1. Who we are
This Metagenics Privacy and Credit Reporting Policy (this Policy) describes the types of personal information Metagenics (Aust) Pty Ltd and Metagenics (NZ) Pty Limited (hereinafter referred to as “Metagenics” or “we”, “us” or “our”) may collect from you or that you may provide when you visit our website or use any related services (including purchasing our products) where we provide a link to this Policy (together, our Services). This Policy describes our practices for collecting, using, maintaining, protecting, and disclosing that personal information. In addition to this policy, we will on occasion provide you with specific privacy statements about how we use particular information that we collect from you.
We collect and use personal information only to the extent permitted by law, particularly the Privacy Act 1988 (Australia) and the Privacy Act 2020 (NZ) (Privacy Acts), which Metagenics is subject to.
Please note that our website(s) may contain hyperlinks to third party websites that are not managed by us and are therefore not subject to this Privacy and Credit Reporting Policy.
For the purpose of this Privacy and Credit Reporting Policy “Personnel” means any individual who works for us in their capacity as an employee or contractor.
2. What personal information refers to
‘Personal information’ referred to in this Privacy and Credit Reporting Policy consists of any information or an opinion about an identified or identifiable individual.
Personal information can include your name and contact details such as your residential or postal address, email address, date of birth or your telephone number, as well as other types of information contemplated by this Privacy and Credit Reporting Policy.
Information which cannot be reasonably linked to your identity (e.g., the number of users visiting a website and de-identified data) does not constitute personal information and is not regulated by the Privacy Acts.
Metagenics collects and stores personal information about its customers, medical and allied healthcare professionals and members of the public. The personal information collected may vary depending on your particular interaction with Metagenics but will be limited to the information necessary to record and manage our interaction with you or as permitted or required by law.
The personal information that Metagenics collects is primarily related to our products and services. By providing your personal information to us and/or by continuing to engage with Metagenics, your personal information will be collected, stored, used and disclosed in accordance with this Privacy and Credit Reporting Policy.
If we provide you (or an entity related to you) with credit, we may also collect and hold credit information and credit eligibility information about you. Without limitation, this may include credit reports, identification information, consumer credit liability information, details of amounts payable to us and the terms of the relevant credit, and information relating to payments made, default information and payment information.
3. What personal information we collect
Metagenics collects personal information (including credit information and credit eligibility information) about healthcare professionals (e.g., naturopaths, pharmacists etc.), customers or members of the public:
- when an order is placed for our products;
- when you open a customer account with us
- in the course of responding to enquiries made by you;
- during consultations with Metagenics staff who are qualified naturopaths or meetings with our company representatives;
- from adverse event reporting; and
- from Metagenics-sponsored programs (e.g., trade events, retail events, membership programs, competitions or promotions, clinical trials, expert panels, educational seminars and disease management programs).
Metagenics also collects personal information about prospective employees during the recruitment process to assess whether an applicant is suitable for a role with us. The personal information of prospective employees collected during the recruitment process will be handled in accordance with this Privacy and Credit Reporting Policy.
4. How we collect your personal information
In general, we collect your personal information when you interact with us, and you are entirely free to decide whether or not to supply this information. However, you acknowledge and agree that if you do not provide sufficient or adequate information, Metagenics may not be able to provide you with its full range of products and services or may not be able to fully assist you with your enquiry.
We may also collect personal information about you from third parties. For example, we may receive personal information from your practitioner if they order products on your behalf (for example, they may provide your email address to us as a point of contact for the order).
If you provide someone else’s personal information to us, you must have their consent beforehand and we may ask you to provide evidence of that consent. You should not provide someone else’s information if you do not have their consent. If you provide someone else’s personal information to us, you warrant that you have obtained all necessary consents from that person to collect and disclose their personal information to us and indemnify us, and hold us harmless, against any claims made by that person against us arising from you providing their personal information to us.
We may also collect personal information about you from an entity related to you or credit eligibility information about you from Credit Reporting Bodies (CRBs) (which, for New Zealand customers, are defined as Credit Reporters in the Credit Reporting Privacy Code 2004) if we provide you (or an entity related to you) with credit.
Personal information may be collected from you in person, through websites operated by Metagenics (for example, through online forms, questionnaires or enquiries), by letter, facsimile, email or through telephone enquiries.
The types of personal information we collect depends on the circumstances in which the information is collected. Personal information that may be collected about you includes:
- your name and contact details (eg. address, email, telephone number, business and professional details (if applicable) etc.;
- the nature of your enquiry; and
- other details about you that might be relevant, such as your age, gender, diet, lifestyle, medical history and medical condition or medical treatment.
