This privacy policy sets out how Modeus Pty Ltd (ACN 106 986 056) (“Modeus”, “we”, “us” or “our”) treat(s) the privacy of customers and others with whom we interact.
In this privacy policy, the term “personal information” has the meaning in the Privacy Act 1988 (Cth) and under that legislation includes information about an identifiable individual, including names, addresses, signatures, telephone numbers, email addresses, dates of birth, credit and banking details, medical records, employment details and details of professional membership, associations, affiliations with relevant industry bodies or organisations.
We are committed to protecting your personal information and we comply with the Australian Privacy Principles (APPs) set out in the Privacy Act 1988 (Cth). The APPs regulate the way that organisations can collect, use, keep, secure, and disclose personal information. It also gives individuals the right to know what information an organisation holds about them and a right to correct that information if it is wrong. Personal information includes any information or opinion, whether true or not, about a person who is identified or whose identity can reasonably be established.
1. Collection and Storage of Personal Information and Data
We may collect personal information about individuals. Our usual approach is to collect personal information directly from the individual concerned.
For example, we collect personal information in circumstances including:
- when an individual visits the “Modeus” Website and sends an enquiry through our site or through an email;
- when goods or services are ordered using a credit card or method other than cash;
- when an individual telephones or emails or meets with one of our representatives;
- when you (whether on your own behalf or on behalf of another business) enter into an agreement with us for the supply of goods or services (either from us or to us);
- when you telephone us, visit our website or meet with us and make an enquiry to which a later response is requested and to do so requires your contact details;
- when you ask to be included on email or hard copy marketing distribution lists or interact with us through social media platforms; and
- when evaluating job applicants and personnel, including their contact details, employment history and educational qualifications.
Modeus holds personal information using third party cloud based systems under accounts exclusively controlled by us, and/or on Modeus’ internal IT systems. Modeus maintains appropriate physical, procedural and/or technical security for its offices, information storage facilities and use of third party provider services, so as to prevent any misuse, interference or loss, or unauthorized access, disclosure, or modification of personal information.
2. Use of Personal Information
We use the personal information collected from you for the purpose it was provided or collected (as indicated above), including in the following ways:
- to respond to enquiries received from you;
- to process, confirm, fulfil and update you about your orders and to carry out our obligations arising from any contracts entered into between you and us;
- to perform authorised financial transactions with you;
- to communicate with you and provide you with information (whether by email, post or other means) about our products or services, where you have requested or consented to receiving this from us or where this provision is otherwise permitted under the Australian Privacy Principles;
- to notify you about changes to our goods and services;
- to receive and address feedback or complaints from you; and
- to protect our legal interests and fulfil our regulatory and tax obligations (if and to the extent necessary).
All customers and others with whom we interact have the option to opt-out of receiving marketing communications from us. If you do not wish to continue to receive electronic marketing communications from us and/or selected third parties you should opt-out by clicking on the “unsubscribe” link in any email communications that we might send you.
3. Disclosure of Personal Information
We may provide personal information to third parties outside Modeus for limited purposes, such as to help us in providing goods and services to customers.
Those persons and businesses may include:
- organisations who carry out credit, fraud and other security checks;
- couriers and delivery businesses (where we arrange to deliver goods to you
or persons you have requested us to send deliveries to); and - marketing businesses engaged by us to disseminate materials to which
recipients have consented (if applicable).
In addition to the above parties, some of our services allow customers to store and maintain health-related information of individuals. This information can include:
- medication supplied to individuals (for example, types of drugs consumed and quantities); and
- personal contact details (including addresses and dates of birth).
Occasionally, Modeus may be required to disclose some or all of this information to the relevant public health authorities (in most cases, this will be the relevant government health department (either state or federal)). Those authorities may need this information in order to monitor our customers’ compliance with the relevant laws and regulations to which they are subject.
We will notify you before we disclose information in the manner described above, unless the relevant authority asking for the information has legally instructed us not to notify you.
