Privacy Policy

Sirtex Medical Limited ACN 078 116 122

March 2014

The information below is also available as a PDF document.

 

1. Introduction

Sirtex Medical Limited ACN 078 116 122 and its subsidiaries (hereinafter referred to as "we", "us", "Sirtex" and "Sirtex Medical") are committed to protecting the privacy of your information, and to handling your personal information in a responsible manner in accordance with the Privacy Act 1988 (Cth), the Privacy Amendment (Enhancing Privacy Protection) Act 2012, the Australian Privacy Principles ("APPs") and relevant State and Territory privacy legislation (collectively referred to as privacy legislation).

This Privacy Policy explains how we collect, use and disclose your personal information, how you may access that information, and how you may seek the correction of any information. It also explains how you may make a complaint about a breach of privacy legislation.

By accessing or using our websites, or by providing your personal information to Sirtex, you:

a) confirm that you understand that your personal information, including health information, will be collected and processed as described in this Privacy Policy, and in accordance with any other explanation you may be given at the time of providing the information; and

b) consent and agree to such collection and processing.

In addition, if you are providing personal information to Sirtex on behalf of someone else (for example, as their carer, parent or legal guardian), you confirm that you have authority to consent to the use of their information as described in this Privacy Policy.

If you do not consent to the collection, use and disclosure of your personal information (including health information) as set forth in this Privacy Policy, you should not use our websites, or provide personal information to Sirtex.

From time to time we may make changes to our policy, processes and systems in relation to how we handle your personal information. We will update this Privacy Policy to reflect any changes, which will be available on our website.

 

2. Types of Personal Information Sirtex collects

The type of personal information that may be collected will depend on Sirtex's relationship with the person, and the circumstances of collection.

2.1 General Information

The information we collect from you may include your personal details, for example

  • your name and gender;
  • your address;
  • your age, date of birth, weight and height;
  • your e-mail address;
  • your phone number(s) and fax number(s);
  • other contact information;
  • health information relating to you (including details of medical history, diagnosis, treatment and prognosis); and/or
  • details of your relevant health care professional(s).

The information we collect from you may also include:

  • details of any specific products, services or clinical trials you want to learn about;
  • photographs/images (where authorised by you); and
  • Information you provide in "free text" fields when completing information sheets and forms, such as pre-treatment evaluation forms.

Information about your health is referred to in this Privacy Policy as "health information".

2.2 Contractors, Officers & Employees

For contractors, officers and persons seeking employment with Sirtex, we may collect the following information:

  • name, gender and date of birth;
  • residential address, email address, contact telephone numbers and emergency contact details;
  • personal resumes which may contain details of education and work history, personal interests, details of referees and other information relevant to the individual;
  • documents that you provide as evidence of your skills, qualifications, training, work history, identity and legal right to work;
  • bank account details, superannuation details and tax file number;employee records (including leave entitlements, salary details and performance review information); and
  • doctors' certificates in the case of sick leave.

2.3 Health Professionals

If you are a healthcare professional, we may collect personal information about you including:

  • your medical specialty;
  • your clinical interests;
  • details of the clinics you work at or own;
  • details of Sirtex products you have purchased;
  • your preferred language; and
  • details of your education, qualifications and experience.

 

3. From whom do we collect personal information?

Wherever practicable we will only collect information from you personally. However, we may also need to collect information from other sources such as treating health care providers, carers and guardians.

In the case of persons seeking employment with Sirtex, information in an applicant's resume may be verified by contacting referees. Sirtex may also obtain information about an individual seeking employment from a recruiter.

Salary survey data may be collected from third parties which is used to assess and determine salaries to be paid to officers of Sirtex and staff.

We will only collect information from third parties when it is not reasonable and practical to collect the information from you directly.

 

4. When does Sirtex collect Personal Information?

Information may be collected by medical and non-medical staff. We collect information about you when you:

  • request information about our products, services and/or clinical trials;
  • telephone, email or write to us;
  • use our website;
  • apply to, and/or participate in a clinical trial;
  • apply to, and/or participate in conducting clinical trials;
  • attend one of our presentations or training sessions;
  • complete a Sirtex application form or feedback form;
  • apply for work experience or employment with us;
  • commence employment with Sirtex; and/or
  • accept an offer of employment, or enter into a contract with Sirtex.