We may collect sensitive information, such as health information when it relates to provision of our products to you. An example of sensitive information collected by us is a prescription issued by your health practitioner.
If you contact us by telephone, this information may be collected by Metagenics as a recorded voice message where our staff are temporarily unavailable to answer a call and you choose to leave a voice message.
Each time you visit our website, our web servers automatically save the name of your browser and operating system, your IP address, the website from which you accessed our website, the webpages you visit while with us and the date and time you spend on our website. Metagenics' servers save this information for security purposes. We may also evaluate anonymous or de-identified data sets for statistical purposes, for example to aggregate user activity, which may be used by Metagenics to provide insight on the usage of its website.
Personnel
We collect information from you or in the course of your employment or contract arrangement (as applicable) with us. We may collect this data when you submit it to us, including via your account with us or through responses to job postings and employment applications, resumes, required and voluntary employment forms and other submissions. In some circumstances, the personal information we collect about you is held by a third party, for example, when we perform background checks that are necessary for the role to be performed by you. We may also generate information during your employment or contract arrangement with us.
5. How we use your personal information
Metagenics will use personal information for the primary purposes for which it is collected or for other related purposes as permitted by law such as where applicable:
- to manage your product order(s);
- if we are providing you (or an entity related to you) with credit, to assess your creditworthiness (or the creditworthiness of your related entity which is receiving the credit);
- to maintain a record of medical enquiries, product complaints and adverse events and to comply with our reporting obligations to relevant regulatory authorities such as the Therapeutic Goods Administration or the Natural Health and Supplementary Products Authority. This information will also be used to monitor, assess and improve our products and services;
- to provide you with clinical services;
- to provide further information regarding our products or services that you have requested;
- to provide you with material on our activities and products or that may be of interest to you, which you are entitled to opt out of receiving at any time;
- to administer trade events, retail events, membership programs, competitions, promotions, clinical trials, conferences, expert panels, educational seminars, disease awareness or management programs or other programs organised or sponsored by us, which you agree to be involved with;
- to notify you of matters that we are required by law to notify you of (e.g., product recalls); to monitor and prepare reports regarding the quality, safety and efficacy of our products; to review our compliance with relevant regulations and codes of conduct;
- to obtain feedback and customer satisfaction information to assist Metagenics in improving its products and service offerings;
- for our internal management purposes, to manage our relationship with you and to manage the payment and recovery of amounts payable to us by you;
- to statistically analyse the distribution of our products (e.g., we might compile personal information in order to determine the percentage of users that live in a particular geographic area);
- to generate customer lists for the purposes of market research;
- for other purposes for which you have provided your prior consent;
- for purposes directly related to the purposes for which the information was collected;
- to assess your suitability for the role you have applied for, conduct reference checks and communicate with you;
- to provide an online directory of health professionals and practitioners;
- as required by or permitted under any law (including common law) or any direction of a Court or order of a Government authority or body; and
- to support your experience throughout our online store (e.g. when you add a product to your wishlist in our online store and don’t complete your purchase, an email may be sent to you reminding you of your wishlist item. You can unsubscribe from these emails using the unsubscribe link provided in the emails).
When you register to hold an account, transact with us, sign-up to receive marketing communications or participate in promotional offers and surveys, we may send you direct marketing messages. We may send you these messages via various channels (including by SMS and email, in app and push notifications) where you have not opted out of receiving such electronic messages from us in that channel.
You can unsubscribe or opt out of certain marketing messages by using the unsubscribe facility in an email or SMS, or adjusting your device setting for push notifications, or adjusting your account settings for advertising on our website, or updating the communications preferences in your account settings with us, or contacting us (see section 15 below) and letting us know what communications you no longer want to receive.
Regardless of whether you unsubscribe from any or all commercial electronic messages, you will still receive information we are required by law to provide you, for example, service-based communications such as communications relating to terms and conditions, your account or your orders.
Personnel
We use personal information about you:
- to fulfil obligations and exercise rights arising out of our relationship with you, such as processing your information for purposes of remunerating you, reimbursing expenses, furnishing benefits and other related matters;
- to meet our legal and regulatory obligations, for example, to meet reporting obligations under tax, accounting, social security and industrial laws and regulations;
- to meet our legitimate business interests, namely for people and administrative management including resource planning, development and career planning, for management and maintenance of our IT network; for auditing, security and compliances purposes; and for purposes of internal investigations and disciplinary procedures.
