving access to or correcting your Personal Information. We will respond to such requests in a reasonable time, usually within 30 days.
We will provide you with access to your Personal Information unless an exception in the Privacy Act or applicable health records legislation applies.
If we refuse your request for access to or correction of your Personal Information in response, we will notify the you in writing of our decision and our reasons (unless it would be unreasonable to do so) and how to complain about the decision. If we refuse to correct Personal Information, you may ask us to record a statement with that Personal Information indicating what you believe is incorrect.
Questions, Concerns or Complaints
If you wish to make a complaint in relation to our handling of your Personal Information or a decision about your access or correction request or you have any other questions or concerns about your privacy, you should contact our Privacy Officer by phone, email or post using our details set out below.
We will need details about the nature of the complaint and will need to verify your identity. We will investigate any complaint and respond within a reasonable period and generally within 30 days. We may need to request more information in order to respond.
If you are not satisfied with our response to a complaint, you can contact the Office of the Australian Information Commissioner on the details below:
Our Contact Details
PO Box R1462
Royal Exchange Post Office
Tel 02 9298 3999
Fax 02 9566 4686
OAIC contact details
Office of the Australian Information Commissioner (OAIC)
Phone: 1300 363 992
Post: GPO Box 5218, Sydney NSW 2001
Online form: www.oaic.gov.au (Privacy Complaint Form)
Further information about the APPs and the application of the Privacy Act to the private sector generally can be found at the website of the OAIC at http://www.oaic.gov.au.
Last updated: 2/05/2019