We may also need to collect personal and sensitive information in order to comply with our legal obligations.

 

5. How Sirtex stores information

Personal information is stored and held in a combination of hard copy and electronic files maintained by Sirtex, and on personal devices, including laptop computers.

We may combine information made available from a variety of sources. This enables us to analyse the data in order to gain useful insights which can be used for the purposes mentioned in section 6 of this Privacy Policy.

 

6. How is Personal Information Used?

6.1 Use of Personal Information

We use personal information that is reasonably necessary for one or more of our functions (the primary purpose), or for a related secondary purpose that would be reasonably expected by you, or to which you have consented.

Sirtex may use your information for the following purposes:

  • to establish your identity;
  • to provide the products, information and/or services you request;
  • to evaluate whether an individual is suitable to participate in a clinical trial;
  • to evaluate whether an individual is suitable to conduct a clinical trial;
  • to engage individuals to participate in clinical trials;
  • to engage medical staff to conduct clinical trials;
  • for medical research purposes;
  • to comply with regulatory requirements, such as maintaining a record of medical queries, complaints, adverse events and recalls relating to our products;
  • to contact you to satisfy any of our legal or regulatory obligations;
  • to create a profile from the interactions we have with you to help us understand what information you might be interested in receiving;
  • to invite you to participate in surveys and provide feedback to us;
  • to deal with queries, requests or complaints;
  • to provide you with a personalised experience when you interface with Sirtex;
  • to contact you with information and notices related to your use of our websites;
  • to improve the content, functionality and usability of our websites; andto manage the relationship between Sirtex and officers, contractors and employees (including making salary and superannuation payments, managing performance and managing a person's career with Sirtex).

6.2 Job Applicants

Data provided by you to support your job application is used for the purpose of managing our recruitment process. We may keep a record of your application in order to contact you about future job opportunities, and send you emails about job opportunities with Sirtex. You can request to have your applicant profile and personal information changed or deleted at any time by contacting us using the contact details provided for in section 21 of this Privacy Policy.

 

7. Direct Marketing

Sirtex does not generally engage in direct marketing activities. However on occasion we may communicate with individuals by email and other forms of communication. If you do not want to receive emails and/or other communications from us, you can inform us at any time. You may opt out of electronic communications by contacting us using the contact details provided for in section 21 of this Privacy Policy.

 

8. Sensitive Information

We only collect sensitive information reasonably necessary for one or more of the uses specified in section 6 of this Privacy Policy, if we have the consent of the individual to whom the sensitive information relates, or if the collection is:

  • necessary to lessen or prevent a serious threat to life, health or safety;
  • necessary pursuant to a legal requirement;
  • required for another permitted general situation (as defined in Section 16A of the Privacy Act 1988 (Cth)); or
  • for a permitted health situation (as defined in Section 16B of the Privacy Act 1988 (Cth)).

 

9. Disclosure

9.1 Subsidiaries and Related Bodies Corporate

We will treat your personal information as strictly private and confidential. We may however on occasion exchange your personal information with Subsidiaries and/or Related Bodies Corporate of Sirtex Medical Limited, and with Sirtex distributors who are required to comply with this Privacy Policy). These entities may use the personal information for the purposes specified in section 6 of this Privacy Policy.

9.2 Third Parties

It may be necessary for us to disclose your personal information to certain third parties in order to assist us with one or more of our functions or activities, or where permitted or required by law. Third parties may include:

  • clinics or hospitals (where treatment is received and/or clinical trials are performed);
  • medical practitioners and related staff;
  • health insurers and health service providers;
  • those to whom we outsource certain functions, for example information technology support;
  • auditors and insurers;
  • government and law enforcement agencies and regulators; and
  • entities established to help identify illegal activities and prevent fraud.

9.3 Sale of Business / Restructure

If all or any part of our business is sold, restructured or integrated with another group of companies, personal information may be transferred to another party. Those parties will be bound by the requirements of this Privacy Policy and will be required to use the personal information in the same ways as set out in this Privacy Policy.

9.4 Service Providers

Our service providers are required by contract to protect the confidentiality of the personal information we share with them, and to use it only to provide services on our behalf.