Personnel should have no expectation of privacy with respect to Metagenics' telecommunications, networking or information processing systems (including, without limitation, stored computer files, email messages, instant messages and internet usage).
Personnel should be aware that their activity and any files or messages on or using any of those systems may be monitored at any time without notice, as permitted by applicable law. We may monitor our systems, and the use thereof by Personnel, for the following purposes:
- to ensure personal information and other proprietary information is protected and that Metagenics’ systems are used appropriately and in accordance with our policies; and
- for operational maintenance, auditing and security compliance and investigative purposes.
6. Who we share your personal information with
We do not sell or rent your personal information. We only share your personal information in accordance with this Privacy and Credit Reporting Policy and to the extent permitted by applicable law.
Depending on the purposes for which your personal information is collected, Metagenics may disclose your personal information to:
- its related entities;
- if we are providing you (or an entity related to you) with credit, credit reporting bodies (CRBs), trade insurers and businesses assisting us with providing credit;
- if you have provided us with referees to assist with a credit application, a job application or the assessment of a potential contract between you and us, the referees you have provided;
- service providers that provide financial, legal, administrative or other services in connection with the operation of our business, for example mailing houses and delivery providers, solicitors, software developers and providers including those who support our online store and back-end systems, IT service providers;
- your practitioner if they link your account to them. If you prefer not to have your account linked to your practitioner, you can opt out at any time by contacting us (see section 15 below) and requesting to unlink your account;
- service providers who process, store or back up information;
- maintenance providers;
- regulatory authorities when permitted or required to do so by law; and
- other entities as permitted or required by law.
Our third-party service providers may use your personal information for the purpose of performing the services we have engaged them to provide. This may involve them having to share with sub-processors located in other countries, to provide services such as but not limited to, transaction processing and fraud preventions. Some third-party service providers may also aggregate and/or deidentify your personal information so that such information can no longer be linked to you (De-Identified Information) and use that De-Identified Information for any purpose.
The CRBs we may deal with include Dun and Bradstreet (http://dnb.com.au/ or http://dnb.co.nz/). Copies of their privacy policy dealing with how they manage credit- related personal information can be found on their websites or by contacting them via telephone.
If you fail to make a payment to Metagenics as and when due or commit a serious credit infringement, we may also disclose details of such events to CRBs. A CRB may use such information in reports given to other credit providers to help assess your creditworthiness. You have certain rights to request that CRBs do not use or disclose credit reporting information about you if you believe on reasonable grounds you have been or are likely to be a victim of fraud. You should contact the CRB directly using the contact details above if you wish to request this.
As we continue to develop our business, we might sell or buy companies, subsidiaries or business units. In such transactions, data generally is one of the transferred business assets. Also, if we or all of our assets are acquired, your information may be one of the transferred assets.
7. Where your personal information is hosted and processed
To provide our products and services, your personal information may need to be accessed from or transferred to locations outside the country in which you provided it.
Some of the entities that we may disclose your personal information to are located outside of Australia and New Zealand. For example, we have related entities located in the United States that we may disclose personal information to. We also have service providers (including those that provide data processing, storage, and backup services) that are located outside Australia and New Zealand. Most of our service providers are located in Australia and Singapore. However, from time to time we may need to engage a service provider (or disclose personal information to another type of entity listed above) located in a country not identified here.
Our staff and service providers who handle or obtain personal information are subject to obligations of confidentiality. We also implement appropriate measures to ensure that your personal information is protected and secure and otherwise handled in a way that complies with the Privacy Acts, other applicable privacy laws and this Privacy Policy.
8. Our use of cookies, session IDs and other tracking technologies
We use cookies, pixels, tags and other similar tracking mechanisms to automatically collect information about browsing activity, type of device and similar information when you visit and or interact with our websites. We use this information to, for example, analyse and understand how you access, use and interact with us through our websites, and to identify and resolve bugs and errors on our websites and to assess, secure, protect, optimise and improve the performance of our websites.
Cookies are small data files which are placed on your device by web servers when you visit certain websites. Other tracking technologies are used for similar purposes. Metagenics' website(s) use cookies to allow us to identify regular visitors and collect information about your usage of our website(s) (eg. your webpage viewing preferences). This enables us to provide a better and more relevant website service to you each time you revisit specific webpages.
Metagenics also utilises third-party plug-ins which may create cookies that may collect information about your visit to our website. These third-party plug-ins may collect website usage data to provide us with reports and metrics that help us evaluate usage of our websites, improve our websites and enhance performance and user experience. Metagenics does not have any control over, and therefore will not be responsible for, the content of the cookies created by third party plug-ins, the use made of any data collected by third party plug-ins, or the security of that data.