We may also disclose your personal information to third parties:
- where we have your express permission to do so;
- where it can reasonably be inferred from the circumstances that you consent to the disclosure to the third parties;
- if we or substantially all of our assets are acquired by a third party, in which case personal information which we hold about our customers may be one of the transferred assets (subject to the same constraints on use and disclosure as under this policy); and
- if we are under a duty to disclose or share your personal information in order to comply with any legal or regulatory obligation, in order to enforce or apply our terms and conditions, or to protect our rights, property, or safety of that of our personnel or customers. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
We limit the information we provide to third parties to the information they need to help us provide or facilitate the provision of goods and services to you. We deal with third parties that are required to meet the privacy standards required by law in handling your personal information, and use your personal information only for the purposes that we gave it to them.
We will not disclose personal information to businesses or persons located outside Australia, unless you ask us to do so. Where we do so, we will comply with the applicable data transfer laws of other countries, and we ensure that appropriate contractual protections are in place.
4. Security of personal information
We take all reasonable steps to protect your personal information, including internal and external security, restricting access to personal information to those who have a need to know, maintain technological products to prevent unauthorised computer access and regularly reviewing our technology to maintain security. We use secured IT systems.
We will only keep your personal information for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements.
5. Cookies and other similar technologies
You can find out more about the specific cookies we use and manage your preferences through our cookie consent management solution on the Modeus website. You can also change your preferences any time via the website or through your browser settings.
6. Questions and concerns and access to/ correction or updating of your personal information
You have a right to access the personal information we hold about you and to raise concerns or complaints or ask for corrections. To raise privacy concerns, including to obtain a copy of the personal information we hold about you, please write to us at:
Information Security Manager
privacy@modeus.com.au
Please provide sufficient detail about the personal information in question to help us locate it. We will then use commercially reasonable efforts to promptly determine if there is a problem and take the necessary corrective action within a reasonable time.
You can find further information on privacy and about the APPs at the Office of the Australian Information Commissioner – http://www.privacy.gov.au/.
7. Changes to our privacy policy
We may modify, alter, or otherwise update this privacy policy at any time. We will post revisions on our website. We encourage you to review this policy from time to time.
8. Children’s privacy
The Modeus services are not intended for children, and we do not knowingly collect data relating to children.
9. Additional provisions for UK/EU customers
Lawful basis
Under data protection law, we must have a specific lawful basis for the processing of your personal information. We rely on several lawful bases for the different activities and purposes described above, as follows:
- Some processing is necessary for the performance of the contract (i.e., our terms and conditions) between you and us.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests, for example record keeping, correspondence.
- Sometimes we will process your personal data based on your consent, for example if you subscribe to our email marketing (see below for your opt-out rights).
- Where we need to comply with a legal obligation, or if the processing is in the public interest.
10. Representative
We have appointed a representative pursuant to Article 27 of the UK GDPR, who can also be contacted for any questions related to our processing of personal information in the UK. If you have a question or concern about how we may process your personal information, please contact Modeus.UKrep@datarologie.com.
11. Rights
If you are an individual based in the UK/EU, then you may have additional rights under the UK and EU general data protection regulation (GDPR), as set out in the table below.
Rights | What does this mean? |
---|---|
Right to be informed | You have the right to be provided with clear, transparent, and easily understandable information about how we use your information and your rights. This is why we’re providing you with the information in this privacy policy. |
Right of access | You can request access to your personal data (commonly known as a ‘data subject access request’). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it. |
Right to rectification | This allows you to have your information corrected if its inaccurate or incomplete. |
Right to erasure | This is also known as the ‘right to be forgotten’ and allows you to request the deletion or removal of your information where there is no compelling reason for us to keep using it. We may not always be able to comply with your request for specific legal reasons which will be notified to you, if applicable, at the time of your request. |
Right to restrict processing | You have rights to ‘block’ or suppress further use of your information. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for further use of their information to be ‘blocked’ to make sure the restriction is respected in future. |
Right to data portability | You have rights to obtain and reuse your personal information for your own purposes across different services. |
Right to object to processing | You can object to certain types of processing, including processing for direct marketing or where we are relying on our legitimate interests for processing. |
Right to lodge a complaint | You have the right to lodge a complaint about the way we handle or process your personal information with your national data protection regulator. |
Right to withdraw consent | If you have given your consent to anything we do with your personal information, you have the right to withdraw your consent at any time (although it does not mean that anything we have done with your personal information with your consent up to that point is unlawful). This includes your right to withdraw consent to us using your personal information for marketing purposes. |
Last update: 8 April 2024