9.5 When do we disclose Personal Information?

We may disclose your personal information from time to time, only if one or more of the following apply:

  • you have consented;
  • you would reasonably expect us to use or disclose your personal information in this way;
  • we are authorised or required to do so by law;
  • disclosure will lessen or prevent a serious threat to the life, health or safety of an individual or to public safety;
  • where a permitted general situation applies (as defined in Section 16A of the Privacy Act 1988 (Cth)) or a permitted health situation applies (as defined in Section 16B of the Privacy Act 1988 (Cth)); or
  • disclosure is reasonably necessary for a law enforcement related activity or by a Government body or agency, or by a Court of law.

9.6 Officers, employees or contractors

Sirtex does not disclose personal information about officers, employees or contractors to any third parties (including overseas entities), unless prior consent is obtained from the relevant individual. Personal information about officers, employees or contractors may however be disclosed if required:

  • pursuant to the Privacy Act 1988;
  • pursuant to a legal requirement; or
  • by an enforcement agency, Government body, or by a Court of law.

 

10. Overseas Recipients

10.1 Sirtex businesses worldwide

Sirtex Medical Limited has business operations in numerous locations worldwide. By sharing your personal information with Sirtex, your personal information may be transferred to, or be accessible by businesses in other countries that form part of the Sirtex group.

The counties in which such recipients are likely to be located are Australia, Singapore, United States & Germany.

10.2 Service Providers located outside Australia

Your information may be provided to service providers located outside Australia. The locations of the service providers may change from time to time.

The counties in which service providers are likely to be located are Australia, Singapore, United States & Germany.

10.3 Transfer of Personal Information to a Foreign Recipient

We may transfer personal information to a foreign recipient (including when an overseas entity accesses the information in Australia), only if:

  • we reasonably believe that:
    • the recipient is subject to law, or a binding scheme, that has the effect of protecting the information in a way that, overall, is at least substantially similar to the APPs; and
    • there are mechanisms that the individual can access to take action to enforce that protection of the law or binding scheme; or
  • the disclosure is required or authorised by or under an Australian law or a court/tribunal order; or
  • the transfer is necessary for the performance of a contract / arrangement with the individual (from which the information was collected); or
  • the transfer is for the benefit of the individual (and the other APP requirements are met); or
  • the individual consents to the transfer.

10.4 Assessment of Foreign Privacy Laws

When disclosure is to be made to a known overseas entity, we will take reasonable steps to assess the privacy laws of the country where information will be disclosed to determine whether the overseas recipient is required to comply with privacy laws that are at least as stringent as the APP requirements in relation to information. Our service providers are required to enter into a contract pursuant to which they agree to protect the confidentiality of the personal information we share with them, and to use the information only to provide services on our behalf.

 

11. Cookies and similar technologies

Sirtex makes use of Google Analytics, a web analytics service provided by Google, Inc. ("Google"), which uses cookies to analyse how users use the website. The information generated by the cookie about your use of the website will generally be transmitted to and stored by Google on servers in the United States.

At the request of Sirtex, Google will use this information for the purpose of measuring your activity on our website, compiling statistical reports on overall website activity for Sirtex on an anonymous basis and providing other services relating to website activity and internet usage. You may refuse the use of cookies by selecting the appropriate settings on your browser. In addition, you can prevent the collection of the data generated by the cookie by Google, as well as the processing of this data by Google, by downloading and installing the browser plug-in available from the following link: http://tools.google.com/dlpage/gaoptout?hl=en.

 

12. Data Quality

We take all reasonable steps to ensure the personal information we hold, use and disclose is accurate, complete and up-to-date. These steps include ensuring that the personal information is accurate, complete and up-to-date at the time of collection, and when using or disclosing the personal information.

On an ongoing basis we maintain and update personal information when we are advised by you or when we become aware through other means that your personal information has changed.

Please contact us if any of the details you have provided to us change. You should also contact us if you believe that the personal information we have about you is not accurate, complete or up-to-date.

 

13. Security

Sirtex has put in place safeguards to protect the personal information we hold from misuse, interference, loss and unauthorised access, modification or disclosure by using industry standard software protection programs. Personal information is only accessible by officers and employees of Sirtex (strictly on a need to know basis), unless it is disclosed to another party in accordance with this Privacy Policy.

Employee personal information is retained in secure hard copy and electronic files, and is only accessible by human resources staff, accounts staff and directors on a need to know basis.