Most browsers are set to accept cookies automatically. However, you can turn off the 'Save Cookies' function or set your browser so that it informs you whenever cookies are transmitted.
We use session IDs to allow us to identify visitors as they browse various websites. Session IDs are essential and are created to allow you to interact with elements of our website(s), such as contact forms, and enables Metagenics to distinguish your visit to its website from other concurrent users of its website. No personal information will be collected or saved through our use of session IDs. Session IDs expire as soon as you leave our website.
9. How we keep your personal information safe
We use a variety of technical measures to ensure the security of all data, whether electronic or in physical form. The security of our systems and processes is regularly reviewed to ensure ongoing protection against damage, loss and/or unauthorised access. Your personal information and credit information are stored in secured premises or in electronic databases requiring usernames and passwords for access only by authorised staff members. Our security precautions are regularly updated and improved in line with technical developments. Unfortunately, no data transmission over the internet or storage facility can be guaranteed to be 100% secure. Accordingly, Metagenics cannot provide absolute assurance that the information you provide to us will be secure at all times.
10. Rights regarding your personal information
Metagenics will endeavour to ensure that your personal information is accurate, up-to- date and complete. You are entitled to request access to and correction of your personal information held by Metagenics. Simply contact Metagenics' Privacy Officer as set out in section 15 below.
Upon receiving your request, Metagenics will endeavour to provide you with access to or correct your personal information, but if Metagenics refuses your request, it will provide you with written reasons for its refusal.
If you wish to stop receiving any communications from us and have your personal information deleted, please contact Metagenics' Privacy Officer as set out in section 15 below, and we will take all reasonable steps to delete it, unless we need to keep it for legal reasons (for a minimum period or otherwise).
In addition, if you have any concerns about how your personal information has been collected, used or disclosed, you can contact Metagenics' Privacy Officer as set out in section 15 below and we will do our best to address your concerns to ensure that you are satisfied that there have been no breaches of privacy laws in relation to any personal information we hold about you.
11. Our retention of your personal information
We retain personal information for as long as reasonably necessary for the purposes described in this Privacy and Credit Reporting Policy, to comply with our tax, accounting, record keeping and other statutory obligations, to provide you services, for our own business purposes and for research, development and safety purposes. We also retain personal information for any additional time as needed to protect, defend or establish our rights, defend against potential claims and to comply with our legal obligations.
Personal information that is obsolete and no longer required will be destroyed or deidentified. If it is used for data analysis purposes, the personal information will be de-identified.
12. Making a complaint
If you have any concerns about how your personal information has been collected, used or disclosed, and you wish to make a complaint about a possible breach of privacy laws, you can contact our Privacy Officer, as set out in section 15 below.
The Privacy Officer will investigate your concerns and take any necessary steps to resolve your complaint. We may need to contact you if we need further information to investigate your complaint. We will advise you of the outcome of the investigation as soon as it is completed, but will endeavour to investigate and resolve your complaint within 30 days.
If you are not satisfied with the outcome of the investigation, you can contact us again to discuss your concerns, or you may complain to the Australian Privacy Commissioner via www.oaic.gov.au or the New Zealand Privacy Commissioner via www.privacy.org.nz for New Zealand customers.
13. Hyperlinks to other Websites
Third party operators of websites which may be accessed via hyperlinks from Metagenics' website(s) may gather and store personal information as soon as you access their websites. Metagenics does not accept any liability for those third party operators in the event that your personal information is collected, used, disclosed or shared by them. We encourage you to read their privacy policies separately.
14. Amendments to Privacy and Credit Reporting Policy
Metagenics reserves the right to amend this Privacy and Credit Reporting Policy at any time. Amended versions of the policy will be published on the Metagenics website(s). Visitors to Metagenics' website(s), healthcare practitioners, patients and consumers of Metagenics' products and services are responsible for carefully reading this policy on a regular basis to inform themselves of any amendments that may have been made.
15. Questions?
If you have any queries relating to our Privacy and Credit Reporting Policy, or if you have a problem or complaint that you would like to discuss with Metagenics, please contact Metagenics' Privacy Officer by telephoning Customer Service on 1800 777 648 (for Australian customers) or 0508 227 744 (for New Zealand customers), emailing [email protected] or by sending a letter to the Privacy Officer, Metagenics, 741 Nudgee Road, Northgate QLD 4013 for Australia, or 22B William Pickering Drive, Rosedale, Auckland, for New Zealand.