Whilst we endeavour to take all appropriate measures, Sirtex cannot guarantee the security of personal information sent online. Please bear this in mind when providing personal information online to Sirtex.

 

14. Information that is no longer required

If Sirtex no longer needs the personal information for any purpose for which it may use or disclose the information (for example when an employee has been terminated), and the information is not otherwise required to be kept under an Australian law or court order, Sirtex will take reasonable steps to destroy or permanently de-identify the information as appropriate.

 

15. Unsolicited Information

Sometimes we may be provided with your personal information without having sought it through our normal means of collection. We refer to this as "unsolicited information". Where we collect unsolicited information we will only hold, use and or disclose that information if we could otherwise do so had we collected it by normal means. If that unsolicited information could not have been collected by normal means then we will destroy, permanently delete or de-identify the information as appropriate.

 

16. How to gain access to your personal information we hold

You may request access to the personal information we hold about you, or request that we change and/or update the personal information we hold, by contacting us.

Upon request, we will give you access to the personal information held about you, unless specific limitations apply (for example, if the request is frivolous or vexatious, or providing access would be unlawful).

We will respond to a request for access to personal information within a reasonable period after the request is made, and give access to the personal information in the manner requested by you, if it is reasonable and practicable to do so.

If we do not agree to provide you with access, or to amend your personal information as requested, you will be notified accordingly. Where appropriate we will provide you with the reason/s for our decision, and the mechanisms available to complain about the refusal. If the rejection relates to a request to change your personal information you may make a statement about the requested change and we will attach this to your record.

 

17. Complaints

If you have a complaint about the privacy of your personal information, we request that you contact us in writing by email, letter, and facsimile or by personal delivery to any one of our contact details as set out below. You may also make a complaint verbally. Upon receipt of a complaint we will consider the details and attempt to resolve the matter in accordance with our complaints handling procedures.

We will respond to your complaint within a reasonable time (usually no longer than 30 days), and we may seek further information from you in order to provide you with a full and complete response.

If you are dissatisfied with our handling of a complaint or the outcome, you may make an application to the Office of the Australian Information Commissioner by calling them on 1300 363 992, contacting them online at www.oaic.gov.au, or by writing to the Office of the Australian Information Commissioner at GPO Box 5218 Sydney NSW 2001, or the Privacy Commissioner in your State or Territory.

 

18. Overseas Transfer of Data

If you choose to provide us with personal information, you understand and consent to the transfer of your information to Sirtex' locations and systems in Australia and around the world.

 

19. Links to other websites

Our website may contain links to other websites. We do not share your personal information with those websites, and we are not responsible for their privacy practices. Sirtex is not responsible or liable for, and does not endorse, the data privacy practices or the content of any other linked sites.

 

20. Updates to this Privacy Policy

We may update or amend this Privacy Policy at any time by posting a revised version on our website. Unless stated otherwise, our current Privacy Policy applies to all information that we have about you.

 

21. Contact

Should you wish to access your information, change your contact preferences, receive further information about this Privacy Policy, express concerns about how we handle your personal information, or wish to revoke the consents you have given for the use of your personal information, you can contact us by:

  • Emailing privacy-APAC@sirtex.com, privacy-EMEA@sirtex.com , privacy-Americas@sirtex.com ; or
  • Calling +61 2 9964 8400;

If practical, you can contact us anonymously (i.e. without identifying yourself) or by using a pseudonym. However, if you choose not to identify yourself, we may not be able to give you the information or provide the assistance you might otherwise receive if it is not practical to do so.


Now leaving sirtex.com

You are about to leave the Sirtex Web site. This link is provided to you as a service and will take you to a site maintained by a third party who is solely responsible for the content.

Please be aware that Sirtex takes no responsibility for content of these external sites, nor do we endorse, warrant or guarantee the products, services or information described or offered on other internet sites.

Click 'Continue' to proceed to the third-party Web site.

Continue

×

You are now leaving your current sirtex.com region

The Sirtex site you are linking to is intended only for healthcare practitioners and patients outside your current region. Any products discussed herein may have different approved product labeling; therefore, any information provided may not be appropriate for use in your region.

Click 'Continue' to proceed to the other Sirtex region Web site.

Continue

×